You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
304 lines
8.6 KiB
304 lines
8.6 KiB
# Change Log
|
|
|
|
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
|
|
|
<a name="1.1.2"></a>
|
|
# [1.1.2](https://github.com/davewasmer/devcert/releases/tag/v1.1.2)
|
|
|
|
### Bug Fixes
|
|
|
|
#### [#56](https://github.com/davewasmer/devcert/issue/56): localhost is not a valid domain name
|
|
|
|
Regular expression fixed in [#57](https://github.com/davewasmer/devcert/issue/57).
|
|
|
|
<a name="1.1.1"></a>
|
|
# [1.1.1](https://github.com/davewasmer/devcert/releases/tag/v1.1.1)
|
|
|
|
### Bug Fixes
|
|
|
|
#### [#55](https://github.com/davewasmer/devcert/pull/55): Fix remote execution vulnerability by switching from execSync to execFileSync
|
|
|
|
- Change `run()` to use `execFileSync`
|
|
- Refactor codebase to use new signature of `run()`
|
|
- Add an extra sanitizing step: test arguments passed to `certificateFor` with a (fairly permissive) regular expression limiting them to legal domain name chars
|
|
|
|
### ⚠️ This is a mandatory update! ⚠️
|
|
|
|
This release fixes a security vulnerability in previous versions. Previous versions will be deprecated.
|
|
|
|
|
|
<a name="1.1.0"></a>
|
|
# [1.1.0](https://github.com/davewasmer/devcert/releases/tag/v1.1.0)
|
|
|
|
### Features
|
|
|
|
#### [#41](https://github.com/davewasmer/devcert/pull/41): Return CA certificate path/data
|
|
|
|
- Make the CA certificate available to userland, but keep the key locked protected or encrypted
|
|
- Add options `getCaPath` and `getCaBuffer`
|
|
- [#48](https://github.com/davewasmer/devcert/pull/48): Enhance uninstallation and upgrade routines to revoke old certs and delete old files
|
|
|
|
### Bug Fixes
|
|
|
|
* [#37](https://github.com/davewasmer/devcert/pull/37): Append to win32 hostfile, don't overwrite it
|
|
* [#42](https://github.com/davewasmer/devcert/pull/42): Reorder SAN declarations to fix a bug in win32 Firefox
|
|
* [#43](https://github.com/davewasmer/devcert/pull/43): Fix unquote paths in shell commands
|
|
* [#45](https://github.com/davewasmer/devcert/pull/45): Set generated certificate to last 825 days, a limit imposed by OSX Catalina
|
|
|
|
### Chores
|
|
|
|
* [#44](https://github.com/davewasmer/devcert/pull/44): Bump lodash from 4.17.4 to 4.17.13
|
|
* [#46](https://github.com/davewasmer/devcert/pull/46): Bump handlebars from 4.0.6 to 4.5.3
|
|
* [#47](https://github.com/davewasmer/devcert/pull/47): Bump lodash.template from 4.4.0 to 4.5.0
|
|
|
|
|
|
<a name="1.0.2"></a>
|
|
# [1.0.2](https://github.com/davewasmer/devcert/releases/tag/v1.0.2)
|
|
|
|
### Bug Fixes
|
|
|
|
* #20: Update `command-exists` dependency
|
|
* #23: Fix issues related to Firefox on Windows and redirecting
|
|
* #24: Update generated certificate to last 7000 days instead of 30
|
|
* 30: Fix false positive on `nss` check
|
|
|
|
|
|
<a name="1.0.0"></a>
|
|
# [1.0.0](https://github.com/davewasmer/devcert/compare/v0.3.2...v1.0.0) (2018-04-05)
|
|
|
|
### Features
|
|
* refactor to use encrypted/secure root authority credentials to avoid exposing them to malicious userland processes
|
|
|
|
|
|
<a name="0.3.2"></a>
|
|
## [0.3.2](https://github.com/davewasmer/devcert/compare/v0.3.1...v0.3.2) (2017-04-28)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* add -d flag to security command, not sure why it ignores -p otherwise, but oh well ([842404f](https://github.com/davewasmer/devcert/commit/842404f))
|
