BREAKING CHANGE(https): migrate ca, cert, pfx, key, pfx-passphrase, and requestCert to https object (#2564)

Author: hiroppy

bin/cli-flags.js

@@ -84,36 +84,6 @@ module.exports = {
       group: SSL_GROUP,
       describe: 'HTTP/2, must be used with HTTPS',
     },
-    {
-      name: 'key',
-      type: String,
-      describe: 'Path to a SSL key.',
-      group: SSL_GROUP,
-    },
-    {
-      name: 'cert',
-      type: String,
-      describe: 'Path to a SSL certificate.',
-      group: SSL_GROUP,
-    },
-    {
-      name: 'cacert',
-      type: String,
-      describe: 'Path to a SSL CA certificate.',
-      group: SSL_GROUP,
-    },
-    {
-      name: 'pfx',
-      type: String,
-      describe: 'Path to a SSL pfx file.',
-      group: SSL_GROUP,
-    },
-    {
-      name: 'pfx-passphrase',
-      type: String,
-      describe: 'Passphrase for pfx file.',
-      group: SSL_GROUP,
-    },
     {
       name: 'content-base',
       type: String,

bin/options.js

@@ -96,31 +96,6 @@ const options = {
     group: SSL_GROUP,
     describe: 'HTTP/2, must be used with HTTPS',
   },
-  key: {
-    type: 'string',
-    describe: 'Path to a SSL key.',
-    group: SSL_GROUP,
-  },
-  cert: {
-    type: 'string',
-    describe: 'Path to a SSL certificate.',
-    group: SSL_GROUP,
-  },
-  cacert: {
-    type: 'string',
-    describe: 'Path to a SSL CA certificate.',
-    group: SSL_GROUP,
-  },
-  pfx: {
-    type: 'string',
-    describe: 'Path to a SSL pfx file.',
-    group: SSL_GROUP,
-  },
-  'pfx-passphrase': {
-    type: 'string',
-    describe: 'Passphrase for pfx file.',
-    group: SSL_GROUP,
-  },
   'content-base': {
     type: 'string',
     describe: 'A directory or URL to serve HTML content from.',

examples/cli/https/README.md

@@ -578,23 +578,16 @@ class Server {
 
   setupHttps() {
     // if the user enables http2, we can safely enable https
-    if (this.options.http2 && !this.options.https) {
-      this.options.https = true;
+    if (
+      (this.options.http2 && !this.options.https) ||
+      this.options.https === true
+    ) {
+      this.options.https = {
+        requestCert: false,
+      };
     }
 
     if (this.options.https) {
-      // for keep supporting CLI parameters
-      if (typeof this.options.https === 'boolean') {
-        this.options.https = {
-          ca: this.options.ca,
-          pfx: this.options.pfx,
-          key: this.options.key,
-          cert: this.options.cert,
-          passphrase: this.options.pfxPassphrase,
-          requestCert: this.options.requestCert || false,
-        };
-      }
-
       for (const property of ['ca', 'pfx', 'key', 'cert']) {
         const value = this.options.https[property];
         const isBuffer = value instanceof Buffer;
@@ -623,23 +616,6 @@ class Server {
 
       this.options.https.key = this.options.https.key || fakeCert;
       this.options.https.cert = this.options.https.cert || fakeCert;
-
-      // note that options.spdy never existed. The user was able
-      // to set options.https.spdy before, though it was not in the
-      // docs. Keep options.https.spdy if the user sets it for
-      // backwards compatibility, but log a deprecation warning.
-      if (this.options.https.spdy) {
-        // for backwards compatibility: if options.https.spdy was passed in before,
-        // it was not altered in any way
-        this.log.warn(
-          'Providing custom spdy server options is deprecated and will be removed in the next major version.'
-        );
-      } else {
-        // if the normal https server gets this option, it will not affect it.
-        this.options.https.spdy = {
-          protocols: ['h2', 'http/1.1'],
-        };
-      }
     }
   }
 
@@ -648,7 +624,12 @@ class Server {
       if (this.options.http2) {
         // TODO: we need to replace spdy with http2 which is an internal module
         this.listeningApp = require('spdy').createServer(
-          this.options.https,
+          {
+            ...this.options.https,
+            spdy: {
+              protocols: ['h2', 'http/1.1'],
+            },
+          },
           this.app
         );
       } else {

examples/cli/https/app.js

@@ -16,26 +16,6 @@
     "bonjour": {
       "type": "boolean"
     },
-    "ca": {
-      "anyOf": [
-        {
-          "type": "string"
-        },
-        {
-          "instanceof": "Buffer"
-        }
-      ]
-    },
-    "cert": {
-      "anyOf": [
-        {
-          "type": "string"
-        },
-        {
-          "instanceof": "Buffer"
-        }
-      ]
-    },
     "clientLogLevel": {
       "enum": [
         "info",
@@ -136,10 +116,59 @@
     "https": {
       "anyOf": [
         {
-          "type": "object"
+          "type": "boolean"
         },
         {
-          "type": "boolean"
+          "type": "object",
+          "additionalProperties": false,
+          "properties": {
+            "passphrase": {
+              "type": "string"
+            },
+            "requestCert": {
+              "type": "boolean"
+            },
+            "ca": {
+              "anyOf": [
+                {
+                  "type": "string"
+                },
+                {
+                  "instanceof": "Buffer"
+                }
+              ]
+            },
+            "key": {
+              "anyOf": [
+                {
+                  "type": "string"
+                },
+                {
+                  "instanceof": "Buffer"
+                }
+              ]
+            },
+            "pfx": {
+              "anyOf": [
+                {
+                  "type": "string"
+                },
+                {
+                  "instanceof": "Buffer"
+                }
+              ]
+            },
+            "cert": {
+              "anyOf": [
+                {
+                  "type": "string"
+                },
+                {
+                  "instanceof": "Buffer"
+                }
+              ]
+            }
+          }
         }
       ]
     },
@@ -166,16 +195,6 @@
         }
       ]
     },
-    "key": {
-      "anyOf": [
-        {
-          "type": "string"
-        },
-        {
-          "instanceof": "Buffer"
-        }
-      ]
-    },
     "liveReload": {
       "type": "boolean"
     },
@@ -242,19 +261,6 @@
         }
       ]
     },
-    "pfx": {
-      "anyOf": [
-        {
-          "type": "string"
-        },
-        {
-          "instanceof": "Buffer"
-        }
-      ]
-    },
-    "pfxPassphrase": {
-      "type": "string"
-    },
     "port": {
       "anyOf": [
         {
@@ -419,8 +425,6 @@
       "allowedHosts": "should be {Array} (https://webpack.js.org/configuration/dev-server/#devserverallowedhosts)",
       "before": "should be {Function} (https://webpack.js.org/configuration/dev-server/#devserverbefore)",
       "bonjour": "should be {Boolean} (https://webpack.js.org/configuration/dev-server/#devserverbonjour)",
-      "ca": "should be {String|Buffer}",
-      "cert": "should be {String|Buffer}",
       "clientLogLevel": "should be {String} and equal to one of the allowed values\n\n [ 'none', 'silent', 'info', 'debug', 'trace', 'error', 'warning', 'warn' ]\n\n (https://webpack.js.org/configuration/dev-server/#devserverclientloglevel)",
       "compress": "should be {Boolean} (https://webpack.js.org/configuration/dev-server/#devservercompress)",
       "contentBase": "should be {Number|String|Array} (https://webpack.js.org/configuration/dev-server/#devservercontentbase)",
@@ -436,7 +440,6 @@
       "index": "should be {String} (https://webpack.js.org/configuration/dev-server/#devserverindex)",
       "injectClient": "should be {Boolean|Function} (https://webpack.js.org/configuration/dev-server/#devserverinjectclient)",
       "injectHot": "should be {Boolean|Function} (https://webpack.js.org/configuration/dev-server/#devserverinjecthot)",
-      "key": "should be {String|Buffer}",
       "liveReload": "should be {Boolean} (https://webpack.js.org/configuration/dev-server/#devserverlivereload-)",
       "log": "should be {Function}",
       "logLevel": "should be {String} and equal to one of the allowed values\n\n [ 'info', 'warn', 'error', 'debug', 'trace', 'silent' ]\n\n (https://github.com/webpack/webpack-dev-middleware#loglevel)",
@@ -447,8 +450,6 @@
       "open": "should be {String|Boolean|Object} (https://webpack.js.org/configuration/dev-server/#devserveropen)",
       "openPage": "should be {String|Array} (https://webpack.js.org/configuration/dev-server/#devserveropenpage)",
       "overlay": "should be {Boolean|Object} (https://webpack.js.org/configuration/dev-server/#devserveroverlay)",
-      "pfx": "should be {String|Buffer} (https://webpack.js.org/configuration/dev-server/#devserverpfx)",
-      "pfxPassphrase": "should be {String} (https://webpack.js.org/configuration/dev-server/#devserverpfxpassphrase)",
       "port": "should be {Number|String|Null} (https://webpack.js.org/configuration/dev-server/#devserverport)",
       "profile": "should be {Boolean} (https://webpack.js.org/configuration/dev-server/#devserverprofile)",
       "progress": "should be {Boolean} (https://webpack.js.org/configuration/dev-server/#devserverprogress---cli-only)",

