Type checking httpOptions and rejectUnauthorized

[trombonekenny]

I'm new to typescript and type checking, so I may have the terminology wrong or I'm reporting this in the wrong place. Thanks for being patient with me.

I have this code:

custom.setHttpOptionsDefaults({
  timeout: 10000,
  rejectUnauthorized: true,
});

I'm getting these errors when type checking (but the option works, and is necessary with some of my development stuff):

error TS2345: Argument of type '{ timeout: number; rejectUnauthorized: boolean; }' is not assignable to parameter of type 'Partial<Pick<RequestOptions, "key" | "headers" | "cert" | "agent" | "ca" | "crl" | "lookup" | "passphrase" | "pfx" | "timeout">>'.
Object literal may only specify known properties, and 'rejectUnauthorized' does not exist in type 'Partial<Pick<RequestOptions, "key" | "headers" | "cert" | "agent" | "ca" | "crl" | "lookup" | "passphrase" | "pfx" | "timeout">>'.

I think something about about the https type checking is not honoring the additional options from tls.connect() as described at https://nodejs.org/docs/latest-v18.x/api/https.html#httpsrequestoptions-callback Specifically:

The following additional options from tls.connect() are also accepted: ca, cert, ciphers, clientCertEngine, crl, dhparam, ecdhCurve, honorCipherOrder, key, passphrase, pfx, rejectUnauthorized, secureOptions, secureProtocol, servername, sessionIdContext, highWaterMark.

Specific to openid-client, it looks like you list some of the options from tls.connect() manually (but not the rejectUnauthorized I am having problems with) in
https://github.com/panva/node-openid-client/blob/35758419489ff751a71f5b66f5020087a63e1e88/types/index.d.ts#L13

I'm not sure if openid-client should manually include all of those tls.options, or if something in the imported type checking should do that automatically and it's not. Or maybe I should pass rejectUnauthorized into node or openid-connect in some other way? What's the right way to resolve this? Thanks!