@jsenv/https-local 3.0.6 → 3.1.0

package/src/internal/linux/firefox_linux.js

@@ -1,14 +1,13 @@
-import { execSync } from "node:child_process"
-import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
-import { UNICODE } from "@jsenv/log"
-
-import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js"
+import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem";
+import { UNICODE } from "@jsenv/humanize";
+import { execSync } from "node:child_process";
+import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js";
 import {
-  nssCommandName,
   detectIfNSSIsInstalled,
-  getNSSDynamicInstallInfo,
   getCertutilBinPath,
-} from "./nss_linux.js"
+  getNSSDynamicInstallInfo,
+  nssCommandName,
+} from "./nss_linux.js";
 
 export const executeTrustQueryOnFirefox = ({
   logger,
@@ -45,6 +44,10 @@ export const executeTrustQueryOnFirefox = ({
         ".mozilla/firefox/",
         assertAndNormalizeDirectoryUrl(process.env.HOME),
       ),
+      new URL(
+        "/.mozilla/firefox-trunk/",
+        assertAndNormalizeDirectoryUrl(process.env.HOME),
+      ),
       new URL(
         "/snap/firefox/common/.mozilla/firefox/",
         assertAndNormalizeDirectoryUrl(process.env.HOME),
@@ -52,29 +55,29 @@ export const executeTrustQueryOnFirefox = ({
     ],
     getBrowserClosedPromise: async () => {
       if (!isFirefoxOpen()) {
-        return
+        return;
       }
 
       logger.warn(
         `${UNICODE.WARNING} waiting for you to close Firefox before resuming...`,
-      )
+      );
       const next = async () => {
-        await new Promise((resolve) => setTimeout(resolve, 50))
+        await new Promise((resolve) => setTimeout(resolve, 50));
         if (isFirefoxOpen()) {
-          await next()
+          await next();
         } else {
-          logger.info(`${UNICODE.OK} Firefox closed, resuming`)
+          logger.info(`${UNICODE.OK} Firefox closed, resuming`);
           // wait 50ms more to ensure firefox has time to cleanup
           // othrwise sometimes there is an SEC_ERROR_REUSED_ISSUER_AND_SERIAL error
           // because we updated nss database file while firefox is not fully closed
-          await new Promise((resolve) => setTimeout(resolve, 50))
+          await new Promise((resolve) => setTimeout(resolve, 50));
         }
-      }
-      await next()
+      };
+      await next();
     },
-  })
-}
+  });
+};
 
 const isFirefoxOpen = () => {
-  return execSync("ps aux").includes("firefox")
-}
+  return execSync("ps aux").includes("firefox");
+};

package/src/internal/linux/linux.js

@@ -1,6 +1,6 @@
-import { executeTrustQueryOnLinux } from "./linux_trust_store.js"
-import { executeTrustQueryOnChrome } from "./chrome_linux.js"
-import { executeTrustQueryOnFirefox } from "./firefox_linux.js"
+import { executeTrustQueryOnChrome } from "./chrome_linux.js";
+import { executeTrustQueryOnFirefox } from "./firefox_linux.js";
+import { executeTrustQueryOnLinux } from "./linux_trust_store.js";
 
 export const executeTrustQuery = async ({
   logger,
@@ -18,7 +18,7 @@ export const executeTrustQuery = async ({
     certificateIsNew,
     certificate,
     verb,
-  })
+  });
 
   const chromeTrustInfo = await executeTrustQueryOnChrome({
     logger,
@@ -28,7 +28,7 @@ export const executeTrustQuery = async ({
     certificate,
     verb,
     NSSDynamicInstall,
-  })
+  });
 
   const firefoxTrustInfo = await executeTrustQueryOnFirefox({
     logger,
@@ -38,11 +38,11 @@ export const executeTrustQuery = async ({
     certificate,
     verb,
     NSSDynamicInstall,
-  })
+  });
 
   return {
     linux: linuxTrustInfo,
     chrome: chromeTrustInfo,
     firefox: firefoxTrustInfo,
-  }
-}
+  };
+};

package/src/internal/linux/linux_trust_store.js

@@ -2,34 +2,33 @@
  * see https://github.com/davewasmer/devcert/blob/master/src/platforms/linux.ts
  */
 
