CODEWITHSUNDEEP
composer-php
Funcraft
Funcraft

Reputation: 1709

secure-http flag in a composer.json doesn't work

I need to use http composer registry for several packages:

...
"repositories":[
  {"type":"composer", "url":"http://<url>"}
],
"secure-http":false,
...

But when I am trying to composer update to update lock file, I got:

[Composer\Downloader\TransportException]
Your configuration does not allow connection to http://<url>.
See https://getcomposer.org/doc/06-config.md#secure-http for details.

By responding url I found next information;

secure-http#

Defaults to true. 
If set to true only HTTPS URLs are allowed to be downloaded via Composer. 
If you really absolutely need HTTP access to something then you can disable it ...

So I am confused what I am doing wrong.

Upvotes: 26

Views: 27508

Answers (2)

Ahmed ELMawrdy
Ahmed ELMawrdy

Reputation: 31

Hey you could make it a global thorough writing :

composer config -g secure-http false

Upvotes: 1

Funcraft
Funcraft

Reputation: 1709

Wrong composer.json structure. secure-http must be in the config section:

{
  ...,
  "config":{
    ...,
    "secure-http":false,
    ...
  }
  ...
}

Upvotes: 93

Related Questions