refactor: Replace remaining trivial dependencies (#5)

kitten · web-flow · commit b0cb0d32c1c7 · 2025-04-08T01:15:34.000+01:00
diff --git a/openssl-configurations/domain-certificate-signing-requests.conf b/openssl-configurations/domain-certificate-signing-requests.conf
@@ -13,13 +13,13 @@ distinguished_name = req_distinguished_name
 req_extensions = req_extensions
 
 [ req_distinguished_name ]
-CN = <%= domain %>
+CN = %DOMAIN%
 
 [ req_extensions ]
 basicConstraints = CA:FALSE
 subjectAltName = @subject_alt_names
 subjectKeyIdentifier = hash
 
 [ subject_alt_names ]
-DNS.1 = <%= domain %>
-DNS.2 = *.<%= domain %>
+DNS.1 = %DOMAIN%
+DNS.2 = *.%DOMAIN%
diff --git a/openssl-configurations/domain-certificates.conf b/openssl-configurations/domain-certificates.conf
@@ -3,11 +3,11 @@ default_ca = devcert_ca
 
 [ devcert_ca ]
 # Serial file that counts up unique IDs for each cert issued
-serial = <%= serialFile.replace(/\\/g, '\\\\') %>
+serial = %SERIALFILE%
 # Database file that tracks all issued certs
-database = <%= databaseFile.replace(/\\/g, '\\\\') %>
+database = %DATABASEFILE%
 # Where to put the new cert
-new_certs_dir = <%= domainDir.replace(/\\/g, '\\\\') %>
+new_certs_dir = %DOMAINDIR%
 # Which algorithm to use
 default_md = sha256
 # Don't prompt the TTY for input, just use the config file values
@@ -35,5 +35,5 @@ extendedKeyUsage = serverAuth
 subjectAltName = @subject_alt_names
 
 [ subject_alt_names ]
-DNS.1 = <%= domain %>
-DNS.2 = *.<%= domain %>
+DNS.1 = %DOMAIN%
+DNS.2 = *.%DOMAIN%
diff --git a/package.json b/package.json
@@ -28,26 +28,13 @@
   "homepage": "https://github.com/expo/devcert#readme",
   "devDependencies": {
     "@types/debug": "^0.0.30",
-    "@types/get-port": "^3.2.0",
-    "@types/lodash": "^4.14.92",
-    "@types/mkdirp": "^0.5.2",
     "@types/node": "^20.12.7",
-    "@types/tmp": "^0.0.33",
     "standard-version": "^8.0.1",
     "typescript": "^5.1.3"
   },
   "dependencies": {
     "@expo/sudo-prompt": "^9.3.1",
-    "application-config-path": "^0.1.0",
-    "command-exists": "^1.2.4",
     "debug": "^3.1.0",
-    "eol": "^0.9.1",
-    "get-port": "^3.2.0",
-    "glob": "^10.4.2",
-    "lodash": "^4.17.21",
-    "mkdirp": "^0.5.1",
-    "password-prompt": "^1.0.4",
-    "tmp": "^0.0.33",
-    "tslib": "^2.4.0"
+    "glob": "^10.4.2"
   }
 }
diff --git a/src/certificates.ts b/src/certificates.ts
@@ -1,7 +1,6 @@
 // import path from 'path';
 import createDebug from 'debug';
-import { sync as mkdirp } from 'mkdirp';
-import { chmodSync as chmod } from 'fs';
+import fs from 'fs';
 import { pathForDomain, withDomainSigningRequestConfig, withDomainCertificateConfig } from './constants';
 import { openssl } from './utils';
 import { withCertificateAuthorityCredentials } from './certificate-authority';
@@ -16,7 +15,7 @@ const debug = createDebug('devcert:certificates');
  * added to the OS/browser trust stores), they are trusted.
  */
 export default async function generateDomainCertificate(domain: string): Promise<void> {
-  mkdirp(pathForDomain(domain));
+  await fs.promises.mkdir(pathForDomain(domain), { recursive: true });
 
   debug(`Generating private key for ${ domain }`);
   let domainKeyPath = pathForDomain(domain, 'private-key.key');
@@ -42,5 +41,5 @@ export default async function generateDomainCertificate(domain: string): Promise
 export function generateKey(filename: string): void {
   debug(`generateKey: ${ filename }`);
   openssl(['genrsa', '-out', filename, '2048']);
-  chmod(filename, 400);
-}
+  fs.chmodSync(filename, 400);
+}
diff --git a/src/constants.ts b/src/constants.ts
@@ -1,11 +1,23 @@
 import path from 'path';
-import { unlinkSync as rm, writeFileSync as writeFile, readFileSync as readFile } from 'fs';
-import { sync as mkdirp } from 'mkdirp';
-import { template as makeTemplate } from 'lodash';
-import applicationConfigPath = require('application-config-path');
-import eol from 'eol';
+import fs from 'fs';
 import { mktmp } from './utils';
 
