@jsenv/https-local 3.0.0 → 3.0.2

package/README.md

@@ -18,7 +18,8 @@ npm install --save-dev @jsenv/https-local
 
 ```js
 /*
- * This file needs to be executed once. After that the root certificate is valid for 20 years.
+ * This file needs to be executed once.
+ * After that the root certificate is valid for 20 years.
  * Re-executing this file will log the current root certificate validity and trust status.
  * Re-executing this file 20 years later would reinstall a root certificate and re-trust it.
  *
@@ -42,7 +43,7 @@ await verifyHostsFile({
 })
 ```
 
-3 - Run file to install certificate authority with node
+3 - Run with node
 
 ```console
 node ./install_certificate_authority.mjs
@@ -88,14 +89,14 @@ server.listen(8080)
 console.log(`Server listening at https://local.example:8080`)
 ```
 
-5 - Run file to start server with node
+5 - Start server with node
 
 ```console
 node ./start_dev_server.mjs
 ```
 
-At this stage of the documentation you have a server running in https.
-The rest of the documentation goes into details.
+At this stage you have a server running in https.
+The rest of this documentation goes into more details.
 
 # Certificate expiration
 
@@ -104,9 +105,11 @@ The rest of the documentation goes into details.
 | server      | 1 year        | Re-run _requestCertificate_          |
 | authority   | 20 year       | Re-run _installCertificateAuthority_ |
 
-The **server** certificate expires after one year which is the maximum duration allowed by web browsers. In the unlikely scenario where your local server is running for more than a year without interruption, restart it and you're good for one more year.
+The **server certificate** expires after one year which is the maximum duration allowed by web browsers.
+In the unlikely scenario where a local server is running for more than a year without interruption, restart it to re-run requestCertificate.
 
-The **authority** root certificate expires after 20 years which is close to the maximum allowed duration. In the very unlikely scenario where you are using the same machine for more than 20 years, re-execute [installCertificateAuthority](#installCertificateAuthority) to update certificate authority then restart your server.
+The **authority root certificate** expires after 20 years which is close to the maximum allowed duration.
+In the very unlikely scenario where you are using the same machine for more than 20 years, re-execute [installCertificateAuthority](#installCertificateAuthority) to update certificate authority then restart your server.
 
 # installCertificateAuthority
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jsenv/https-local",
-  "version": "3.0.0",
+  "version": "3.0.2",
   "description": "A programmatic way to generate locally trusted certificates",
   "license": "MIT",
   "author": {
@@ -44,28 +44,28 @@
     "verify-localhost-mappings": "node ./scripts/hosts/verify_localhost_mappings.mjs",
     "ensure-localhost-mappings": "node ./scripts/hosts/ensure_localhost_mappings.mjs",
     "prettier": "prettier --write .",
-    "playwright-install": "npx playwright install-deps && npx playwright install"
+    "playwright:install": "npx playwright install-deps && npx playwright install"
   },
   "dependencies": {
-    "@jsenv/filesystem": "4.1.2",
-    "@jsenv/log": "3.1.0",
-    "@jsenv/urls": "1.2.7",
+    "@jsenv/filesystem": "4.1.6",
+    "@jsenv/log": "3.3.2",
+    "@jsenv/urls": "1.2.8",
     "command-exists": "1.2.9",
     "node-forge": "1.3.1",
     "sudo-prompt": "9.2.1",
-    "which": "2.0.2"
+    "which": "3.0.0"
   },
   "devDependencies": {
-    "@jsenv/assert": "2.6.0",
-    "@jsenv/core": "28.0.2",
-    "@jsenv/eslint-config": "16.2.1",
-    "@jsenv/eslint-import-resolver": "0.3.0",
-    "@jsenv/github-release-package": "1.5.0",
-    "@jsenv/package-publish": "1.10.0",
-    "@jsenv/performance-impact": "2.3.0",
-    "eslint": "8.21.0",
+    "@jsenv/assert": "2.8.0",
+    "@jsenv/core": "30.0.0",
+    "@jsenv/eslint-config": "16.2.9",
+    "@jsenv/eslint-import-resolver": "0.4.1",
+    "@jsenv/github-release-package": "1.5.1",
+    "@jsenv/package-publish": "1.10.1",
+    "@jsenv/performance-impact": "4.1.0",
+    "eslint": "8.30.0",
     "eslint-plugin-import": "2.26.0",
-    "playwright": "1.24.2",
-    "prettier": "2.7.1"
+    "playwright": "1.29.1",
+    "prettier": "2.8.1"
   }
 }

