@continuedev/fetch 1.0.15 → 1.1.0

package/dist/fetch.e2e.test.js

@@ -0,0 +1,356 @@
+import * as fs from "node:fs";
+import * as http from "node:http";
+import * as https from "node:https";
+import * as os from "node:os";
+import * as path from "node:path";
+import { execSync } from "node:child_process";
+import { afterEach, describe, expect, test } from "vitest";
+import { fetchwithRequestOptions } from "./fetch.js";
+// Test server ports
+const HTTP_PORT = 3001;
+const HTTPS_PORT = 3002;
+// Track servers and temp dirs for cleanup
+const serversToCleanup = [];
+const tempDirsToCleanup = [];
+afterEach(() => {
+    // Clean up all servers
+    serversToCleanup.forEach((server) => server.close());
+    serversToCleanup.length = 0;
+    // Clean up temp directories
+    tempDirsToCleanup.forEach((tempDir) => {
+        if (fs.existsSync(tempDir)) {
+            fs.rmSync(tempDir, { recursive: true, force: true });
+        }
+    });
+    tempDirsToCleanup.length = 0;
+});
+/**
+ * Create a temporary directory for test files
+ */
+function createTempDir() {
+    const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "fetch-e2e-test-"));
+    tempDirsToCleanup.push(tempDir);
+    return tempDir;
+}
+/**
+ * Generate a self-signed certificate for testing
+ */
+async function generateCertificate(tempDir, name, options) {
+    const certPath = path.join(tempDir, `${name}.crt`);
+    const keyPath = path.join(tempDir, `${name}.key`);
+    const caCertPath = path.join(tempDir, `${name}-ca.crt`);
+    try {
+        // Generate a private key
+        execSync(`openssl genrsa -out "${keyPath}" 2048`, { stdio: "pipe" });
+        // Create config file for certificate
+        const configPath = path.join(tempDir, `${name}.conf`);
+        const altNames = options.san
+            .map((san, i) => {
+            return san.match(/^\d+\.\d+\.\d+\.\d+$/)
+                ? `IP.${i + 1} = ${san}`
+                : `DNS.${i + 1} = ${san}`;
+        })
+            .join("\n");
+        const configContent = `
+[req]
+distinguished_name = req_distinguished_name
+req_extensions = v3_req
+prompt = no
+
+[req_distinguished_name]
+C = US
+ST = Test
+L = Test
+O = ${options.org}
+CN = ${options.cn}
+
+[v3_req]
+keyUsage = keyEncipherment, dataEncipherment
+extendedKeyUsage = serverAuth
+subjectAltName = @alt_names
+
+[alt_names]
+${altNames}
+`;
+        fs.writeFileSync(configPath, configContent);
+        // Generate a self-signed certificate
+        execSync(`openssl req -new -x509 -key "${keyPath}" -out "${certPath}" -days 365 -config "${configPath}" -extensions v3_req`, { stdio: "pipe" });
+        // Copy the certificate as CA (for testing custom CA scenarios)
+        fs.copyFileSync(certPath, caCertPath);
+        return { certPath, keyPath, caCertPath };
+    }
+    catch (error) {
+        // Fallback: create minimal test certificates if OpenSSL not available
+        const key = `-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7VJTUt9Us8cKB
+wEiOfniel+2jNcJjYUiUoq5YbVKk+xqt4bOMh5DNFJ3LnU1OaUHyG5sHlgNyKA==
+-----END PRIVATE KEY-----`;
+        const cert = `-----BEGIN CERTIFICATE-----
+MIICljCCAX4CCQCKnW9qX7TlxzANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJV
+UzAeFw0yNDAxMDEwMDAwMDBaFw0yNTAxMDEwMDAwMDBaMA0xCzAJBgNVBAYTAlVT
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1L7VLPHCQD1OvF4p
+4td9ozXCY2FIlKKuWG1SpPsareGzjIeQzRSdy51NTmlB8hubB5YDcigN8=
+-----END CERTIFICATE-----`;
+        fs.writeFileSync(keyPath, key);
+        fs.writeFileSync(certPath, cert);
+        fs.writeFileSync(caCertPath, cert);
+        return { certPath, keyPath, caCertPath };
+    }
+}
+/**
+ * Start a simple HTTP server for testing
+ */
+async function startHttpServer() {
+    const server = http.createServer((req, res) => {
+        const url = new URL(req.url, `http://localhost:${HTTP_PORT}`);
+        if (url.pathname === "/json") {
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({
+                message: "Hello from HTTP server",
+                method: req.method,
+            }));
+        }
+        else if (url.pathname === "/headers") {
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ headers: req.headers }));
+        }
+        else if (url.pathname === "/body") {
+            let body = "";
+            req.on("data", (chunk) => {
+                body += chunk.toString();
+            });
+            req.on("end", () => {
+                res.writeHead(200, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ body, headers: req.headers }));
+            });
+        }
+        else if (url.pathname === "/status/404") {
+            res.writeHead(404, { "Content-Type": "text/plain" });
+            res.end("Not Found");
+        }
+        else if (url.pathname === "/slow") {
+            setTimeout(() => {
+                res.writeHead(200, { "Content-Type": "text/plain" });
+                res.end("Slow response");
+            }, 100);
+        }
+        else {
+            res.writeHead(404);
+            res.end("Not Found");
+        }
+    });
+    await new Promise((resolve) => {
+        server.listen(HTTP_PORT, () => resolve());
+    });
+    serversToCleanup.push(server);
+    return server;
+}
+/**
+ * Start an HTTPS server with given certificates
+ */
+async function startHttpsServer(certPath, keyPath) {
+    const server = https.createServer({
+        cert: fs.readFileSync(certPath),
+        key: fs.readFileSync(keyPath),
+    }, (req, res) => {
+        const url = new URL(req.url, `https://localhost:${HTTPS_PORT}`);
+        if (url.pathname === "/secure") {
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ message: "Hello from HTTPS server", secure: true }));
+        }
+        else if (url.pathname === "/headers") {
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ headers: req.headers }));
+        }
+        else {
+            res.writeHead(404);
+            res.end("Not Found");
+        }
+    });
+    await new Promise((resolve) => {
+        server.listen(HTTPS_PORT, () => resolve());
+    });
+    serversToCleanup.push(server);
+    return server;
+}
+describe("fetchwithRequestOptions E2E tests", () => {
+    describe("HTTP requests", () => {
+        test("should make basic HTTP GET request", async () => {
+            await startHttpServer();
+            const response = await fetchwithRequestOptions(`http://localhost:${HTTP_PORT}/json`);
+            expect(response.status).toBe(200);
+            const data = (await response.json());
+            expect(data).toEqual({
+                message: "Hello from HTTP server",
+                method: "GET",
+            });
+        });
+        test("should make HTTP POST request with body", async () => {
+            await startHttpServer();
+            const response = await fetchwithRequestOptions(`http://localhost:${HTTP_PORT}/json`, {
+                method: "POST",
+                body: JSON.stringify({ test: "data" }),
+                headers: { "Content-Type": "application/json" },
+            });
+            expect(response.status).toBe(200);
+            const data = (await response.json());
+            expect(data.method).toBe("POST");
+        });
+        test("should handle custom headers", async () => {
+            await startHttpServer();
+            const response = await fetchwithRequestOptions(`http://localhost:${HTTP_PORT}/headers`, {
+                headers: { "X-Custom-Header": "test-value" },
+            });
+            const data = (await response.json());
+            expect(data.headers["x-custom-header"]).toBe("test-value");
+        });
+        test("should handle error responses", async () => {
+            await startHttpServer();
+            const response = await fetchwithRequestOptions(`http://localhost:${HTTP_PORT}/status/404`);
+            expect(response.status).toBe(404);
+            expect(response.ok).toBe(false);
+        });
+    });
+    describe("Request options integration", () => {
+        test("should merge extra body properties", async () => {
+            await startHttpServer();
+            const response = await fetchwithRequestOptions(`http://localhost:${HTTP_PORT}/body`, {
+                method: "POST",
+                body: JSON.stringify({ original: "data" }),
+                headers: { "Content-Type": "application/json" },
+            }, {
+                extraBodyProperties: { extra: "property" },
+            });
+            expect(response.status).toBe(200);
+            const data = (await response.json());
+            const body = JSON.parse(data.body);
+            expect(body).toEqual({ original: "data", extra: "property" });
+        });
