Skip to content

feat(tls-create-secure-pair-deprecation): handle Node.js DEP0064 migration #266

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat(tls-create-secure-pair-deprecation): handle Node.js DEP0064 migration #266

wants to merge 3 commits into from

Conversation

@technologic-technologic
Copy link

@technologic-technologic technologic-technologic commented Nov 6, 2025

This pull request implements the codemod to replace deprecated tls.createSecurePair() with TLSSocket, addressing DEP0064.

Changes included:

  • Updated the codemod workflow to transform createSecurePair(...) into new TLSSocket(underlyingSocket, {...}), preserving tls.TLSSocket for namespace usage.
  • Rewrote imports to replace { createSecurePair } with { TLSSocket } in CJS/ESM (keeps namespace imports intact).
  • Renamed assigned variables pairsocket where applicable.
  • Added tests for cjs/esm (destructured, namespace, flags, and mixed symbols).
  • Ensured idempotent runs and minimal, repo-style edits.
  • Added README.md and package.json metadata.
  • Added tests for assigned variables, destructured imports.

This PR is part of the feature branch feat/tls-createSecurePair-to-TLSSocket.

AugustinMauroy
AugustinMauroy reviewed Nov 6, 2025
View reviewed changes
recipes/tls-create-secure-pair-to-tls-socket/README.md
Comment on lines +9 to +120
### Case 1: Basic `createSecurePair` usage

**Before:**
```js
const { createSecurePair } = require('node:tls');

const pair = createSecurePair(credentials);
```

**After:**
```js
const { TLSSocket } = require('node:tls');

const socket = new TLSSocket(underlyingSocket, { secureContext: credentials });
```

---

### Case 2: Namespace import

**Before:**
```js
const tls = require('node:tls');

const pair = tls.createSecurePair(credentials);
```

**After:**
```js
const tls = require('node:tls');

const socket = new tls.TLSSocket(underlyingSocket, { secureContext: credentials });
```

---

### Case 3: With server context

**Before:**
```js
const { createSecurePair } = require('node:tls');

const pair = createSecurePair(credentials, true, true, false);
```

**After:**
```js
const { TLSSocket } = require('node:tls');

const socket = new TLSSocket(underlyingSocket, {
secureContext: credentials,
isServer: true,
requestCert: true,
rejectUnauthorized: false
});
```

---

### Case 4: ESM import

**Before:**
```js
import { createSecurePair } from 'node:tls';

const pair = createSecurePair(credentials);
```

**After:**
```js
import { TLSSocket } from 'node:tls';

const socket = new TLSSocket(underlyingSocket, { secureContext: credentials });
```

---

### Case 5: ESM namespace import

**Before:**
```js
import * as tls from 'node:tls';

const pair = tls.createSecurePair(credentials);
```

**After:**
```js
import * as tls from 'node:tls';

const socket = new tls.TLSSocket(underlyingSocket, { secureContext: credentials });
```

---

### Case 6: Mixed usage with other TLS functions

**Before:**
```js
const { createSecurePair, createServer } = require('node:tls');

const pair = createSecurePair(credentials);
const server = createServer(options);
```

**After:**
```js
const { TLSSocket, createServer } = require('node:tls');

const socket = new TLSSocket(underlyingSocket, { secureContext: credentials });
const server = createServer(options);
```
Copy link
Member

