MCPcopy
hub / github.com/claude-code-best/claude-code / getExtraCertsPathFromConfig

Function getExtraCertsPathFromConfig

src/utils/caCertsConfig.ts:59–88  ·  view source on GitHub ↗

* Read NODE_EXTRA_CA_CERTS from settings/config as a fallback. * * NODE_EXTRA_CA_CERTS is categorized as a non-safe env var (it allows * trusting attacker-controlled servers), so it's only applied to process.env * after the trust dialog. But we need the CA cert early to establish the TLS * conn

()

Source from the content-addressed store, hash-verified

57 * require trust approval.
58 */
59function getExtraCertsPathFromConfig(): string | undefined {
60 try {
61 const globalConfig = getGlobalConfig()
62 const globalEnv = globalConfig?.env
63 // Only read from user-controlled settings (~/.claude/settings.json),
64 // not project-level settings, to prevent malicious projects from
65 // injecting CA certs before the trust dialog.
66 const settings = getSettingsForSource('userSettings')
67 const settingsEnv = settings?.env
68
69 logForDebugging(
70 `CA certs: Config fallback - globalEnv keys: ${globalEnv ? Object.keys(globalEnv).join(',') : 'none'}, settingsEnv keys: ${settingsEnv ? Object.keys(settingsEnv).join(',') : 'none'}`,
71 )
72
73 // Settings override global config (same precedence as applyConfigEnvironmentVariables)
74 const path =
75 settingsEnv?.NODE_EXTRA_CA_CERTS || globalEnv?.NODE_EXTRA_CA_CERTS
76 if (path) {
77 logForDebugging(
78 `CA certs: Found NODE_EXTRA_CA_CERTS in config/settings: ${path}`,
79 )
80 }
81 return path
82 } catch (error) {
83 logForDebugging(`CA certs: Config fallback failed: ${error}`, {
84 level: 'error',
85 })
86 return undefined
87 }
88}

Callers 1

Calls 4

getGlobalConfigFunction · 0.85
getSettingsForSourceFunction · 0.85
logForDebuggingFunction · 0.70
keysMethod · 0.65

Tested by

no test coverage detected