@jsenv/https-local 1.1.0 → 2.0.0

package/README.md

@@ -67,13 +67,12 @@ node ./install_certificate_authority.mjs
 import { createServer } from "node:https"
 import { requestCertificateForLocalhost } from "@jsenv/https-local"
 
-const { serverCertificate, serverCertificatePrivateKey } =
-  await requestCertificateForLocalhost()
+const { certificate, privateKey } = requestCertificateForLocalhost()
 
 const server = createServer(
   {
-    cert: serverCertificate,
-    key: serverCertificatePrivateKey,
+    cert: certificate,
+    key: privateKey,
   },
   (request, response) => {
     const body = "Hello world"
@@ -361,10 +360,9 @@ _requestCertificateForLocalhost_ function returns a certificate and private key
 import { createServer } from "node:https"
 import { requestCertificateForLocalhost } from "@jsenv/https-local"
 
-const { serverCertificate, serverCertificatePrivateKey } =
-  await requestCertificateForLocalhost({
-    serverCertificateAltNames: ["localhost", "local.example"],
-  })
+const { certificate, privateKey } = requestCertificateForLocalhost({
+  altNames: ["localhost", "local.example"],
+})
 ```
 
 [installCertificateAuthority](#installCertificateAuthority) must be called before this function.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jsenv/https-local",
-  "version": "1.1.0",
+  "version": "2.0.0",
   "description": "A programmatic way to generate locally trusted certificates",
   "license": "MIT",
   "author": {
@@ -13,7 +13,8 @@
     "url": "https://github.com/jsenv/https-local"
   },
   "publishConfig": {
-    "access": "public"
+    "access": "public",
+    "registry": "https://registry.npmjs.org"
   },
   "engines": {
     "node": ">=16.13.0"
@@ -21,14 +22,13 @@
   "type": "module",
   "exports": {
     ".": {
-      "import": "./main.js"
+      "import": "./src/main.js"
     },
     "./*": "./*"
   },
-  "main": "./main.js",
+  "main": "./src/main.js",
   "files": [
-    "/src/",
-    "/main.js"
+    "/src/"
   ],
   "scripts": {
     "eslint": "npx eslint . --ext=.js,.mjs,.cjs",
@@ -48,28 +48,25 @@
     "playwright-install": "npx playwright install-deps && npx playwright install"
   },
   "dependencies": {
-    "@jsenv/filesystem": "4.0.2",
-    "@jsenv/log": "1.6.3",
-    "@jsenv/logger": "4.1.1",
-    "@jsenv/urls": "1.1.2",
+    "@jsenv/filesystem": "4.1.0",
+    "@jsenv/log": "2.0.1",
+    "@jsenv/urls": "1.2.6",
     "command-exists": "1.2.9",
     "node-forge": "1.3.1",
     "sudo-prompt": "9.2.1",
     "which": "2.0.2"
   },
   "devDependencies": {
-    "@jsenv/assert": "2.5.4",
-    "@jsenv/core": "27.0.0-alpha.69",
+    "@jsenv/assert": "2.6.0",
+    "@jsenv/core": "27.0.0-alpha.92",
     "@jsenv/eslint-config": "16.0.9",
-    "@jsenv/eslint-import-resolver": "0.1.11",
+    "@jsenv/eslint-import-resolver": "0.3.0",
     "@jsenv/github-release-package": "1.4.0",
-    "@jsenv/importmap-eslint-resolver": "5.2.5",
-    "@jsenv/importmap-node-module": "5.1.3",
     "@jsenv/package-publish": "1.7.5",
-    "@jsenv/performance-impact": "2.2.11",
-    "eslint": "8.17.0",
+    "@jsenv/performance-impact": "2.3.0",
+    "eslint": "8.18.0",
     "eslint-plugin-import": "2.26.0",
     "playwright": "1.22.2",
-    "prettier": "2.7.0"
+    "prettier": "2.7.1"
   }
-}
+}

package/src/certificate_authority.js

@@ -1,14 +1,13 @@
 import { readFile, writeFile, removeEntry } from "@jsenv/filesystem"
-import { createLogger, createDetailedMessage } from "@jsenv/logger"
-import { UNICODE } from "@jsenv/log"
+import { UNICODE, createLogger, createDetailedMessage } from "@jsenv/log"
 
+import { forge } from "./internal/forge.js"
 import { getAuthorityFileInfos } from "./internal/authority_file_infos.js"
 import { attributeDescriptionFromAttributeArray } from "./internal/certificate_data_converter.js"
 import {
   formatTimeDelta,
   formatDuration,
 } from "./internal/validity_formatting.js"
-import { importNodeForge } from "./internal/forge.js"
 import { createAuthorityRootCertificate } from "./internal/certificate_generator.js"
 import { importPlatformMethods } from "./internal/platform.js"
 import { jsenvParameters } from "./jsenvParameters.js"