+        test("should handle RequestOptions headers", async () => {
+            await startHttpServer();
+            const response = await fetchwithRequestOptions(`http://localhost:${HTTP_PORT}/headers`, {}, {
+                headers: { "X-Request-Options-Header": "from-request-options" },
+            });
+            const data = (await response.json());
+            expect(data.headers["x-request-options-header"]).toBe("from-request-options");
+        });
+        test("should merge headers from init and requestOptions", async () => {
+            await startHttpServer();
+            const response = await fetchwithRequestOptions(`http://localhost:${HTTP_PORT}/headers`, {
+                headers: { "X-Init-Header": "from-init" },
+            }, {
+                headers: { "X-Request-Options-Header": "from-request-options" },
+            });
+            const data = (await response.json());
+            expect(data.headers["x-init-header"]).toBe("from-init");
+            expect(data.headers["x-request-options-header"]).toBe("from-request-options");
+        });
+    });
+    describe("Certificate handling - Enterprise scenarios", () => {
+        test("should REJECT self-signed certificates when SSL verification is enabled", async () => {
+            const tempDir = createTempDir();
+            const serverCerts = await generateCertificate(tempDir, "server", {
+                cn: "localhost",
+                san: ["localhost", "127.0.0.1"],
+                org: "Test",
+            });
+            await startHttpsServer(serverCerts.certPath, serverCerts.keyPath);
+            // This simulates the customer's "unable to get local issuer certificate" error
+            await expect(fetchwithRequestOptions(`https://localhost:${HTTPS_PORT}/secure`, {}, { verifySsl: true })).rejects.toThrow(); // Should fail with certificate error
+        });
+        test("should ACCEPT self-signed certificates when SSL verification is disabled", async () => {
+            const tempDir = createTempDir();
+            const serverCerts = await generateCertificate(tempDir, "server", {
+                cn: "localhost",
+                san: ["localhost", "127.0.0.1"],
+                org: "Test",
+            });
+            await startHttpsServer(serverCerts.certPath, serverCerts.keyPath);
+            const response = await fetchwithRequestOptions(`https://localhost:${HTTPS_PORT}/secure`, {}, { verifySsl: false });
+            expect(response.status).toBe(200);
+            const data = (await response.json());
+            expect(data.secure).toBe(true);
+        });
+        test("should ACCEPT self-signed certificates with custom CA bundle", async () => {
+            const tempDir = createTempDir();
+            const serverCerts = await generateCertificate(tempDir, "server", {
+                cn: "localhost",
+                san: ["localhost", "127.0.0.1"],
+                org: "Test",
+            });
+            await startHttpsServer(serverCerts.certPath, serverCerts.keyPath);
+            const response = await fetchwithRequestOptions(`https://localhost:${HTTPS_PORT}/secure`, {}, {
+                caBundlePath: serverCerts.caCertPath, // Our self-signed cert as CA
+                verifySsl: true,
+            });
+            expect(response.status).toBe(200);
+            const data = (await response.json());
+            expect(data.secure).toBe(true);
+        });
+        test("should REJECT certificates when provided WRONG CA bundle", async () => {
+            const tempDir = createTempDir();
+            const serverCerts = await generateCertificate(tempDir, "server", {
+                cn: "localhost",
+                san: ["localhost", "127.0.0.1"],
+                org: "Test",
+            });
+            // Generate a different certificate as the "wrong" CA
+            const wrongCaCerts = await generateCertificate(tempDir, "wrong-ca", {
+                cn: "wrong-ca",
+                san: ["wrong-ca"],
+                org: "Wrong CA",
+            });
+            await startHttpsServer(serverCerts.certPath, serverCerts.keyPath);
+            // This should fail because the wrong CA can't validate our server certificate
+            await expect(fetchwithRequestOptions(`https://localhost:${HTTPS_PORT}/secure`, {}, {
+                caBundlePath: wrongCaCerts.caCertPath,
+                verifySsl: true,
+            })).rejects.toThrow(); // Should fail with certificate validation error
+        });
+        test("should REJECT certificates when CA bundle file is corrupted", async () => {
+            const tempDir = createTempDir();
+            const serverCerts = await generateCertificate(tempDir, "server", {
+                cn: "localhost",
+                san: ["localhost", "127.0.0.1"],
+                org: "Test",
+            });
+            // Create a corrupted/invalid certificate file
+            const corruptedCaPath = path.join(tempDir, "corrupted-ca.pem");
+            const corruptedContent = `-----BEGIN CERTIFICATE-----
+This is not a valid certificate content
+Just some random text that looks like a cert
+-----END CERTIFICATE-----`;
+            fs.writeFileSync(corruptedCaPath, corruptedContent);
+            await startHttpsServer(serverCerts.certPath, serverCerts.keyPath);
+            // This should fail because the corrupted CA file can't be parsed
+            await expect(fetchwithRequestOptions(`https://localhost:${HTTPS_PORT}/secure`, {}, {
+                caBundlePath: corruptedCaPath,
+                verifySsl: true,
+            })).rejects.toThrow(); // Should fail with certificate parsing or validation error
+        });
+        test("should REJECT certificates when CA bundle file does not exist", async () => {
+            const tempDir = createTempDir();
+            const serverCerts = await generateCertificate(tempDir, "server", {
+                cn: "localhost",
+                san: ["localhost", "127.0.0.1"],
+                org: "Test",
+            });
+            const nonExistentCaPath = path.join(tempDir, "does-not-exist.pem");
+            await startHttpsServer(serverCerts.certPath, serverCerts.keyPath);
+            // This should handle the missing file gracefully but still fail cert validation
+            await expect(fetchwithRequestOptions(`https://localhost:${HTTPS_PORT}/secure`, {}, {
+                caBundlePath: nonExistentCaPath,
+                verifySsl: true,
+            })).rejects.toThrow(); // Should fail with certificate validation error
+        });
+    });
+    describe("Error handling", () => {
+        test("should handle network errors gracefully", async () => {
+            // Try to connect to a non-existent server
+            await expect(fetchwithRequestOptions("http://localhost:9999/nonexistent")).rejects.toThrow();
+        });
+        test("should handle malformed URLs", async () => {
+            await expect(fetchwithRequestOptions("not-a-valid-url")).rejects.toThrow();
+        });
+    });
+});

package/dist/fetch.js

@@ -79,8 +79,28 @@ export async function fetchwithRequestOptions(url_, init, requestOptions) {
             : new HttpProxyAgent(proxy, agentOptions)
         : new protocol.Agent(agentOptions);
     let headers = {};
-    for (const [key, value] of Object.entries(init?.headers || {})) {
-        headers[key] = value;
+    // Handle different header formats
+    if (init?.headers) {
+        const headersSource = init.headers;
+        // Check if it's a Headers-like object (OpenAI v5 HeadersList, standard Headers)
+        if (headersSource && typeof headersSource.forEach === "function") {
+            // Use forEach method which works reliably on Headers objects
+            headersSource.forEach((value, key) => {
+                headers[key] = value;
+            });
+        }
+        else if (Array.isArray(headersSource)) {
+            // This is an array of [key, value] tuples
+            for (const [key, value] of headersSource) {
+                headers[key] = value;
+            }
+        }
+        else if (headersSource && typeof headersSource === "object") {
+            // This is a plain object
+            for (const [key, value] of Object.entries(headersSource)) {
+                headers[key] = value;
+            }
+        }
     }
     headers = {
         ...headers,

package/dist/ssl-certificate.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/ssl-certificate.test.js

@@ -0,0 +1,231 @@
+import * as fs from "node:fs";
+import * as os from "node:os";
+import * as path from "node:path";
+import { afterEach, beforeEach, describe, expect, test } from "vitest";
+import { CertsCache, getCertificateContent } from "./certs.js";
+import { getAgentOptions } from "./getAgentOptions.js";
+// Store original env
+const originalEnv = process.env;
+// Temporary directory for test certificate files
+let tempDir;
+beforeEach(() => {
+    // Create a temporary directory for test files
+    tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "cert-troubleshoot-test-"));
+    process.env = { ...originalEnv };
+});
+afterEach(() => {
+    process.env = originalEnv;
+    CertsCache.getInstance().clear();
+    // Clean up temporary directory
+    if (tempDir && fs.existsSync(tempDir)) {
+        fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+});
+describe("SSL certificate handling", () => {
+    describe("CA certificate handling", () => {
+        test("should handle custom CA bundle from file path", async () => {
+            const customCaCert = `-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIJAKoK/heBjcOuMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTcwODI4MTkzNDA5WhcNMTgwODI4MTkzNDA5WjBF
+-----END CERTIFICATE-----`;
+            const caCertPath = path.join(tempDir, "ca-bundle.pem");
+            fs.writeFileSync(caCertPath, customCaCert);
+            const options = await getAgentOptions({ caBundlePath: caCertPath });
+            expect(options.ca).toBeDefined();
+            expect(Array.isArray(options.ca)).toBe(true);
+            expect(options.ca).toContain(customCaCert);
+        });
+        test("should handle NODE_EXTRA_CA_CERTS environment variable", async () => {
+            const extraCaCert = `-----BEGIN CERTIFICATE-----
+MIIDUzCCAjugAwIBAgIJALvxFjX5V+/vMA0GCSqGSIb3DQEBCwUAMDgxCzAJBgNV
+BAYTAlVTMRAwDgYDVQQIDAdDb21wYW55MRcwFQYDVQQKDA5Db21wYW55IENvcnAw
+-----END CERTIFICATE-----`;
+            const extraCaPath = path.join(tempDir, "extra-ca.crt");
+            fs.writeFileSync(extraCaPath, extraCaCert);
+            process.env.NODE_EXTRA_CA_CERTS = extraCaPath;
+            const options = await getAgentOptions();
+            expect(options.ca).toBeDefined();
+            expect(Array.isArray(options.ca)).toBe(true);
+            expect(options.ca).toContain(extraCaCert);
+        });
+        test("should combine NODE_EXTRA_CA_CERTS with custom CA bundle", async () => {
+            const extraCaCert = `-----BEGIN CERTIFICATE-----
+MIIDExtra1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            const customCaCert = `-----BEGIN CERTIFICATE-----
+MIIDCustom1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            const extraCaPath = path.join(tempDir, "extra-ca.crt");
+            const customCaPath = path.join(tempDir, "custom-ca.pem");
+            fs.writeFileSync(extraCaPath, extraCaCert);
+            fs.writeFileSync(customCaPath, customCaCert);
+            process.env.NODE_EXTRA_CA_CERTS = extraCaPath;
+            const options = await getAgentOptions({ caBundlePath: customCaPath });
+            expect(options.ca).toBeDefined();
+            expect(Array.isArray(options.ca)).toBe(true);
+            expect(options.ca).toContain(extraCaCert);
+            expect(options.ca).toContain(customCaCert);
+        });
+    });
+    describe("Data URI certificate handling", () => {
+        test("should handle base64 encoded data URI certificates", () => {
+            const originalCert = `-----BEGIN CERTIFICATE-----
+MIIDUzCCAjugAwIBAgIJALvxFjX5V+/vMA0GCSqGSIb3DQEB
+-----END CERTIFICATE-----`;
+            const base64Data = Buffer.from(originalCert).toString("base64");
+            const dataUri = `data:application/x-pem-file;base64,${base64Data}`;
+            const result = getCertificateContent(dataUri);
+            expect(result).toBe(originalCert);
+        });
+        test("should handle URL-encoded data URI certificates", () => {
+            const originalCert = "certificate with spaces and special chars: !@#$%^&*()";
+            const encodedData = encodeURIComponent(originalCert);
+            const dataUri = `data:text/plain,${encodedData}`;
+            const result = getCertificateContent(dataUri);
+            expect(result).toBe(originalCert);
+        });
+    });
+    describe("SSL/TLS configuration", () => {
+        test("should configure SSL verification correctly", async () => {
+            // Test with SSL verification enabled
+            let options = await getAgentOptions({ verifySsl: true });
