feat(http): honor config.cafile and config.capath

Composer's config.cafile/config.capath were accepted by the config command but ignored by every HTTP request. Centralize reqwest client construction in mozart_core::http, pre-load the configured CA bundle at startup, and route every callsite (registry, vcs drivers, diagnose, self-update) through the shared builder so user-supplied roots are actually used during HTTPS verification.
author: nsfisis <nsfisis@gmail.com> 2026-05-04 13:59:49 +0900
committer: nsfisis <nsfisis@gmail.com> 2026-05-04 13:59:49 +0900
commit: e6e4f6f6319b39ba3020f96d070b637054c04b6a (patch)
tree: 216423fc61716825f1eded1163e17264dbff3ea1 /Cargo.lock
parent: 30b222e7324e933f1e1bde5c5e34d588e36adbaa (diff)
download: php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.gz
php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.zst
php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/Cargo.lock b/Cargo.lock
index 5b06248..6fda00e 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1166,9 +1166,11 @@ dependencies = [
  "mozart-console-macros",
  "mozart-spdx-licenses",
  "regex",
+ "reqwest",
  "serde",
  "serde_json",
  "tempfile",
+ "tracing",
 ]
 
 [[package]]
@@ -1200,7 +1202,6 @@ dependencies = [
  "mozart-test-harness",
  "mozart-vcs",
  "regex",
- "reqwest",
  "serde",
  "serde_json",
  "sha1",
author	nsfisis <nsfisis@gmail.com>	2026-05-04 13:59:49 +0900
committer	nsfisis <nsfisis@gmail.com>	2026-05-04 13:59:49 +0900
commit	e6e4f6f6319b39ba3020f96d070b637054c04b6a (patch)
tree	216423fc61716825f1eded1163e17264dbff3ea1 /Cargo.lock
parent	30b222e7324e933f1e1bde5c5e34d588e36adbaa (diff)
download	php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.gz php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.zst php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.zip