From ba6bd444b60606f96dd7b2edb1b14aeae22b5016 Mon Sep 17 00:00:00 2001
From: Divy Srivastava <dj.srivastava23@gmail.com>
Date: Tue, 31 Oct 2023 04:55:46 -0700
Subject: [PATCH] perf: use deno_native_certs crate (#18072)

Fixes #18071

Replace `rustls_native_certs` which links to Security framework.
https://github.com/denoland/deno_native_certs uses dlopen to lazy load
when needed.
---
 Cargo.lock         | 15 ++++++++++++++-
 cli/args/mod.rs    |  2 +-
 ext/tls/Cargo.toml |  2 +-
 ext/tls/lib.rs     |  2 +-
 4 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 138d0cd4a4..2ab101267d 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1483,6 +1483,19 @@ dependencies = [
  "libloading",
 ]
 
+[[package]]
+name = "deno_native_certs"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f9c7c5a7f03be0fccb523765d76aa6758760f3163459ce777ba3979596db0998"
+dependencies = [
+ "dlopen",
+ "dlopen_derive",
+ "once_cell",
+ "rustls-native-certs",
+ "rustls-pemfile",
+]
+
 [[package]]
 name = "deno_net"
 version = "0.113.0"
@@ -1687,9 +1700,9 @@ name = "deno_tls"
 version = "0.108.0"
 dependencies = [
  "deno_core",
+ "deno_native_certs",
  "once_cell",
  "rustls",
- "rustls-native-certs",
  "rustls-pemfile",
  "rustls-webpki",
  "serde",
diff --git a/cli/args/mod.rs b/cli/args/mod.rs
index 96f4e9a74a..94eaf2a3e7 100644
--- a/cli/args/mod.rs
+++ b/cli/args/mod.rs
@@ -45,9 +45,9 @@ use deno_core::serde_json;
 use deno_core::url::Url;
 use deno_runtime::colors;
 use deno_runtime::deno_node::PackageJson;
+use deno_runtime::deno_tls::deno_native_certs::load_native_certs;
 use deno_runtime::deno_tls::rustls;
 use deno_runtime::deno_tls::rustls::RootCertStore;
-use deno_runtime::deno_tls::rustls_native_certs::load_native_certs;
 use deno_runtime::deno_tls::rustls_pemfile;
 use deno_runtime::deno_tls::webpki_roots;
 use deno_runtime::inspector_server::InspectorServer;
diff --git a/ext/tls/Cargo.toml b/ext/tls/Cargo.toml
index 6d56dfd490..8184e97a35 100644
--- a/ext/tls/Cargo.toml
+++ b/ext/tls/Cargo.toml
@@ -15,9 +15,9 @@ path = "lib.rs"
 
 [dependencies]
 deno_core.workspace = true
+deno_native_certs = "0.1.1"
 once_cell.workspace = true
 rustls = { workspace = true, features = ["dangerous_configuration"] }
-rustls-native-certs.workspace = true
 rustls-pemfile.workspace = true
 rustls-webpki.workspace = true
 serde.workspace = true
diff --git a/ext/tls/lib.rs b/ext/tls/lib.rs
index 78ad243c1a..3239466016 100644
--- a/ext/tls/lib.rs
+++ b/ext/tls/lib.rs
@@ -1,7 +1,7 @@
 // Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
 
+pub use deno_native_certs;
 pub use rustls;
-pub use rustls_native_certs;
 pub use rustls_pemfile;
 pub use webpki;
 pub use webpki_roots;