npm - portless - Versions diffs - 0.9.4 → 0.9.5 - Mend

portless 0.9.4 → 0.9.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +1 -1
package/dist/{chunk-63BOQNMU.js → chunk-D3LR3J7L.js} +18 -3
package/dist/cli.js +24 -11
package/dist/index.d.ts +11 -3
package/dist/index.js +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -166,7 +166,7 @@ portless proxy stop              # Stop the proxy
 --tld <tld>                      Use a custom TLD instead of .localhost (e.g. test)
 --wildcard                       Allow unregistered subdomains to fall back to parent route
 --app-port <number>              Use a fixed port for the app (skip auto-assignment)
---force                          Override a route registered by another process
+--force                          Kill the existing process and take over its route
 --name <name>                    Use <name> as the app name
 ```

package/dist/{chunk-63BOQNMU.js → chunk-D3LR3J7L.js} RENAMED Viewed

@@ -505,7 +505,7 @@ function createProxyServer(options) {
   };
   if (tls) {
     const h2Server = http2.createSecureServer({
-      cert: tls.cert,
+      cert: tls.ca ? Buffer.concat([tls.cert, tls.ca]) : tls.cert,
       key: tls.key,
       allowHTTP1: true,
       ...tls.SNICallback ? { SNICallback: tls.SNICallback } : {}
@@ -1297,16 +1297,30 @@ var RouteStore = class _RouteStore {
     fs4.writeFileSync(this.routesPath, JSON.stringify(routes, null, 2), { mode: this.fileMode });
     fixOwnership(this.routesPath);
   }
+  /**
+   * Register a route. When `force` is true and the hostname is already claimed
+   * by another live process, that process is sent SIGTERM before the route is
+   * replaced. Returns the PID of the killed process (if any) so the caller can
+   * log it.
+   */
   addRoute(hostname, port, pid, force = false) {
     this.ensureDir();
     if (!this.acquireLock()) {
       throw new Error("Failed to acquire route lock");
     }
+    let killedPid;
     try {
       const routes = this.loadRoutes(true);
       const existing = routes.find((r) => r.hostname === hostname);
-      if (existing && existing.pid !== pid && this.isProcessAlive(existing.pid) && !force) {
-        throw new RouteConflictError(hostname, existing.pid);
+      if (existing && existing.pid !== pid && this.isProcessAlive(existing.pid)) {
+        if (!force) {
+          throw new RouteConflictError(hostname, existing.pid);
+        }
+        try {
+          process.kill(existing.pid, "SIGTERM");
+          killedPid = existing.pid;
+        } catch {
+        }
       }
       const filtered = routes.filter((r) => r.hostname !== hostname);
       filtered.push({ hostname, port, pid });
@@ -1314,6 +1328,7 @@ var RouteStore = class _RouteStore {
     } finally {
       this.releaseLock();
     }
+    return killedPid;
   }
   removeRoute(hostname) {
     this.ensureDir();

package/dist/cli.js CHANGED Viewed

@@ -35,7 +35,7 @@ import {
   waitForProxy,
   writeTldFile,
   writeTlsMarker
-} from "./chunk-63BOQNMU.js";
+} from "./chunk-D3LR3J7L.js";
 // src/colors.ts
 function supportsColor() {
@@ -471,10 +471,13 @@ async function generateHostCertAsync(stateDir, hostname) {
   fixOwnership(keyPath, certPath);
   return { certPath, keyPath };
 }
-function createSNICallback(stateDir, defaultCert, defaultKey, tld = "localhost") {
+function createSNICallback(stateDir, defaultCert, defaultKey, tld = "localhost", caCert) {
   const cache = /* @__PURE__ */ new Map();
   const pending = /* @__PURE__ */ new Map();
-  const defaultCtx = tls.createSecureContext({ cert: defaultCert, key: defaultKey });
+  const defaultCtx = tls.createSecureContext({
+    cert: caCert ? Buffer.concat([defaultCert, caCert]) : defaultCert,
+    key: defaultKey
+  });
   return (servername, cb) => {
     if (servername === tld) {
       cb(null, defaultCtx);
@@ -490,8 +493,9 @@ function createSNICallback(stateDir, defaultCert, defaultKey, tld = "localhost")
     const keyPath = path.join(hostDir, `${safeName}-key.pem`);
     if (fileExists(certPath) && fileExists(keyPath) && isCertValid(certPath) && isCertSignatureStrong(certPath)) {
       try {
+        const hostCert = fs.readFileSync(certPath);
         const ctx = tls.createSecureContext({
-          cert: fs.readFileSync(certPath),
+          cert: caCert ? Buffer.concat([hostCert, caCert]) : hostCert,
           key: fs.readFileSync(keyPath)
         });
         cache.set(servername, ctx);
@@ -505,11 +509,14 @@ function createSNICallback(stateDir, defaultCert, defaultKey, tld = "localhost")
       return;
     }
     const promise = generateHostCertAsync(stateDir, servername).then(async (generated) => {
-      const [cert, key] = await Promise.all([
+      const [hostCert, key] = await Promise.all([
         fs.promises.readFile(generated.certPath),
