1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-11-21 15:04:11 -05:00
Commit graph

76 commits

Author SHA1 Message Date
Leo Kettmeir
fe9f0ee593
refactor(runtime/permissions): use concrete error types (#26464) 2024-11-04 09:17:21 -08:00
David Sherret
c8f692057b
refactor: bury descriptor parsing in PermissionsContainer (#25936)
Closes https://github.com/denoland/deno/issues/25634
2024-09-30 09:19:24 -04:00
David Sherret
fc739dc5eb
refactor: use deno_path_util (#25918) 2024-09-28 07:55:01 -04:00
Bartek Iwańczuk
5504acea67
feat: add --allow-import flag (#25469)
This replaces `--allow-net` for import permissions and makes the
security sandbox stricter by also checking permissions for statically
analyzable imports.

By default, this has a value of
`--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`,
but that can be overridden by providing a different set of hosts.

Additionally, when no value is provided, import permissions are inferred
from the CLI arguments so the following works because
`fresh.deno.dev:443` will be added to the list of allowed imports:

```ts
deno run -A -r https://fresh.deno.dev
```

---------

Co-authored-by: David Sherret <dsherret@gmail.com>
2024-09-26 01:50:54 +00:00
David Sherret
62e952559f
refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)
This makes the permission system more versatile.
2024-09-16 21:39:37 +01:00
David Sherret
386d5c8310
refactor: remove PermissionsContainer in deno_runtime (#24119)
Also removes permissions being passed in for node resolution. It was
completely useless because we only checked it for reading package.json
files, but Deno reading package.json files for resolution is perfectly
fine.

My guess is this is also a perf improvement because Deno is doing less
work.
2024-06-06 23:37:53 -04:00
Matt Mastracci
472a370640
feat(runtime): Allow embedders to perform additional access checks on file open (#23208)
Embedders may have special requirements around file opening, so we add a
new `check_open` permission check that is called as part of the file
open process.
2024-04-19 18:12:03 -06:00
Divy Srivastava
de28e6fc09
refactor: add deno_permissions crate (#22236)
Issue https://github.com/denoland/deno/issues/22222


![image](https://github.com/denoland/deno/assets/34997667/2af8474b-b919-4519-98ce-9d29bc7829f2)

This PR moves `runtime/permissions` code to a upstream crate called
`deno_permissions`. The `deno_permissions::PermissionsContainer` is put
into the OpState and can be used instead of the current trait-based
permissions system.

For this PR, I've migrated `deno_fetch` to the new crate but kept the
rest of the trait-based system as a wrapper of `deno_permissions` crate.
Doing the migration all at once is error prone and hard to review.

Comparing incremental compile times for `ext/fetch` on Mac M1:

| profile | `cargo build --bin deno` | `cargo plonk build --bin deno` |
| --------- | ------------- | ------------------- |
| `debug`   | 20 s          | 0.8s                |
| `release` | 4 mins 12 s   | 1.4s                  |
2024-03-12 10:42:26 -07:00
Bartek Iwańczuk
7b212bc574
refactor(permissions): factor out PermissionPrompter trait, add callbacks (#16975)
This commit refactors several things in "runtime/permissions" module:
- splits it into "mod.rs" and "prompter.rs"
- adds "PermissionPrompter" trait with two implementations:
 * "TtyPrompter"
 * "TestPrompter"
- adds "before" and "after" prompt callback which can be used to hide
progress bar in the CLI (to be done in a follow up)
- "permissions_prompt" API returns "PromptResponse" enum, instead
of a boolean; this allows to add "allow all"/"deny all" functionality
for the prompt
2022-12-18 01:12:28 +01:00
sigmaSd
ddd3506e69
fix(permissions): Allow ancestor path for --allow-ffi (#16765)
This commit changes "--allow-ffi" flag to support "parent paths",
ie. if an FFI library is loaded we are checking if the library has an
ancestor path in the allowlist for the FFI permission descriptor.
2022-12-14 21:38:53 +01:00
Colin Ihrig
37340e2386
chore(unstable): rename Deno.getUid() and Deno.getGid() (#16432)
This commit renames `Deno.getUid()` to `Deno.uid()` and renames
`Deno.getGid()` to `Deno.gid()`.
2022-10-26 16:37:48 -04:00
Divy Srivastava
0b016a7fb8
feat(npm): implement Node API (#13633)
This PR implements the NAPI for loading native modules into Deno. 

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: DjDeveloper <43033058+DjDeveloperr@users.noreply.github.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
2022-10-05 19:36:44 +05:30
Yoshiya Hinosawa
15ea624790
refactor(cli): use shared sys kind parser in flags.rs (#16087) 2022-09-29 19:34:16 +09:00
Yoshiya Hinosawa
fa9e7aab6d
feat: add --allow-sys permission flag (#16028) 2022-09-28 21:46:50 +09:00
Bartek Iwańczuk
212b7dd6da
feat: Add requesting API name to permission prompt (#15936)
Co-authored-by: Leo Kettmeir <crowlkats@toaxl.com>
2022-09-27 22:36:33 +02:00
Yoshiya Hinosawa
f3dd13730c
fix(runtime): refresh perm prompt 3 lines instead of 4 (#16049) 2022-09-27 18:07:49 +09:00
Bartek Iwańczuk
b20431c5f9
feat: Refresh interactive permission prompt (#15907)
Co-authored-by: David Sherret <dsherret@users.noreply.github.com>
2022-09-22 14:16:06 +02:00
Divy Srivastava
698a340ad7
perf: fs optimizations - part 1 (#15873) 2022-09-22 14:39:25 +05:30
Ben Noordhuis
b1b418b81a
chore: fix clippy warnings (#15944)
Stop allowing clippy::derive-partial-eq-without-eq and fix warnings
about deriving PartialEq without also deriving Eq.

In one case I removed the PartialEq because it a) wasn't necessary,
and b) sketchy because it was comparing floating point numbers.

IMO, that's a good argument for enforcing the lint rule, because it
would most likely have been caught during review if it had been enabled.
2022-09-19 10:25:03 +02:00
Divy Srivastava
8e1c0e5141
perf(runtime): optimize allocations in read/write checks (#15631) 2022-08-27 20:50:05 +05:30
Bartek Iwańczuk
6bb72a8086
feat(unstable): add more permission checks for ext/node/ (#15581) 2022-08-24 18:07:49 +02:00
Divy Srivastava
cd21cff299
feat(ext/flash): An optimized http/1.1 server (#15405)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Ben Noordhuis <info@bnoordhuis.nl>
Co-authored-by: crowlkats <crowlkats@toaxl.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
2022-08-18 17:35:02 +05:30
Leo Kettmeir
d0ffa0beb5
fix(permissions): ignore empty values (#15447) 2022-08-10 21:13:53 +02:00
David Sherret
635eed9373
chore: fix Windows specific clippy errors (#15212) 2022-07-15 12:30:25 -04:00
Luca Casonato
8d82ba7299
build: require safety comments on unsafe code (#13870)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2022-06-26 00:13:24 +02:00
David Sherret
7919dc902d
fix(permissions): fallback to denied access if the permission prompt fails (#14235) 2022-04-18 09:00:38 -04:00
Luca Casonato
daa7c6d32a
fix: actually don't inherit runtime permissions (#14024) 2022-03-20 22:46:39 +01:00
Luca Casonato
a7bef54d3f
BREAKING: don't inherit permissions by default (#13668)
Previously specifying permissions: {} was the same as specifying
permissions: "inherit". Now it will be the same as permissions: "none".
Not specifying any permissions (permissions: undefined) still means
permissions: "inherit".
2022-03-16 01:43:14 +01:00
David Sherret
3b12afd072
chore: upgrade to Rust 1.59 (#13767) 2022-02-24 20:03:12 -05:00
Leo Kettmeir
4a144c7d6e
chore(permissions): clean up duplicate arguments (#13700) 2022-02-17 15:15:29 +01:00
Ryan Dahl
e5b5753dd3
feat: never prompt for hrtime permission (#13696) 2022-02-17 00:17:24 +01:00
Ryan Dahl
57f4b0e5af
feat: Add hint to permission prompt to display allow flag (#13695) 2022-02-17 00:14:46 +01:00
Andreu Botella
760f4c9e24
chore(ext/timers): move ext/timers to ext/web (#13665) 2022-02-15 12:17:30 +01:00
David Sherret
ad224f53c7
chore: upgrade to rust 1.58 (#13377) 2022-01-15 07:10:12 +01:00
Ryan Dahl
1fb5858009
chore: update copyright to 2022 (#13306)
Co-authored-by: Erfan Safari <erfanshield@outlook.com>
2022-01-07 22:09:52 -05:00
Divy Srivastava
6de53b631f
refactor: use once_cell instead of lazy_static (#13135) 2021-12-18 16:14:42 -05:00
Elias Sjögreen
ee49cce726
feat(ext/ffi): implement UnsafePointer and UnsafePointerView (#12828) 2021-12-15 15:41:49 +01:00
David Sherret
c5a35aba82
chore: fix flaky permissions tests on windows (#12552) 2021-10-26 11:49:07 -04:00
Nayeem Rahman
7a22df9b76
fix(runtime/ops/worker_host): move permission arg parsing to Rust (#12297) 2021-10-13 13:04:44 -04:00
David Sherret
c3e441c5b5
fix: worker environment permissions should accept an array (#12250) 2021-09-30 15:50:59 -04:00
Nayeem Rahman
faefe2300d
fix(cli/permissions): ensure revoked permissions are no longer granted (#12159)
Fixes #12153
2021-09-24 15:48:15 +10:00
Aaron O'Mullan
a33ee087ce
perf(ops): optimize permission check (#11800)
* perf(ops): optimize permission check

Removes the overhead of permission check on access granted (should be common case):

Delta measured on `perf_now` from `deno_common` bench:
- before: `528ns/op
- after: `166ns/op`

So ~3x faster
2021-09-23 00:45:58 +02:00
David Sherret
5e2c5d0afa
fix: permission prompt stuffing on Windows (#11969) 2021-09-14 08:37:27 -04:00
Ryan Dahl
fb35cd0ef4
fix: permission prompt stuffing (#11931)
Fixes #9750
2021-09-09 08:38:47 -04:00
Elias Sjögreen
33c8d790c3
feat: ffi to replace plugins (#11152)
This commit removes implementation of "native plugins" and replaces
it with FFI API.

Effectively "Deno.openPlugin" API was replaced with "Deno.dlopen" API.
2021-08-06 23:28:10 +02:00
Yusuke Tanaka
8f00b5542c
chore: upgrade Rust to 1.54.0 (#11554) 2021-07-30 15:03:41 +02:00
David Sherret
7fc0e8ec8c
chore: use parking_lot for synchronization primitives to align with tokio (#11289)
parking_lot is already transitively used in tokio via the "full" cargo feature
2021-07-06 23:48:01 -04:00
Bartek Iwańczuk
38a7128cdd
feat: Add "deno_net" extension (#11150)
This commits moves implementation of net related APIs available on "Deno"
namespace to "deno_net" extension.

Following APIs were moved:
- Deno.listen()
- Deno.connect()
- Deno.listenTls()
- Deno.serveHttp()
- Deno.shutdown()
- Deno.resolveDns()
- Deno.listenDatagram()
- Deno.startTls()
- Deno.Conn
- Deno.Listener
- Deno.DatagramConn
2021-06-29 01:43:03 +02:00
David Sherret
6ee983b127
chore(tools): Fix stdout buffer of launched process getting full causing tools/lint.js to hang on Windows (#10888)
Also fix Windows only clippy issues.
2021-06-07 22:29:47 -04:00
Ryan Dahl
18c75f0e42
Switch grant/deny prompt to yes/no (#10547) 2021-05-10 07:11:34 -04:00