1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-22 07:14:47 -05:00
Commit graph

1150 commits

Author SHA1 Message Date
David Sherret
2de4faa483
refactor: improve node permission checks (#26028)
Does less work when requesting permissions with `-A`
2024-10-04 20:55:41 +01:00
David Sherret
f288730c38
chore: enable lock_deno_json_package_json_deps (#26029) 2024-10-04 20:55:03 +01:00
Nathan Whitaker
dd8cbf5e29
fix(node): fix worker_threads issues blocking Angular support (#26024)
Fixes #22995. Fixes #23000.

There were a handful of bugs here causing the hang (each with a
corresponding minimized test):

- We were canceling recv futures when `receiveMessageOnPort` was called,
but this caused the "receive loop" in the message port to exit. This was
due to the fact that `CancelHandle`s are never reset (i.e., once you
`cancel` a `CancelHandle`, it remains cancelled). That meant that after
`receieveMessageOnPort` was called, the subsequent calls to
`op_message_port_recv_message` would throw `Interrupted` exceptions, and
we would exit the loop.

The cancellation, however, isn't actually necessary.
`op_message_port_recv_message` only borrows the underlying port for long
enough to poll the receiver, so the borrow there could never overlap
with `op_message_port_recv_message_sync`.

- Calling `MessagePort.unref()` caused the "receive loop" in the message
port to exit. This was because we were setting
`messageEventListenerCount` to 0 on unref. Not only does that break the
counter when multiple `MessagePort`s are present in the same thread, but
we also exited the "receive loop" whenever the listener count was 0. I
assume this was to prevent the recv promise from keeping the event loop
open.

Instead of this, I chose to just unref the recv promise as needed to
control the event loop.

- The last bug causing the hang (which was a doozy to debug) ended up
being an unfortunate interaction between how we implement our
messageport "receive loop" and a pattern found in `npm:piscina` (which
angular uses). The gist of it is that piscina uses an atomic wait loop
along with `receiveMessageOnPort` in its worker threads, and as the
worker is getting started, the following incredibly convoluted series of
events occurs:
   1. Parent sends a MessagePort `p` to worker
   2. Parent sends a message `m` to the port `p`
3. Parent notifies the worker with `Atomics.notify` that a new message
is available
   4. Worker receives message, adds "message" listener to port `p`
   5. Adding the listener triggers `MessagePort.start()` on `p`
6. Receive loop in MessagePort.start receives the message `m`, but then
hits an await point and yields (before dispatching the "message" event)
7. Worker continues execution, starts the atomic wait loop, and
immediately receives the existing notification from the parent that a
message is available
8. Worker attempts to receive the new message `m` with
`receiveMessageOnPort`, but this returns `undefined` because the receive
loop already took the message in 6
9. Atomic wait loop continues to next iteration, waiting for the next
message with `Atomic.wait`
10. `Atomic.wait` blocks the worker thread, which prevents the receive
loop from continuing and dispatching the "message" event for the
received message
11. The parent waits for the worker to respond to the first message, and
waits
12. The thread can't make any more progress, and the whole process hangs

The fix I've chosen here (which I don't particularly love, but it works)
is to just delay the `MessagePort.start` call until the end of the event
loop turn, so that the atomic wait loop receives the message first. This
prevents the hang.

---

Those were the main issues causing the hang. There ended up being a few
other small bugs as well, namely `exit` being emitted multiple times,
and not patching up the message port when it's received by
`receiveMessageOnPort`.
2024-10-04 09:26:32 -07:00
Satya Rohith
7b509e492e
tests: enable package_json_node_modules_none (#25825)
Co-authored-by: David Sherret <dsherret@gmail.com>
2024-10-04 09:56:13 +00:00
David Sherret
edac916604
fix(install): surface package.json dependency errors (#26023) 2024-10-04 07:52:00 +00:00
David Sherret
b8a9a4a862
Revert "feat: warn when using --allow-run with no allow list" (#26021)
Although using `--allow-run` without an allow list gives basically no
security, I think we should remove this warning because it gets in the
way and the only way to disable it is via --quiet.
2024-10-04 08:16:35 +01:00
Satya Rohith
779a98cd39
tests: enable specs::run::package_json::invalid_value (#25826)
Towards https://github.com/denoland/deno/issues/25241

