first commit

node_modules/@expo/devcert/dist/certificate-authority.d.ts

@@ -0,0 +1,34 @@
+import { Options } from './index';
+/**
+ * Install the once-per-machine trusted root CA. We'll use this CA to sign
+ * per-app certs.
+ */
+export default function installCertificateAuthority(options?: Options): Promise<void>;
+export declare function withCertificateAuthorityCredentials(cb: ({ caKeyPath, caCertPath }: {
+    caKeyPath: string;
+    caCertPath: string;
+}) => Promise<void> | void): Promise<void>;
+/**
+ * Smoothly migrate the certificate storage from v1.0.x to >= v1.1.0.
+ * In v1.1.0 there are new options for retrieving the CA cert directly,
+ * to help third-party Node apps trust the root CA.
+ *
+ * If a v1.0.x cert already exists, then devcert has written it with
+ * platform.writeProtectedFile(), so an unprivileged readFile cannot access it.
+ * Pre-detect and remedy this; it should only happen once per installation.
+ */
+export declare function ensureCACertReadable(options?: Options): Promise<void>;
+/**
+ * Remove as much of the devcert files and state as we can. This is necessary
+ * when generating a new root certificate, and should be available to API
+ * consumers as well.
+ *
+ * Not all of it will be removable. If certutil is not installed, we'll leave
+ * Firefox alone. We try to remove files with maximum permissions, and if that
+ * fails, we'll silently fail.
+ *
+ * It's also possible that the command to untrust will not work, and we'll
+ * silently fail that as well; with no existing certificates anymore, the
+ * security exposure there is minimal.
+ */
+export declare function uninstall(): Promise<void>;

node_modules/@expo/devcert/dist/certificates.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Generate a domain certificate signed by the devcert root CA. Domain
+ * certificates are cached in their own directories under
+ * CONFIG_ROOT/domains/<domain>, and reused on subsequent requests. Because the
+ * individual domain certificates are signed by the devcert root CA (which was
+ * added to the OS/browser trust stores), they are trusted.
+ */
+export default function generateDomainCertificate(domain: string): Promise<void>;
+export declare function generateKey(filename: string): void;

node_modules/@expo/devcert/dist/certificates.js

@@ -0,0 +1,46 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = generateDomainCertificate;
+exports.generateKey = generateKey;
+// import path from 'path';
+const debug_1 = __importDefault(require("debug"));
+const fs_1 = __importDefault(require("fs"));
+const constants_1 = require("./constants");
+const utils_1 = require("./utils");
+const certificate_authority_1 = require("./certificate-authority");
+const debug = (0, debug_1.default)('devcert:certificates');
+/**
+ * Generate a domain certificate signed by the devcert root CA. Domain
+ * certificates are cached in their own directories under
+ * CONFIG_ROOT/domains/<domain>, and reused on subsequent requests. Because the
+ * individual domain certificates are signed by the devcert root CA (which was
+ * added to the OS/browser trust stores), they are trusted.
+ */
+async function generateDomainCertificate(domain) {
+    await fs_1.default.promises.mkdir((0, constants_1.pathForDomain)(domain), { recursive: true });
+    debug(`Generating private key for ${domain}`);
+    let domainKeyPath = (0, constants_1.pathForDomain)(domain, 'private-key.key');
+    generateKey(domainKeyPath);
+    debug(`Generating certificate signing request for ${domain}`);
+    let csrFile = (0, constants_1.pathForDomain)(domain, `certificate-signing-request.csr`);
+    (0, constants_1.withDomainSigningRequestConfig)(domain, (configpath) => {
+        (0, utils_1.openssl)(['req', '-new', '-config', configpath, '-key', domainKeyPath, '-out', csrFile]);
+    });
+    debug(`Generating certificate for ${domain} from signing request and signing with root CA`);
+    let domainCertPath = (0, constants_1.pathForDomain)(domain, `certificate.crt`);
+    await (0, certificate_authority_1.withCertificateAuthorityCredentials)(({ caKeyPath, caCertPath }) => {
+        (0, constants_1.withDomainCertificateConfig)(domain, (domainCertConfigPath) => {
+            (0, utils_1.openssl)(['ca', '-config', domainCertConfigPath, '-in', csrFile, '-out', domainCertPath, '-keyfile', caKeyPath, '-cert', caCertPath, '-days', '825', '-batch']);
+        });
+    });
+}
+// Generate a cryptographic key, used to sign certificates or certificate signing requests.
+function generateKey(filename) {
+    debug(`generateKey: ${filename}`);
+    (0, utils_1.openssl)(['genrsa', '-out', filename, '2048']);
+    fs_1.default.chmodSync(filename, 400);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydGlmaWNhdGVzLmpzIiwic291cmNlUm9vdCI6Ii4vIiwic291cmNlcyI6WyJjZXJ0aWZpY2F0ZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFnQkEsNENBcUJDO0FBR0Qsa0NBSUM7QUE1Q0QsMkJBQTJCO0FBQzNCLGtEQUFnQztBQUNoQyw0Q0FBb0I7QUFDcEIsMkNBQXlHO0FBQ3pHLG1DQUFrQztBQUNsQyxtRUFBOEU7QUFFOUUsTUFBTSxLQUFLLEdBQUcsSUFBQSxlQUFXLEVBQUMsc0JBQXNCLENBQUMsQ0FBQztBQUVsRDs7Ozs7O0dBTUc7QUFDWSxLQUFLLFVBQVUseUJBQXlCLENBQUMsTUFBYztJQUNwRSxNQUFNLFlBQUUsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLElBQUEseUJBQWEsRUFBQyxNQUFNLENBQUMsRUFBRSxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBRXBFLEtBQUssQ0FBQyw4QkFBK0IsTUFBTyxFQUFFLENBQUMsQ0FBQztJQUNoRCxJQUFJLGFBQWEsR0FBRyxJQUFBLHlCQUFhLEVBQUMsTUFBTSxFQUFFLGlCQUFpQixDQUFDLENBQUM7SUFDN0QsV0FBVyxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBRTNCLEtBQUssQ0FBQyw4Q0FBK0MsTUFBTyxFQUFFLENBQUMsQ0FBQztJQUNoRSxJQUFJLE9BQU8sR0FBRyxJQUFBLHlCQUFhLEVBQUMsTUFBTSxFQUFFLGlDQUFpQyxDQUFDLENBQUM7SUFDdkUsSUFBQSwwQ0FBOEIsRUFBQyxNQUFNLEVBQUUsQ0FBQyxVQUFVLEVBQUUsRUFBRTtRQUNwRCxJQUFBLGVBQU8sRUFBQyxDQUFDLEtBQUssRUFBRSxNQUFNLEVBQUUsU0FBUyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsYUFBYSxFQUFFLE1BQU0sRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDO0lBQzFGLENBQUMsQ0FBQyxDQUFDO0lBRUgsS0FBSyxDQUFDLDhCQUErQixNQUFPLGdEQUFnRCxDQUFDLENBQUM7SUFDOUYsSUFBSSxjQUFjLEdBQUcsSUFBQSx5QkFBYSxFQUFDLE1BQU0sRUFBRSxpQkFBaUIsQ0FBQyxDQUFDO0lBRTlELE1BQU0sSUFBQSwyREFBbUMsRUFBQyxDQUFDLEVBQUUsU0FBUyxFQUFFLFVBQVUsRUFBRSxFQUFFLEVBQUU7UUFDdEUsSUFBQSx1Q0FBMkIsRUFBQyxNQUFNLEVBQUUsQ0FBQyxvQkFBb0IsRUFBRSxFQUFFO1lBQzNELElBQUEsZUFBTyxFQUFDLENBQUMsSUFBSSxFQUFFLFNBQVMsRUFBRSxvQkFBb0IsRUFBRSxLQUFLLEVBQUUsT0FBTyxFQUFFLE1BQU0sRUFBRSxjQUFjLEVBQUUsVUFBVSxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsUUFBUSxDQUFDLENBQUMsQ0FBQTtRQUNoSyxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELDJGQUEyRjtBQUMzRixTQUFnQixXQUFXLENBQUMsUUFBZ0I7SUFDMUMsS0FBSyxDQUFDLGdCQUFpQixRQUFTLEVBQUUsQ0FBQyxDQUFDO0lBQ3BDLElBQUEsZUFBTyxFQUFDLENBQUMsUUFBUSxFQUFFLE1BQU0sRUFBRSxRQUFRLEVBQUUsTUFBTSxDQUFDLENBQUMsQ0FBQztJQUM5QyxZQUFFLENBQUMsU0FBUyxDQUFDLFFBQVEsRUFBRSxHQUFHLENBQUMsQ0FBQztBQUM5QixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLy8gaW1wb3J0IHBhdGggZnJvbSAncGF0aCc7XG5pbXBvcnQgY3JlYXRlRGVidWcgZnJvbSAnZGVidWcnO1xuaW1wb3J0IGZzIGZyb20gJ2ZzJztcbmltcG9ydCB7IHBhdGhGb3JEb21haW4sIHdpdGhEb21haW5TaWduaW5nUmVxdWVzdENvbmZpZywgd2l0aERvbWFpbkNlcnRpZmljYXRlQ29uZmlnIH0gZnJvbSAnLi9jb25zdGFudHMnO1xuaW1wb3J0IHsgb3BlbnNzbCB9IGZyb20gJy4vdXRpbHMnO1xuaW1wb3J0IHsgd2l0aENlcnRpZmljYXRlQXV0aG9yaXR5Q3JlZGVudGlhbHMgfSBmcm9tICcuL2NlcnRpZmljYXRlLWF1dGhvcml0eSc7XG5cbmNvbnN0IGRlYnVnID0gY3JlYXRlRGVidWcoJ2RldmNlcnQ6Y2VydGlmaWNhdGVzJyk7XG5cbi8qKlxuICogR2VuZXJhdGUgYSBkb21haW4gY2VydGlmaWNhdGUgc2lnbmVkIGJ5IHRoZSBkZXZjZXJ0IHJvb3QgQ0EuIERvbWFpblxuICogY2VydGlmaWNhdGVzIGFyZSBjYWNoZWQgaW4gdGhlaXIgb3duIGRpcmVjdG9yaWVzIHVuZGVyXG4gKiBDT05GSUdfUk9PVC9kb21haW5zLzxkb21haW4+LCBhbmQgcmV1c2VkIG9uIHN1YnNlcXVlbnQgcmVxdWVzdHMuIEJlY2F1c2UgdGhlXG4gKiBpbmRpdmlkdWFsIGRvbWFpbiBjZXJ0aWZpY2F0ZXMgYXJlIHNpZ25lZCBieSB0aGUgZGV2Y2VydCByb290IENBICh3aGljaCB3YXNcbiAqIGFkZGVkIHRvIHRoZSBPUy9icm93c2VyIHRydXN0IHN0b3JlcyksIHRoZXkgYXJlIHRydXN0ZWQuXG4gKi9cbmV4cG9ydCBkZWZhdWx0IGFzeW5jIGZ1bmN0aW9uIGdlbmVyYXRlRG9tYWluQ2VydGlmaWNhdGUoZG9tYWluOiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+IHtcbiAgYXdhaXQgZnMucHJvbWlzZXMubWtkaXIocGF0aEZvckRvbWFpbihkb21haW4pLCB7IHJlY3Vyc2l2ZTogdHJ1ZSB9KTtcblxuICBkZWJ1ZyhgR2VuZXJhdGluZyBwcml2YXRlIGtleSBmb3IgJHsgZG9tYWluIH1gKTtcbiAgbGV0IGRvbWFpbktleVBhdGggPSBwYXRoRm9yRG9tYWluKGRvbWFpbiwgJ3ByaXZhdGUta2V5LmtleScpO1xuICBnZW5lcmF0ZUtleShkb21haW5LZXlQYXRoKTtcblxuICBkZWJ1ZyhgR2VuZXJhdGluZyBjZXJ0aWZpY2F0ZSBzaWduaW5nIHJlcXVlc3QgZm9yICR7IGRvbWFpbiB9YCk7XG4gIGxldCBjc3JGaWxlID0gcGF0aEZvckRvbWFpbihkb21haW4sIGBjZXJ0aWZpY2F0ZS1zaWduaW5nLXJlcXVlc3QuY3NyYCk7XG4gIHdpdGhEb21haW5TaWduaW5nUmVxdWVzdENvbmZpZyhkb21haW4sIChjb25maWdwYXRoKSA9PiB7XG4gICAgb3BlbnNzbChbJ3JlcScsICctbmV3JywgJy1jb25maWcnLCBjb25maWdwYXRoLCAnLWtleScsIGRvbWFpbktleVBhdGgsICctb3V0JywgY3NyRmlsZV0pO1xuICB9KTtcblxuICBkZWJ1ZyhgR2VuZXJhdGluZyBjZXJ0aWZpY2F0ZSBmb3IgJHsgZG9tYWluIH0gZnJvbSBzaWduaW5nIHJlcXVlc3QgYW5kIHNpZ25pbmcgd2l0aCByb290IENBYCk7XG4gIGxldCBkb21haW5DZXJ0UGF0aCA9IHBhdGhGb3JEb21haW4oZG9tYWluLCBgY2VydGlmaWNhdGUuY3J0YCk7XG5cbiAgYXdhaXQgd2l0aENlcnRpZmljYXRlQXV0aG9yaXR5Q3JlZGVudGlhbHMoKHsgY2FLZXlQYXRoLCBjYUNlcnRQYXRoIH0pID0+IHtcbiAgICB3aXRoRG9tYWluQ2VydGlmaWNhdGVDb25maWcoZG9tYWluLCAoZG9tYWluQ2VydENvbmZpZ1BhdGgpID0+IHtcbiAgICAgIG9wZW5zc2woWydjYScsICctY29uZmlnJywgZG9tYWluQ2VydENvbmZpZ1BhdGgsICctaW4nLCBjc3JGaWxlLCAnLW91dCcsIGRvbWFpbkNlcnRQYXRoLCAnLWtleWZpbGUnLCBjYUtleVBhdGgsICctY2VydCcsIGNhQ2VydFBhdGgsICctZGF5cycsICc4MjUnLCAnLWJhdGNoJ10pXG4gICAgfSk7XG4gIH0pO1xufVxuXG4vLyBHZW5lcmF0ZSBhIGNyeXB0b2dyYXBoaWMga2V5LCB1c2VkIHRvIHNpZ24gY2VydGlmaWNhdGVzIG9yIGNlcnRpZmljYXRlIHNpZ25pbmcgcmVxdWVzdHMuXG5leHBvcnQgZnVuY3Rpb24gZ2VuZXJhdGVLZXkoZmlsZW5hbWU6IHN0cmluZyk6IHZvaWQge1xuICBkZWJ1ZyhgZ2VuZXJhdGVLZXk6ICR7IGZpbGVuYW1lIH1gKTtcbiAgb3BlbnNzbChbJ2dlbnJzYScsICctb3V0JywgZmlsZW5hbWUsICcyMDQ4J10pO1xuICBmcy5jaG1vZFN5bmMoZmlsZW5hbWUsIDQwMCk7XG59XG4iXX0=

node_modules/@expo/devcert/dist/constants.d.ts

@@ -0,0 +1,20 @@
+export declare const VALID_IP: RegExp;
+export declare const VALID_DOMAIN: RegExp;
+export declare const isMac: boolean;
+export declare const isLinux: boolean;
+export declare const isWindows: boolean;
+export declare const configDir: string;
+export declare const configPath: (...pathSegments: string[]) => string;
+export declare const domainsDir: string;
+export declare const pathForDomain: (domain: string, ...pathSegments: string[]) => string;
+export declare const caVersionFile: string;
+export declare const opensslSerialFilePath: string;
+export declare const opensslDatabaseFilePath: string;
+export declare const caSelfSignConfig: string;
+export declare function withDomainSigningRequestConfig(domain: string, cb: (filepath: string) => void): void;
+export declare function withDomainCertificateConfig(domain: string, cb: (filepath: string) => void): void;
+export declare const rootCADir: string;
+export declare const rootCAKeyPath: string;
+export declare const rootCACertPath: string;
+export declare function getLegacyConfigDir(): string;
+export declare function ensureConfigDirs(): void;

node_modules/@expo/devcert/dist/index.d.ts

@@ -0,0 +1,50 @@
+import { uninstall } from './certificate-authority';
+import { UserInterface } from './user-interface';
+export { uninstall };
+export interface Options {
+    /** Return the CA certificate data? */
+    getCaBuffer?: boolean;
+    /** Return the path to the CA certificate? */
+    getCaPath?: boolean;
+    /** If `certutil` is not installed already (for updating nss databases; e.g. firefox), do not attempt to install it */
+    skipCertutilInstall?: boolean;
+    /** Do not update your systems host file with the domain name of the certificate */
+    skipHostsFile?: boolean;
+    /** User interface hooks */
+    ui?: UserInterface;
+}
+interface ICaBuffer {
+    ca: Buffer;
+}
+interface ICaPath {
+    caPath: string;
+}
+interface IDomainData {
+    key: Buffer;
+    cert: Buffer;
+}
+type IReturnCa<O extends Options> = O['getCaBuffer'] extends true ? ICaBuffer : false;
+type IReturnCaPath<O extends Options> = O['getCaPath'] extends true ? ICaPath : false;
+type IReturnData<O extends Options = {}> = (IDomainData) & (IReturnCa<O>) & (IReturnCaPath<O>);
+/**
+ * Request an SSL certificate for the given app name signed by the devcert root
+ * certificate authority. If devcert has previously generated a certificate for
+ * that app name on this machine, it will reuse that certificate.
+ *
+ * If this is the first time devcert is being run on this machine, it will
+ * generate and attempt to install a root certificate authority.
+ *
+ * Returns a promise that resolves with { key, cert }, where `key` and `cert`
+ * are Buffers with the contents of the certificate private key and certificate
+ * file, respectively
+ *
+ * If `options.getCaBuffer` is true, return value will include the ca certificate data
+ * as { ca: Buffer }
+ *
+ * If `options.getCaPath` is true, return value will include the ca certificate path
+ * as { caPath: string }
+ */
+export declare function certificateFor<O extends Options>(domain: string, options?: O): Promise<IReturnData<O>>;
+export declare function hasCertificateFor(domain: string): boolean;
+export declare function configuredDomains(): string[];
+export declare function removeDomain(domain: string): void;

node_modules/@expo/devcert/dist/platforms/darwin.d.ts

@@ -0,0 +1,23 @@
+import { Options } from '../index';
+import { Platform } from '.';
+export default class MacOSPlatform implements Platform {
+    private FIREFOX_BUNDLE_PATH;
+    private FIREFOX_BIN_PATH;
+    private FIREFOX_NSS_DIR;
+    private HOST_FILE_PATH;
+    /**
+     * macOS is pretty simple - just add the certificate to the system keychain,
+     * and most applications will delegate to that for determining trusted
+     * certificates. Firefox, of course, does it's own thing. We can try to
+     * automatically install the cert with Firefox if we can use certutil via the
+     * `nss` Homebrew package, otherwise we go manual with user-facing prompts.
+     */
+    addToTrustStores(certificatePath: string, options?: Options): Promise<void>;
+    removeFromTrustStores(certificatePath: string): Promise<void>;
+    addDomainToHostFileIfMissing(domain: string): Promise<void>;
+    deleteProtectedFiles(filepath: string): Promise<void>;
+    readProtectedFile(filepath: string): Promise<string>;
+    writeProtectedFile(filepath: string, contents: string): Promise<void>;
+    private isFirefoxInstalled;
+    private isNSSInstalled;
+}

node_modules/@expo/devcert/dist/platforms/index.d.ts

@@ -0,0 +1,11 @@
+import { Options } from '../index';
+export interface Platform {
+    addToTrustStores(certificatePath: string, options?: Options): Promise<void>;
+    removeFromTrustStores(certificatePath: string): Promise<void>;
+    addDomainToHostFileIfMissing(domain: string): Promise<void>;
+    deleteProtectedFiles(filepath: string): Promise<void>;
+    readProtectedFile(filepath: string): Promise<string>;
+    writeProtectedFile(filepath: string, contents: string): Promise<void>;
+}
+declare const _default: Platform;
+export default _default;

