marcusramberg
commented
6 years ago Shouldn't we bump the dependency on Mojolicious as well then?
Closed Grinnz closed 6 years ago
marcusramberg
commented
6 years ago Shouldn't we bump the dependency on Mojolicious as well then?
Grinnz
commented
6 years ago Not necessary, on previous versions this option will still be passed through, it would just also set it by default unless tls_ca was provided.
marcusramberg
commented
6 years ago Ok. lgtm then.
Mojolicious 7.80 changed Mojo::IOLoop::Client to defer to IO::Socket::SSL's default behavior of verifying server certificates by default. To allow users to disable this we can add an insecure option similarly to Mojo::UserAgent.