diff options
| author | nsfisis <nsfisis@gmail.com> | 2026-05-04 13:59:49 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2026-05-04 13:59:49 +0900 |
| commit | e6e4f6f6319b39ba3020f96d070b637054c04b6a (patch) | |
| tree | 216423fc61716825f1eded1163e17264dbff3ea1 /crates/mozart/src/commands.rs | |
| parent | 30b222e7324e933f1e1bde5c5e34d588e36adbaa (diff) | |
| download | php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.gz php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.tar.zst php-mozart-e6e4f6f6319b39ba3020f96d070b637054c04b6a.zip | |
feat(http): honor config.cafile and config.capath
Composer's config.cafile/config.capath were accepted by the config
command but ignored by every HTTP request. Centralize reqwest client
construction in mozart_core::http, pre-load the configured CA bundle
at startup, and route every callsite (registry, vcs drivers, diagnose,
self-update) through the shared builder so user-supplied roots are
actually used during HTTPS verification.
Diffstat (limited to 'crates/mozart/src/commands.rs')
| -rw-r--r-- | crates/mozart/src/commands.rs | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/crates/mozart/src/commands.rs b/crates/mozart/src/commands.rs index c648754..504e38d 100644 --- a/crates/mozart/src/commands.rs +++ b/crates/mozart/src/commands.rs @@ -254,6 +254,12 @@ pub async fn execute(cli: &Cli) -> anyhow::Result<()> { cli.no_ansi, cli.no_interaction, ); + + // Initialize HTTPS root certificates from `config.cafile` / `config.capath` + // before any command makes a network request. + let tls_opts = config_helpers::load_tls_options(cli); + mozart_core::http::init_tls_options(&tls_opts)?; + let command = cli.command.as_ref().expect("command must be set"); match command { Commands::About(args) => about::execute(args, cli, &console).await, |