最近在重装系统后使用了 composer 这个 php 的依赖工具
使用了自定义的 dns 遇到以下问题
~ composer global require "laravel/installer" 211ms 五 8/26 09:43:47 2016
Changed current directory to /Users/hainuo/.composer
Authentication required (packagist.org):
Username: xxx
Password:
[Composer\Downloader\TransportException]
Invalid credentials for 'http://packagist.org/p/provider-2013%249bdbe794879
3801d1edddf0b0d1c51bc8d98a395244d98f1d14bc0827946b9e0.json', aborting.
require [--dev] [--prefer-source] [--prefer-dist] [--no-progress] [--no-update] [--no-scripts] [--update-no-dev] [--update-with-dependencies] [--ignore-platform-reqs] [--prefer-stable] [--prefer-lowest] [--sort-packages] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--] []... 想询问下 如何配置才能够使得这个 http-base 的认证走 https 协议呢? 我在全局 config.json 中指定了使用 https 协议的源 如下
{
"config": {
"secure-http": true
},
"repositories": {
"packagist": {
"type": "composer",
"url": "https://packagist.org"
}
}
}我通过查询发现有个 composer 命令来检测这个东西
composer diagnose 2.3m 五 8/26 10:29:01 2016
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: Warning: Accessing packagist.org over http which is an insecure protocol.
FAIL
[Composer\Downloader\TransportException] Invalid credentials for 'http://packagist.org/packages.json', aborting.
Checking https connectivity to packagist: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys: FAIL
Missing pubkey for tags verification
Missing pubkey for dev verification
Run composer self-update --update-keys to set them up
Checking composer version: OK以上是执行结果就是检测的结果 那个警告比较清楚的说明是通过 http 不安全协议
解决方法是设置一个本地或全局的composer配置:
composer config secure-http false全局设置:
composer config -g secure-http false