Co-authored-by: David Sherret <dsherret@gmail.com>
2024-10-03 16:26:55 +00:00
Divy Srivastava
54467015e0
chore: show expectation diff for wpt tests (#26014)
Closes https://github.com/denoland/deno/issues/26012

```
========================================

failures:

        "/WebCryptoAPI/wrapKey_unwrapKey/wrapKey_unwrapKey.https.any.html - Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-CTR"

final result: failed. 1 passed; 1 failed; 0 expected failure; total 2 (15646ms)

diff --git a/Users/divy/gh/deno/tests/wpt/runner/expectation.json b/var/folders/ll/ltqsx4nx72v5_r7rlsl36pgm0000gn/T/375d79f1257b05cd
index fb2063935..4449c5d15 100644
--- a/Users/divy/gh/deno/tests/wpt/runner/expectation.json
+++ b/var/folders/ll/ltqsx4nx72v5_r7rlsl36pgm0000gn/T/375d79f1257b05cd
@@ -1531,6 +1531,7 @@
     },
     "wrapKey_unwrapKey": {
       "wrapKey_unwrapKey.https.any.html": [
+        "Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-CTR",
         "Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-CBC",
         "Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-GCM",
         "Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-KW",
```
2024-10-03 13:01:36 +00:00
Simon Lecoq
da7edf1c0c
fix: don't prompt when using Deno.permissions.request with --no-prompt (#25811) 2024-10-03 12:28:38 +00:00
Divy Srivastava
e54809f2d5
fix(ext/crypto): fix identity test for x25519 derive bits (#26011) 2024-10-03 16:46:48 +05:30
Nathan Whitaker
275418473e
fix(install): store tags associated with package in node_modules dir (#26000)
Fixes #25998. Fixes https://github.com/denoland/deno/issues/25928.

Originally I was just going to make this an error message instead of a
panic, but once I got to a minimal repro I felt that this really should
work.

The panic occurs when you have `nodeModulesDir: manual` (or a
package.json present), and you have an npm package with a tag in your
deno.json (see the spec test that illustrates this).

This code path only actually executes when trying to choose an
appropriate package version from `node_modules/.deno`, so we should be
able to fix it by storing some extra data at install time.

The fix proposed here is to repurpose the `.initialized` file that we
store in `node_modules` to store the tags associated with a package.
Basically, if you have a version requirement with a tag (e.g.
`npm:chalk@latest`), when we set up the node_modules folder for that
package, we store the tag (`latest`) in `.initialized`. Then, when doing
BYONM resolution, if we have a version requirement with a tag, we read
that file and check if the tag is present.

The downside is that we do more work when setting up `node_modules`. We
_could_ do this only when BYONM is enabled, but that would have the
downside of needing to re-run `deno install` when you switch from auto
-> manual, though maybe that's not a big deal.
2024-10-02 17:16:46 -07:00
Nathan Whitaker
1e0c9b8c5b
chore: disable flaky uv_test.js for now (#26003)
Will re-enable once I figure out the issue
2024-10-02 23:41:58 +00:00
Nathan Whitaker
cb74975ab2
fix(install): compare versions directly to decide whether to create a child node_modules dir for a workspace member (#26001)
Fixes #25861.

Previously we were attempting to match the version requirement against
the version already present in `node_modules` root, and if they didn't
match we would create a node_modules dir in the workspace member's
directory with the dependency.

Aside from the fact that this caused the panic, on second thought it
just doesn't make sense in general. We shouldn't be semver matching, as
resolution has already occurred and decided what package versions are
required. Instead, we can just compare the versions directly.
2024-10-02 15:11:43 -07:00
David Sherret
cac28b5262
feat(byonm): support deno run npm:<package> when package is not in package.json (#25981)
Closes https://github.com/denoland/deno/issues/25905
2024-10-02 21:17:39 +01:00
Nathan Whitaker
bbd4ae1bc1
fix(node): implement libuv APIs needed to support npm:sqlite3 (#25893)
Fixes #24740.

Implements the `uv_mutex_*` and `uv_async_*` APIs.

The mutex API is implemented exactly as libuv, a thin wrapper over the
OS's native mutex.

The async API is implemented in terms of napi_async_work. As documented
in the napi docs, you really shouldn't call `napi_queue_async_work`
multiple times (it is documented as undefined behavior). However, our
implementation doesn't have any issue with this, so I believe it suits
our purpose here.
2024-10-02 10:43:42 -07:00
Leo Kettmeir
1837aed79b
Revert "fix(urlpattern): fallback to empty string for undefined group values" (#25961) 2024-10-02 09:02:46 -07:00
Mohammad Sulaiman
3c193aef98
chore: deprecate check itests (#25963) 2024-10-02 09:22:35 +00:00
David Sherret
d116709d06
chore: remove unnecessary envs in spec tests (#25982) 2024-10-02 10:14:38 +01:00
Satya Rohith
32c1278736
feat(ext/node): buffer.transcode() (#25972)
Closes https://github.com/denoland/deno/issues/25911
2024-10-02 08:23:14 +00:00
Nayeem Rahman
3881b71734
feat(lsp): quick fix for @deno-types="npm:@types/*" (#25954) 2024-10-01 22:55:02 +01:00
David Sherret
4c8d57db03
BREAKING: rename "deps" remote cache folder to "remote" (#25969)
Closes https://github.com/denoland/deno/issues/25967
Closes #25968
2024-10-01 14:05:40 -04:00
Bartek Iwańczuk
c487a86b04
fix: Hide 'deno cache' from help output (#25960)
`deno cache` was soft-deprecated in favor of `deno install`. It should
not show up in the help output.
2024-10-01 15:05:21 +02:00
David Sherret
d7b787792c
fix(info): error instead of panic for npm specifiers when using byonm (#25947) 2024-09-30 19:46:43 +00:00
Marvin Hagemeister
c5c1869992
fix: precompile preserve SVG camelCase attributes (#25945)
See https://github.com/denoland/deno_ast/pull/278

Fixes https://github.com/denoland/deno/issues/25810
2024-09-30 21:25:30 +02:00
Nathan Whitaker
fbddd5a2eb
fix(node): Pass NPM_PROCESS_STATE to subprocesses via temp file instead of env var (#25896)
Fixes https://github.com/denoland/deno/issues/25401. Fixes
https://github.com/denoland/deno/issues/25841. Fixes
https://github.com/denoland/deno/issues/25891.
2024-09-27 12:35:37 -07:00
David Sherret
a8d1ab5276
fix(flags): --allow-all should conflict with lower permissions (#25909)
Using `--allow-all` with other `--allow-x` permission flags should cause
an error since `--allow-all` is a superset of `--allow-x`.

Closes #25901
2024-09-27 16:49:43 +00:00
Luca Casonato
6f0fbceaf2
fix(lint): correctly handle old jsx in linter (#25902)
Previously the CLI was incorrectly reporting `React` as unused in a JSX
file that uses the "old" transform.

The LSP was already handling this correctly.
2024-09-27 14:14:17 +00:00
Luca Casonato
3134abefa4
BREAKING(ext/net): improved error code accuracy (#25383)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-09-27 14:07:20 +00:00
Bartek Iwańczuk
09a7cc4723
refactor(fmt): rewrite HTML syntax error handling (#25892) 2024-09-26 20:44:36 -04:00
David Sherret
7cccb7422b
fix(info): move "version" field to top of json output (#25890) 2024-09-26 15:57:12 -04:00
Nathan Whitaker
543c687c34
feat(install): warn repeatedly about not-run lifecycle scripts on explicit installs (#25878)
Currently we only warn once. With this PR, we continue to warn about
not-run scripts on explicit `deno install` (or cache). For `run` (or
other subcommands) we only warn the once, as we do currently.
2024-09-26 17:13:33 +00:00
Nathan Whitaker
13c53d9727
fix(installl): make bin entries executable even if not put in node_modules/.bin (#25873)
Fixes https://github.com/denoland/deno/issues/25862.

npm only makes bin entries executable if they get linked into `.bin`, as
we did before this PR. So this PR actually deviates from npm, because
it's the only reasonable way to fix this that I can think of.

