SonarSource · Sep 16, 2024 · Sep 18, 2024
Showing with 10 additions and 19 deletions.

+2 −2 package-lock.json

+1 −1 package.json

+3 −12 src/proxy.ts

+1 −1 test/unit/proxy.test.ts

+3 −3 test/unit/request.test.ts
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "sonarqube-scanner",
   "description": "SonarQube/SonarCloud Scanner for the JavaScript world",
-  "version": "4.2.2",
+  "version": "4.2.3",
   "homepage": "https://github.com/SonarSource/sonar-scanner-npm",
   "author": {
     "name": "Fabrice Bellingard",

diff --git a/src/proxy.ts b/src/proxy.ts
@@ -21,24 +21,15 @@ import { URL } from 'url';
 import { LogLevel, log } from './logging';
 import { ScannerProperties, ScannerProperty } from './types';
 
-const DEFAULT_HTTPS_PROXY_PORT = 443;
-const DEFAULT_HTTP_PROXY_PORT = 80;
-
 export function getProxyUrl(properties: ScannerProperties): URL | undefined {
   const proxyHost = properties[ScannerProperty.SonarScannerProxyHost];
-  const serverUsesHttps = properties[ScannerProperty.SonarHostUrl].startsWith('https');
 
   if (proxyHost) {
-    // We assume that the proxy protocol is the same as the endpoint.
-    const protocol = serverUsesHttps ? 'https' : 'http';
-    const proxyPort =
-      properties[ScannerProperty.SonarScannerProxyPort] ??
-      (serverUsesHttps ? DEFAULT_HTTPS_PROXY_PORT : DEFAULT_HTTP_PROXY_PORT);
+    const proxyPort = properties[ScannerProperty.SonarScannerProxyPort] ?? '80';
     const proxyUser = properties[ScannerProperty.SonarScannerProxyUser] ?? '';
     const proxyPassword = properties[ScannerProperty.SonarScannerProxyPassword] ?? '';
-    const proxyUrl = new URL(
-      `${protocol}://${proxyUser}:${proxyPassword}@${proxyHost}:${proxyPort}`,
-    );
+    // SCANNPM-47 We assume the proxy is HTTP. HTTPS proxies are not supported by the scanner yet (CONNECT over TLS)
+    const proxyUrl = new URL(`http://${proxyUser}:${proxyPassword}@${proxyHost}:${proxyPort}`);
     log(LogLevel.DEBUG, `Detecting proxy: ${proxyUrl}`);
     return proxyUrl;
   } else if (

diff --git a/test/unit/proxy.test.ts b/test/unit/proxy.test.ts
@@ -58,7 +58,7 @@ describe('proxy', () => {
       };
       getProxyUrl(properties);
 
-      expect(getProxyUrl(properties)?.toString()).toBe('https://some-proxy.io/');
+      expect(getProxyUrl(properties)?.toString()).toBe('http://some-proxy.io/');
     });
 
     it('should detect proxy with host and port', () => {

diff --git a/test/unit/request.test.ts b/test/unit/request.test.ts
@@ -45,9 +45,9 @@ describe('request', () => {
           [ScannerProperty.SonarScannerProxyHost]: 'proxy.com',
         });
         expect(agents.httpAgent).toBeInstanceOf(HttpProxyAgent);
-        expect(agents.httpAgent?.proxy.toString()).toBe('https://proxy.com/');
+        expect(agents.httpAgent?.proxy.toString()).toBe('http://proxy.com/');
         expect(agents.httpsAgent).toBeInstanceOf(HttpsProxyAgent);
-        expect(agents.httpsAgent?.proxy.toString()).toBe('https://proxy.com/');
+        expect(agents.httpsAgent?.proxy.toString()).toBe('http://proxy.com/');
       });
 
       it('should not define agents when no proxy is provided', async () => {
@@ -160,7 +160,7 @@ describe('request', () => {
       expect(ca).toContain(certificatePem);
       expect(httpsAgent?.options.pfx).toEqual(fsExtra.readFileSync(keystorePath));
       expect(httpsAgent?.options.passphrase).toBe(keystorePass);
-      expect(httpsAgent?.proxy.toString()).toBe('https://proxy.com/');
+      expect(httpsAgent?.proxy.toString()).toBe('http://proxy.com/');
     });
   });