Unverified Commit 48ba5be4 authored by Vincent Petry's avatar Vincent Petry
Browse files

Get composer using more secure method

As recommended on the website.
parent 9faf2502
......@@ -75,7 +75,7 @@ clean: clean-composer-deps clean-nodejs-deps clean-js-deps clean-test-results cl
# Basic required tools
cd build && curl -sS https://getcomposer.org/installer | php
cd build && ./getcomposer.sh
# ownCloud core PHP dependencies
# From https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md
EXPECTED_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig)
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', 'composer-setup.php');")
>&2 echo 'ERROR: downloaded composer installer hash does not equal the expected one.'
rm composer-setup.php
exit 1
php composer-setup.php --quiet
rm composer-setup.php
exit $RESULT
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment