Removing native support for rejectUnauthorized - Suggest nodejs env N…

…ODE_TLS_REJECT_UNAUTHORIZED=0 instead (#3540)

This hasn't been supported for a while since it was implemented incorrectly. Further, using it is generally bad practice. If such functionality is required, the user can utilise one of the ENV s needed to bypass this check

.husky/pre-commit

@@ -1,4 +1 @@
-export NVM_DIR="$HOME/.nvm"
-[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
-
-npx lint-staged
+npx --no-install lint-staged

.yarnrc.yml

@@ -1,3 +1,3 @@
 nodeLinker: node-modules
 
-yarnPath: .yarn/releases/yarn-4.0.2.cjs
+yarnPath: .yarn/releases/yarn-4.1.0.cjs

docs/FAQ.md

@@ -25,7 +25,7 @@ If your Gitlab server is running via HTTPS, the proper way to pass in your certi
 },
 ```
 
-> **NOTE**: _Using `process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'` will not work with the `gitlab` library. The `rejectUnauthorized` key is the only way to allow insecure certificates to be bypassed._
+> **NOTE**: Setting `process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'` can also allow insecure certificates to be bypassed.
 
 #### Support for Node v16.18+
 

package.json

@@ -30,7 +30,8 @@
     "release:next": "auto next",
     "release:canary": "auto canary",
     "release": "auto shipit",
-    "postinstall": "husky install"
+    "postinstall": "husky init",
+    "prepare": "husky"
   },
   "dependencies": {
     "types": "^0.1.1"
@@ -66,5 +67,5 @@
     "prettier": "^3.1.1",
     "typescript": "^5.3.3"
   },
-  "packageManager": "yarn@4.0.2"
+  "packageManager": "yarn@4.1.0"
 }

packages/requester-utils/src/GitbeakerError.ts

@@ -23,28 +23,6 @@ export class GitbeakerRequestError extends Error {
   }
 }
 
-// export class GitbeakerRequestError extends Error {
-//   constructor(
-//     message: string,
-//     options?: {
-//       cause?: {
-//         description: string;
-//         request: Request;
-//         response: Response;
-//       };
-//     },
-//   ) {
-//     super(message, options);
-
-//     this.name = 'GitbeakerRequestError';
-//   }
-
-//   cause?: {
-//     description: string;
-//     request: Request;
-//     response: Response;
-//   };
-// }
 export class GitbeakerTimeoutError extends Error {
   constructor(message: string, options?: ErrorOptions) {
     super(message, options);

packages/requester-utils/src/RequesterUtils.ts

@@ -121,15 +121,14 @@ export async function defaultOptionsHandler(
   }: DefaultRequestOptions = {},
 ): Promise<RequestOptions> {
   const { headers: preconfiguredHeaders, authHeaders, url } = resourceOptions;
-  const headers = { ...preconfiguredHeaders };
   const defaultOptions: RequestOptions = {
     method,
     asStream,
     signal,
     prefixUrl: url,
   };
 
-  defaultOptions.headers = headers;
+  defaultOptions.headers = { ...preconfiguredHeaders };
 
   if (sudo) defaultOptions.headers.sudo = `${sudo}`;
 

packages/rest/src/Requester.ts

@@ -11,29 +11,6 @@ import {
   getMatchingRateLimiter,
 } from '@gitbeaker/requester-utils';
 
-export async function defaultOptionsHandler(
-  resourceOptions: ResourceOptions,
-  requestOptions: RequestOptions,
-): Promise<RequestOptions & { agent?: unknown }> {
-  const options: RequestOptions & { agent?: unknown } = { ...requestOptions };
-
-  if (
-    resourceOptions.url.includes('https') &&
-    resourceOptions.rejectUnauthorized != null &&
-    resourceOptions.rejectUnauthorized === false
-  ) {
-    if (typeof window === 'undefined') {
-      const { Agent } = await import('https');
-
-      options.agent = new Agent({
-        rejectUnauthorized: false,
-      });
-    }
-  }
-
-  return options;
-}
-
 export async function processBody(response: Response): Promise<ResponseBodyTypes> {
   // Split to remove potential charset info from the content type
   const contentType = (response.headers.get('content-type') || '').split(';')[0].trim();
@@ -145,4 +122,7 @@ export async function defaultRequestHandler(endpoint: string, options?: RequestO
   );
 }
 
-export const requesterFn = createRequesterFn(defaultOptionsHandler, defaultRequestHandler);
+export const requesterFn = createRequesterFn(
+  (_: ResourceOptions, reqo: RequestOptions) => Promise.resolve(reqo),
+  defaultRequestHandler,
+);

packages/rest/test/unit/Requester.ts

@@ -1,5 +1,5 @@
 import type { RequestOptions } from '@gitbeaker/requester-utils';
-import { defaultOptionsHandler, defaultRequestHandler, processBody } from '../../src/Requester';
+import { defaultRequestHandler, processBody } from '../../src/Requester';
 
 global.fetch = jest.fn();
 
@@ -474,55 +474,3 @@ describe('defaultRequestHandler', () => {
     expect(MockFetch).toHaveBeenCalledWith(request3);
   });
 });
-
-describe('defaultRequest', () => {
-  const service = {
-    headers: { test: '5' },
-    url: 'testurl',
-    rejectUnauthorized: true,
-    authHeaders: {
-      token: () => Promise.resolve('1234'),
-    },
-  };
-
-  it('should not assign the agent property if given https url and not rejectUnauthorized', async () => {
-    const { agent } = await defaultOptionsHandler(
-      { ...service, url: 'https://test.com' },
-      { method: 'POST' },
-    );
-
-    expect(agent).toBeUndefined();
-  });
-
-  it('should not assign the agent property if given http url and rejectUnauthorized', async () => {
-    const { agent } = await defaultOptionsHandler(
-      { ...service, url: 'http://test.com' },
-      { method: 'POST' },
-    );
-
-    expect(agent).toBeUndefined();
-  });
-
-  it('should assign the agent property if given https url and rejectUnauthorized is false', async () => {
-    const { agent: agent1 } = await defaultOptionsHandler(
-      { ...service, url: 'https://test.com', rejectUnauthorized: false },
-      { method: 'POST' },
-    );
-
-    expect(agent1).toBeDefined();
-
-    const { agent: agent2 } = await defaultOptionsHandler(
-      { ...service, url: 'https://test.com', rejectUnauthorized: true },
-      { method: 'POST' },
-    );
-
-    expect(agent2).toBeUndefined();
-
-    const { agent: agent3 } = await defaultOptionsHandler(
-      { ...service, url: 'https://test.com' },
-      { method: 'POST' },
-    );
-
-    expect(agent3).toBeUndefined();
-  });
-});