skip loading CA certificates when SSL verification is disabled

[sreelakshmi-bruno]

Description

• Skip loading CA certificates when SSL/TLS verification is disabled
• Fixes performance issue where requests take 10-14 seconds with large certificate stores
• Certificates are only loaded when shouldVerifyTls() returns true

Jira

Contribution Checklist:

• I've used AI significantly to create this pull request
• The pull request only addresses one issue or adds one feature.
• The pull request does not introduce any breaking changes
• I have added screenshots or gifs to help explain the change if applicable.
• I have read the contribution guidelines.
• Create an issue and link to the pull request.

Note: Keeping the PR small and focused helps make it easier to review and merge. If you have multiple changes you want to make, please consider submitting them as separate pull requests.

Publishing to New Package Managers

Please see here for more information.

Summary by CodeRabbit

• Refactor
  • Optimized certificate handling in network requests for improved performance when SSL verification is disabled.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The change modifies certificate loading in the cert-utils module to be conditional on TLS verification being enabled. CA certificates are now initialized to default values and only loaded when shouldVerifyTls() returns true, optimizing I/O operations when SSL validation is disabled.

Changes

Cohort / File(s)	Summary
TLS Certificate Loading packages/bruno-electron/src/ipc/network/cert-utils.js	Wrapped CA certificate loading logic in a shouldVerifyTls() guard clause; caCertificates and caCertificatesCount now initialize to default/empty values before conditional population; fallback used when assigning to httpsAgentRequestFields.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

size/L

Suggested reviewers

• helloanoop
• lohit-bruno
• naman-bruno
• bijin-bruno

Poem

Guard clauses stand their ground,
When TLS verification's found,
Certs load swift—but only when,
The trust is real, again and again. 🔐

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: conditionally skipping CA certificate loading when SSL verification is disabled, which aligns with the primary objective of improving performance.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}