+            expect(options.rejectUnauthorized).toBe(true);
+            // Test with SSL verification disabled
+            options = await getAgentOptions({ verifySsl: false });
+            expect(options.rejectUnauthorized).toBe(false);
+        });
+        test("should configure timeout correctly", async () => {
+            const customTimeout = 60; // 1 minute in seconds
+            const options = await getAgentOptions({ timeout: customTimeout });
+            expect(options.timeout).toBe(customTimeout * 1000); // Should be converted to milliseconds
+        });
+        test("should handle client certificate authentication", async () => {
+            const clientCert = `-----BEGIN CERTIFICATE-----
+MIIDClientCert1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            const clientKey = `-----BEGIN PRIVATE KEY-----
+MIIEClientKey567890abcdefghijklmnopqrstuvwxyz
+-----END PRIVATE KEY-----`;
+            const clientCertPath = path.join(tempDir, "client.crt");
+            const clientKeyPath = path.join(tempDir, "client.key");
+            fs.writeFileSync(clientCertPath, clientCert);
+            fs.writeFileSync(clientKeyPath, clientKey);
+            const options = await getAgentOptions({
+                clientCertificate: {
+                    cert: clientCertPath,
+                    key: clientKeyPath,
+                    passphrase: "test-passphrase",
+                },
+            });
+            expect(options.cert).toBe(clientCert);
+            expect(options.key).toBe(clientKey);
+            expect(options.passphrase).toBe("test-passphrase");
+        });
+    });
+    describe("Certificate caching behavior", () => {
+        test("should cache certificate content to avoid repeated file reads", async () => {
+            const certsCache = CertsCache.getInstance();
+            const certPath = path.join(tempDir, "cached-cert.pem");
+            const certContent = `-----BEGIN CERTIFICATE-----
+MIIDCachedCert1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            fs.writeFileSync(certPath, certContent);
+            // First call should read from file
+            const result1 = await certsCache.getCachedCustomCert(certPath);
+            expect(result1).toBe(certContent);
+            // Modify the file on disk
+            const modifiedContent = certContent.replace("CachedCert", "ModifiedCert");
+            fs.writeFileSync(certPath, modifiedContent);
+            // Second call should return cached content, not the modified content
+            const result2 = await certsCache.getCachedCustomCert(certPath);
+            expect(result2).toBe(certContent); // Should still be the original cached content
+        });
+        test("should handle cache clearing", async () => {
+            const certsCache = CertsCache.getInstance();
+            const certPath = path.join(tempDir, "clear-cache-cert.pem");
+            const originalContent = `-----BEGIN CERTIFICATE-----
+MIIDOriginalCert1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            fs.writeFileSync(certPath, originalContent);
+            // Load into cache
+            await certsCache.getCachedCustomCert(certPath);
+            // Clear cache
+            certsCache.clear();
+            // Modify file
+            const newContent = originalContent.replace("OriginalCert", "NewCert");
+            fs.writeFileSync(certPath, newContent);
+            // Should read new content after cache clear
+            const result2 = await certsCache.getCachedCustomCert(certPath);
+            expect(result2).toBe(newContent);
+        });
+    });
+    describe("Error handling scenarios", () => {
+        test("should handle non-existent certificate files gracefully", async () => {
+            const nonExistentPath = path.join(tempDir, "does-not-exist.pem");
+            // Should not throw but should continue with system certificates only
+            const options = await getAgentOptions({ caBundlePath: nonExistentPath });
+            expect(options.ca).toBeDefined();
+            expect(Array.isArray(options.ca)).toBe(true);
+            // Should only contain system certificates, not the missing custom one
+            expect(options.ca.length).toBeGreaterThan(0);
+        });
+        test("should handle empty certificate files", () => {
+            const emptyCertPath = path.join(tempDir, "empty-cert.pem");