---

The reason this was broken in moment is the following:

Moment has dependencies on two typescript versions: 1.8 and 3.1

If you have two packages with conflicting bin entries (i.e. two
typescript versions which both have a bin entry `tsc`), in npm it is
non-deterministic and undefined which one will end up in `.bin`.

npm, due to implementation differences, chooses to put typescript 1.8
into the `.bin` directory, and so `node_modules/typescript/bin/tsc` ends
up getting marked executable. We, however, choose typescript 3.2, and so
we end up making `node_modules/typescript3/bin/tsc` executable.

As part of its tests, moment executes `node_modules/typescript/bin/tsc`.
Because we didn't make it executable, this fails.

Since the conflict resolution is undefined in npm, instead of trying to
match it, I think it makes more sense to just make bin entries
executable even if they aren't chosen in the case of a conflict.
2024-09-26 09:36:25 -07:00
David Sherret
7437f9d944
fix(doc): surface graph errors as warnings (#25888) 2024-09-26 12:31:03 -04:00
Bartek Iwańczuk
5504acea67
feat: add --allow-import flag (#25469)
This replaces `--allow-net` for import permissions and makes the
security sandbox stricter by also checking permissions for statically
analyzable imports.

By default, this has a value of
`--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`,
but that can be overridden by providing a different set of hosts.

Additionally, when no value is provided, import permissions are inferred
from the CLI arguments so the following works because
`fresh.deno.dev:443` will be added to the list of allowed imports:

```ts
deno run -A -r https://fresh.deno.dev
```

---------

Co-authored-by: David Sherret <dsherret@gmail.com>
2024-09-26 01:50:54 +00:00
Mohammad Sulaiman
c232ecc6af
chore: deprecate npm itests (#25804) 2024-09-25 18:46:18 +00:00
David Sherret
8cdb309ffd
fix(check): properly surface dependency errors in types file of js file (#25860)
We weren't surfacing dependency errors in types files of js files.
2024-09-25 09:04:57 -04:00
Nathan Whitaker
5c40b47629
fix(add/install): default to "latest" tag for npm packages in deno add npm:pkg (#25858)
Fixes #25813.

I initially tried doing this in `deno_semver`, where it's a cleaner
change, but that caused breakage in deno in places where we don't expect
a tag (see https://github.com/denoland/deno/issues/25857).

This does not fix wildcard requirements failing to choose pre-release
versions. That's a little more involved and I'll do a separate PR.
2024-09-25 01:10:01 +00:00
Bartek Iwańczuk
6c26c1ed96
feat(fmt): better error on malfored HTML files (#25853)
Improves syntax errors for HTML formatter.

`broken.html`

```html
<div class=container > content 
```

```
$ deno fmt broken.html
Error formatting: /Users/ib/dev/deno/tests/specs/fmt/html/broken.html
   syntax error 'expect close tag' at line 3, column 0
Checked 1 file
```

```
$ ./target/debug/deno fmt broken.html
Error formatting: /Users/ib/dev/deno/tests/specs/fmt/html/broken.html
   Syntax error (expect close tag) at file:///Users/ib/dev/deno/tests/specs/fmt/html/broken.html:3:0

Checked 1 file
```
2024-09-25 01:00:16 +00:00
David Sherret
c4f7b2ac00
fix(check): ignore noImplicitOverrides in remote modules (#25854) 2024-09-24 20:49:44 -04:00
Bartek Iwańczuk
a4f59c7761
test: disable 'test-child-process-ipc-next-tick.js' Node compat test (#25856)
This test is super flaky recently.

