starred/pkl
1
0
Fork 0
mirror of https://github.com/apple/pkl.git synced 2026-01-13 23:23:37 +01:00
Code Issues 198 Packages Projects Releases 10 Wiki Activity

[PR #518] [MERGED] Update: Improve handling of CA certificates #597

New Issue
Closed
opened 2025-12-30 01:25:34 +01:00 by adam · 0 comments
adam commented 2025-12-30 01:25:34 +01:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/apple/pkl/pull/518
Author: @bioball
Created: 6/11/2024
Status: Merged
Merged: 6/13/2024
Merged by: @bioball

Base: mainHead: dan-improve-certs

📝 Commits (9)

  • b4d5f93 Improve handling of CA certificates
  • 3c91cef Ensure that OCSP is enabled for all CLIs
  • f40fdc3 Remove ability to load CA certificate file via jar: or file: URI
  • e07268c Rename certificateFiles to certificatePaths
  • d294f03 Fix test
  • 38cfa24 Adjustments
  • 6a01eb8 Fix rebase woes, address PR comments
  • a10a221 Fix codec, add test
  • 62e7011 Spotless apply

📊 Changes

28 files changed (+236 additions, -271 deletions)

View changed files

📝 docs/modules/bindings-specification/pages/message-passing-api.adoc (+23 -16)
pkl-certs/pkl-certs.gradle.kts (+0 -19)
📝 pkl-cli/pkl-cli.gradle.kts (+37 -1)
📝 pkl-cli/src/certs/resources/PklCARoots.pem (+0 -0)
📝 pkl-cli/src/test/kotlin/org/pkl/cli/CliEvaluatorTest.kt (+3 -6)
📝 pkl-commons-cli/pkl-commons-cli.gradle.kts (+0 -1)
📝 pkl-commons-cli/src/main/kotlin/org/pkl/commons/cli/CliCommand.kt (+9 -0)
📝 pkl-commons-cli/src/main/kotlin/org/pkl/commons/cli/CliMain.kt (+3 -0)
📝 pkl-commons-test/pkl-commons-test.gradle.kts (+0 -1)
📝 pkl-commons-test/src/main/kotlin/org/pkl/commons/test/FileTestUtils.kt (+0 -5)
📝 pkl-core/src/main/java/org/pkl/core/http/HttpClient.java (+9 -36)
📝 pkl-core/src/main/java/org/pkl/core/http/HttpClientBuilder.java (+8 -57)
📝 pkl-core/src/main/java/org/pkl/core/http/JdkHttpClient.java (+12 -18)
📝 pkl-core/src/main/java/org/pkl/core/service/ExecutorSpiImpl.java (+15 -16)
📝 pkl-core/src/test/kotlin/org/pkl/core/http/HttpClientTest.kt (+8 -48)
📝 pkl-core/src/test/kotlin/org/pkl/core/http/LazyHttpClientTest.kt (+10 -4)
📝 pkl-core/src/test/kotlin/org/pkl/core/project/ProjectDependenciesResolverTest.kt (+0 -1)
pkl-core/src/test/resources/org/pkl/core/http/brokenCerts.pem (+0 -1)
pkl-core/src/test/resources/org/pkl/core/http/emptyCerts.pem (+0 -0)
📝 pkl-executor/src/main/java/org/pkl/executor/ExecutorOptions.java (+16 -20)

...and 8 more files

📄 Description

These are changes made on top of https://github.com/apple/pkl/pull/378. Thanks to @translatenix for doing most of the work here!

Changes on top of the original PR:

  • Add ability to set CA certificates as a byte array
  • Add CA certificates option to message passing API
  • Revert logic to treat --ca-certificate flag as either directory or file

