feat: respect NODE_TLS_REJECT_UNAUTHORIZED

[pbeast]

As described in #61, setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable doesn't change the library's behavior. This is required in different scenarios, such as testing, self-signed certificates, ZScaler, etc.

This PR adds a check for the process's environment variable NODE_TLS_REJECT_UNAUTHORIZED, and if it is set to 0 sets rejectUnauthorized to false.

if (process.env['NODE_TLS_REJECT_UNAUTHORIZED'] == '0') {
  console.warn("-----------------------[ minipass-fetch ]-----------------------------");
  console.warn("- NODE_TLS_REJECT_UNAUTHORIZED is set to 0. This is not recommended. -");
  console.warn("----------------------------------------------------------------------");

  options.agent.options.rejectUnauthorized = false;
}

References

Fixes #61
Closes #61

[wraithgar]

This will need a test to cover the if statement.

[wraithgar]

npm has a strict-ssl flag, does that not work for this use case?

[pbeast]

npm has a strict-ssl flag, does that not work for this use case?

Nope 😔 Unfortunately, this flag doesn't solve the problem.

[pbeast]

I will add the test and fix the logging.
Please keep the PR open.

[pbeast]

Hi @wraithgar , I made the requested changes. Can you please check?

[reggi]

hey @pbeast thanks for digging into this but I've added tests here #149 that show this already works in minipass-fetch, I believe that node-gyp needs to pass the strictSSL option to make-fetch-happen. I'm gonna close this out and the corresponding issue.