See https://github.com/denoland/deno/issues/25855 for more details.
2024-09-25 01:44:34 +02:00
Nathan Whitaker
36ebc03f17
fix(cli): Warn on not-run lifecycle scripts with global cache (#25786)
Refactors the lifecycle scripts code to extract out the common
functionality and then uses that to provide a warning in the global
resolver.

While ideally we would still support them with the global cache, for now
a warning is at least better than the status quo (where people are
unaware why their packages aren't working).
2024-09-24 19:23:57 +00:00
Leo Kettmeir
5a1943cd95
fix: better error for Deno.UnsafeWindowSurface, correct HttpClient name, cleanup unused code (#25833) 2024-09-24 07:04:52 -07:00
Bartek Iwańczuk
3242550f5f
fix(fmt): --check was broken for CSS, YAML and HTML (#25848)
`deno fmt --check` was broken for CSS, YAML and HTML files.

Before this PR, formatting any of these file types would return a
string, even though the contract in `cli/tools/fmt.rs` is to only return a
string if the formatting changed. This causes wrong flagging of these files
as being badly formatted even though diffs showed nothing (because
they were in fact formatted properly).

Closes https://github.com/denoland/deno/issues/25840
2024-09-24 15:54:48 +02:00
Nathan Whitaker
1e261c9756
fix: Update deno_npm to fix deno install with crossws (#25837)
Partially addresses https://github.com/denoland/deno/issues/25648.

This allows packages that use `crossws` to be installed with `deno
install`. `crossws` specifies an optional peer dependency on
`uWebSockets`, but `uWebSockets` is not on npm (it is used with `git:`
or `github:` specifiers). Previously we would error on this, now we
don't error on non-existent optional peer dependencies.
2024-09-24 02:12:48 +00:00
Bartek Iwańczuk
74e294c8c1
refactor: reenable more tests after DENO_FUTURE migration (#25752)
Rewrites and reenables following tests:
- `task::task_both_package_json_selected`
2024-09-24 03:33:03 +02:00
David Sherret
e1c8d2755e
BREAKING: remove support for remote import maps in deno.json (#25836)
This is for security reasons for the time being for Deno 2. Details to
follow post Deno 2.0 release.

Remote import maps seem incredibly rare (only 2 usages on GitHub from
what I can tell), so we'll add this back with more permissions if
there's enough demand for it:
https://github.com/search?type=code&q=%2F%22importMap%22%3A+%22http%2F

In the meantime, use the `--import-map` flag and `"deno.importMap"`
config in the LSP for remote import maps.
2024-09-23 18:46:50 +00:00
Óscar Otero
1287739ddf
feat(fmt): support vto and njk extensions (#25831)
Fixes #25802

markup_fmt plugin supports some HTML-like formats like Angular, Jinja,
Twig, Nunjucks or Vento, that are not supported by `deno fmt`. This PR
adds support for the extensions `njk` (Nunjucks) and `vto` (Vento).
Angular doesn't have a custom extension (it uses `html` afaik) and Jinja
and Twig are template engines written in Python and PHP respectively so
it doesn't make sense to be supported by Deno.
2024-09-23 14:27:58 -04:00
Bartek Iwańczuk
a7ac89935b
feat(fmt): stabilize CSS, HTML and YAML formatters (#25753)
This commits stabilizes CSS, HTML and YAML formatters
in `deno fmt`.

It is no longer required to use either of these flags:
- `--unstable-css`
- `--unstable-html`
- `--unstable-yaml`
Or these `unstable` options in the config file:
- `fmt-css`
- `fmt-html`
- `html-yaml`
2024-09-23 18:01:04 +02:00
Satya Rohith
cab3363026
tests: update specs::cache::package_json (#25827)
Towards https://github.com/denoland/deno/issues/25241
2024-09-23 20:17:43 +05:30
Divy Srivastava
bfdca5bc7a
feat(ext/crypto): import and export p521 keys (#25789)
Towards https://github.com/denoland/deno/issues/13449
2024-09-23 19:40:36 +05:30