-import { existsSync } from "node:fs"
-import { fileURLToPath } from "node:url"
-import { readFile } from "@jsenv/filesystem"
-import { createDetailedMessage, UNICODE } from "@jsenv/log"
-
+import { readFile } from "@jsenv/filesystem";
+import { createDetailedMessage, UNICODE } from "@jsenv/humanize";
+import { existsSync } from "node:fs";
+import { fileURLToPath } from "node:url";
+import { exec } from "../exec.js";
 import {
-  VERB_CHECK_TRUST,
   VERB_ADD_TRUST,
+  VERB_CHECK_TRUST,
   VERB_ENSURE_TRUST,
   VERB_REMOVE_TRUST,
-} from "../trust_query.js"
-import { exec } from "../exec.js"
+} from "../trust_query.js";
 
 const REASON_NEW_AND_TRY_TO_TRUST_DISABLED =
-  "certificate is new and tryToTrust is disabled"
-const REASON_NOT_FOUND_IN_LINUX = `not found in linux store`
-const REASON_OUTDATED_IN_LINUX = "certificate in linux store is outdated"
-const REASON_FOUND_IN_LINUX = "found in linux store"
-const REASON_ADD_COMMAND_FAILED = "command to add certificate to linux failed"
+  "certificate is new and tryToTrust is disabled";
+const REASON_NOT_FOUND_IN_LINUX = `not found in linux store`;
+const REASON_OUTDATED_IN_LINUX = "certificate in linux store is outdated";
+const REASON_FOUND_IN_LINUX = "found in linux store";
+const REASON_ADD_COMMAND_FAILED = "command to add certificate to linux failed";
 const REASON_ADD_COMMAND_COMPLETED =
-  "command to add certificate to linux completed"
+  "command to add certificate to linux completed";
 const REASON_REMOVE_COMMAND_FAILED =
-  "command to remove certificate from linux failed"
+  "command to remove certificate from linux failed";
 const REASON_REMOVE_COMMAND_COMPLETED =
-  "command to remove certificate from linux completed"
+  "command to remove certificate from linux completed";
 
-const LINUX_CERTIFICATE_AUTHORITIES_DIRECTORY_PATH = `/usr/local/share/ca-certificates/`
-const JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH = `${LINUX_CERTIFICATE_AUTHORITIES_DIRECTORY_PATH}https_local_root_certificate.crt`
+const LINUX_CERTIFICATE_AUTHORITIES_DIRECTORY_PATH = `/usr/local/share/ca-certificates/`;
+const JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH = `${LINUX_CERTIFICATE_AUTHORITIES_DIRECTORY_PATH}https_local_root_certificate.crt`;
 
 export const executeTrustQueryOnLinux = async ({
   logger,
@@ -40,25 +39,25 @@ export const executeTrustQueryOnLinux = async ({
   verb,
 }) => {
   if (verb === VERB_CHECK_TRUST && certificateIsNew) {
-    logger.info(`${UNICODE.INFO} You should add certificate to linux`)
+    logger.info(`${UNICODE.INFO} You should add certificate to linux`);
     return {
       status: "not_trusted",
       reason: REASON_NEW_AND_TRY_TO_TRUST_DISABLED,
-    }
+    };
   }
 
-  logger.info(`Check if certificate is in linux...`)
+  logger.info(`Check if certificate is in linux...`);
   logger.debug(
     `Searching certificate file at ${JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH}...`,
-  )
-  const certificateFilePath = fileURLToPath(certificateFileUrl)
-  const certificateStatus = await getCertificateStatus({ certificate })
+  );
+  const certificateFilePath = fileURLToPath(certificateFileUrl);
+  const certificateStatus = await getCertificateStatus({ certificate });
 
   if (certificateStatus === "missing" || certificateStatus === "outdated") {
     if (certificateStatus === "missing") {
-      logger.info(`${UNICODE.INFO} certificate not in linux`)
+      logger.info(`${UNICODE.INFO} certificate not in linux`);
     } else {
-      logger.info(`${UNICODE.INFO} certificate in linux is outdated`)
+      logger.info(`${UNICODE.INFO} certificate in linux is outdated`);
     }
     if (verb === VERB_CHECK_TRUST || verb === VERB_REMOVE_TRUST) {
       return {
@@ -67,24 +66,24 @@ export const executeTrustQueryOnLinux = async ({
           certificateStatus === "missing"
             ? REASON_NOT_FOUND_IN_LINUX
             : REASON_OUTDATED_IN_LINUX,
-      }
+      };
     }
 
