Updated the composer hash to use a live signature rather than hard-coded

This commit is contained in:
Andy Heathershaw 2016-11-06 16:53:23 +00:00
parent 9ed9626e9d
commit 8eff022fc7

View File

@ -30,7 +30,7 @@ file_put_contents($appConfigFile, str_replace('**DEV**', $argv[1], file_get_cont
echo 'Downloading Composer...' . PHP_EOL . PHP_EOL; echo 'Downloading Composer...' . PHP_EOL . PHP_EOL;
copy('https://getcomposer.org/installer', 'composer-setup.php'); copy('https://getcomposer.org/installer', 'composer-setup.php');
if (hash_file('SHA384', 'composer-setup.php') === 'e115a8dc7871f15d853148a7fbac7da27d6c0030b848d9b3dc09e2a0388afed865e6a3d6b3c0fad45c48e2b5fc1196ae') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); exit; } echo PHP_EOL; if (hash_file('SHA384', 'composer-setup.php') === trim(file_get_contents('https://composer.github.io/installer.sig'))) { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); exit; } echo PHP_EOL;
system('php composer-setup.php'); system('php composer-setup.php');
unlink('composer-setup.php'); unlink('composer-setup.php');