-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request to Nexus failed, reason: certificate has expired #62
Comments
It appears to be complaining about your TLS/SSL certificate being expired. I assume that it isn't given the tests you described appeared to work? Are you using anything like win-ca that might cause the behavior of libnpmsearch/npm-registry-fetch to differ between running in VS Code and running in Node? |
This is weird ... I've tried this (again, just in case...):
const npmsearch = require("libnpmsearch");
npmsearch("*", {
registry: "https://nexus.myCompanyName.com/repository/npm-group/",
token: "NpmToken.f0819d88-d45f-431f-873b-0cb32157fa32"
}).then(console.log, console.error); Then, I've tried this...
// package.json
{
// ...
"activationEvents": [
"onCommand:sample-extension.searchNexus"
],
// ...
"contributes": {
"commands": [
{
"command": "sample-extension.searchNexus",
"title": "Search Nexus"
}
]
},
// ...
}
// src/extension.ts
import * as npmsearch from "libnpmsearch";
import * as vscode from "vscode";
export function activate(context: vscode.ExtensionContext) {
let disposable = vscode.commands.registerCommand("example-extension.searchNexus", async () => {
try {
const response = await npmsearch("*", {
registry: "https://nexus.myCompanyName.com/repository/npm-group/",
token: "NpmToken.f0819d88-d45f-431f-873b-0cb32157fa32"
});
console.log(response);
void vscode.window.showInformationMessage("Search successfull.");
} catch (error) {
console.error(error);
void vscode.window.showErrorMessage((error as Error).message);
}
});
context.subscriptions.push(disposable);
}
// .vscode/launch.json
{
"version": "0.2.0",
"configurations": [
{
"name": "Run Extension",
"type": "extensionHost",
"request": "launch",
"args": [
+ "--disable-extensions",
"--extensionDevelopmentPath=${workspaceFolder}"
],
"outFiles": ["${workspaceFolder}/out/**/*.js"],
"preLaunchTask": "${defaultBuildTask}"
},
{
"name": "Extension Tests",
"type": "extensionHost",
"request": "launch",
"args": [
"--extensionDevelopmentPath=${workspaceFolder}",
"--extensionTestsPath=${workspaceFolder}/out/test/suite/index"
],
"outFiles": ["${workspaceFolder}/out/test/**/*.js"],
"preLaunchTask": "${defaultBuildTask}"
}
]
}
Finally, tried this:
// settings.json (User)
{
// ...
"privateExtensions.registries": [
{
"name": "MyCompany Group Registry",
"registry": "https://nexus.myCompanyName.com/repository/npm-group/",
"token": "NpmToken.f0819d88-d45f-431f-873b-0cb32157fa32"
}
],
// ...
It seems that it's not a bug of Private Extensions Manager. It seems to be a security problem between the NPM libraries and my Nexus. Do you have any idea how I can fix it? Your help would be greatly appreciated, I'm a bit confused about this. Thank you in advance 😅 |
So simply running |
I found something about this error in this vscode issue and this node-fetch issue. It seems that some root expired certificate causes the problem with previous versions of Electron v15.1.0 There are some workarounds in this comment and this other in the previous issue that works in my simple vscode extension from my original comment in this issue, but it is not a problem with the Private Extensions Manager extension at all. I'm afraid I will have to wait for the Electron update in VSCode unless you consider one of these workarounds for your extension. But since it is something that can compromise security (I don't know how, because I have no experience with security topics) I guess it is something you do not want to add. Thank you very much. |
Summary
I have recently updated the Nexus OSS version to 3.36.0-01. Since then, Private Extensions Manager shows an error every time it tries to connect to the NPM registry to get the list of packages. This does not happen with the previous version of Nexus (I have already checked).
Visual proof
Expected results
I expected to see the list of packages from my Nexus registry in the "Extensions" view of Private Extensions Manager.
Actual results
The Private Extensions Manager "Extensions" view is empty and throws an error:
Steps to reproduce
Environment
Commit: ccbaa2d27e38e5afa3e5c21c1c7bef4657064247
Date: 2021-11-17T08:11:14.551Z (1 wk ago)
Electron: 13.5.2
Chrome: 91.0.4472.164
Node.js: 14.16.0
V8: 9.1.269.39-electron.0
OS: Windows NT x64 10.0.19042
Console logs
Other info
I have tried the following:
npm install libnpmsearch@^2.0.2 npm-registry-fetch@^4.0.7
(versions from Private Extensions Manager v1.7.0package.json
at commit b95273de)libnpmsearch-test.js
andnpm-registry-fetch-test.js
node libnpmsearch-test.js
→ Returns the expected list of packages from the registry.node npm-registry-fetch-test.js
→ Returns the expected list of packages from the registry.The text was updated successfully, but these errors were encountered: