All notable changes to this project will be documented in this file. See standard-version for commit guidelines.
#56: localhost is not a valid domain name
Regular expression fixed in #57.
#55: Fix remote execution vulnerability by switching from execSync to execFileSync
- Change
run()to useexecFileSync - Refactor codebase to use new signature of
run() - Add an extra sanitizing step: test arguments passed to
certificateForwith a (fairly permissive) regular expression limiting them to legal domain name chars
This release fixes a security vulnerability in previous versions. Previous versions will be deprecated.
#41: Return CA certificate path/data
- Make the CA certificate available to userland, but keep the key locked protected or encrypted
- Add options
getCaPathandgetCaBuffer - #48: Enhance uninstallation and upgrade routines to revoke old certs and delete old files
- #37: Append to win32 hostfile, don't overwrite it
- #42: Reorder SAN declarations to fix a bug in win32 Firefox
- #43: Fix unquote paths in shell commands
- #45: Set generated certificate to last 825 days, a limit imposed by OSX Catalina
- #44: Bump lodash from 4.17.4 to 4.17.13
- #46: Bump handlebars from 4.0.6 to 4.5.3
- #47: Bump lodash.template from 4.4.0 to 4.5.0
- #20: Update
command-existsdependency - #23: Fix issues related to Firefox on Windows and redirecting
- #24: Update generated certificate to last 7000 days instead of 30
- 30: Fix false positive on
nsscheck
1.0.0 (2018-04-05)
- refactor to use encrypted/secure root authority credentials to avoid exposing them to malicious userland processes
0.3.2 (2017-04-28)
- add -d flag to security command, not sure why it ignores -p otherwise, but oh well (842404f)
0.3.1 (2017-04-28)
- wrap NSS db dir paths with quotes (69be0f7)
0.3.0 (2017-04-28)
- fix waitForUser async usage (9fd27c5)
- add root CA setup versioning (6c80805)
0.2.20 (2017-04-28)
- eol import (ff198f0)
0.2.19 (2017-04-28)
- warn user to quit firefox before root install (8bb0271)
0.2.18 (2017-04-27)
- add required nickname arg to certutil command (5bc9874)
0.2.17 (2017-04-27)
- trim newlines from discovered certutil path (f45195e)
0.2.16 (2017-04-27)
- do not use ~ for home dir, use $HOME instead (faf1518)
0.2.15 (2017-04-27)
0.2.14 (2017-04-27)
0.2.13 (2017-04-27)
0.2.12 (2017-04-27)
0.2.11 (2017-04-27)
- add eol conversion for openssl.conf on windows (f854a0e)
- escape backslashes in conf template paths (2354eb0)
0.2.10 (2017-04-04)
- use double quotes to avoid escaping issues on windows (08f4362)
0.2.9 (2017-04-04)
- don't hardcode path separators in conf template (b7db54a)
- fix quote marks -> template string (32f24f7)
0.2.8 (2017-03-31)
0.2.7 (2017-03-31)
- do not block with execSync when launching firefox, template openssl conf to get config paths (2600a89)
0.2.6 (2017-03-31)
- separate commands so each gets sudo, improve debug output (af40aca)
0.2.5 (2017-03-31)
0.2.4 (2017-03-30)
- fix root key path when generating root cert (83c8672)
0.2.3 (2017-03-30)
- make the config dir first (fab033a)
0.2.2 (2017-03-30)
- fix configDir for non-windows (7457cde)
0.2.1 (2017-03-30)
- don't ignore dist when publishing (eef1738)
0.2.0 (2017-03-30)
- improve Readme, return node.createServer compatible object, improve error messaging (b760220)