Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@small-tech/auto-encrypt-localhost
Advanced tools
@small-tech/auto-encrypt-localhost - npm Package Compare versions
Comparing version 5.2.2 to 5.3.0
@@ -8,2 +8,9 @@ # Changelog | ||
| ## [5.3.0] - 2020-07-07 | ||
| ### Added | ||
| - Serves the local root certificate authority’s public key at route /.ca (you can hit this route from a device like an iPhone on your local area network to install the key and trust it on your device to test your local server with that device over your local area network). | ||
| - Redirects HTTP to HTTPS (#13). | ||
| ## [5.2.2] - 2020-07-06 | ||
@@ -10,0 +17,0 @@ |
32
index.js
@@ -18,2 +18,3 @@ /** | ||
| const installCertutil = require('./lib/installCertutil') | ||
| const HttpServer = require('./lib/HttpServer') | ||
| const { log } = require('./lib/util/log') | ||
@@ -73,2 +74,4 @@ | ||
| this.settingsPath = settingsPath | ||
| // Get a path to the mkcert binary for this machine. | ||
@@ -141,2 +144,31 @@ const mkcertBinary = mkcertBinaryForThisMachine(settingsPath) | ||
| const server = https.createServer(options, listener) | ||
| // | ||
| // Monkey-patch the server. | ||
| // | ||
| server.__autoEncryptLocalhost__self = this | ||
| // Monkey-patch the server’s listen method so that we can start up the HTTP | ||
| // Server at the same time. | ||
| server.__autoEncryptLocalhost__originalListen = server.listen | ||
| server.listen = function(...args) { | ||
| // Start the HTTP server. | ||
| HttpServer.getSharedInstance(settingsPath).then(() => { | ||
| // Start the HTTPS server. | ||
| return this.__autoEncryptLocalhost__originalListen.apply(this, args) | ||
| }) | ||
| } | ||
| // Monkey-patch the server’s close method so that we can perform clean-up and | ||
| // shut down the HTTP server transparently when server.close() is called. | ||
| server.__autoEncryptLocalhost__originalClose = server.close | ||
| server.close = function (...args) { | ||
| // Shut down the HTTP server. | ||
| HttpServer.destroySharedInstance().then(() => { | ||
| // Shut down the HTTPS server. | ||
| return this.__autoEncryptLocalhost__originalClose.apply(this, args) | ||
| }) | ||
| } | ||
| return server | ||
@@ -143,0 +175,0 @@ } |
| { | ||
| "name": "@small-tech/auto-encrypt-localhost", | ||
| "version": "5.2.2", | ||
| "version": "5.3.0", | ||
| "description": "Automatically provisions and installs locally-trusted TLS certificates for Node.js https servers (including Express.js, etc.) using mkcert.", | ||
@@ -46,3 +46,5 @@ "keywords": [ | ||
| "dependencies": { | ||
| "encodeurl": "^1.0.2", | ||
| "fs-extra": "^8.1.0", | ||
| "server-destroy": "^1.0.1", | ||
| "syswide-cas": "^5.3.0" | ||
@@ -49,0 +51,0 @@ }, |
@@ -36,2 +36,4 @@ # Auto Encrypt Localhost | ||
| (You can find this example in the _example/_ folder in the source code. Run it by typing `node example`.) | ||
| ```js | ||
@@ -61,8 +63,18 @@ // Create an https server using locally-trusted certificates. | ||
| To access your local machine from a different device on your local area network, you must transfer the public key of your generated local root certificate authority to that device and install and trust it. By default, once you’ve created your first server, you can find the key at `~/.small-tech/auto-encrypt-localhost/rootCA.pem`. For more details, please refer to [the relevant section in the mkcert documentation](https://github.com/FiloSottile/mkcert#mobile-devices). | ||
| ### Accessing your local machine from other devices on your local area network | ||
| To access your local machine from a different device on your local area network, you must transfer the public key of your generated local root certificate authority to that device and install and trust it. | ||
| For example, hit the `/.ca` route on the external IPv4 address of your local machine from your iPhone. e.g., if your local machine is reachable via 192.168.2.42 on your local area network, going to the following addres will prompt you to install the public key (‘profile‘) on your iPhone. You will still have to go to Settings → General → About → : | ||
| ``` | ||
| http://192.168.2.42/.ca | ||
| ``` | ||
| You can also tranfer your key manually. You can find the key at `~/.small-tech/auto-encrypt-localhost/rootCA.pem` after you’ve created at least one server. For more details on transferring your key to other devices, please refer to [the relevant section in the mkcert documentation](https://github.com/FiloSottile/mkcert#mobile-devices). | ||
| ### A note on privileged ports on Linux | ||
| Note that on Linux, ports 80 and 443 require special privileges. Please see [A note on Linux and the security farce that is “privileged ports”](#a-note-on-linux-and-the-security-farce-that-is-priviliged-ports). If you just need a Node web server that handles all that and more for you (or to see how to implement privilege escalation seamlessly in your own servers, see [Site.js](https://sitejs.org)). | ||
| You can find this example in the _example/_ folder in the source code. Run it by typing `node example`. | ||
| ## Configuration | ||
@@ -69,0 +81,0 @@ |
@@ -8,3 +8,4 @@ const os = require('os') | ||
| const getHttpsString = bent('GET', 'string') | ||
| const downloadString = bent('GET', 'string') | ||
| const downloadBuffer = bent('GET', 'buffer') | ||
@@ -53,3 +54,3 @@ async function asyncForEach(array, callback) { | ||
| const response = await getHttpsString('https://localhost') | ||
| const response = await downloadString('https://localhost') | ||
@@ -67,6 +68,12 @@ t.strictEquals(response, 'ok', 'Response from server is as expected for access via localhost.') | ||
| await asyncForEach(localIPv4Addresses, async localIPv4Address => { | ||
| const response = await getHttpsString(`https://${localIPv4Address}`) | ||
| const response = await downloadString(`https://${localIPv4Address}`) | ||
| t.strictEquals(response, 'ok', `Response from server is as expected for access via ${localIPv4Address}`) | ||
| }) | ||
| // Test downloading the local root certificate authority public key via /.ca route. | ||
| const downloadedRootCABuffer = await downloadBuffer('http://localhost/.ca') | ||
| const localRootCABuffer = fs.readFileSync(path.join(AutoEncryptLocalhost.settingsPath, 'rootCA.pem')) | ||
| t.strictEquals(Buffer.compare(localRootCABuffer, downloadedRootCABuffer), 0, 'The local root certificate authority public key is served correctly.') | ||
| server.close() | ||
@@ -73,0 +80,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.04%
20041141
- Number of package files
- increased by5.26%
20
- Lines of code
- increased by42.39%
561
- Number of lines in readme file
- increased by6.45%
198
Worsened metrics
- Dependency count
- increased by100%
4
- Number of low supply chain risk alerts
- increased by14.29%
8
- Number of medium supply chain risk alerts
- increased by14.29%
8
Dependency changes
+ Addedencodeurl@^1.0.2
+ Addedserver-destroy@^1.0.1
+ Addedencodeurl@1.0.2(transitive)
+ Addedserver-destroy@1.0.1(transitive)