-    const copyCertificateCommand = `sudo /bin/cp -f "${certificateFilePath}" ${JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH}`
-    const updateCertificateCommand = `sudo update-ca-certificates`
-    logger.info(`Adding certificate to linux...`)
+    const copyCertificateCommand = `sudo /bin/cp -f "${certificateFilePath}" ${JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH}`;
+    const updateCertificateCommand = `sudo update-ca-certificates`;
+    logger.info(`Adding certificate to linux...`);
     try {
-      logger.info(`${UNICODE.COMMAND} ${copyCertificateCommand}`)
-      await exec(copyCertificateCommand)
-      logger.info(`${UNICODE.COMMAND} ${updateCertificateCommand}`)
-      await exec(updateCertificateCommand)
-      logger.info(`${UNICODE.OK} certificate added to linux`)
+      logger.info(`${UNICODE.COMMAND} ${copyCertificateCommand}`);
+      await exec(copyCertificateCommand);
+      logger.info(`${UNICODE.COMMAND} ${updateCertificateCommand}`);
+      await exec(updateCertificateCommand);
+      logger.info(`${UNICODE.OK} certificate added to linux`);
       return {
         status: "trusted",
         reason: REASON_ADD_COMMAND_COMPLETED,
-      }
+      };
     } catch (e) {
-      console.error(e)
+      console.error(e);
       logger.error(
         createDetailedMessage(
           `${UNICODE.FAILURE} failed to add certificate to linux`,
@@ -92,15 +91,15 @@ export const executeTrustQueryOnLinux = async ({
             "certificate file": certificateFilePath,
           },
         ),
-      )
+      );
       return {
         status: "not_trusted",
         reason: REASON_ADD_COMMAND_FAILED,
-      }
+      };
     }
   }
 
-  logger.info(`${UNICODE.OK} certificate found in linux`)
+  logger.info(`${UNICODE.OK} certificate found in linux`);
   if (
     verb === VERB_CHECK_TRUST ||
     verb === VERB_ADD_TRUST ||
@@ -109,22 +108,22 @@ export const executeTrustQueryOnLinux = async ({
     return {
       status: "trusted",
       reason: REASON_FOUND_IN_LINUX,
-    }
+    };
   }
 
-  logger.info(`Removing certificate from linux...`)
-  const removeCertificateCommand = `sudo rm ${JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH}`
-  const updateCertificateCommand = `sudo update-ca-certificates`
+  logger.info(`Removing certificate from linux...`);
+  const removeCertificateCommand = `sudo rm ${JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH}`;
+  const updateCertificateCommand = `sudo update-ca-certificates`;
   try {
-    logger.info(`${UNICODE.COMMAND} ${removeCertificateCommand}`)
-    await exec(removeCertificateCommand)
-    logger.info(`${UNICODE.COMMAND} ${updateCertificateCommand}`)
-    await exec(updateCertificateCommand)
-    logger.info(`${UNICODE.OK} certificate removed from linux`)
+    logger.info(`${UNICODE.COMMAND} ${removeCertificateCommand}`);
+    await exec(removeCertificateCommand);
+    logger.info(`${UNICODE.COMMAND} ${updateCertificateCommand}`);
+    await exec(updateCertificateCommand);
+    logger.info(`${UNICODE.OK} certificate removed from linux`);
     return {
       status: "not_trusted",
       reason: REASON_REMOVE_COMMAND_COMPLETED,
-    }
+    };
   } catch (e) {
     logger.error(
       createDetailedMessage(
@@ -134,25 +133,25 @@ export const executeTrustQueryOnLinux = async ({
           "certificate file": JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH,
         },
       ),
-    )
+    );
     return {
       status: "unknown",
       reason: REASON_REMOVE_COMMAND_FAILED,
-    }
+    };
   }
-}
+};
 
 const getCertificateStatus = async ({ certificate }) => {
-  const certificateInStore = existsSync(JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH)
+  const certificateInStore = existsSync(JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH);
   if (!certificateInStore) {
-    return "missing"
+    return "missing";
   }
   const certificateInLinuxStore = await readFile(
     JSENV_AUTHORITY_ROOT_CERTIFICATE_PATH,
     { as: "string" },
-  )
+  );
   if (certificateInLinuxStore !== certificate) {
-    return "outdated"
+    return "outdated";
   }
-  return "found"
-}
+  return "found";
+};

package/src/internal/linux/nss_linux.js

@@ -1,38 +1,39 @@
-import { UNICODE } from "@jsenv/log"
+// https://github.com/FiloSottile/mkcert/issues/447
 
