Skip to content

docs: bring back certfile #8582

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 19, 2025
Merged

docs: bring back certfile #8582

merged 1 commit into from
Sep 19, 2025

Conversation

jenseng
Copy link
Contributor

@jenseng jenseng commented Sep 19, 2025
edited
Loading

Partial revert of #7947

certfile and cafile are both valid, and are used for different things:

  • certfile is the path to the certificate file. It's used for mutual TLS and represents the client's certificate (supersedes the deprecated cert, and complements keyfile).
  • cafile is the path to the certificate authority file. It's used to verify the authenticity of the registry's certificate.

Also clarify that keyfile and certfile must be scoped to a registry.

@jenseng
docs: bring back certfile
97980b7 
partial revert of 2af31dd

cafile and certfile are both valid and mean different things

- certfile is the path to the certificate file (complements keyfile)
- cafile is the path to the certificate authority file

also clarify that keyfile and certfile must be scoped to a registry
@jenseng jenseng marked this pull request as ready for review September 19, 2025 01:11
@jenseng jenseng requested a review from a team as a code owner September 19, 2025 01:11
@wraithgar
Copy link
Member

This is a good start, and worth landing as-is. There is a bit of a weird gray area for certfile and keyfile in that they are allowed as nerf-dart configs but they have no actual definition or validation. Normally that's not a huge concern because they aren't things users normally set via npm config. But these ones are. Additionally it means we can't show them on our auto generated config docs or in any help output.

Somewhere on our long backlog we should consider making this a less opaque setup.

@wraithgar wraithgar merged commit 7a09902 into npm:latest Sep 19, 2025
40 checks passed
@github-actions github-actions bot mentioned this pull request Sep 19, 2025
Merged
@npm-cli-bot npm-cli-bot mentioned this pull request Sep 25, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wraithgar wraithgar wraithgar approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jenseng @wraithgar