package/src/internal/browser_detection.js

@@ -0,0 +1,7 @@
+import { existsSync } from "node:fs"
+
+export const detectBrowser = (pathCandidates) => {
+  return pathCandidates.some((pathCandidate) => {
+    return existsSync(pathCandidate)
+  })
+}

package/src/internal/linux/chrome_linux.js

@@ -1,4 +1,3 @@
-import { existsSync } from "node:fs"
 import { execSync } from "node:child_process"
 import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
 import { UNICODE } from "@jsenv/log"
@@ -35,22 +34,15 @@ export const executeTrustQueryOnChrome = ({
     getCertutilBinPath,
 
     browserName: "chrome",
-    detectBrowser: () => {
-      logger.debug(`Detecting Chrome...`)
-      const chromeBinFileExists = existsSync("/usr/bin/google-chrome")
-
-      if (chromeBinFileExists) {
-        logger.debug(`${UNICODE.OK} Chrome detected`)
-        return true
-      }
-
-      logger.debug(`${UNICODE.INFO} Chrome not detected`)
-      return false
-    },
-    browserNSSDBDirectoryUrl: new URL(
-      ".pki/nssdb",
-      assertAndNormalizeDirectoryUrl(process.env.HOME),
-    ).href,
+    browserPaths: ["/usr/bin/google-chrome"],
+    browserNSSDBDirectoryUrls: [
+      new URL(".pki/nssdb", assertAndNormalizeDirectoryUrl(process.env.HOME)),
+      new URL(
+        "snap/chromium/current/.pki/nssdb",
+        assertAndNormalizeDirectoryUrl(process.env.HOME),
+      ), // Snapcraft
+      "file:///etc/pki/nssdb", // CentOS 7
+    ],
     getBrowserClosedPromise: async () => {
       if (!isChromeOpen()) {
         return

package/src/internal/linux/firefox_linux.js

@@ -1,4 +1,3 @@
-import { existsSync } from "node:fs"
 import { execSync } from "node:child_process"
 import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
 import { UNICODE } from "@jsenv/log"
@@ -35,22 +34,22 @@ export const executeTrustQueryOnFirefox = ({
     getCertutilBinPath,
 
     browserName: "firefox",
-    detectBrowser: () => {
-      logger.debug(`Detecting Firefox...`)
-      const firefoxBinFileExists = existsSync("/usr/bin/firefox")
-
-      if (firefoxBinFileExists) {
-        logger.debug(`${UNICODE.OK} Firefox detected`)
-        return true
-      }
-
-      logger.debug(`${UNICODE.INFO} Firefox not detected`)
-      return false
-    },
-    browserNSSDBDirectoryUrl: new URL(
-      ".mozilla/firefox/",
-      assertAndNormalizeDirectoryUrl(process.env.HOME),
-    ).href,
+    browserPaths: [
+      "/usr/bin/firefox",
+      "/usr/bin/firefox-nightly",
+      "/usr/bin/firefox-developer-edition",
+      "/snap/firefox",
+    ],
+    browserNSSDBDirectoryUrls: [
+      new URL(
+        ".mozilla/firefox/",
+        assertAndNormalizeDirectoryUrl(process.env.HOME),
+      ),
+      new URL(
+        "/snap/firefox/common/.mozilla/firefox/",
+        assertAndNormalizeDirectoryUrl(process.env.HOME),
+      ),
+    ],
     getBrowserClosedPromise: async () => {
       if (!isFirefoxOpen()) {
         return

package/src/internal/mac/firefox_mac.js

@@ -1,4 +1,3 @@
-import { existsSync } from "node:fs"
 import { execSync } from "node:child_process"
 import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
 import { UNICODE, createTaskLog } from "@jsenv/log"
@@ -35,22 +34,18 @@ export const executeTrustQueryOnFirefox = ({
     getCertutilBinPath,
 
     browserName: "firefox",
-    detectBrowser: () => {
-      logger.debug(`Detecting firefox...`)
-      const firefoxDetected = existsSync("/Applications/Firefox.app")
-
-      if (firefoxDetected) {
-        logger.debug(`${UNICODE.OK} firefox detected`)
-        return true
-      }
-
-      logger.debug(`${UNICODE.INFO} firefox not detected`)
-      return false
-    },
-    browserNSSDBDirectoryUrl: new URL(
-      `./Library/Application Support/Firefox/Profiles/`,
-      assertAndNormalizeDirectoryUrl(process.env.HOME),
-    ).href,
+    browserPaths: [
+      "/Applications/Firefox.app",
+      "/Applications/FirefoxDeveloperEdition.app",
+      "/Applications/Firefox Developer Edition.app",
+      "/Applications/Firefox Nightly.app",
+    ],
+    browserNSSDBDirectoryUrls: [
+      new URL(
+        `./Library/Application Support/Firefox/Profiles/`,
+        assertAndNormalizeDirectoryUrl(process.env.HOME),
+      ),
+    ],
     getBrowserClosedPromise: async () => {
       if (!isFirefoxOpen()) {
         return
@@ -78,5 +73,6 @@ export const executeTrustQueryOnFirefox = ({
 }
 
 const isFirefoxOpen = () => {
-  return execSync("ps aux").includes("firefox")
+  const psAux = execSync("ps aux")
+  return psAux.includes("Firefox.app")
 }

package/src/internal/nssdb_browser.js

@@ -9,6 +9,7 @@ import { urlToFilename } from "@jsenv/urls"
 import { createDetailedMessage, UNICODE } from "@jsenv/log"
 import { assertAndNormalizeDirectoryUrl, collectFiles } from "@jsenv/filesystem"
 
+import { detectBrowser } from "./browser_detection.js"
 import { exec } from "./exec.js"
 import { searchCertificateInCommandOutput } from "./search_certificate_in_command_output.js"
 import {
@@ -32,17 +33,21 @@ export const executeTrustQueryOnBrowserNSSDB = async ({
   getCertutilBinPath,
 
   browserName,
-  detectBrowser,
-  browserNSSDBDirectoryUrl,
+  browserPaths,
+  browserNSSDBDirectoryUrls,
   getBrowserClosedPromise,
 }) => {
-  const browserDetected = detectBrowser({ logger })
+  logger.debug(`Detecting ${browserName}...`)
+
+  const browserDetected = detectBrowser(browserPaths)
   if (!browserDetected) {
+    logger.debug(`${UNICODE.INFO} ${browserName} not detected`)
     return {
       status: "other",
       reason: `${browserName} not detected`,
     }
   }
+  logger.debug(`${UNICODE.OK} ${browserName} detected`)
 
   if (verb === VERB_CHECK_TRUST && certificateIsNew) {
     logger.info(`${UNICODE.INFO} You should add certificate to ${browserName}`)
@@ -116,10 +121,17 @@ export const executeTrustQueryOnBrowserNSSDB = async ({
     }
   }
 
-  const NSSDBFiles = await findNSSDBFiles({
-    logger,
-    NSSDBDirectoryUrl: browserNSSDBDirectoryUrl,
-  })
+  let NSSDBFiles
+  for (const browserNSSDBDirectoryUrl of browserNSSDBDirectoryUrls) {
+    NSSDBFiles = await findNSSDBFiles({
+      logger,
+      NSSDBDirectoryUrl: browserNSSDBDirectoryUrl,
+    })
+    if (NSSDBFiles.length > 0) {
+      break
+    }
+  }
+
   const fileCount = NSSDBFiles.length
   if (fileCount === 0) {
     const reason = `could not find nss database file`
@@ -281,6 +293,7 @@ const isCertificateNotFoundError = (error) => {
 
 const NSSDirectoryCache = {}
 const findNSSDBFiles = async ({ logger, NSSDBDirectoryUrl }) => {
+  NSSDBDirectoryUrl = String(NSSDBDirectoryUrl)
   const resultFromCache = NSSDirectoryCache[NSSDBDirectoryUrl]
   if (resultFromCache) {
     return resultFromCache

package/src/main.js

@@ -2,6 +2,10 @@
  * This file is the first file executed by code using the package
  * Its responsability is to export what is documented
  * Ideally this file should be kept simple to help discovering codebase progressively.
+ *
+ * see also
+ * - https://github.com/davewasmer/devcert
+ * - https://github.com/FiloSottile/mkcert
  */
 
 export {