From 83b786bb91438c496f7d917d98ac9c72e3b210c6 Mon Sep 17 00:00:00 2001
From: John Darrington <john.darrington@erlef.org>
Date: Sun, 2 Feb 2025 12:46:18 -0500
Subject: [PATCH] Rely on Erlang/OTP 25+ and no more on CAStore (#76)

---
 lib/esbuild.ex              | 3 ---
 lib/esbuild/npm_registry.ex | 6 +-----
 2 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/lib/esbuild.ex b/lib/esbuild.ex
index 67cab50..38a29d0 100644
--- a/lib/esbuild.ex
+++ b/lib/esbuild.ex
@@ -29,9 +29,6 @@ defmodule Esbuild do
       Useful when you manage the esbuild executable with an external
       tool (eg. npm)
 
-    * `:cacerts_path` - the directory to find certificates for
-      https connections
-
     * `:path` - the path to find the esbuild executable at. By
       default, it is automatically downloaded and placed inside
       the `_build` directory of your current app
diff --git a/lib/esbuild/npm_registry.ex b/lib/esbuild/npm_registry.ex
index b85ce77..a74103b 100644
--- a/lib/esbuild/npm_registry.ex
+++ b/lib/esbuild/npm_registry.ex
@@ -91,7 +91,7 @@ defmodule Esbuild.NpmRegistry do
         ssl: [
           verify: :verify_peer,
           # https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/inets
-          cacertfile: cacertfile() |> String.to_charlist(),
+          cacerts: :public_key.cacerts_get(),
           depth: 2,
           customize_hostname_check: [
             match_fun: :public_key.pkix_verify_hostname_match_fun(:https)
@@ -128,10 +128,6 @@ defmodule Esbuild.NpmRegistry do
     end
   end
 
-  defp cacertfile() do
-    Application.get_env(:esbuild, :cacerts_path) || CAStore.file_path()
-  end
-
   defp verify_signature!(message, signature) do
     :public_key.verify(
       message,