Remove unused export from SslBumpConfig in security-critical module (#2438)

Copilot · lpcox · web-flow · commit a791df8cc9d4 · 2026-05-03T16:53:44.000-07:00
* Initial plan * fix: remove unused export from SslBumpConfig interface in ssl-bump.ts Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/e07586e3-c8a8-4e76-8158-807e9636123d Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> * fix: inline SslBumpConfig parameter type to fix declaration emit with non-exported interface Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/d3d6437d-fcec-4fe2-b8a8-fd6939900785 Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> * fix: remove unused SslBumpConfig interface to fix ESLint no-unused-vars error Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/fe39d17c-0681-4b39-8ef4-af0d69df95fd Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
diff --git a/src/ssl-bump.ts b/src/ssl-bump.ts
@@ -33,18 +33,6 @@ export function chownRecursive(dirPath: string, uid: number, gid: number): void
   }
 }
 
-/**
- * Configuration for SSL Bump CA generation
- */
-export interface SslBumpConfig {
-  /** Working directory to store CA files */
-  workDir: string;
-  /** Common name for the CA certificate (default: 'AWF Session CA') */
-  commonName?: string;
-  /** Validity period in days (default: 1) */
-  validityDays?: number;
-}
-
 /**
  * Result of CA generation containing paths to certificate files
  */
@@ -178,7 +166,7 @@ export function cleanupSslKeyMaterial(workDir: string): void {
  * @returns Paths to generated CA files
  * @throws Error if OpenSSL commands fail
  */
-export async function generateSessionCa(config: SslBumpConfig): Promise<CaFiles> {
+export async function generateSessionCa(config: { workDir: string; commonName?: string; validityDays?: number }): Promise<CaFiles> {
   const { workDir, commonName = 'AWF Session CA', validityDays = 1 } = config;
 
   // Create ssl directory in workDir, backed by tmpfs when possible
