Disable failure on hash mismatch until it can be proven to work reliably
parent
3116c979d3
commit
338127ff9c
|
@ -414,7 +414,14 @@ class ComposerRepository extends ArrayRepository implements NotifiableRepository
|
||||||
$data = $json->read();
|
$data = $json->read();
|
||||||
$encoded = json_encode($data);
|
$encoded = json_encode($data);
|
||||||
if ($sha256 && $sha256 !== hash('sha256', $encoded)) {
|
if ($sha256 && $sha256 !== hash('sha256', $encoded)) {
|
||||||
throw new \UnexpectedValueException('The contents of '.$filename.' do not match its signature, this may be due to a temporary glitch or a man-in-the-middle attack, aborting for safety. Please try running Composer again.');
|
if ($retries) {
|
||||||
|
usleep(100);
|
||||||
|
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO throw SecurityException and abort once we are sure this can not happen accidentally
|
||||||
|
$this->io->write('<warning>The contents of '.$filename.' do not match its signature, this may be due to a temporary glitch or a man-in-the-middle attack. Please report this.</warning>');
|
||||||
}
|
}
|
||||||
$this->cache->write($cacheKey, $encoded);
|
$this->cache->write($cacheKey, $encoded);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue