Imagine this. You've landed yourself a role at BIG CORP and it's day one. You're excited to dive in and make that first commit all the way to production. You run npm install and suddenly npm ERR! RequestError: unable to get local issuer certificate appears. No one likes certificate errors, but disabling the checks altogether is not a secure choice. What's a developer to do?
I've created a utility command line tool to help ease this all-too-frequent experience. Verifi is a command-line tool that simplifies certificate configuration across your entire development environment. Instead of configuring certificates separately for npm, pip, git, curl, and dozens of other tools, Verifi does it once, centrally.
While some applications use the operating system's certificate store, many development tools (npm, pip, git, curl) prefer their own certificate bundle files. This becomes critical in corporate environments where web proxies inspect traffic and internal certificate authorities sign private resources—both of which require trusting additional certificates.
Verifi helps tackle the problem by making it simple to manage adding and removing certificates to the bundle and helping easily add the necessary configuration to your shell to point to the certificates. It is offline by default, avoiding encountering the very problem it's meant to solve. See the README to get started.
Vibe Coding
This project was developed using two coding agents over a couple evenings. I primarily used Claude Code and complemented it with Amp from Sourcegraph. Before I began, I had Claude do some "market research" on if there was a need for such a tool. That can be found here. I also used Claude as a sounding board for a couple different options for the name. This chat also led to the creation of PLAN.md that helped me guide the agents throughout the process.
My Development Loop
For each phase I would verify if any additional clarifications were needed using Claude Code's plan mode. This helped identify any requirements that were too vague before proceeding with implementation. Once this was completed I would let Claude Code run the various commands necessary to achieve the goals of the phase. CLAUDE.md complemented the phased plan with additional guidance for the agent for overall structure approach, and examples. Over time my allow list of commands for the agent grew and would need less interaction.
I used Amp mainly to validate Claude's work and occasionally when I hit limits with Claude Pro's plan. By having clear validation criteria for each phase, both agents were able to easily validate functionality.
Once the core functionality was complete, I also used the agents to generate the necessary CI/CD definitions. As is all too common with CI/CD the first run did not succeed. The agents were helpful at working through the various errors that occurred. One of the Amp threads related to that troubleshooting can be seen here.
The agents were also helpful in working through making the tooling available through homebrew. This was the first time I had attempted to have that as a distribution channel. By providing Goreleaser's documentation about it, I was able to get the proper config in a couple of tries in under an hour.
As evidenced above this was not a zero-shot or one-shot prompt. The terms spec-driven development or ai-assisted engineering have been growing in popularity for this approach vs the simple proof-of-concepts produced by simple prompts. This approach helped significantly for this project, ensuring consistency across my coding sessions.
Conclusion
Whether you're a developer fighting certificate errors at a new company or a DevOps engineer looking to streamline onboarding, Verifi aims to make certificate management painless. Check out the repository, give it a try, and feel free to contribute or open issues with feedback!
Top comments (0)