Respect `PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT`

[rwp0]

Now that HTTP::Tiny enables SSL certificate verification by default, maybe it's time to remove the explicit option in code?

So we can use the $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} environment variable in development mode?

The explicit check prevents the usage of the environment variable as documented below:

$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} - Changes the default certificate verification behavior to not check server identity if set to 1. Only effective if verify_SSL is not set. Added in version 0.083.

Changes mentions:

https://github.com/bluefeet/GitLab-API-v4/blob/4f31181771706c5c680f2b91aa66992898899c85/Changes#L18

 - Add verify_SSL=>1 to HTTP::Tiny to verify https server identity.

And we have in place:

https://github.com/search?q=repo%3Abluefeet%2FGitLab-API-v4%20verify_SSL&type=code

But then, if this option is present in the constructor, there's (absolutely) no way to do "insecure" connection in development settings apart from manually patching/modifying the PM files to remove this argument from the new constructor.

Many times it's not the developers who set up the "insecure" GitLab instances, developers just need to connect to what's already available.

So please make it possible, not by default, but optionally, by the way of setting the environment variable above following the HTTP::Tiny settings.

Thanks

[rwp0]

For me, modifying this line inside the _build_http_tiny private method worked:

https://github.com/bluefeet/GitLab-API-v4/blob/4f31181771706c5c680f2b91aa66992898899c85/lib/GitLab/API/v4/RESTClient.pm#L111

Tried to set the environment variable initially which failed, and then had to discover what's wrong debugging my script (using Devel-Camelcadedb).