@@ -79,7 +78,7 @@ export const installCertificateAuthority = async ({
         serialNumber: 0,
       })
 
-    const { pki } = await importNodeForge()
+    const { pki } = forge
     const rootCertificate = pemAsFileContent(
       pki.certificateToPem(rootCertificateForgeObject),
     )
@@ -173,7 +172,7 @@ export const installCertificateAuthority = async ({
   const rootCertificate = await readFile(rootCertificateFileInfo.path, {
     as: "string",
   })
-  const { pki } = await importNodeForge()
+  const { pki } = forge
   const rootCertificateForgeObject = pki.certificateFromPem(rootCertificate)
 
   logger.info(`Checking certificate validity...`)
@@ -323,7 +322,7 @@ export const uninstallCertificateAuthority = async ({
       const rootCertificate = await readFile(rootCertificateFileInfo.url, {
         as: "string",
       })
-      const { pki } = await importNodeForge()
+      const { pki } = forge
       const rootCertificateForgeObject = pki.certificateFromPem(rootCertificate)
       const rootCertificateCommonName = attributeDescriptionFromAttributeArray(
         rootCertificateForgeObject.subject.attributes,

package/src/certificate_for_localhost.js

@@ -1,39 +1,38 @@
-import { readFile, writeFile } from "@jsenv/filesystem"
-import { createLogger, createDetailedMessage } from "@jsenv/logger"
-import { UNICODE } from "@jsenv/log"
+import { readFileSync } from "node:fs"
+import { writeFileSync } from "@jsenv/filesystem"
+import { UNICODE, createLogger, createDetailedMessage } from "@jsenv/log"
 
+import { forge } from "./internal/forge.js"
 import {
   createValidityDurationOfXDays,
   verifyServerCertificateValidityDuration,
 } from "./validity_duration.js"
 import { getAuthorityFileInfos } from "./internal/authority_file_infos.js"
-import { importNodeForge } from "./internal/forge.js"
 import { requestCertificateFromAuthority } from "./internal/certificate_generator.js"
 import { formatDuration } from "./internal/validity_formatting.js"
 
-export const requestCertificateForLocalhost = async ({
+export const requestCertificateForLocalhost = ({
   logLevel,
   logger = createLogger({ logLevel }), // to be able to catch logs during unit tests
 
-  serverCertificateAltNames = ["localhost"],
-  serverCertificateCommonName = "https local server certificate",
-  serverCertificateValidityDurationInMs = createValidityDurationOfXDays(396),
+  altNames = ["localhost"],
+  commonName = "https local server certificate",
+  validityDurationInMs = createValidityDurationOfXDays(396),
 } = {}) => {
-  if (typeof serverCertificateValidityDurationInMs !== "number") {
+  if (typeof validityDurationInMs !== "number") {
     throw new TypeError(
-      `serverCertificateValidityDurationInMs must be a number but received ${serverCertificateValidityDurationInMs}`,
+      `validityDurationInMs must be a number but received ${validityDurationInMs}`,
     )
   }
-  if (serverCertificateValidityDurationInMs < 1) {
+  if (validityDurationInMs < 1) {
     throw new TypeError(
-      `serverCertificateValidityDurationInMs must be > 0 but received ${serverCertificateValidityDurationInMs}`,
+      `validityDurationInMs must be > 0 but received ${validityDurationInMs}`,
     )
   }
-  const validityDurationInfo = verifyServerCertificateValidityDuration(
-    serverCertificateValidityDurationInMs,
-  )
+  const validityDurationInfo =
+    verifyServerCertificateValidityDuration(validityDurationInMs)
   if (!validityDurationInfo.ok) {
-    serverCertificateValidityDurationInMs = validityDurationInfo.maxAllowedValue
+    validityDurationInMs = validityDurationInfo.maxAllowedValue
     logger.warn(
       createDetailedMessage(validityDurationInfo.message, {
         details: validityDurationInfo.details,
@@ -59,19 +58,16 @@ export const requestCertificateForLocalhost = async ({
   }
 
   logger.debug(`Restoring certificate authority from filesystem...`)
-  const { pki } = await importNodeForge()
-  const rootCertificate = await readFile(rootCertificateFileInfo.url, {
-    as: "string",
-  })
-  const rootCertificatePrivateKey = await readFile(
-    rootCertificatePrivateKeyFileInfo.url,
