Respect http.sslVerify

[jalil-salame]

Summary 💡

I need to ignore the validity of SSL certificates (corporate proxy so security is "not a concern").

Motivation 🔦

As mentioned in #1103 (comment). I use git/gix behind a corporate proxy which has a self-signed certificate. To use gix there I need to either not verify the certificates, or to respect the configured certificates on windows (this is not done by git/curl so I would not personally pursue this path).

[Byron]

It turns out that gix knows the following about that:

❯ gix config-tree | rg sslVerify
 🤔   http.sslVerify                                       not planned ℹ on demand ℹ  

It's indeed not implemented even for the curl backend, and doing so should be straightforward to wire up.
Please note that in the max-pure configuration, most of the http options aren't supported, as it needs a completely separate implementation given that it relies on reqwest.

[dirthsj]

or to respect the configured certificates on windows (this is not done by git/curl so I would not personally pursue this path).

Note that this does work with git under the following option;

git config --global http.sslBackend schannel

I would hope gix can also respect this setting eventually (maybe that's a separate issue though).

[Byron]

Thanks for sharing!

I am quite sure that eventually this will be implemented as gix has a real opportunity to be more compatible to Windows than git is.

[Alvenix]

As 1142 was merged, gix now respect sslVerify for the curl http backend.

[Byron]

I second that, and add that the curl backend corresponds to the max version of gix.