milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Move existing proxy files to builtInProxy folder

Browse source
This commit is contained in:
Sander Declerck 2026-02-11 16:04:03 +01:00
parent 03ecd0dfb9
commit ca071729be
No known key found for this signature in database
31 changed files with 766 additions and 397 deletions
Download patch file Download diff file Expand all files Collapse all files

22
packages/safe-chain/src/packagemanager/poetry/createPoetryPackageManager.js
View file

@ -1,7 +1,7 @@
import { ui } from "../../environment/userInteraction.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
import { getCombinedCaBundlePath } from "../../registryProxy/builtInProxy/certBundle.js";
/**
* @returns {import("../currentPackageManager.js").PackageManager}
@ -19,36 +19,42 @@ export function createPoetryPackageManager() {
/**
* Sets CA bundle environment variables used by Poetry and Python libraries.
* Poetry uses the Python requests library which respects these environment variables.
*
*
* @param {NodeJS.ProcessEnv} env - Environment object to modify
* @param {string} combinedCaPath - Path to the combined CA bundle
*/
function setPoetryCaBundleEnvironmentVariables(env, combinedCaPath) {
// SSL_CERT_FILE: Used by Python SSL libraries and requests
if (env.SSL_CERT_FILE) {
ui.writeWarning("Safe-chain: User defined SSL_CERT_FILE found in environment. It will be overwritten.");
ui.writeWarning(
"Safe-chain: User defined SSL_CERT_FILE found in environment. It will be overwritten.",
);
}
env.SSL_CERT_FILE = combinedCaPath;
// REQUESTS_CA_BUNDLE: Used by the requests library (which Poetry uses)
if (env.REQUESTS_CA_BUNDLE) {
ui.writeWarning("Safe-chain: User defined REQUESTS_CA_BUNDLE found in environment. It will be overwritten.");
ui.writeWarning(
"Safe-chain: User defined REQUESTS_CA_BUNDLE found in environment. It will be overwritten.",
);
}
env.REQUESTS_CA_BUNDLE = combinedCaPath;
// PIP_CERT: Poetry may use pip internally
if (env.PIP_CERT) {
ui.writeWarning("Safe-chain: User defined PIP_CERT found in environment. It will be overwritten.");
ui.writeWarning(
"Safe-chain: User defined PIP_CERT found in environment. It will be overwritten.",
);
}
env.PIP_CERT = combinedCaPath;
}
/**
* Runs a poetry command with safe-chain's certificate bundle and proxy configuration.
*
*
* Poetry respects standard HTTP_PROXY/HTTPS_PROXY environment variables through
* the Python requests library.
*
*
* @param {string[]} args - Command line arguments to pass to poetry
* @returns {Promise<{status: number}>} Exit status of the poetry command
*/
@ -63,7 +69,7 @@ async function runPoetryCommand(args) {
stdio: "inherit",
env,
});
return { status: result.status };
} catch (/** @type any */ error) {
if (error.status) {