+function applicationConfigPath(name: string): string {
+  switch (process.platform) {
+    case 'darwin':
+      return path.join(process.env.HOME, 'Library', 'Application Support', name);
+    case 'win32':
+      return process.env.LOCALAPPDATA
+        ? path.join(process.env.LOCALAPPDATA, name)
+        : path.join(process.env.USERPROFILE, 'Local Settings', 'Application Data', name);
+    case 'linux':
+    default:
+      return process.env.XDG_CONFIG_HOME
+        ? path.join(process.env.XDG_CONFIG_HOME, name)
+        : path.join(process.env.HOME, '.config', name);
+  }
+}
+
 export const VALID_IP = /(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}/;
 export const VALID_DOMAIN = /^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.?)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$/i;
 
@@ -26,34 +38,35 @@ export const opensslSerialFilePath = configPath('certificate-authority', 'serial
 export const opensslDatabaseFilePath = configPath('certificate-authority', 'index.txt');
 export const caSelfSignConfig = path.join(__dirname, '../openssl-configurations/certificate-authority-self-signing.conf');
 
+function eolAuto(str: string): string {
+  return str.replace(/\r?\n|\r/g, isWindows ? '\r\n' : '\n');
+}
+
 export function withDomainSigningRequestConfig(domain: string, cb: (filepath: string) => void) {
   let tmpFile = mktmp();
-  let source = readFile(path.join(__dirname, '../openssl-configurations/domain-certificate-signing-requests.conf'), 'utf-8');
-  let template = makeTemplate(source);
-  let result = template({ domain });
-  writeFile(tmpFile, eol.auto(result));
+  let source = fs.readFileSync(path.join(__dirname, '../openssl-configurations/domain-certificate-signing-requests.conf'), 'utf-8');
+  let result = source.replace(/%DOMAIN%/g, domain);
+  fs.writeFileSync(tmpFile, eolAuto(result));
   cb(tmpFile);
-  rm(tmpFile);
+  fs.rmSync(tmpFile);
 }
 
 export function withDomainCertificateConfig(domain: string, cb: (filepath: string) => void) {
   let tmpFile = mktmp();
-  let source = readFile(path.join(__dirname, '../openssl-configurations/domain-certificates.conf'), 'utf-8');
-  let template = makeTemplate(source);
-  let result = template({
-    domain,
-    serialFile: opensslSerialFilePath,
-    databaseFile: opensslDatabaseFilePath,
-    domainDir: pathForDomain(domain)
-  });
-  writeFile(tmpFile, eol.auto(result));
+  let source = fs.readFileSync(path.join(__dirname, '../openssl-configurations/domain-certificates.conf'), 'utf-8');
+  let result = source
+    .replace(/%DOMAIN%/g, domain)
+    .replace(/%SERIALFILE%/g, opensslSerialFilePath.replace(/\\/g, '\\\\'))
+    .replace(/%DATABASEFILE%/g, opensslDatabaseFilePath.replace(/\\/g, '\\\\'))
+    .replace(/%DOMAINDIR%/g, pathForDomain(domain).replace(/\\/g, '\\\\'))
+  fs.writeFileSync(tmpFile, eolAuto(result));
   cb(tmpFile);
-  rm(tmpFile);
+  fs.rmSync(tmpFile);
 }
 