-import { memoize } from "../memoize.js"
-import { exec } from "../exec.js"
+import { UNICODE } from "@jsenv/humanize";
+import { exec } from "../exec.js";
+import { memoize } from "../memoize.js";
 
-export const nssCommandName = "libnss3-tools"
+export const nssCommandName = "libnss3-tools";
 
 export const detectIfNSSIsInstalled = memoize(async ({ logger }) => {
-  logger.debug(`Detect if nss installed....`)
+  logger.debug(`Detect if nss installed....`);
 
-  const aptCommand = `apt list libnss3-tools --installed`
-  logger.debug(`${UNICODE.COMMAND} ${aptCommand}`)
-  const aptCommandOutput = await exec(aptCommand)
+  const aptCommand = `apt list libnss3-tools --installed`;
+  logger.debug(`${UNICODE.COMMAND} ${aptCommand}`);
+  const aptCommandOutput = await exec(aptCommand);
 
   if (aptCommandOutput.includes("libnss3-tools")) {
-    logger.debug(`${UNICODE.OK} libnss3-tools is installed`)
-    return true
+    logger.debug(`${UNICODE.OK} libnss3-tools is installed`);
+    return true;
   }
 
-  logger.debug(`${UNICODE.INFO} libnss3-tools not installed`)
-  return false
-})
+  logger.debug(`${UNICODE.INFO} libnss3-tools not installed`);
+  return false;
+});
 
-export const getCertutilBinPath = () => "certutil"
+export const getCertutilBinPath = () => "certutil";
 
 export const getNSSDynamicInstallInfo = ({ logger }) => {
   return {
     isInstallable: true,
     install: async () => {
-      const aptInstallCommand = `sudo apt install libnss3-tools`
+      const aptInstallCommand = `sudo apt install libnss3-tools`;
       logger.info(
         `"libnss3-tools" is not installed, trying to install "libnss3-tools"`,
-      )
-      logger.info(`${UNICODE.COMMAND} ${aptInstallCommand}`)
-      await exec(aptInstallCommand)
+      );
+      logger.info(`${UNICODE.COMMAND} ${aptInstallCommand}`);
+      await exec(aptInstallCommand);
     },
-  }
-}
+  };
+};

package/src/internal/mac/chrome_mac.js

@@ -1,34 +1,33 @@
-import { existsSync } from "node:fs"
-import { UNICODE } from "@jsenv/log"
+import { UNICODE } from "@jsenv/humanize";
+import { existsSync } from "node:fs";
+import { memoize } from "../memoize.js";
 
-import { memoize } from "../memoize.js"
-
-const REASON_CHROME_NOT_DETECTED = `Chrome not detected`
+const REASON_CHROME_NOT_DETECTED = `Chrome not detected`;
 
 export const executeTrustQueryOnChrome = ({ logger, macTrustInfo }) => {
-  const chromeDetected = detectChrome({ logger })
+  const chromeDetected = detectChrome({ logger });
   if (!chromeDetected) {
     return {
       status: "other",
       reason: REASON_CHROME_NOT_DETECTED,
-    }
+    };
   }
 
   return {
     status: macTrustInfo.status,
     reason: macTrustInfo.reason,
-  }
-}
+  };
+};
 
 const detectChrome = memoize(({ logger }) => {
-  logger.debug(`Detecting Chrome...`)
-  const chromeDetected = existsSync("/Applications/Google Chrome.app")
+  logger.debug(`Detecting Chrome...`);
+  const chromeDetected = existsSync("/Applications/Google Chrome.app");
 
   if (chromeDetected) {
-    logger.debug(`${UNICODE.OK} Chrome detected`)
-    return true
+    logger.debug(`${UNICODE.OK} Chrome detected`);
+    return true;
   }
 
