Skip to content

Ensure SSL_CERT_DIR messages are always shown and check for existing value#16

Open
tomerqodo wants to merge 6 commits intocopilot_combined_20260121_qodo_grep_cursor_copilot_1_base_ensure_ssl_cert_dir_messages_are_always_shown_and_check_for_existing_value_pr82from
copilot_combined_20260121_qodo_grep_cursor_copilot_1_head_ensure_ssl_cert_dir_messages_are_always_shown_and_check_for_existing_value_pr82
Open

Ensure SSL_CERT_DIR messages are always shown and check for existing value#16
tomerqodo wants to merge 6 commits intocopilot_combined_20260121_qodo_grep_cursor_copilot_1_base_ensure_ssl_cert_dir_messages_are_always_shown_and_check_for_existing_value_pr82from
copilot_combined_20260121_qodo_grep_cursor_copilot_1_head_ensure_ssl_cert_dir_messages_are_always_shown_and_check_for_existing_value_pr82

Conversation

@tomerqodo
Copy link
Copy Markdown

Benchmark PR from qodo-benchmark#82

Copilot AI review requested due to automatic review settings January 21, 2026 18:08
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request modifies the dotnet-dev-certs tool to ensure SSL_CERT_DIR-related messages are always shown (not just in verbose mode) and adds logic to check if SSL_CERT_DIR already contains the required certificate directory path.

Changes:

  • Modified event listener initialization to enable LogAlways events even in non-verbose mode
  • Added logic to check if SSL_CERT_DIR environment variable already includes the certificate directory
  • Updated event messages to include proper quoting in shell command examples
  • Refactored NssDb class from primary constructor to traditional constructor pattern

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
src/Tools/dotnet-dev-certs/src/Program.cs Moved listener initialization outside verbose check and added else branch to enable LogAlways events; removed trailing whitespace
src/Shared/CertificateGeneration/UnixCertificateManager.cs Added SSL_CERT_DIR validation logic to detect if cert directory is already configured; refactored NssDb class constructor
src/Shared/CertificateGeneration/CertificateManager.cs Updated event message formatting to include quotes in export examples; added new events for SSL_CERT_DIR status messages

if (!string.IsNullOrEmpty(existingSslCertDir))
{
var existingDirs = existingSslCertDir.Split(Path.PathSeparator);
var certDirFullPath = Path.GetFullPath(prettyCertDir);
Copy link

Copilot AI Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The variable prettyCertDir contains a shell variable substitution like "$HOME/.aspnet/dev-certs/trust" for display purposes. Calling Path.GetFullPath(prettyCertDir) on this string will not resolve the shell variable and will likely produce an incorrect path (treating "$HOME" as a literal directory name). This should use certDir instead, which contains the actual full path resolved from homeDirectory.

Suggested change
var certDirFullPath = Path.GetFullPath(prettyCertDir);
var certDirFullPath = Path.GetFullPath(certDir);

Copilot uses AI. Check for mistakes.
Comment on lines +994 to +1006
private sealed class NssDb
{
public string Path => path;
public bool IsFirefox => isFirefox;
private readonly string _path;
private readonly bool _isFirefox;

public NssDb(string path, bool isFirefox)
{
_path = path;
_isFirefox = isFirefox;
}

public string Path => _path;
public bool IsFirefox => _isFirefox;
Copy link

Copilot AI Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The primary constructor syntax private sealed class NssDb(string path, bool isFirefox) is a C# 12 feature that was replaced with a traditional constructor. However, the current C# version should support primary constructors. This change removes the more concise primary constructor pattern without clear justification. Consider keeping the original primary constructor syntax unless there's a specific reason to avoid it.

Copilot uses AI. Check for mistakes.

try
{
return string.Equals(Path.GetFullPath(dir), certDirFullPath, StringComparison.OrdinalIgnoreCase);
Copy link

Copilot AI Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unix file systems are typically case-sensitive, but StringComparison.OrdinalIgnoreCase is used for path comparison. This could lead to false positives when comparing paths. Consider using StringComparison.Ordinal instead for case-sensitive path comparison on Unix systems.

Suggested change
return string.Equals(Path.GetFullPath(dir), certDirFullPath, StringComparison.OrdinalIgnoreCase);
return string.Equals(Path.GetFullPath(dir), certDirFullPath, StringComparison.Ordinal);

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants