foster/denoland-deno
1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-11-21 15:04:11 -05:00
Code Issues Packages 1 Wiki Activity

feat: update warning message for --allow-run with no list (#25693)

Browse source 
Ref https://github.com/denoland/deno/pull/25215#discussion_r1762064605
This commit is contained in:
Bartek Iwańczuk 2024-09-17 23:32:52 +01:00 committed by GitHub
parent 97b8c9be38
commit a7d67e3a7a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cli/args/mod.rs
View file

@ -1705,7 +1705,7 @@ fn warn_insecure_allow_run_flags(flags: &Flags) {
// discourage using --allow-run without an allow list
if allow_run_list.is_empty() {
log::warn!(
"{} --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)",
"{} --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)",
colors::yellow("Warning")
);
}

2
tests/specs/permission/deny_run_binary_absolute_path/main.out
View file

@ -1,4 +1,4 @@
Warning --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)
Warning --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)
NotCapable: Requires run access to "deno", run again with the --allow-run flag
at [WILDCARD] {
name: "NotCapable"

2
tests/specs/run/allow_run_insecure_warnings/no_allow_list.out
View file

@ -1 +1 @@
Warning --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)
Warning --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)

2
tests/testdata/run/deny_some_permission_args.out vendored
View file

@ -1,4 +1,4 @@
Warning --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)
Warning --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)
PermissionStatus { state: "granted", onchange: null, partial: true }
PermissionStatus { state: "denied", onchange: null }
PermissionStatus { state: "granted", onchange: null }