|
|
|
|
|
|
|
<a name="0.3.1"></a>
|
|
## [0.3.1](https://github.com/davewasmer/devcert/compare/v0.3.0...v0.3.1) (2017-04-28)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* wrap NSS db dir paths with quotes ([69be0f7](https://github.com/davewasmer/devcert/commit/69be0f7))
|
|
|
|
|
|
|
|
<a name="0.3.0"></a>
|
|
# [0.3.0](https://github.com/davewasmer/devcert/compare/v0.2.20...v0.3.0) (2017-04-28)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* fix waitForUser async usage ([9fd27c5](https://github.com/davewasmer/devcert/commit/9fd27c5))
|
|
|
|
|
|
### Features
|
|
|
|
* add root CA setup versioning ([6c80805](https://github.com/davewasmer/devcert/commit/6c80805))
|
|
|
|
|
|
|
|
<a name="0.2.20"></a>
|
|
## [0.2.20](https://github.com/davewasmer/devcert/compare/v0.2.19...v0.2.20) (2017-04-28)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* eol import ([ff198f0](https://github.com/davewasmer/devcert/commit/ff198f0))
|
|
|
|
|
|
|
|
<a name="0.2.19"></a>
|
|
## [0.2.19](https://github.com/davewasmer/devcert/compare/v0.2.18...v0.2.19) (2017-04-28)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* warn user to quit firefox before root install ([8bb0271](https://github.com/davewasmer/devcert/commit/8bb0271))
|
|
|
|
|
|
|
|
<a name="0.2.18"></a>
|
|
## [0.2.18](https://github.com/davewasmer/devcert/compare/v0.2.17...v0.2.18) (2017-04-27)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* add required nickname arg to certutil command ([5bc9874](https://github.com/davewasmer/devcert/commit/5bc9874))
|
|
|
|
|
|
|
|
<a name="0.2.17"></a>
|
|
## [0.2.17](https://github.com/davewasmer/devcert/compare/v0.2.16...v0.2.17) (2017-04-27)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* trim newlines from discovered certutil path ([f45195e](https://github.com/davewasmer/devcert/commit/f45195e))
|
|
|
|
|
|
|
|
<a name="0.2.16"></a>
|
|
## [0.2.16](https://github.com/davewasmer/devcert/compare/v0.2.15...v0.2.16) (2017-04-27)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* do not use ~ for home dir, use $HOME instead ([faf1518](https://github.com/davewasmer/devcert/commit/faf1518))
|
|
|
|
|
|
|
|
<a name="0.2.15"></a>
|
|
## [0.2.15](https://github.com/davewasmer/devcert/compare/v0.2.14...v0.2.15) (2017-04-27)
|
|
|
|
|
|
|
|
<a name="0.2.14"></a>
|
|
## [0.2.14](https://github.com/davewasmer/devcert/compare/v0.2.13...v0.2.14) (2017-04-27)
|
|
|
|
|
|
|
|
<a name="0.2.13"></a>
|
|
## [0.2.13](https://github.com/davewasmer/devcert/compare/v0.2.12...v0.2.13) (2017-04-27)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* fix installCertutil handling ([1a571e1](https://github.com/davewasmer/devcert/commit/1a571e1))
|
|
* silence openssl output ([f66f558](https://github.com/davewasmer/devcert/commit/f66f558))
|
|
|
|
|
|
|
|
<a name="0.2.12"></a>
|
|
## [0.2.12](https://github.com/davewasmer/devcert/compare/v0.2.11...v0.2.12) (2017-04-27)
|
|
|
|
|
|
|
|
<a name="0.2.11"></a>
|
|
## [0.2.11](https://github.com/davewasmer/devcert/compare/v0.2.10...v0.2.11) (2017-04-27)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* add eol conversion for openssl.conf on windows ([f854a0e](https://github.com/davewasmer/devcert/commit/f854a0e))
|
|
* escape backslashes in conf template paths ([2354eb0](https://github.com/davewasmer/devcert/commit/2354eb0))