   // confTemplate = confTemplate.replace(/DATABASE_PATH/, configPath('index.txt').replace(/\\/g, '\\\\'));
   // confTemplate = confTemplate.replace(/SERIAL_PATH/, configPath('serial').replace(/\\/g, '\\\\'));
-  // confTemplate = eol.auto(confTemplate);
+  // confTemplate = eolAuto(confTemplate);
 
 export const rootCADir = configPath('certificate-authority');
 export const rootCAKeyPath = configPath('certificate-authority', 'private-key.key');
@@ -73,9 +86,9 @@ export function getLegacyConfigDir(): string {
 }
 
 export function ensureConfigDirs() {
-  mkdirp(configDir);
-  mkdirp(domainsDir);
-  mkdirp(rootCADir);
+  fs.mkdirSync(configDir, { recursive: true });
+  fs.mkdirSync(domainsDir, { recursive: true });
+  fs.mkdirSync(rootCADir, { recursive: true });
 }
 
 ensureConfigDirs();
diff --git a/src/index.ts b/src/index.ts
@@ -1,6 +1,5 @@
 import { rmSync as rm, readFileSync as readFile, readdirSync as readdir, existsSync as exists } from 'fs';
 import createDebug from 'debug';
-import { sync as commandExists } from 'command-exists';
 import {
   isMac,
   isLinux,
@@ -13,6 +12,7 @@ import {
   VALID_IP
 } from './constants';
 import currentPlatform from './platforms';
+import { commandExists } from './utils';
 import installCertificateAuthority, { ensureCACertReadable, uninstall } from './certificate-authority';
 import generateDomainCertificate from './certificates';
 import UI, { UserInterface } from './user-interface';
diff --git a/src/platforms/darwin.ts b/src/platforms/darwin.ts
@@ -1,8 +1,7 @@
 import path from 'path';
 import { writeFileSync as writeFile, existsSync as exists, readFileSync as read } from 'fs';
 import createDebug from 'debug';
-import { sync as commandExists } from 'command-exists';
-import { run, sudoAppend } from '../utils';
+import { run, sudoAppend, commandExists } from '../utils';
 import { Options } from '../index';
 import { addCertificateToNSSCertDB, assertNotTouchingFiles, openCertificateInFirefox, closeFirefox, removeCertificateFromNSSCertDB } from './shared';
 import { Platform } from '.';
diff --git a/src/platforms/linux.ts b/src/platforms/linux.ts
@@ -1,9 +1,8 @@
 import path from 'path';
 import { existsSync as exists, readFileSync as read, writeFileSync as writeFile } from 'fs';
 import createDebug from 'debug';
-import { sync as commandExists } from 'command-exists';
 import { addCertificateToNSSCertDB, assertNotTouchingFiles, openCertificateInFirefox, closeFirefox, removeCertificateFromNSSCertDB } from './shared';
-import { run, sudoAppend } from '../utils';
+import { run, sudoAppend, commandExists } from '../utils';
 import { Options } from '../index';
 import UI from '../user-interface';
 import { Platform } from '.';
@@ -121,4 +120,4 @@ export default class LinuxPlatform implements Platform {
     return exists(this.CHROME_BIN_PATH);
   }
 
-}
+}
diff --git a/src/platforms/shared.ts b/src/platforms/shared.ts
@@ -1,8 +1,7 @@
 import path from 'path';
-import url from 'url';
 import createDebug from 'debug';
 import assert from 'assert';
-import getPort from 'get-port';
+import net from 'net';
 import http from 'http';
 import { sync as glob } from 'glob';
 import { readFileSync as readFile, existsSync as exists } from 'fs';
@@ -109,28 +108,37 @@ async function sleep(ms: number) {
  */
 export async function openCertificateInFirefox(firefoxPath: string, certPath: string): Promise<void> {
   debug('Adding devert to Firefox trust stores manually. Launching a webserver to host our certificate temporarily ...');
-  let port = await getPort();
-  let server = http.createServer(async (req, res) => {
-    let { pathname } = url.parse(req.url);
+  let port: number;
+  const server = http.createServer(async (req, res) => {
+    let { pathname } = new URL(req.url);
     if (pathname === '/certificate') {
       res.writeHead(200, { 'Content-type': 'application/x-x509-ca-cert' });
       res.write(readFile(certPath));
       res.end();
     } else {
       res.writeHead(200);
-      res.write(await UI.firefoxWizardPromptPage(`http://localhost:${ port }/certificate`));
+      res.write(await UI.firefoxWizardPromptPage(`http://localhost:${port}/certificate`));
       res.end();
     }
-  }).listen(port);
-  debug('Certificate server is up. Printing instructions for user and launching Firefox with hosted certificate URL');
-  await UI.startFirefoxWizard(`http://localhost:${ port }`);
-  run(firefoxPath, [`http://localhost:${ port }`]);
-  await UI.waitForFirefoxWizard();
-  server.close();
+  });
+  port = await new Promise((resolve, reject) => {
+    server.on('error', reject);
+    server.listen(() => {
+      resolve((server.address() as net.AddressInfo).port);
+    });
+  });
+  try {
+    debug('Certificate server is up. Printing instructions for user and launching Firefox with hosted certificate URL');
+    await UI.startFirefoxWizard(`http://localhost:${port}`);
+    run(firefoxPath, [`http://localhost:${ port }`]);
+    await UI.waitForFirefoxWizard();
+  } finally {
+    server.close();
+  }
 }
 