node_modules/@expo/devcert/dist/platforms/index.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const PlatformClass = require(`./${process.platform}`).default;
+exports.default = new PlatformClass();
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiLi8iLCJzb3VyY2VzIjpbInBsYXRmb3Jtcy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQVlBLE1BQU0sYUFBYSxHQUFHLE9BQU8sQ0FBQyxLQUFNLE9BQU8sQ0FBQyxRQUFTLEVBQUUsQ0FBQyxDQUFDLE9BQU8sQ0FBQztBQUNqRSxrQkFBZSxJQUFJLGFBQWEsRUFBYyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgT3B0aW9ucyB9IGZyb20gJy4uL2luZGV4JztcblxuXG5leHBvcnQgaW50ZXJmYWNlIFBsYXRmb3JtIHtcbiAgIGFkZFRvVHJ1c3RTdG9yZXMoY2VydGlmaWNhdGVQYXRoOiBzdHJpbmcsIG9wdGlvbnM/OiBPcHRpb25zKTogUHJvbWlzZTx2b2lkPjtcbiAgIHJlbW92ZUZyb21UcnVzdFN0b3JlcyhjZXJ0aWZpY2F0ZVBhdGg6IHN0cmluZyk6IFByb21pc2U8dm9pZD47XG4gICBhZGREb21haW5Ub0hvc3RGaWxlSWZNaXNzaW5nKGRvbWFpbjogc3RyaW5nKTogUHJvbWlzZTx2b2lkPjtcbiAgIGRlbGV0ZVByb3RlY3RlZEZpbGVzKGZpbGVwYXRoOiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+O1xuICAgcmVhZFByb3RlY3RlZEZpbGUoZmlsZXBhdGg6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nPjtcbiAgIHdyaXRlUHJvdGVjdGVkRmlsZShmaWxlcGF0aDogc3RyaW5nLCBjb250ZW50czogc3RyaW5nKTogUHJvbWlzZTx2b2lkPjtcbn1cblxuY29uc3QgUGxhdGZvcm1DbGFzcyA9IHJlcXVpcmUoYC4vJHsgcHJvY2Vzcy5wbGF0Zm9ybSB9YCkuZGVmYXVsdDtcbmV4cG9ydCBkZWZhdWx0IG5ldyBQbGF0Zm9ybUNsYXNzKCkgYXMgUGxhdGZvcm07XG4iXX0=

node_modules/@expo/devcert/dist/platforms/linux.d.ts

@@ -0,0 +1,26 @@
+import { Options } from '../index';
+import { Platform } from '.';
+export default class LinuxPlatform implements Platform {
+    private FIREFOX_NSS_DIR;
+    private CHROME_NSS_DIR;
+    private FIREFOX_BIN_PATH;
+    private CHROME_BIN_PATH;
+    private HOST_FILE_PATH;
+    /**
+     * Linux is surprisingly difficult. There seems to be multiple system-wide
+     * repositories for certs, so we copy ours to each. However, Firefox does it's
+     * usual separate trust store. Plus Chrome relies on the NSS tooling (like
+     * Firefox), but uses the user's NSS database, unlike Firefox (which uses a
+     * separate Mozilla one). And since Chrome doesn't prompt the user with a GUI
+     * flow when opening certs, if we can't use certutil to install our certificate
+     * into the user's NSS database, we're out of luck.
+     */
+    addToTrustStores(certificatePath: string, options?: Options): Promise<void>;
+    removeFromTrustStores(certificatePath: string): Promise<void>;
+    addDomainToHostFileIfMissing(domain: string): Promise<void>;
+    deleteProtectedFiles(filepath: string): Promise<void>;
+    readProtectedFile(filepath: string): Promise<string>;
+    writeProtectedFile(filepath: string, contents: string): Promise<void>;
+    private isFirefoxInstalled;
+    private isChromeInstalled;
+}

