Skip to content

feat: handle crypto.createCredentials() depreciation #123

New issue
New issue
Open
Feature
#156
Open
feat: handle crypto.createCredentials() depreciation#123
Feature
#156
Labels
good first issueGood for newcomershelp wantedExtra attention is neededlet's do it
@AugustinMauroy

Description

@AugustinMauroy
AugustinMauroy
opened on Jul 25, 2025

Description

Since crypto.createCredentials() is deprecated (DEP0010) and has reached End-of-Life status, we should provide a codemod to replace it.

  • The codemod should replace all instances of crypto.createCredentials() with tls.createSecureContext().
  • The codemod should update import/require statements to replace node:crypto with node:tls when createCredentials is the only crypto function being used.
  • If the node:crypto import is destructured and only contains createCredentials, it should be replaced with node:tls destructured import.
  • If there are other crypto functions being used, the codemod should add a separate node:tls import and keep the existing node:crypto import.

Additional Information

Note that crypto.createCredentials() was removed in Node.js v11.0.0 and replaced with tls.createSecureContext(). The functionality is identical, but the API has been moved to the more appropriate tls module. The options object format remains the same (key, cert, ca, etc.).

Examples

Case 1: Destructured import with only createCredentials

Before:

const { createCredentials } = require('node:crypto');

const credentials = createCredentials({
  key: privateKey,
  cert: certificate,
  ca: [caCertificate]
});

After:

const { createSecureContext } = require('node:tls');

const credentials = createSecureContext({
  key: privateKey,
  cert: certificate,
  ca: [caCertificate]
});

Case 2: Namespace import

Before:

const crypto = require('node:crypto');

const credentials = crypto.createCredentials({
  key: fs.readFileSync('server-key.pem'),
  cert: fs.readFileSync('server-cert.pem')
});

After:

const tls = require('node:tls');

const credentials = tls.createSecureContext({
  key: fs.readFileSync('server-key.pem'),
  cert: fs.readFileSync('server-cert.pem')
});

Case 3: Mixed usage with other crypto functions

Before:

const { createCredentials, createHash } = require('node:crypto');

const credentials = createCredentials({
  key: privateKey,
  cert: certificate
});

const hash = createHash('sha256');
hash.update('some data');

After:

const { createHash } = require('node:crypto');
const { createSecureContext } = require('node:tls');

const credentials = createSecureContext({
  key: privateKey,
  cert: certificate
});

const hash = createHash('sha256');
hash.update('some data');

Case 4: ESM import

Before:

import { createCredentials } from 'node:crypto';

const credentials = createCredentials({
  key: privateKey,
  cert: certificate,
  ca: [caCertificate]
});

After:

import { createSecureContext } from 'node:tls';

const credentials = createSecureContext({
  key: privateKey,
  cert: certificate,
  ca: [caCertificate]
});

Case 5: ESM namespace import

Before:

import * as crypto from 'node:crypto';

const credentials = crypto.createCredentials({
  key: privateKey,
  cert: certificate
});

After:

import * as tls from 'node:tls';

const credentials = tls.createSecureContext({
  key: privateKey,
  cert: certificate
});

REFS

Metadata

Metadata

Assignees

No one assigned

    Labels

    good first issueGood for newcomershelp wantedExtra attention is neededlet's do it

    Type

    Feature

    Projects

    Userland Migrations Board

    Status

    🏗 In progress

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions