libcurl: remove old versions

[mayeut]

Specify library name and version: libcurl/all

All versions up-to (and including) 8.5.0 have some vulnerabilities: https://repology.org/project/curl/cves

---

• I've read the contributing guidelines.
• I've used a recent Conan client version close to the currently deployed.
• I've tried at least one configuration locally with the conan-center hook activated.

[github-actions]

🤖 Beep Boop! This pull request is making changes to 'recipes/libcurl//'.

👋 @Hopobcn you might be interested. 😉

[mayeut]

removed versions still used by other recipes:

• 7.78.0
  • cern-root/all: migration to v2 in cern-root: migrate to Conan v2 #18900
• 7.79.1
  • co/all: deprecated v1 only recipe
• 7.80.0
  • pdal/all: migration to v2 in pdal: migrate to Conan v2, bump to v2.6.0, unvendor all available packages #21296
• 7.82.0
  • crashpad/all: migration to v2 in crashpad: migrate to Conan v2 #21052
• 7.83.1
  • kcov/all: migration to v2 in kcov: migrate to Conan v2 #18672
• 7.84.0
  • poppler/all: migration to v2 in poppler: migrate to Conan v2 #21135
• 8.2.0
  • osgearth/all: migration to v2 in osgearth: migrate to Conan v2, bump to v3.6, add all supported optional dependencies #21380

[github-actions]

Hooks produced the following warnings for commit 14c1bfa

libcurl/8.4.0@#f242bbd1c18d2d8fea9660d832b2e14a

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

[github-actions]

Hooks produced the following warnings for commit 1a144a3

libcurl/8.4.0@#231b6b729a8aa13c730b66af2aeb8b5d

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

[uilianries]

Some packages are still using libcurl versions listed to be removed:

find recipes -name conanfile.py -exec grep libcurl {} + 
...
recipes/cern-root/all/conanfile.py:        self.requires("libcurl/7.78.0")
recipes/kcov/all/conanfile.py:                "libcurl/7.83.1",
recipes/teemo/all/conanfile.py:        self.requires("libcurl/7.86.0")

Please, check which package are affected and do not remove those versions. Indeed libcurl allows ranged version, but not all recipes are update yet.

[valgur]

@uilianries just to be sure, did you see #21558 (comment)?

[mayeut]

@uilianries,

recipes/teemo/all/conanfile.py: self.requires("libcurl/7.86.0")

You just closed the PR #21611 that gets version range in teemo, which would allow to remove 7.86.0 (once libvault gets updated as well).

[AbrilRBS]

@mayeut fixed now, thanks for the heads-up

[uilianries]

Let's update other versions first, because it will generate a new recipe revision.

[github-actions]

Hooks produced the following warnings for commit 24e701a

libcurl/8.5.0@#4cc50d3aceed2f49c87c3e6bc4332014

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

libcurl/8.4.0@#c8222411c4eeffdd2261c2af6cb07131

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

libcurl/8.6.0@#c789295471982c3e2166e1a705cb1e95

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

[github-actions]

Hooks produced the following warnings for commit 24e701a

libcurl/8.5.0@#d5d606be375701da80b805cc099ed6ed

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

libcurl/8.4.0@#7903f7d25aac3baf708c2b205fb3c763

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

libcurl/8.6.0@#12828b806a417a5a75949264382ea5b2

post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.
post_package(): WARN: [MISSING SYSTEM LIBS (KB-H043)] Library './lib/libcurl.4.dylib' links to system library 'CoreServices' but it is not in cpp_info.frameworks.

outdated

[uilianries]

LGTM. The ConanCenterIndex supports version ranges for libcurl, so all ported recipes that are working with Conan 2.x will be safe with this change. Only recipes that are not ported to Conan 2.x (yet) will consume those removed versions. However, there are PRs porting those recipes.

[conan-center-bot]

Conan v1 pipeline ✔️

All green in build 7 (31238a5c941c2a467d5cf4c8cb782d5c9729dc09):

• libcurl/8.6.0:
  All packages built successfully! (All logs)

• libcurl/8.5.0:
  All packages built successfully! (All logs)

• libcurl/8.4.0:
  All packages built successfully! (All logs)

• libcurl/8.8.0:
  All packages built successfully! (All logs)

• libcurl/8.1.2:
  All packages built successfully! (All logs)

• libcurl/8.0.1:
  All packages built successfully! (All logs)

• libcurl/8.2.1:
  All packages built successfully! (All logs)

• libcurl/7.88.1:
  All packages built successfully! (All logs)

---

Conan v2 pipeline ✔️

Note: Conan v2 builds are now mandatory. Please read our discussion about it.

All green in build 7 (31238a5c941c2a467d5cf4c8cb782d5c9729dc09):

• libcurl/8.6.0:
  All packages built successfully! (All logs)

• libcurl/8.8.0:
  All packages built successfully! (All logs)

• libcurl/8.5.0:
  All packages built successfully! (All logs)

• libcurl/8.2.1:
  All packages built successfully! (All logs)

• libcurl/8.1.2:
  All packages built successfully! (All logs)

• libcurl/8.4.0:
  All packages built successfully! (All logs)

• libcurl/8.0.1:
  All packages built successfully! (All logs)

• libcurl/7.88.1:
  All packages built successfully! (All logs)

[uilianries]

LGTM