         fs.promises.readFile(generated.keyPath)
       ]);
-      return tls.createSecureContext({ cert, key });
+      return tls.createSecureContext({
+        cert: caCert ? Buffer.concat([hostCert, caCert]) : hostCert,
+        key
+      });
     });
     pending.set(servername, promise);
     promise.then((ctx) => {
@@ -1157,8 +1164,9 @@ portless
   } else {
     console.log(colors_default.green(`-- Using port ${port}`));
   }
+  let killedPid;
   try {
-    store.addRoute(hostname, port, process.pid, force);
+    killedPid = store.addRoute(hostname, port, process.pid, force);
   } catch (err) {
     if (err instanceof RouteConflictError) {
       console.error(colors_default.red(`Error: ${err.message}`));
@@ -1166,6 +1174,9 @@ portless
     }
     throw err;
   }
+  if (killedPid !== void 0) {
+    console.log(colors_default.yellow(`Killed existing process (PID ${killedPid})`));
+  }
   const finalUrl = formatUrl(hostname, proxyPort, tls2);
   console.log(colors_default.cyan.bold(`
   -> ${finalUrl}
@@ -1233,7 +1244,7 @@ ${colors_default.bold("Usage:")}
 ${colors_default.bold("Options:")}
   --name <name>          Override the inferred base name (worktree prefix still applies)
-  --force                Override an existing route registered by another process
+  --force                Kill the existing process and take over its route
   --app-port <number>    Use a fixed port for the app (skip auto-assignment)
   --help, -h             Show this help
@@ -1388,7 +1399,7 @@ ${colors_default.bold("Options:")}
   --tld <tld>                   Use a custom TLD instead of .localhost (e.g. test, dev)
   --wildcard                    Allow unregistered subdomains to fall back to parent route
   --app-port <number>           Use a fixed port for the app (skip auto-assignment)
-  --force                       Override an existing route registered by another process
+  --force                       Kill the existing process and take over its route
   --name <name>                 Use <name> as the app name (bypasses subcommand dispatch)
   --                            Stop flag parsing; everything after is passed to the child
@@ -1427,7 +1438,7 @@ ${colors_default.bold("Reserved names:")}
   process.exit(0);
 }
 function printVersion() {
-  console.log("0.9.4");
+  console.log("0.9.5");
   process.exit(0);
 }
 async function handleTrust() {
@@ -1954,10 +1965,12 @@ ${colors_default.bold("Usage:")}
       }
       const cert = fs3.readFileSync(certs.certPath);
       const key = fs3.readFileSync(certs.keyPath);
+      const ca = fs3.readFileSync(certs.caPath);
       tlsOptions = {
         cert,
         key,
-        SNICallback: createSNICallback(stateDir, cert, key, tld)
+        ca,
+        SNICallback: createSNICallback(stateDir, cert, key, tld, ca)
       };
     }
   }

package/dist/index.d.ts CHANGED Viewed

@@ -26,6 +26,8 @@ interface ProxyServerOptions {
     tls?: {
         cert: Buffer;
         key: Buffer;
+        /** CA certificate to include in the chain so clients can verify the leaf. */
+        ca?: Buffer;
         /** SNI callback for per-hostname certificate selection. */
         SNICallback?: (servername: string, cb: (err: Error | null, ctx?: node_tls.SecureContext) => void) => void;
     };
@@ -65,8 +67,8 @@ interface RouteMapping extends RouteInfo {
     pid: number;
 }
 /**
- * Thrown when a route is already registered by a live process and --force
- * was not specified.
+ * Thrown when a route is already registered by a live process and --force was
+ * not specified. With --force, the existing process is killed instead.
  */
 declare class RouteConflictError extends Error {
     readonly hostname: string;
@@ -106,7 +108,13 @@ declare class RouteStore {
      */
     loadRoutes(persistCleanup?: boolean): RouteMapping[];
     private saveRoutes;
-    addRoute(hostname: string, port: number, pid: number, force?: boolean): void;
+    /**
+     * Register a route. When `force` is true and the hostname is already claimed
+     * by another live process, that process is sent SIGTERM before the route is
+     * replaced. Returns the PID of the killed process (if any) so the caller can
+     * log it.
+     */
+    addRoute(hostname: string, port: number, pid: number, force?: boolean): number | undefined;
     removeRoute(hostname: string): void;
 }

package/dist/index.js CHANGED Viewed

@@ -20,7 +20,7 @@ import {
   parseHostname,
   removeBlock,
   syncHostsFile
-} from "./chunk-63BOQNMU.js";
+} from "./chunk-D3LR3J7L.js";
 export {
   DIR_MODE,
   FILE_MODE,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "portless",
-  "version": "0.9.4",
+  "version": "0.9.5",
   "description": "Replace port numbers with stable, named .localhost URLs. For humans and agents.",
   "type": "module",
   "main": "./dist/index.js",