examples/cli/https/test_cert.pfx

@@ -151,26 +151,6 @@ function createConfig(config, argv, { port }) {
     options.http2 = true;
   }
 
-  if (argv.key) {
-    options.key = argv.key;
-  }
-
-  if (argv.cert) {
-    options.cert = argv.cert;
-  }
-
-  if (argv.cacert) {
-    options.ca = argv.cacert;
-  }
-
-  if (argv.pfx) {
-    options.pfx = argv.pfx;
-  }
-
-  if (argv.pfxPassphrase) {
-    options.pfxPassphrase = argv.pfxPassphrase;
-  }
-
   if (argv.historyApiFallback) {
     options.historyApiFallback = true;
   }

examples/cli/https/webpack.config.js

@@ -37,5 +37,5 @@ exports[`Validation validation should fail validation for invalid \`writeToDisk\
 exports[`Validation validation should fail validation for no additional properties 1`] = `
 "Invalid configuration object. Object has been initialized using a configuration object that does not match the API schema.
  - configuration has an unknown property 'additional'. These properties are valid:
-   object { after?, allowedHosts?, before?, bonjour?, ca?, cert?, clientLogLevel?, compress?, contentBasePublicPath?, contentBase?, disableHostCheck?, features?, fs?, headers?, historyApiFallback?, host?, hot?, http2?, https?, index?, injectClient?, injectHot?, key?, liveReload?, log?, logLevel?, logTime?, mimeTypes?, noInfo?, onListening?, open?, openPage?, overlay?, pfx?, pfxPassphrase?, port?, profile?, progress?, proxy?, public?, publicPath?, quiet?, reporter?, requestCert?, serveIndex?, serverSideRender?, setup?, sockHost?, sockPath?, sockPort?, socket?, staticOptions?, stats?, transportMode?, useLocalIp?, warn?, watchContentBase?, watchOptions?, writeToDisk? }"
+   object { after?, allowedHosts?, before?, bonjour?, clientLogLevel?, compress?, contentBasePublicPath?, contentBase?, disableHostCheck?, features?, fs?, headers?, historyApiFallback?, host?, hot?, http2?, https?, index?, injectClient?, injectHot?, liveReload?, log?, logLevel?, logTime?, mimeTypes?, noInfo?, onListening?, open?, openPage?, overlay?, port?, profile?, progress?, proxy?, public?, publicPath?, quiet?, reporter?, requestCert?, serveIndex?, serverSideRender?, setup?, sockHost?, sockPath?, sockPort?, socket?, staticOptions?, stats?, transportMode?, useLocalIp?, warn?, watchContentBase?, watchOptions?, writeToDisk? }"
 `;