-    {
-      as: "string",
-    },
+  const { pki } = forge
+  const rootCertificate = String(
+    readFileSync(new URL(rootCertificateFileInfo.url)),
+  )
+  const rootCertificatePrivateKey = String(
+    readFileSync(new URL(rootCertificatePrivateKeyFileInfo.url)),
+  )
+  const certificateAuthorityData = JSON.parse(
+    String(readFileSync(new URL(authorityJsonFileInfo.url))),
   )
-  const certificateAuthorityData = await readFile(authorityJsonFileInfo.url, {
-    as: "json",
-  })
   const rootCertificateForgeObject = pki.certificateFromPem(rootCertificate)
   const rootCertificatePrivateKeyForgeObject = pki.privateKeyFromPem(
     rootCertificatePrivateKey,
@@ -80,26 +76,26 @@ export const requestCertificateForLocalhost = async ({
 
   const serverCertificateSerialNumber =
     certificateAuthorityData.serialNumber + 1
-  await writeFile(
+  writeFileSync(
     authorityJsonFileInfo.url,
     JSON.stringify({ serialNumber: serverCertificateSerialNumber }, null, "  "),
   )
 
-  if (!serverCertificateAltNames.includes("localhost")) {
-    serverCertificateAltNames.push("localhost")
+  if (!altNames.includes("localhost")) {
+    altNames.push("localhost")
   }
 
   logger.debug(`Generating server certificate...`)
   const { certificateForgeObject, certificatePrivateKeyForgeObject } =
-    await requestCertificateFromAuthority({
+    requestCertificateFromAuthority({
       logger,
       authorityCertificateForgeObject: rootCertificateForgeObject,
       auhtorityCertificatePrivateKeyForgeObject:
         rootCertificatePrivateKeyForgeObject,
       serialNumber: serverCertificateSerialNumber,
-      altNames: serverCertificateAltNames,
-      commonName: serverCertificateCommonName,
-      validityDurationInMs: serverCertificateValidityDurationInMs,
+      altNames,
+      commonName,
+      validityDurationInMs,
     })
   const serverCertificate = pki.certificateToPem(certificateForgeObject)
   const serverCertificatePrivateKey = pki.privateKeyToPem(
@@ -109,13 +105,13 @@ export const requestCertificateForLocalhost = async ({
     `${
       UNICODE.OK
     } server certificate generated, it will be valid for ${formatDuration(
-      serverCertificateValidityDurationInMs,
+      validityDurationInMs,
     )}`,
   )
 
   return {
-    serverCertificate,
-    serverCertificatePrivateKey,
+    certificate: serverCertificate,
+    privateKey: serverCertificatePrivateKey,
     rootCertificateFilePath: rootCertificateFileInfo.path,
   }
 }

package/src/hosts_file_verif.js

@@ -1,5 +1,4 @@
-import { createDetailedMessage, createLogger } from "@jsenv/logger"
-import { UNICODE } from "@jsenv/log"
+import { createDetailedMessage, createLogger, UNICODE } from "@jsenv/log"
 
 import {
   HOSTS_FILE_PATH,

package/src/internal/certificate_generator.js

@@ -1,7 +1,7 @@
 // https://github.com/digitalbazaar/forge/blob/master/examples/create-cert.js
 // https://github.com/digitalbazaar/forge/issues/660#issuecomment-467145103
 
-import { importNodeForge } from "./forge.js"
+import { forge } from "./forge.js"
 import {
   attributeArrayFromAttributeDescription,
   attributeDescriptionFromAttributeArray,
@@ -23,7 +23,6 @@ export const createAuthorityRootCertificate = async ({
     throw new TypeError(`serial must be a number but received ${serialNumber}`)
   }
 
-  const forge = await importNodeForge()
   const { pki } = forge
   const rootCertificateForgeObject = pki.createCertificate()
   const keyPair = pki.rsa.generateKeyPair(2048) // TODO: use async version https://github.com/digitalbazaar/forge#rsa
@@ -86,7 +85,7 @@ export const createAuthorityRootCertificate = async ({
   }
 }
 
-export const requestCertificateFromAuthority = async ({
+export const requestCertificateFromAuthority = ({
   authorityCertificateForgeObject, // could be intermediate or root certificate authority
   auhtorityCertificatePrivateKeyForgeObject,
   serialNumber,
@@ -116,7 +115,6 @@ export const requestCertificateFromAuthority = async ({
     )
   }
 
-  const forge = await importNodeForge()
   const { pki } = forge
   const certificateForgeObject = pki.createCertificate()
