Update to Node 14.17 (hopefully improves HTTP/2 behaviour)

For some reason, this breaks the npm installs that occur as part of the
build script - postinstall steps can no longer access the install
directory, and everything fails. This change also enables unsafe-perm
only in CI, so that we can npm install as root there. I can't see any
risk to this - anything that could be exposed from within the CI build
that's interesting would be in the env or build workspace anyway.

Author: pimterry

.github/workflows/ci.yml

@@ -12,7 +12,7 @@ jobs:
 
       - uses: actions/setup-node@v1
         with:
-          node-version: 14.6
+          node-version: 14.17
 
       - name: Set up JDK 11 for Java testing
         uses: actions/setup-java@v1
@@ -51,6 +51,7 @@ jobs:
           SENTRY_AUTH_TOKEN: ${{ (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && secrets.SENTRY_AUTH_TOKEN) || '' }}
           SENTRY_ORG: http-toolkit
           SENTRY_PROJECT: httptoolkit-server
+          NPM_CONFIG_UNSAFE_PERM: true
 
       - run: xvfb-run npm run test
       - run: xvfb-run npm run test:release

build-release.sh

@@ -39,8 +39,6 @@ rm -r ./tmp || true
 # Build the package for this platform
 # ------------------------------------------------------------------------
 
-env | grep -E 'npm_config_|TARGET_'
-
 echo
 echo "BUILDING FOR $TARGET_PLATFORM"
 echo

package.json

@@ -154,7 +154,7 @@
         }
       },
       "node": {
-        "version": "14.6.0",
+        "version": "14.17.0",
         "targets": [
           "win32-x64",
           "linux-x64",

test/distributables-test/unix.sh

@@ -6,11 +6,15 @@ ls -la *
 
 tar -xvzf ./distributables/v*/httptoolkit-server-*-$1-x64.tar.gz
 
+echo "Starting server..."
+
 ./httptoolkit-server/bin/httptoolkit-server start &
 SERVER_PID=$!
 
 sleep 5
 
+echo "Testing server..."
+
 # CSRF protection fully blocks unrecognized/missing origin requests:
 WITH_ORIGIN="-HOrigin: https://app.httptoolkit.tech"
 AS_JSON="-HContent-Type: application/json"

test/distributables-test/windows.bat

@@ -7,11 +7,15 @@ FOR /F "tokens=*" %%i IN (' %GET_TAR% ') DO SET TAR_PATH=%%i
 
 tar -xvzf %TAR_PATH%
 
+echo Starting server...
+
 START "server" .\httptoolkit-server\bin\httptoolkit-server start
 
 REM The closest we can get to a 10 second delay on Windows in CI, ick:
 ping -n 10 127.0.0.1 >NUL
 
+echo Testing server...
+
 REM CSRF protection fully blocks unrecognized/missing origin requests:
 set WITH_ORIGIN="-HOrigin: https://app.httptoolkit.tech"
 set AS_JSON="-HContent-Type: application/json"