Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Composer Update "man-in-the-middle attack" error

I cloned one of my local project and executed composer update but I am getting some error:

[Composer\Repository\RepositorySecurityException]
The contents of http://packagist.org/p/friendsofsymfony/facebook-bundle$f1d8c88e21c3636c7d6d8d66f3e98ce2c83de942d1ab652f76e8c4f82e2c6363.js on do not match its signature. This should indicate a man-in-the-middle attack. Try running composer again and report this if you think it is a mistake.

I also tried to clear composer cache but nothing is working.

Could someone give me an idea behind the issue so that it could be helpful for me.

Composer Version: b482ebe0ca18321d9322bd913af73c1c55adebf1

like image 614
Prakash Avatar asked Sep 24 '13 09:09

Prakash


3 Answers

In my scenario, adding the following lines to composer.json fixed the issue.

"repositories": {
  "packagist": { "url": "https://packagist.org", "type": "composer" }
}

Edit

If you have more then one repository:

  "repositories": [
      { "type": "composer", "url": "https://packagist.org" },
      { "type": "git", "url": "[email protected]:repo_name/proj_name.git" }
  ],
like image 184
michaelbn Avatar answered Oct 20 '22 12:10

michaelbn


fix packagist repo as well with config option

composer config --global repo.packagist composer https://packagist.org
like image 45
knoppix Avatar answered Oct 20 '22 11:10

knoppix


For me, the solution was to shut down my firewall included in FortiClient, after that, all worked. The Firewall seems to be the "man in the middle" ;)

like image 21
Vincent Guyard Avatar answered Oct 20 '22 13:10

Vincent Guyard