   const keyPair = pki.rsa.generateKeyPair(2048) // TODO: use async version https://github.com/digitalbazaar/forge#rsa

package/src/internal/forge.js

@@ -2,6 +2,4 @@ import { createRequire } from "node:module"
 
 const require = createRequire(import.meta.url)
 
-export const importNodeForge = async () => {
-  return require("node-forge")
-}
+export const forge = require("node-forge")

package/src/internal/linux/chrome_linux.js

@@ -1,8 +1,9 @@
 import { existsSync } from "node:fs"
 import { execSync } from "node:child_process"
 import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
-
 import { UNICODE } from "@jsenv/log"
+
+import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js"
 import {
   nssCommandName,
   detectIfNSSIsInstalled,
@@ -10,8 +11,6 @@ import {
   getCertutilBinPath,
 } from "./nss_linux.js"
 
-import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js"
-
 export const executeTrustQueryOnChrome = ({
   logger,
   certificateCommonName,

package/src/internal/linux/firefox_linux.js

@@ -3,6 +3,7 @@ import { execSync } from "node:child_process"
 import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
 import { UNICODE } from "@jsenv/log"
 
+import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js"
 import {
   nssCommandName,
   detectIfNSSIsInstalled,
@@ -10,8 +11,6 @@ import {
   getCertutilBinPath,
 } from "./nss_linux.js"
 
-import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js"
-
 export const executeTrustQueryOnFirefox = ({
   logger,
   certificateCommonName,

package/src/internal/linux/linux_trust_store.js

@@ -4,16 +4,15 @@
 
 import { existsSync } from "node:fs"
 import { fileURLToPath } from "node:url"
-import { createDetailedMessage } from "@jsenv/logger"
 import { readFile } from "@jsenv/filesystem"
-import { UNICODE } from "@jsenv/log"
+import { createDetailedMessage, UNICODE } from "@jsenv/log"
 
-import { exec } from "@jsenv/https-local/src/internal/exec.js"
 import {
   VERB_CHECK_TRUST,
   VERB_ADD_TRUST,
   VERB_REMOVE_TRUST,
 } from "../trust_query.js"
+import { exec } from "../exec.js"
 
 const REASON_NEW_AND_TRY_TO_TRUST_DISABLED =
   "certificate is new and tryToTrust is disabled"

package/src/internal/linux/nss_linux.js

@@ -1,7 +1,7 @@
 import { UNICODE } from "@jsenv/log"
 
-import { memoize } from "@jsenv/https-local/src/internal/memoize.js"
-import { exec } from "@jsenv/https-local/src/internal/exec.js"
+import { memoize } from "../memoize.js"
+import { exec } from "../exec.js"
 
 export const nssCommandName = "libnss3-tools"
 

package/src/internal/mac/chrome_mac.js

@@ -1,7 +1,7 @@
 import { existsSync } from "node:fs"
 import { UNICODE } from "@jsenv/log"
 
-import { memoize } from "@jsenv/https-local/src/internal/memoize.js"
+import { memoize } from "../memoize.js"
 
 const REASON_CHROME_NOT_DETECTED = `Chrome not detected`
 

package/src/internal/mac/mac_keychain.js

@@ -1,11 +1,10 @@
 // https://ss64.com/osx/security.html
 
 import { fileURLToPath } from "node:url"
-import { createDetailedMessage } from "@jsenv/logger"
+import { createDetailedMessage, UNICODE } from "@jsenv/log"
 
-import { UNICODE } from "@jsenv/log"
-import { exec } from "@jsenv/https-local/src/internal/exec.js"
-import { searchCertificateInCommandOutput } from "@jsenv/https-local/src/internal/search_certificate_in_command_output.js"
+import { exec } from "../exec.js"
+import { searchCertificateInCommandOutput } from "../search_certificate_in_command_output.js"
 import {
   VERB_CHECK_TRUST,
   VERB_ADD_TRUST,

package/src/internal/mac/nss_mac.js

@@ -2,9 +2,9 @@ import { fileURLToPath } from "node:url"
 import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
 import { UNICODE } from "@jsenv/log"
 
-import { memoize } from "@jsenv/https-local/src/internal/memoize.js"
-import { exec } from "@jsenv/https-local/src/internal/exec.js"
-import { commandExists } from "@jsenv/https-local/src/internal/command.js"
+import { memoize } from "../memoize.js"
+import { exec } from "../exec.js"
+import { commandExists } from "../command.js"
 
 export const nssCommandName = "nss"
 

package/src/internal/nssdb_browser.js