|
|
|
|
|
|
|
|
<a name="0.2.10"></a>
|
|
## [0.2.10](https://github.com/davewasmer/devcert/compare/v0.2.9...v0.2.10) (2017-04-04)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* use double quotes to avoid escaping issues on windows ([08f4362](https://github.com/davewasmer/devcert/commit/08f4362))
|
|
|
|
|
|
|
|
<a name="0.2.9"></a>
|
|
## [0.2.9](https://github.com/davewasmer/devcert/compare/v0.2.8...v0.2.9) (2017-04-04)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* don't hardcode path separators in conf template ([b7db54a](https://github.com/davewasmer/devcert/commit/b7db54a))
|
|
* fix quote marks -> template string ([32f24f7](https://github.com/davewasmer/devcert/commit/32f24f7))
|
|
|
|
|
|
|
|
<a name="0.2.8"></a>
|
|
## [0.2.8](https://github.com/davewasmer/devcert/compare/v0.2.7...v0.2.8) (2017-03-31)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* add -batch flag to avoid prompting ([5ba2424](https://github.com/davewasmer/devcert/commit/5ba2424))
|
|
* add root ca cert to /etc/ssl/certs on linux ([5dc37a4](https://github.com/davewasmer/devcert/commit/5dc37a4))
|
|
|
|
|
|
|
|
<a name="0.2.7"></a>
|
|
## [0.2.7](https://github.com/davewasmer/devcert/compare/v0.2.6...v0.2.7) (2017-03-31)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* do not block with execSync when launching firefox, template openssl conf to get config paths ([2600a89](https://github.com/davewasmer/devcert/commit/2600a89))
|
|
|
|
|
|
|
|
<a name="0.2.6"></a>
|
|
## [0.2.6](https://github.com/davewasmer/devcert/compare/v0.2.5...v0.2.6) (2017-03-31)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* separate commands so each gets sudo, improve debug output ([af40aca](https://github.com/davewasmer/devcert/commit/af40aca))
|
|
|
|
|
|
|
|
<a name="0.2.5"></a>
|
|
## [0.2.5](https://github.com/davewasmer/devcert/compare/v0.2.4...v0.2.5) (2017-03-31)
|
|
|
|
|
|
|
|
<a name="0.2.4"></a>
|
|
## [0.2.4](https://github.com/davewasmer/devcert/compare/v0.2.3...v0.2.4) (2017-03-30)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* fix root key path when generating root cert ([83c8672](https://github.com/davewasmer/devcert/commit/83c8672))
|
|
|
|
|
|
|
|
<a name="0.2.3"></a>
|
|
## [0.2.3](https://github.com/davewasmer/devcert/compare/v0.2.2...v0.2.3) (2017-03-30)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* make the config dir first ([fab033a](https://github.com/davewasmer/devcert/commit/fab033a))
|
|
|
|
|
|
|
|
<a name="0.2.2"></a>
|
|
## [0.2.2](https://github.com/davewasmer/devcert/compare/v0.2.1...v0.2.2) (2017-03-30)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* fix configDir for non-windows ([7457cde](https://github.com/davewasmer/devcert/commit/7457cde))
|
|
|
|
|
|
|
|
<a name="0.2.1"></a>
|
|
## [0.2.1](https://github.com/davewasmer/devcert/compare/v0.2.0...v0.2.1) (2017-03-30)
|
|
|
|
|
|
### Bug Fixes
|
|
|
|
* don't ignore dist when publishing ([eef1738](https://github.com/davewasmer/devcert/commit/eef1738))
|
|
|
|
|
|
|
|
<a name="0.2.0"></a>
|
|
# [0.2.0](https://github.com/davewasmer/devcert/compare/v0.1.0...v0.2.0) (2017-03-30)
|
|
|
|
|
|
### Features
|
|
|
|
* improve Readme, return node.createServer compatible object, improve error messaging ([b760220](https://github.com/davewasmer/devcert/commit/b760220))
|
|
|
|
|
|
|
|
<a name="0.1.0"></a>
|
|
# 0.1.0 (2017-03-29)
|