diff options
| author | nsfisis <nsfisis@gmail.com> | 2026-05-04 13:59:49 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2026-05-04 13:59:49 +0900 |
| commit | e6e4f6f6319b39ba3020f96d070b637054c04b6a (patch) | |
| tree | 216423fc61716825f1eded1163e17264dbff3ea1 /crates/mozart-registry/src | |
| parent | 30b222e7324e933f1e1bde5c5e34d588e36adbaa (diff) | |
| download | php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.gz php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.zst php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.zip | |
feat(http): honor config.cafile and config.capath
Composer's config.cafile/config.capath were accepted by the config
command but ignored by every HTTP request. Centralize reqwest client
construction in mozart_core::http, pre-load the configured CA bundle
at startup, and route every callsite (registry, vcs drivers, diagnose,
self-update) through the shared builder so user-supplied roots are
actually used during HTTPS verification.
Diffstat (limited to 'crates/mozart-registry/src')
| -rw-r--r-- | crates/mozart-registry/src/downloader.rs | 4 | ||||
| -rw-r--r-- | crates/mozart-registry/src/packagist.rs | 12 |
2 files changed, 4 insertions, 12 deletions
diff --git a/crates/mozart-registry/src/downloader.rs b/crates/mozart-registry/src/downloader.rs index c13ebdc..3cb991b 100644 --- a/crates/mozart-registry/src/downloader.rs +++ b/crates/mozart-registry/src/downloader.rs @@ -109,9 +109,7 @@ pub async fn download_dist( } } - let client = reqwest::Client::builder() - .user_agent(mozart_core::http::user_agent()) - .build()?; + let client = mozart_core::http::client_builder().build()?; let response = client.get(url).send().await?; tracing::debug!(status = %response.status(), "received response"); diff --git a/crates/mozart-registry/src/packagist.rs b/crates/mozart-registry/src/packagist.rs index 6b24589..504aa34 100644 --- a/crates/mozart-registry/src/packagist.rs +++ b/crates/mozart-registry/src/packagist.rs @@ -248,9 +248,7 @@ pub async fn fetch_package_versions( // Cache miss — fetch from Packagist let url = format!("https://repo.packagist.org/p2/{package_name}.json"); tracing::debug!(%url, "fetching package metadata"); - let client = reqwest::Client::builder() - .user_agent(mozart_core::http::user_agent()) - .build()?; + let client = mozart_core::http::client_builder().build()?; let response = client.get(&url).send().await?; tracing::debug!(status = %response.status(), "received response"); @@ -324,9 +322,7 @@ pub async fn search_packages( query: &str, package_type: Option<&str>, ) -> anyhow::Result<(Vec<SearchResult>, u64)> { - let client = reqwest::Client::builder() - .user_agent(mozart_core::http::user_agent()) - .build()?; + let client = mozart_core::http::client_builder().build()?; let mut all_results: Vec<SearchResult> = Vec::new(); let mut page = 1usize; @@ -440,9 +436,7 @@ pub struct SecurityAdvisoriesResponse { pub async fn fetch_security_advisories( package_names: &[&str], ) -> anyhow::Result<BTreeMap<String, Vec<SecurityAdvisory>>> { - let client = reqwest::Client::builder() - .user_agent(mozart_core::http::user_agent()) - .build()?; + let client = mozart_core::http::client_builder().build()?; let mut all_advisories: BTreeMap<String, Vec<SecurityAdvisory>> = BTreeMap::new(); |