1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-11-25 15:29:32 -05:00
Commit graph

68 commits

Author SHA1 Message Date
Bartek Iwańczuk
2b560be83f
chore: forward v1.43.4 commit to main (#23861)
Co-authored-by: denobot <33910674+denobot@users.noreply.github.com>
Co-authored-by: bartlomieju <bartlomieju@users.noreply.github.com>
2024-05-17 03:57:53 +02:00
Divy Srivastava
bba553bea5
fix(ext/node): homedir() getpwuid/SHGetKnownFolderPath fallback (#23841)
**Unix**: Returns the value of the HOME environment variable if it is
set even if it is an empty string. Otherwise, it tries to determine the
home directory by invoking the
[getpwuid_r](https://linux.die.net/man/3/getpwuid_r) function with the
UID of the current user.

**Windows**: Returns the value of the USERPROFILE environment variable
if it is set and it is not an empty string. Otherwise, it tries to
determine the home directory by invoking the
[SHGetKnownFolderPath](https://learn.microsoft.com/en-us/windows/win32/api/shlobj_core/nf-shlobj_core-shgetknownfolderpath)
function with
[FOLDERID_Profile](https://learn.microsoft.com/en-us/windows/win32/shell/knownfolderid).

Fixes https://github.com/denoland/deno/issues/23824
2024-05-16 10:52:40 +05:30
Leo Kettmeir
df879f9f74
chore: cleanup unused dependencies (#23787) 2024-05-13 14:23:39 -07:00
denobot
dac49a116e
chore: forward v1.43.3 release commit to main (#23771)
Co-authored-by: David Sherret <dsherret@gmail.com>
2024-05-10 19:20:34 -04:00
Matt Mastracci
adc7b3de26
fix(runtime): Allow opening /dev/fd/XXX for unix (#23743)
`deno run script.ts <(some command)` is a valid use case -- let's allow
this to work without `--allow-all`.

Fixes #23703
2024-05-10 11:21:36 -06:00
David Sherret
47f7bed677
chore: enable clippy::print_stdout and clippy::print_stderr (#23732)
1. Generally we should prefer to use the `log` crate.
2. I very often accidentally commit `eprintln`s.

When we should use `println` or `eprintln`, it's not too bad to be a bit
more verbose and ignore the lint rule.
2024-05-08 22:45:06 -04:00
denobot
e6dc4dfbff
chore: forward v1.43.2 release commit to main (#23749)
**THIS PR HAS GIT CONFLICTS THAT MUST BE RESOLVED**

This is the release commit being forwarded back to main for 1.43.2

Please ensure:
- [x] Everything looks ok in the PR
- [x] The release has been published

To make edits to this PR:
```shell
git fetch upstream forward_v1.43.2 && git checkout -b forward_v1.43.2 upstream/forward_v1.43.2
```

Don't need this PR? Close it.

cc @nathanwhit

Co-authored-by: nathanwhit <nathanwhit@users.noreply.github.com>
Co-authored-by: Nathan Whitaker <nathan@deno.com>
2024-05-09 00:45:01 +00:00
Matt Mastracci
9f7f681e26
fix(runtime): allow nul device on windows (#23741)
Fixes [23721](https://github.com/denoland/deno/issues/23721)
2024-05-08 14:39:06 -06:00
Luca Casonato
f3cc760f2f
fix(runtime): allow r/w access to /etc without --allow-all (#23718)
This is not a special path that can be used to escalate or bypass Deno
permissions, such as `--allow-env`.
2024-05-07 14:51:42 +02:00
denobot
5ff881a073
1.43.0 (#23629)
Bumped versions for 1.43.0

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-05-01 12:16:39 +05:30
denobot
8321106b78
1.43.0 (#23549)
Bumped versions for 1.43.0

Co-authored-by: littledivy <littledivy@users.noreply.github.com>
2024-04-25 15:14:26 +05:30
Matt Mastracci
472a370640
feat(runtime): Allow embedders to perform additional access checks on file open (#23208)
Embedders may have special requirements around file opening, so we add a
new `check_open` permission check that is called as part of the file
open process.
2024-04-19 18:12:03 -06:00
Bartek Iwańczuk
0a7f46b8c2
chore: forward v1.42.4 commit to main (#23394)
Co-authored-by: denobot <33910674+denobot@users.noreply.github.com>
Co-authored-by: bartlomieju <bartlomieju@users.noreply.github.com>
2024-04-16 02:41:59 +00:00
denobot
c92f118652
chore: forward v1.42.3 release commit to main (#23335)
Co-authored-by: bartlomieju <bartlomieju@users.noreply.github.com>
2024-04-12 04:19:46 +00:00
denobot
ca7432b86b
chore: forward v1.42.2 release commit to main (#23315)
Co-authored-by: Satya Rohith <me@satyarohith.com>
2024-04-11 13:37:24 +05:30
Matt Mastracci
945eb5eba6
fix(runtime): fix Windows permission prompt (#23212)
Followup to https://github.com/denoland/deno/pull/23184
2024-04-04 09:44:43 -06:00
Matt Mastracci
3b9fd1af80
fix(cli): Enforce a human delay in prompt to fix paste problem (#23184)
The permission prompt doesn't wait for quiescent input, so someone
pasting a large text file into the console may end up losing the prompt.
We enforce a minimum human delay and wait for a 100ms quiescent period
before we write and accept prompt input to avoid this problem.

This does require adding a human delay in all prompt tests, but that's
pretty straightforward. I rewrote the locked stdout/stderr test while I
was in here.
2024-04-02 15:55:06 -06:00
denobot
8d158058e5
chore: forward v1.42.1 release commit to main (#23162)
This is the release commit being forwarded back to main for 1.42.1

Co-authored-by: littledivy <littledivy@users.noreply.github.com>
2024-04-01 13:35:46 +05:30
denobot
9c6eca1064
1.42.0 (#23105)
Bumped versions for 1.42.0

Co-authored-by: bartlomieju <bartlomieju@users.noreply.github.com>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-03-28 01:47:33 +01:00
Nayeem Rahman
2cd9c6a8e6
fix(runtime): use FQDN in NetDescriptor (#23084) 2024-03-26 23:27:40 +00:00
Nathan Whitaker
85116226b3
chore: Forward 1.41.3 release commit (#22930)
Forward 1.41.3 release commit

Co-authored-by: denobot <33910674+denobot@users.noreply.github.com>
Co-authored-by: nathanwhit <nathanwhit@users.noreply.github.com>
2024-03-14 21:23:24 +00:00
Matt Mastracci
c9a9d040a3
perf(permissions): Fast exit from checks when permission is in "fully-granted" state (#22894)
Skips the access check if the specific unary permission is in an
all-granted state. Generally prevents an allocation or two.

Hooks up a quiet "all" permission that is automatically inherited. This
permission will be used in the future to indicate that the user wishes
to accept all side-effects of the permissions they explicitly granted.

The "all" permission is an "ambient flag"-style permission that states
whether "allow-all" was passed on the command-line.
2024-03-13 14:30:48 -06:00
Matt Mastracci
eccdb0e99a
chore(permissions): add allow_all flag (#22890)
Unlocking a potential perf optimization at a later date -- carry the
`allow_all` flag into the permission container.
2024-03-13 16:07:24 +00:00
Nayeem Rahman
485b4c6301
fix(runtime): negate partial condition for deny flags (#22866) 2024-03-12 22:12:29 +00:00
Divy Srivastava
de28e6fc09
refactor: add deno_permissions crate (#22236)
Issue https://github.com/denoland/deno/issues/22222


![image](https://github.com/denoland/deno/assets/34997667/2af8474b-b919-4519-98ce-9d29bc7829f2)

This PR moves `runtime/permissions` code to a upstream crate called
`deno_permissions`. The `deno_permissions::PermissionsContainer` is put
into the OpState and can be used instead of the current trait-based
permissions system.

For this PR, I've migrated `deno_fetch` to the new crate but kept the
rest of the trait-based system as a wrapper of `deno_permissions` crate.
Doing the migration all at once is error prone and hard to review.