@AugustinMauroy AugustinMauroy Nov 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Case 1: Basic `createSecurePair` usage
**Before:**
```js
const { createSecurePair } = require('node:tls');
const pair = createSecurePair(credentials);
```
**After:**
```js
const { TLSSocket } = require('node:tls');
const socket = new TLSSocket(underlyingSocket, { secureContext: credentials });
```
---
### Case 2: Namespace import
**Before:**
```js
const tls = require('node:tls');
const pair = tls.createSecurePair(credentials);
```
**After:**
```js
const tls = require('node:tls');
const socket = new tls.TLSSocket(underlyingSocket, { secureContext: credentials });
```
---
### Case 3: With server context
**Before:**
```js
const { createSecurePair } = require('node:tls');
const pair = createSecurePair(credentials, true, true, false);
```
**After:**
```js
const { TLSSocket } = require('node:tls');
const socket = new TLSSocket(underlyingSocket, {
secureContext: credentials,
isServer: true,
requestCert: true,
rejectUnauthorized: false
});
```
---
### Case 4: ESM import
**Before:**
```js
import { createSecurePair } from 'node:tls';
const pair = createSecurePair(credentials);
```
**After:**
```js
import { TLSSocket } from 'node:tls';
const socket = new TLSSocket(underlyingSocket, { secureContext: credentials });
```
---
### Case 5: ESM namespace import
**Before:**
```js
import * as tls from 'node:tls';
const pair = tls.createSecurePair(credentials);
```
**After:**
```js
import * as tls from 'node:tls';
const socket = new tls.TLSSocket(underlyingSocket, { secureContext: credentials });
```
---
### Case 6: Mixed usage with other TLS functions
**Before:**
```js
const { createSecurePair, createServer } = require('node:tls');
const pair = createSecurePair(credentials);
const server = createServer(options);
```
**After:**
```js
const { TLSSocket, createServer } = require('node:tls');
const socket = new TLSSocket(underlyingSocket, { secureContext: credentials });
const server = createServer(options);
```
```dif
-import { createSecurePair } from 'node:tls';
-
-const pair = createSecurePair(credentials);
+import { TLSSocket } from 'node:tls';
+
+// provide an underlying socket (e.g. a net.Socket or existing stream)
+const socket = new TLSSocket(underlyingSocket, { secureContext: credentials });
```
```
we should start using diff

@AugustinMauroy
Copy link
Member

AugustinMauroy commented Nov 6, 2025
edited
Loading

npm i on root should update the lock file and fix the ci

Missing import test case

  • défaut import ESM
  • ESM dynamic import

AugustinMauroy
AugustinMauroy reviewed Nov 6, 2025
View reviewed changes
recipes/tls-create-secure-pair-to-tls-socket/src/workflow.ts
Comment on lines +12 to +15
...getNodeImportStatements(root, 'node:tls'),
...getNodeImportStatements(root, 'tls'),
...getNodeRequireCalls(root, 'node:tls'),
...getNodeRequireCalls(root, 'tls'),
Copy link
Member

@AugustinMauroy AugustinMauroy Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
...getNodeImportStatements(root, 'node:tls'),
...getNodeImportStatements(root, 'tls'),
...getNodeRequireCalls(root, 'node:tls'),
...getNodeRequireCalls(root, 'tls'),
...getNodeImportStatements(root, 'tls'),
...getNodeRequireCalls(root, 'tls'),

Theses function handle the node: prefix 😁

AugustinMauroy
AugustinMauroy reviewed Nov 6, 2025
View reviewed changes
recipes/tls-create-secure-pair-to-tls-socket/src/workflow.ts
Comment on lines +163 to +164
const src = /node:tls/.test(code) ? 'node:tls' : 'tls';
const rebuilt = `const { ${kept.join(', ')} } = require('${src}');`;
Copy link
Member

@AugustinMauroy AugustinMauroy Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
const src = /node:tls/.test(code) ? 'node:tls' : 'tls';
const rebuilt = `const { ${kept.join(', ')} } = require('${src}');`;
const rebuilt = `const { ${kept.join(', ')} } = require('node:tls');`;

we can enforce node:tls prefix

AugustinMauroy
AugustinMauroy reviewed Nov 6, 2025
View reviewed changes
recipes/tls-create-secure-pair-to-tls-socket/src/workflow.ts

for (const stmt of tlsStmts) {
const code = stmt.text();
if (/\bimport\s+\*\s+as\s+\w+\s+from\s+['"](tls|node:tls)['"]/.test(code)) continue;
Copy link
Member

@AugustinMauroy AugustinMauroy Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤯

This part use too much ReGex, you should use more AST than regex. Because AST is more safe dude to the predictability.

If you need to visualize/test astrology query you can use ast-grep playground

So an ast query look like that:

const statement = root.findAll({
		rule: {
			pattern: `${base}.propriety`,
			not: {
				inside: {
					kind: "assignment_expression",
					has: {
						kind: "member_expression",
						pattern: `${base}.fips`,
					},
				},
			},
		},
	});

Copy link
Author

@technologic-technologic technologic-technologic Nov 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I get it, working on all these topics :)
👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AugustinMauroy AugustinMauroy AugustinMauroy left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat: handle tls.createSecurePair() depreciation

2 participants

@technologic-technologic @AugustinMauroy