Disable automatic retry by default on certificate validation error #5523
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
This PR disables the automatic retrying of
Utils/http_request()that was skipping certificate validation.The new default is to produce a hard error on certificate errors.
This PR also adds a new
--insecureflag to thecli updatecommand that turns this retrying back on when explicitly requested, which allows manually going back to the previous behavior.Subsequent PRs on the command repositories will add a similar
--insecureflag to the appropriate commands on the following repositories:wp-cli/config-command=> Add--insecureflag toconfig create&config shuffle-saltscommands config-command#128wp-cli/core-command=> Add--insecureflag tocore download&core updatecommands core-command#186wp-cli/extension-command=> Add--insecureflag toplugin|theme install&plugin\theme updatecommands extension-command#287wp-cli/checksum-command=> Add--insecureflag tocore|plugin verify-checksumscommands checksum-command#86wp-cli/package-command=> Add--insecureflag topackage installcommand package-command#138