+            fs.writeFileSync(emptyCertPath, "");
+            const result = getCertificateContent(emptyCertPath);
+            expect(result).toBe("");
+        });
+        test("should handle malformed data URIs", () => {
+            const validMalformedDataUris = ["data:invalid-format", "data:"];
+            validMalformedDataUris.forEach((uri) => {
+                // These should not throw but may return unexpected content
+                expect(() => getCertificateContent(uri)).not.toThrow();
+                const result = getCertificateContent(uri);
+                expect(typeof result).toBe("string");
+            });
+            // This one will be treated as a file path and should throw
+            expect(() => getCertificateContent("not-a-data-uri-at-all")).toThrow("ENOENT");
+        });
+    });
+    describe("Real-world scenarios", () => {
+        test("should handle certificate bundle with multiple certificates", () => {
+            const bundleContent = `-----BEGIN CERTIFICATE-----
+MIIDRootCA1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIntermediateCA1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            const bundlePath = path.join(tempDir, "ca-bundle.pem");
+            fs.writeFileSync(bundlePath, bundleContent);
+            const result = getCertificateContent(bundlePath);
+            expect(result).toBe(bundleContent);
+            expect(result).toContain("RootCA");
+            expect(result).toContain("IntermediateCA");
+        });
+        test("should work with common certificate file extensions", () => {
+            const certExtensions = [".pem", ".crt", ".cer"];
+            const testCert = `-----BEGIN CERTIFICATE-----
+MIIDTestCert1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            for (const ext of certExtensions) {
+                const certPath = path.join(tempDir, `test-cert${ext}`);
+                fs.writeFileSync(certPath, testCert);
+                const result = getCertificateContent(certPath);
+                expect(result).toBe(testCert);
+            }
+        });
+        test("should handle proxy scenarios with custom certificates", async () => {
+            // Test that certificates work properly when proxy might be involved
+            const proxyCaCert = `-----BEGIN CERTIFICATE-----
+MIIDProxyCA1234567890abcdefghijklmnopqrstuvwxyz
+-----END CERTIFICATE-----`;
+            const proxyCaPath = path.join(tempDir, "proxy-ca.pem");
+            fs.writeFileSync(proxyCaPath, proxyCaCert);
+            const options = await getAgentOptions({ caBundlePath: proxyCaPath });
+            expect(options.ca).toBeDefined();
+            expect(options.ca).toContain(proxyCaCert);
+            expect(options.keepAlive).toBe(true); // Should work with keep-alive for proxy scenarios
+        });
+    });
+});

package/dist/stream.js

@@ -67,7 +67,13 @@ export function parseDataLine(line) {
     try {
         const data = JSON.parse(json);
         if (data.error) {
-            throw new Error(`Error streaming response: ${data.error}`);
+            if (data.error &&
+                typeof data.error === "object" &&
+                "message" in data.error) {
+                console.error("Error in streamed response:", data.error);
+                throw new Error(`Error streaming response: ${data.error.message}`);
+            }
+            throw new Error(`Error streaming response: ${JSON.stringify(data.error)}`);
         }
         return data;
     }

package/dist/stream.test.js

@@ -69,7 +69,11 @@ describe("parseDataLine", () => {
     });
     test("parseDataLine should throw error when data contains error field", () => {
         const line = 'data: {"error":"something went wrong"}';
-        expect(() => parseDataLine(line)).toThrow("Error streaming response: something went wrong");
+        expect(() => parseDataLine(line)).toThrow('Error streaming response: "something went wrong"');
+    });
+    test("parseDataLine should throw error when data contains error object with message", () => {
+        const line = 'data: {"error":{"message":"detailed error message"}}';
+        expect(() => parseDataLine(line)).toThrow("Error streaming response: detailed error message");
     });
     test("parseDataLine should handle empty objects", () => {
         const line = "data: {}";