@@ -5,13 +5,12 @@
 
 import { existsSync } from "node:fs"
 import { fileURLToPath } from "node:url"
-import { createDetailedMessage } from "@jsenv/logger"
 import { urlToFilename } from "@jsenv/urls"
+import { createDetailedMessage, UNICODE } from "@jsenv/log"
 import { assertAndNormalizeDirectoryUrl, collectFiles } from "@jsenv/filesystem"
-import { UNICODE } from "@jsenv/log"
 
-import { exec } from "@jsenv/https-local/src/internal/exec.js"
-import { searchCertificateInCommandOutput } from "@jsenv/https-local/src/internal/search_certificate_in_command_output.js"
+import { exec } from "./exec.js"
+import { searchCertificateInCommandOutput } from "./search_certificate_in_command_output.js"
 import { VERB_CHECK_TRUST, VERB_ADD_TRUST } from "./trust_query.js"
 
 export const executeTrustQueryOnBrowserNSSDB = async ({

package/src/internal/windows/chrome_windows.js

@@ -2,7 +2,7 @@ import { createRequire } from "node:module"
 import { existsSync } from "node:fs"
 import { UNICODE } from "@jsenv/log"
 
-import { memoize } from "@jsenv/https-local/src/internal/memoize.js"
+import { memoize } from "../memoize.js"
 
 const require = createRequire(import.meta.url)
 

package/src/internal/windows/firefox_windows.js

@@ -7,7 +7,7 @@ import { createRequire } from "node:module"
 import { existsSync } from "node:fs"
 import { UNICODE } from "@jsenv/log"
 
-import { memoize } from "@jsenv/https-local/src/internal/memoize.js"
+import { memoize } from "../memoize.js"
 
 const require = createRequire(import.meta.url)
 

package/src/internal/windows/windows_certutil.js

@@ -4,10 +4,9 @@
  */
 
 import { fileURLToPath } from "node:url"
-import { createDetailedMessage } from "@jsenv/logger"
-import { UNICODE } from "@jsenv/log"
+import { createDetailedMessage, UNICODE } from "@jsenv/log"
 
-import { exec } from "@jsenv/https-local/src/internal/exec.js"
+import { exec } from "../exec.js"
 import {
   VERB_CHECK_TRUST,
   VERB_ADD_TRUST,

package/{main.js → src/main.js}

@@ -7,13 +7,13 @@
 export {
   installCertificateAuthority,
   uninstallCertificateAuthority,
-} from "./src/certificate_authority.js"
+} from "./certificate_authority.js"
 
 export {
   createValidityDurationOfXYears,
   createValidityDurationOfXDays,
-} from "./src/validity_duration.js"
+} from "./validity_duration.js"
 
-export { verifyHostsFile } from "./src/hosts_file_verif.js"
+export { verifyHostsFile } from "./hosts_file_verif.js"
 
-export { requestCertificateForLocalhost } from "./src/certificate_for_localhost.js"
+export { requestCertificateForLocalhost } from "./certificate_for_localhost.js"

package/src/validity_duration.js

@@ -3,7 +3,6 @@ const MILLISECONDS_PER_YEAR = MILLISECONDS_PER_DAY * 365
 
 export const verifyRootCertificateValidityDuration = (validityDurationInMs) => {
   const durationInYears = validityDurationInMs / MILLISECONDS_PER_YEAR
-
   if (durationInYears > 25) {
     return {
       ok: false,
@@ -13,26 +12,22 @@ export const verifyRootCertificateValidityDuration = (validityDurationInMs) => {
         "https://serverfault.com/questions/847190/in-theory-could-a-ca-make-a-certificate-that-is-valid-for-arbitrarily-long",
     }
   }
-
   return { ok: true }
 }
 
 export const verifyServerCertificateValidityDuration = (
-  serverCertificateValidityDurationInMs,
+  validityDurationInMs,
 ) => {
-  const serverCertificateValidityDurationInDays =
-    serverCertificateValidityDurationInMs / MILLISECONDS_PER_DAY
-
-  if (serverCertificateValidityDurationInDays > 397) {
+  const validityDurationInDays = validityDurationInMs / MILLISECONDS_PER_DAY
+  if (validityDurationInDays > 397) {
     return {
       ok: false,
       maxAllowedValue: MILLISECONDS_PER_DAY * 397,
-      message: `certificate validity duration of ${serverCertificateValidityDurationInMs} days is too much, using the max recommended duration: 397 days`,
+      message: `certificate validity duration of ${validityDurationInMs} days is too much, using the max recommended duration: 397 days`,
       details:
         "https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year",
     }
   }
-
   return { ok: true }
 }