vor 11 Jahren · 69bbe0918d
--- a/doc/00-intro.md
+++ b/doc/00-intro.md
@@ -121,7 +121,9 @@ composer.phar:
 
				     C:\Users\username>cd C:\bin
			
 
				     C:\bin>php -r "readfile('https://getcomposer.org/installer');" | php
			
 
				 
			
 
				-> **Note:** If the above fails due to readfile, use the `http` url or enable php_openssl.dll in php.ini
			
 
				+> **Note:** If the above fails due to readfile, enable php_openssl.dll in php.ini.
			
 
				+> You may use the http URL, however this will leave the request susceptible to a
			
 
				+> Man-In-The-Middle (MITM) attack.
			
 
				 
			
 
				 Create a new `composer.bat` file alongside `composer.phar`:
			
 
				 
			
@@ -152,6 +154,14 @@ run this instead:
 
				 Following the [example above](#declaring-dependencies), this will download
			
 
				 monolog into the `vendor/monolog/monolog` directory.
			
 
				 
			
 
				+> **Note:** Composer will attempt to protect all HTTPS requests using SSL/TLS. It
			
 
				+> implements peer verification using a certificate bundle, either one installed on
			
 
				+> the local system or a copy distributed with Composer. You may also pass the path
			
 
				+> to a bundle using the --cafile option for most commands. While you can also
			
 
				+> disable peer verification by passing the --disable-tls option, this is not
			
 
				+> recommended and will leave all downloads susceptible to Man-In-The-Middle (MITM)
			
 
				+> attacks.
			
 
				+
			
 
				 ## Autoloading
			
 
				 
			
 
				 Besides downloading the library, Composer also prepares an autoload file that's
			
--- a/doc/03-cli.md
+++ b/doc/03-cli.md
@@ -88,6 +88,8 @@ resolution.
 
				 * **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster
			
 
				   autoloader. This is recommended especially for production, but can take
			
 
				   a bit of time to run so it is currently not done by default.
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				 
			
 
				 ## update
			
 
				 
			
@@ -125,6 +127,8 @@ You can also use wildcards to update a bunch of packages at once:
 
				   lock file being out of date.
			
 
				 * **--with-dependencies** Add also all dependencies of whitelisted packages to the whitelist.
			
 
				   So all packages with their dependencies are updated recursively.
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				 
			
 
				 ## require
			
 
				 
			
@@ -151,6 +155,8 @@ to the command.
 
				   terminals or scripts which don't handle backspace characters.
			
 
				 * **--update-with-dependencies** Also update dependencies of the newly
			
 
				   required packages.
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				 
			
 
				 ## global
			
 
				 
			
@@ -183,6 +189,8 @@ You can also search for more than one term by passing multiple arguments.
 
				 ### Options
			
 
				 
			
 
				 * **--only-name (-N):** Search only in name.
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				 
			
 
				 ## show
			
 
				 
			
@@ -220,6 +228,8 @@ specific version.
 
				 * **--installed (-i):** List the packages that are installed.
			
 
				 * **--platform (-p):** List only platform packages (php & extensions).
			
 
				 * **--self (-s):** List the root package info.
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				 
			
 
				 ## depends
			
 
				 
			
@@ -284,6 +294,8 @@ you may have to run the command with `root` privileges
 
				 
			
 
				 * **--rollback (-r):** Rollback to the last version you had installed.
			
 
				 * **--clean-backups:** Delete old backups during an update. This makes the current version of composer the only backup available after the update.
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				 
			
 
				 ## config
			
 
				 
			
@@ -368,6 +380,8 @@ By default the command checks for the packages on packagist.org.
 
				 * **--keep-vcs:** Skip the deletion of the VCS metadata for the created
			
 
				   project. This is mostly useful if you run the command in non-interactive
			
 
				   mode.
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				 
			
 
				 ## dump-autoload
			
 
				 
			
@@ -406,6 +420,11 @@ problems.
 
				 
			
 
				     $ php composer.phar diagnose
			
 
				 
			
 
				+### Options
			
 
				+
			
 
				+* **--disable-tls:** Display SSL/TLS peer verification.
			
 
				+* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
			
 
				+
			
 
				 ## archive
			
 
				 
			
 
				 This command is used to generate a zip/tar archive for a given package in a
			
@@ -525,6 +544,11 @@ By default it points to $COMPOSER_HOME/cache on \*nix and OSX, and
 
				 This env var controls the time composer waits for commands (such as git
			
 
				 commands) to finish executing. The default value is 300 seconds (5 minutes).
			
 
				 
			
 
				+### COMPOSER_CAFILE
			
 
				+
			
 
				+By setting this environmental value, you can set a path to a certificate bundle
			
 
				+file to be used during SSL/TLS peer verification.
			
 
				+
			
 
				 ### COMPOSER_DISCARD_CHANGES
			
 
				 
			
 
				 This env var controls the discard-changes [config option](04-schema.md#config).