node_modules/@expo/devcert/dist/platforms/shared.d.ts

@@ -0,0 +1,35 @@
+/**
+ *  Given a directory or glob pattern of directories, attempt to install the
+ *  CA certificate to each directory containing an NSS database.
+ */
+export declare function addCertificateToNSSCertDB(nssDirGlob: string, certPath: string, certutilPath: string): Promise<void>;
+export declare function removeCertificateFromNSSCertDB(nssDirGlob: string, certPath: string, certutilPath: string): Promise<void>;
+/**
+ *  Check to see if Firefox is still running, and if so, ask the user to close
+ *  it. Poll until it's closed, then return.
+ *
+ * This is needed because Firefox appears to load the NSS database in-memory on
+ * startup, and overwrite on exit. So we have to ask the user to quite Firefox
+ * first so our changes don't get overwritten.
+ */
+export declare function closeFirefox(): Promise<void>;
+/**
+ * Firefox manages it's own trust store for SSL certificates, which can be
+ * managed via the certutil command (supplied by NSS tooling packages). In the
+ * event that certutil is not already installed, and either can't be installed
+ * (Windows) or the user doesn't want to install it (skipCertutilInstall:
+ * true), it means that we can't programmatically tell Firefox to trust our
+ * root CA certificate.
+ *
+ * There is a recourse though. When a Firefox tab is directed to a URL that
+ * responds with a certificate, it will automatically prompt the user if they
+ * want to add it to their trusted certificates. So if we can't automatically
+ * install the certificate via certutil, we instead start a quick web server
+ * and host our certificate file. Then we open the hosted cert URL in Firefox
+ * to kick off the GUI flow.
+ *
+ * This method does all this, along with providing user prompts in the terminal
+ * to walk them through this process.
+ */
+export declare function openCertificateInFirefox(firefoxPath: string, certPath: string): Promise<void>;
+export declare function assertNotTouchingFiles(filepath: string, operation: string): void;

node_modules/@expo/devcert/dist/platforms/win32.d.ts

@@ -0,0 +1,21 @@
+import { Options } from '../index';
+import { Platform } from '.';
+export default class WindowsPlatform implements Platform {
+    private HOST_FILE_PATH;
+    /**
+     * Windows is at least simple. Like macOS, most applications will delegate to
+     * the system trust store, which is updated with the confusingly named
+     * `certutil` exe (not the same as the NSS/Mozilla certutil). Firefox does it's
+     * own thing as usual, and getting a copy of NSS certutil onto the Windows
+     * machine to try updating the Firefox store is basically a nightmare, so we
+     * don't even try it - we just bail out to the GUI.
+     */
+    addToTrustStores(certificatePath: string, options?: Options): Promise<void>;
+    removeFromTrustStores(certificatePath: string): Promise<void>;
+    addDomainToHostFileIfMissing(domain: string): Promise<void>;
+    deleteProtectedFiles(filepath: string): Promise<void>;
+    readProtectedFile(filepath: string): Promise<string>;
+    writeProtectedFile(filepath: string, contents: string): Promise<void>;
+    private encrypt;
+    private decrypt;
+}

node_modules/@expo/devcert/dist/user-interface.d.ts

@@ -0,0 +1,10 @@
+export interface UserInterface {
+    getWindowsEncryptionPassword(): Promise<string>;
+    warnChromeOnLinuxWithoutCertutil(): Promise<void>;
+    closeFirefoxBeforeContinuing(): Promise<void>;
+    startFirefoxWizard(certificateHost: string): Promise<void>;
+    firefoxWizardPromptPage(certificateURL: string): Promise<string>;
+    waitForFirefoxWizard(): Promise<void>;
+}
+declare const DefaultUI: UserInterface;
+export default DefaultUI;

node_modules/@expo/devcert/dist/utils.d.ts

@@ -0,0 +1,9 @@
+import { ExecFileSyncOptions } from 'child_process';
+export declare function openssl(args: string[]): string | Buffer;
+export declare function run(cmd: string, args: string[], options?: ExecFileSyncOptions): string | Buffer;
+export declare function sudoAppend(file: string, input: ExecFileSyncOptions["input"]): void;
+export declare function waitForUser(): Promise<unknown>;
+export declare function reportableError(message: string): Error;
+export declare function mktmp(): string;
+export declare function sudo(cmd: string): Promise<string | null>;
+export declare function commandExists(command: string): string | null;