feat: accept registry-scoped certfile and keyfile as credentials #5160
Conversation
|
Deps updates required for this pr: #5187 |
jenseng
force-pushed
the
registry-scoped-keyfile-and-certfile
branch
2 times, most recently
from
47ecd22 to
64ef34f
Compare
|
Inlined checks and rebased on to dep update branch. Thanks for the review, and let me know if anything else needs to change! |
jenseng
force-pushed
the
registry-scoped-keyfile-and-certfile
branch
from
64ef34f to
f110f65
Compare
|
Looks like coverage on those if statements is all that's remaining, and of course fixing up the branch once the deps PR lands. |
Slight chicken/egg problem in adding test coverage w/o rebasing atop the deps PR, as |
jenseng
force-pushed
the
registry-scoped-keyfile-and-certfile
branch
from
f110f65 to
eb1ea9c
Compare
|
Ok, added test coverage and rebased to get the deps PR |
|
looks like a |
Closes npm#4765 RFC: npm/rfcs#591 While this doesn't directly allow top-level cert/key as credentials (per the original issue), it's a more targeted/secure approach that accomplishes the same end-result; the new options are scoped to a specific registry, and the actual cert/key contents are much less likely to be exposed. See the RFC for more context. Depends on: * npm/npm-registry-fetch#125 * npm/config#69
jenseng
force-pushed
the
registry-scoped-keyfile-and-certfile
branch
from
eb1ea9c to
9771bf6
Compare
While this doesn't directly allow top-level cert/key as credentials (per the original issue), it's a more targeted/secure approach that accomplishes the same end-result; the new options are scoped to a specific registry, and the actual cert/key contents are much less likely to be exposed. See the RFC for more context.
References
Related to npm/rfcs#591
Depends on npm/npm-registry-fetch#125, npm/config#69
Closes #4765