Open
Description
I'm trying to use composer to manage my PEAR dependencies. Previously this has worked well but it appears a week or 2 ago a composer change was made to not allow the HTTP protocol to be used unless explicitly allowed. I can enable the bypass for the check, but that doesn't seem like the best solution.
It appears that composer fetches https://pear2.php.net/channel.xml, parses it and then uses one of the base URL values to try and fetch http://pear2.php.net/rest/c/categories.xml, which then fails due to the HTTPS check.
Would it be possible to update the channel.xml file to use HTTPS URLs to avoid the need to disable the security check in composer?
Metadata
Metadata
Assignees
Labels
No labels