Comparing incremental compile times for `ext/fetch` on Mac M1:

| profile | `cargo build --bin deno` | `cargo plonk build --bin deno` |
| --------- | ------------- | ------------------- |
| `debug`   | 20 s          | 0.8s                |
| `release` | 4 mins 12 s   | 1.4s                  |
2024-03-12 10:42:26 -07:00
Matt Mastracci
7e6b942312
feat(core): highlight unprintable chars in permission prompts (#22468)
If we strip out unprintable chars, we don't see the full filename being
requested by permission prompts. Instead, we highlight and escape them
to make them visible.
2024-02-19 04:51:06 +00:00
David Sherret
83d72e5c1c
refactor: extract out runtime::colors to deno_terminal::colors (#22324) 2024-02-07 11:25:14 -05:00
restlessronin
b16e6220a2
fix: enable "--allow-sys=cpus" for "deno run" (#22260)
Fixes #22221 with the suggested fix, and added "cpus" to the existing
tests.
2024-02-07 06:38:40 +00:00
Divy Srivastava
df062d2c78
fix(ext/node): add fs.cp, fs.cpSync, promises.cp (#21745)
Fixes https://github.com/denoland/deno/issues/20803
Fixes https://github.com/denoland/deno/issues/21723

Performance: copying a 48GiB rust `target` folder (recursive)
| Platform  | `deno` | `node v21.5` | Improvement |
| -------- | ------- | ------- | ------- |
| macOS (APFS) |   3.1secs  |  127.99 secs |  **42x** |
| Windows | 18.3secs | 67.2secs |  **3.8x** |

Copying files with varying sizes:


![image](https://github.com/denoland/deno/assets/34997667/58932652-6f7a-47f5-8504-896dc9ab4ddc)
2024-01-05 18:28:33 +05:30
Matt Mastracci
00970daea2
fix(cli): harden permission stdio check (#21778)
Harden the code that does permission checks to protect against
re-opening of stdin.

Code that runs FFI is vulnerable to an attack where fd 0 is closed
during a permission check and re-opened with a file that contains a
positive response (ie: `y` or `A`). While FFI code is dangerous in
general, we can make it more difficult for FFI-enabled code to bypass
additional permission checks.

- Checks to see if the underlying file for stdin has changed from the
start to the end of the permission check (detects races)
- Checks to see if the message is excessively long (lowering the window
for races)
- Checks to see if stdin and stderr are still terminals at the end of
the function (making races more difficult)
2024-01-04 00:31:39 +01:00
David Sherret
7e72f3af61
chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
David Sherret
a24d3e8763
perf(node/fs): faster existsSync when not exists (#21458) 2023-12-04 21:05:40 +00:00
Ian Bull
e087851e54
fix(perm): allow-net with port 80 (#21221) 2023-12-01 19:03:53 +01:00
liruifengv
fc8f060ee3
fix(permissions): fix panics when revoking net permission (#21388)
fix #21385
2023-12-01 18:45:51 +01:00
Bartek Iwańczuk
2167a52d69
refactor: remove TimersPermissions::check_unstable (#20831)
This is dead code that was not used in any way.

Ref https://github.com/denoland/deno/pull/20797
2023-10-09 02:08:10 +02:00
Nayeem Rahman
1cce306022
fix(runtime/permissions): Resolve executable specifiers in allowlists and queries (#14130)
Closes #14122.

Adds two extensions to `--allow-run` behaviour:
- When `--allow-run=foo` is specified and `foo` is found in the `PATH`
at startup, `RunDescriptor::Path(which("foo"))` is added to the
allowlist alongside `RunDescriptor::Name("foo")`. Currently only the
latter is.
- When run permission for `foo` is queried and `foo` is found in the
`PATH` at runtime, either `RunDescriptor::Path(which("foo"))` or
`RunDescriptor::Name("foo")` would qualify in the allowlist. Currently
only the latter does.
2023-08-30 18:52:01 +01:00
Matt Mastracci
c272d26ae8
chore(cli): remove atty crate (#20275)
Removes a crate with an outstanding vulnerability.
2023-08-25 07:43:07 -06:00
Heyang Zhou
6d4a005e41
feat(ext/kv): connect to remote database (#20178)
This patch adds a `remote` backend for `ext/kv`. This supports
connection to Deno Deploy and potentially other services compatible with
the KV Connect protocol.
2023-08-22 13:56:00 +08:00
Asher Gomez
6fb7e8d93b
feat(permissions): add "--deny-*" flags (#19070)
This commit adds new "--deny-*" permission flags. These are complimentary to
"--allow-*" flags.

These flags can be used to restrict access to certain resources, even if they
were granted using "--allow-*" flags or the "--allow-all" ("-A") flag.

Eg. specifying "--allow-read --deny-read" will result in a permission error,
while "--allow-read --deny-read=/etc" will allow read access to all FS but the
"/etc" directory.

Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly
by adding, a new "PermissionStatus.partial" field. This field denotes that
while permission might be granted to requested resource, it's only partial (ie.
a "--deny-*" flag was specified that excludes some of the requested resources).
Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for
permissions like "Deno.permissions.query({ name: "read", path: "foo/" })"
will return "PermissionStatus { state: "granted", onchange: null, partial: true }",
denoting that some of the subpaths don't have read access.

Closes #18804.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
2023-08-03 13:19:19 +02:00
Leo Kettmeir
aa8078b688
feat(node/os): implement getPriority, setPriority & userInfo (#19370)
Takes #4202 over
Closes #17850 

---------

Co-authored-by: ecyrbe <ecyrbe@gmail.com>
2023-07-31 22:29:09 +02:00
Martin Fischer
801b9ec62d
chore: fix typos (#19572) 2023-06-26 09:10:27 -04:00
David Sherret
ff690b0ab4
chore: fix flaky stdio_streams_are_locked_in_permission_prompt (#19443) 2023-06-09 13:24:39 -04:00
David Sherret
5c55f2b4fb
chore: upgrade to Rust 1.70.0 (#19345)
Co-authored-by: linbingquan <695601626@qq.com>
2023-06-06 00:35:39 +00:00
Leo Kettmeir
be59e93220
refactor(node/http): don't use readablestream for writing to request (#19282)
Refactors the internal usage of a readablestream to write to the
resource directly

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-05-27 15:42:20 +02:00
David Sherret
5b4a9b48ae
refactor(ext/node): enforce interior mutable for NodePermissions to remove clones (#18831)
We can make `NodePermissions` rely on interior mutability (which the
`PermissionsContainer` is already doing) in order to not have to clone
everything all the time. This also reduces the chance of an accidental
`borrow` while `borrrow_mut`.
2023-04-24 21:07:48 -04:00
Luca Casonato
f90caa821c
refactor(ext/fs): abstract FS via FileSystem trait (#18599)
This commit abstracts out the specifics of the underlying system calls
FS operations behind a new `FileSystem` and `File` trait in the
`ext/fs` extension.

This allows other embedders to re-use ext/fs, but substituting in a
different FS backend.

This is likely not the final form of these traits. Eventually they will
be entirely `deno_core::Resource` agnostic, and will live in a seperate
crate.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-04-12 15:13:32 +02:00
Bartek Iwańczuk
51d3fb78ad
refactor: remove "ext/flash" (#18578)
With https://github.com/denoland/deno/pull/18568 landed we no longer
need "ext/flash". 

This commit removes "deno_flash" extension completely.

This should have some impact on the binary and snapshot size.

Closes https://github.com/denoland/deno/issues/17356
2023-04-03 19:01:02 +02:00
David Sherret
6fb6b0c1f3
chore: restore pty tests and make them run on the Linux CI (#18424)
1. Rewrites the tests to be more back and forth rather than getting the
output all at once (which I believe was causing the hangs on linux and
maybe mac)
2. Runs the pty tests on the linux ci.
3. Fixes a bunch of tests that were just wrong.
4. Adds timeouts on the pty tests.
2023-03-28 21:49:00 +00:00
Heyang Zhou
92ebf4afe5
feat(ext/kv): key-value store (#18232)
This commit adds unstable "Deno.openKv()" API that allows to open
a key-value database at a specified path.

---------

Co-authored-by: Luca Casonato <hello@lcas.dev>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-03-22 12:13:24 +08:00
David Sherret
fb021d7cef
refactor: remove usages of map_or / map_or_else (#18212)
These methods are confusing because the arguments are backwards. I feel
like they should have never been added to `Option<T>` and that clippy
should suggest rewriting to
`map(...).unwrap_or(...)`/`map(...).unwrap_or_else(|| ...)`

https://github.com/rust-lang/rfcs/issues/1025
2023-03-15 17:46:36 -04:00