-  logger.debug(`${UNICODE.INFO} Chrome not detected`)
-  return false
-})
+  logger.debug(`${UNICODE.INFO} Chrome not detected`);
+  return false;
+});

package/src/internal/mac/firefox_mac.js

@@ -1,14 +1,13 @@
-import { execSync } from "node:child_process"
-import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
-import { UNICODE, createTaskLog } from "@jsenv/log"
-
-import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js"
+import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem";
+import { UNICODE, createTaskLog } from "@jsenv/humanize";
+import { execSync } from "node:child_process";
+import { executeTrustQueryOnBrowserNSSDB } from "../nssdb_browser.js";
 import {
-  nssCommandName,
   detectIfNSSIsInstalled,
   getCertutilBinPath,
   getNSSDynamicInstallInfo,
-} from "./nss_mac.js"
+  nssCommandName,
+} from "./nss_mac.js";
 
 export const executeTrustQueryOnFirefox = ({
   logger,
@@ -48,31 +47,31 @@ export const executeTrustQueryOnFirefox = ({
     ],
     getBrowserClosedPromise: async () => {
       if (!isFirefoxOpen()) {
-        return
+        return;
       }
 
       logger.warn(
         `${UNICODE.WARNING} firefox is running, it must be stopped before resuming...`,
-      )
-      const closeFirefoxTask = createTaskLog("waiting for firefox to close")
+      );
+      const closeFirefoxTask = createTaskLog("waiting for firefox to close");
       const next = async () => {
-        await new Promise((resolve) => setTimeout(resolve, 50))
+        await new Promise((resolve) => setTimeout(resolve, 50));
         if (isFirefoxOpen()) {
-          await next()
+          await next();
         } else {
-          closeFirefoxTask.done()
+          closeFirefoxTask.done();
           // wait 50ms more to ensure firefox has time to cleanup
           // othrwise sometimes there is an SEC_ERROR_REUSED_ISSUER_AND_SERIAL error
           // because we updated nss database file while firefox is not fully closed
-          await new Promise((resolve) => setTimeout(resolve, 50))
+          await new Promise((resolve) => setTimeout(resolve, 50));
         }
-      }
-      await next()
+      };
+      await next();
     },
-  })
-}
+  });
+};
 
 const isFirefoxOpen = () => {
-  const psAux = execSync("ps aux")
-  return psAux.includes("Firefox.app")
-}
+  const psAux = execSync("ps aux");
+  return psAux.includes("Firefox.app");
+};

package/src/internal/mac/mac.js

@@ -4,10 +4,10 @@
  * - https://www.unix.com/man-page/mojave/1/security/
  */
 
-import { executeTrustQueryOnMacKeychain } from "./mac_keychain.js"
-import { executeTrustQueryOnChrome } from "./chrome_mac.js"
-import { executeTrustQueryOnFirefox } from "./firefox_mac.js"
-import { executeTrustQueryOnSafari } from "./safari.js"
+import { executeTrustQueryOnChrome } from "./chrome_mac.js";
+import { executeTrustQueryOnFirefox } from "./firefox_mac.js";
+import { executeTrustQueryOnMacKeychain } from "./mac_keychain.js";
+import { executeTrustQueryOnSafari } from "./safari.js";
 
 export const executeTrustQuery = async ({
   logger,
@@ -25,13 +25,13 @@ export const executeTrustQuery = async ({
     certificateIsNew,
     certificate,
     verb,
-  })
+  });
 
   const chromeTrustInfo = await executeTrustQueryOnChrome({
     logger,
     // chrome needs macTrustInfo because it uses OS trust store
     macTrustInfo,
-  })
+  });
 
   const firefoxTrustInfo = await executeTrustQueryOnFirefox({
     logger,
@@ -41,18 +41,18 @@ export const executeTrustQuery = async ({
     certificate,
     verb,
     NSSDynamicInstall,
-  })
+  });
 
   const safariTrustInfo = await executeTrustQueryOnSafari({
     logger,
     // safari needs macTrustInfo because it uses OS trust store
     macTrustInfo,
-  })
+  });
 
   return {
     mac: macTrustInfo,
     chrome: chromeTrustInfo,
     firefox: firefoxTrustInfo,
     safari: safariTrustInfo,
-  }
-}
+  };
+};