Closes #378

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/apple/pkl/pull/518 **Author:** [@bioball](https://github.com/bioball) **Created:** 6/11/2024 **Status:** ✅ Merged **Merged:** 6/13/2024 **Merged by:** [@bioball](https://github.com/bioball) **Base:** `main` ← **Head:** `dan-improve-certs` --- ### 📝 Commits (9) - [`b4d5f93`](https://github.com/apple/pkl/commit/b4d5f9355b687ce4c29ee53177f5d04866897816) Improve handling of CA certificates - [`3c91cef`](https://github.com/apple/pkl/commit/3c91cef5b715a3a1ea66cf49198ae4b40248487c) Ensure that OCSP is enabled for all CLIs - [`f40fdc3`](https://github.com/apple/pkl/commit/f40fdc31aa6d59398e5d4dfff169d0577d54b020) Remove ability to load CA certificate file via jar: or file: URI - [`e07268c`](https://github.com/apple/pkl/commit/e07268ce426b0fa96144bb909be05869da8d8fba) Rename certificateFiles to certificatePaths - [`d294f03`](https://github.com/apple/pkl/commit/d294f03ecf6f504c8a3d839c4870cce04bc6b2b9) Fix test - [`38cfa24`](https://github.com/apple/pkl/commit/38cfa245601e10546452174fd7558df7229c18e9) Adjustments - [`6a01eb8`](https://github.com/apple/pkl/commit/6a01eb8ee09c85df96f593ff24a92d0f164baae1) Fix rebase woes, address PR comments - [`a10a221`](https://github.com/apple/pkl/commit/a10a221a99a6bb3c6c3d7f121d816f2db7f09581) Fix codec, add test - [`62e7011`](https://github.com/apple/pkl/commit/62e7011328c30f4c7b10999522cc753f05671816) Spotless apply ### 📊 Changes **28 files changed** (+236 additions, -271 deletions) <details> <summary>View changed files</summary> 📝 `docs/modules/bindings-specification/pages/message-passing-api.adoc` (+23 -16) ➖ `pkl-certs/pkl-certs.gradle.kts` (+0 -19) 📝 `pkl-cli/pkl-cli.gradle.kts` (+37 -1) 📝 `pkl-cli/src/certs/resources/PklCARoots.pem` (+0 -0) 📝 `pkl-cli/src/test/kotlin/org/pkl/cli/CliEvaluatorTest.kt` (+3 -6) 📝 `pkl-commons-cli/pkl-commons-cli.gradle.kts` (+0 -1) 📝 `pkl-commons-cli/src/main/kotlin/org/pkl/commons/cli/CliCommand.kt` (+9 -0) 📝 `pkl-commons-cli/src/main/kotlin/org/pkl/commons/cli/CliMain.kt` (+3 -0) 📝 `pkl-commons-test/pkl-commons-test.gradle.kts` (+0 -1) 📝 `pkl-commons-test/src/main/kotlin/org/pkl/commons/test/FileTestUtils.kt` (+0 -5) 📝 `pkl-core/src/main/java/org/pkl/core/http/HttpClient.java` (+9 -36) 📝 `pkl-core/src/main/java/org/pkl/core/http/HttpClientBuilder.java` (+8 -57) 📝 `pkl-core/src/main/java/org/pkl/core/http/JdkHttpClient.java` (+12 -18) 📝 `pkl-core/src/main/java/org/pkl/core/service/ExecutorSpiImpl.java` (+15 -16) 📝 `pkl-core/src/test/kotlin/org/pkl/core/http/HttpClientTest.kt` (+8 -48) 📝 `pkl-core/src/test/kotlin/org/pkl/core/http/LazyHttpClientTest.kt` (+10 -4) 📝 `pkl-core/src/test/kotlin/org/pkl/core/project/ProjectDependenciesResolverTest.kt` (+0 -1) ➖ `pkl-core/src/test/resources/org/pkl/core/http/brokenCerts.pem` (+0 -1) ➖ `pkl-core/src/test/resources/org/pkl/core/http/emptyCerts.pem` (+0 -0) 📝 `pkl-executor/src/main/java/org/pkl/executor/ExecutorOptions.java` (+16 -20) _...and 8 more files_ </details> ### 📄 Description These are changes made on top of https://github.com/apple/pkl/pull/378. Thanks to @translatenix for doing most of the work here! Changes on top of the original PR: * Add ability to set CA certificates as a byte array * Add CA certificates option to message passing API * Revert logic to treat `--ca-certificate` flag as either directory or file Closes #378 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
adam added the pull-request label 2025-12-30 01:25:34 +01:00
adam closed this issue 2025-12-30 01:25:34 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
duplicate
enhancement
good first issue
help wanted
pull-request
Mirrored from GitHub Pull Request
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pkl#597
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?