Commit 14222ff3928f27dd3b7209ed5dedb33cda7bc106 has added an invocation of danger_accept_invalid_certs(). This has been considered safe because:
The data being downloaded is a static image anyway, and no user-provided data is being sent
The issue seems to be on the server side, as many tools and operating systems seems to be complaining about fetching the data with the same error being returned (unable to get local issuer certificate, visible at least on Arch and Debian Linux).
Ideally though, we'd like to eventually get rid of it - perhaps the server will fix the issue, or we'll figure out some other way to not call this.
Commit 14222ff3928f27dd3b7209ed5dedb33cda7bc106 has added an invocation of
danger_accept_invalid_certs(). This has been considered safe because:unable to get local issuer certificate, visible at least on Arch and Debian Linux).Ideally though, we'd like to eventually get rid of it - perhaps the server will fix the issue, or we'll figure out some other way to not call this.