 export function assertNotTouchingFiles(filepath: string, operation: string): void {
     if (!filepath.startsWith(configDir) && !filepath.startsWith(getLegacyConfigDir())) {
       throw new Error(`Devcert cannot ${ operation } ${ filepath }; it is outside known devcert config directories!`);
     }
-}
+}
diff --git a/src/types.d.ts b/src/types.d.ts
diff --git a/src/user-interface.ts b/src/user-interface.ts
@@ -1,4 +1,4 @@
-import passwordPrompt from 'password-prompt';
+import readline from 'node:readline';
 import { waitForUser } from './utils';
 
 export interface UserInterface {
@@ -10,6 +10,25 @@ export interface UserInterface {
   waitForFirefoxWizard(): Promise<void>;
 }
 
+async function passwordPrompt(prompt: string): Promise<string> {
+  const input = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout,
+  });
+  return new Promise((resolve, reject) => {
+    input.on('SIGINT', () => {
+      reject(new Error('SIGINT'));
+    });
+    input.question(prompt, (answer) => {
+      readline.moveCursor(process.stdout, 0, -1);
+      readline.clearLine(process.stdout, 0);
+      input.write(prompt + answer.replace(/./g, '*') + '\n');
+      input.close();
+      resolve(answer);
+    });
+  });
+}
+
 const DefaultUI: UserInterface = {
   async getWindowsEncryptionPassword() {
     return await passwordPrompt('devcert password (http://bit.ly/devcert-what-password?):');
@@ -68,4 +87,4 @@ const DefaultUI: UserInterface = {
   }
 }
 
-export default DefaultUI;
+export default DefaultUI;
diff --git a/src/utils.ts b/src/utils.ts
@@ -1,10 +1,12 @@
 import { execFileSync, ExecFileSyncOptions } from 'child_process';
-import tmp from 'tmp';
+import { randomBytes } from 'crypto';
+import fs from 'fs';
+import os from 'os';
 import createDebug from 'debug';
 import path from 'path';
 import sudoPrompt from '@expo/sudo-prompt';
 
-import { configPath } from './constants';
+import { configPath, isWindows } from './constants';
 
 const debug = createDebug('devcert:util');
 
@@ -40,9 +42,10 @@ export function reportableError(message: string) {
 }
 
 export function mktmp() {
-  // discardDescriptor because windows complains the file is in use if we create a tmp file
-  // and then shell out to a process that tries to use it
-  return tmp.fileSync({ discardDescriptor: true }).name;
+  const random = randomBytes(6).toString('hex');
+  const tmppath = path.join(os.tmpdir(), `tmp-${process.pid}${random}`);
+  fs.closeSync(fs.openSync(tmppath, 'w'));
+  return tmppath;
 }
 
 export function sudo(cmd: string): Promise<string | null> {
@@ -53,3 +56,23 @@ export function sudo(cmd: string): Promise<string | null> {
     });
   });
 }
+
+const _commands: Record<string, string | null> = {};
+
+export function commandExists(command: string): string | null {
+  if (_commands[command] !== undefined) {
+    return _commands[command];
+  }
+  const paths = process.env[isWindows ? 'Path' : 'PATH'].split(path.delimiter);
+  const extensions = [...(process.env.PATHEXT || '').split(path.delimiter), ''];
+  for (const dir of paths) {
+    for (const extension of extensions) {
+      const filePath = path.join(dir, command + extension);
+      try {
+        fs.accessSync(filePath, fs.constants.X_OK);
+        return (_commands[command] = filePath);
+      } catch {}
+    }
+  }
+  return (_commands[command] = null);
+}
diff --git a/tsconfig.json b/tsconfig.json
diff --git a/yarn.lock b/yarn.lock
