APM Publish - Fails behind network interceptor


#1

My company recently added something like zscaler to monitor/intercept all network traffic. As you would expect, this broke several HTTPS certificates including everything in Firefox, docker, git, npm and apm.

I have been forced to disable ssl verfication for some of the commands (specific git calls w/ -c http.sslVerify=false for example, and apm config set strict-ssl false. I also switched my github auth to SSH certificates.

However, I did notice a problem when trying to use apm publish {major|minor|patch}:

Publishing package-name@v.1.2.3 failed
Creating new version failed: Requires authentication

I have run apm login and I tried to set the token in the environment variable as well. I moved the package folder into ~/.atom/packages. I tried just publishing the tag directly. Every option returned the same error.

Finally I went to a nearby coffee shop to get out from behind the firewall, and that worked.

However, it is strange that I could not get this to work behind the company firewall, even with ssl verification off. Digging into the apm publish code I see the point where I received the error:
https://github.com/atom/apm/blob/master/src/publish.coffee:178

      requestSettings =
        url: "#{config.getAtomPackagesUrl()}/#{packageName}/versions"
        json: true
        body:
          tag: tag
          rename: options.rename
        headers:
          authorization: token
      request.post requestSettings, (error, response, body={}) ->
        if error?
          callback(error)
        else if response.statusCode isnt 201
          message = request.getErrorMessage(response, body)
          callback("Creating new version failed: #{message}")
        else
          callback()

Looking at request I see:

requestOptions.strictSSL ?= npm.config.get('strict-ssl')

So, even setting npm strict-ssl to false within the package also fails.

Has anyone managed to work around this?