1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-12 17:09:00 -05:00
Commit graph

23 commits

Author SHA1 Message Date
Asher Gomez
6fb7e8d93b
feat(permissions): add "--deny-*" flags (#19070)
This commit adds new "--deny-*" permission flags. These are complimentary to
"--allow-*" flags.

These flags can be used to restrict access to certain resources, even if they
were granted using "--allow-*" flags or the "--allow-all" ("-A") flag.

Eg. specifying "--allow-read --deny-read" will result in a permission error,
while "--allow-read --deny-read=/etc" will allow read access to all FS but the
"/etc" directory.

Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly
by adding, a new "PermissionStatus.partial" field. This field denotes that
while permission might be granted to requested resource, it's only partial (ie.
a "--deny-*" flag was specified that excludes some of the requested resources).
Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for
permissions like "Deno.permissions.query({ name: "read", path: "foo/" })"
will return "PermissionStatus { state: "granted", onchange: null, partial: true }",
denoting that some of the subpaths don't have read access.

Closes #18804.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
2023-08-03 13:19:19 +02:00
Nayeem Rahman
d5efdeeff1
refactor: update core extension api usage (#19952) 2023-07-31 18:19:15 +00:00
Bartek Iwańczuk
ad3c494b46
Revert "Reland "refactor(core): cleanup feature flags for js source i… (#19611)
…nclusion" (#19519)"

This reverts commit 28a4f3d0f5.

This change causes failures when used outside Deno repo:
```
============================================================
Deno has panicked. This is a bug in Deno. Please report this
at https://github.com/denoland/deno/issues/new.
If you can reliably reproduce this panic, include the
reproduction steps and re-run with the RUST_BACKTRACE=1 env
var set and include the backtrace in your report.

Platform: linux x86_64
Version: 1.34.3+b37b286
Args: ["/opt/hostedtoolcache/deno/0.0.0-b37b286f7fa68d5656f7c180f6127bdc38cf2cf5/x64/deno", "test", "--doc", "--unstable", "--allow-all", "--coverage=./cov"]

thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Failed to read "/home/runner/work/deno/deno/core/00_primordials.js"

Caused by:
    No such file or directory (os error 2)', core/runtime/jsruntime.rs:699:8
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
```
2023-06-26 13:54:10 +02:00
Nayeem Rahman
28a4f3d0f5
Reland "refactor(core): cleanup feature flags for js source inclusion" (#19519)
Relands #19463. This time the `ExtensionFileSourceCode` enum is
preserved, so this effectively just splits feature
`include_js_for_snapshotting` into `exclude_js_sources` and
`runtime_js_sources`, adds a `force_include_js_sources` option on
`extension!()`, and unifies `ext::Init_ops_and_esm()` and
`ext::init_ops()` into `ext::init()`.
2023-06-25 09:35:31 +02:00
Bartek Iwańczuk
60bf79c184
Revert "refactor(core): cleanup feature flags for js source inclusion… (#19490)
… (#19463)"

This reverts commit ceb03cfb03.

This is being reverted because it causes 3.5Mb increase in the binary
size,
due to runtime JS code being included in the binary, even though it's
already snapshotted.

CC @nayeemrmn
2023-06-13 22:36:16 +00:00
Nayeem Rahman
ceb03cfb03
refactor(core): cleanup feature flags for js source inclusion (#19463)
Remove `ExtensionFileSourceCode::LoadedFromFsDuringSnapshot` and feature
`include_js_for_snapshotting` since they leak paths that are only
applicable in this repo to embedders. Replace with feature
`exclude_js_sources`. Additionally the feature
`force_include_js_sources` allows negating it, if both features are set.
We need both of these because features are additive and there must be a
way of force including sources for snapshot creation while still having
the `exclude_js_sources` feature. `force_include_js_sources` is only set
for build deps, so sources are still excluded from the final binary.

You can also specify `force_include_js_sources` on any extension to
override the above features for that extension. Towards #19398.

But there was still the snapshot-from-snapshot situation where code
could be executed twice, I addressed that by making `mod_evaluate()` and
scripts like `core/01_core.js` behave idempotently. This allowed
unifying `ext::init_ops()` and `ext::init_ops_and_esm()` into
`ext::init()`.
2023-06-13 09:45:06 -06:00
Luca Casonato
1f9d47b174
refactor: prefix ops w/ crate they are defined in (#19044)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-05-08 23:07:45 +02:00
David Sherret
df1ca4a158
refactor(ext/fs): deno_fs::FileSystem - conditional Send + Sync (#18993)
This allows for having a conditional `Send + Sync` on the file system trait for Deploy.
2023-05-08 11:02:02 -04:00
David Sherret
5270c43e41
refactor(ext/fs): boxed deno_fs::FileSystem (#18945)
1. Boxed `File` and `FileSystem` to allow more easily passing this
through the CLI code (as shown within this pr).
2. `StdFileResource` is now `FileResource`. `FileResource` now contains
an `Rc<dyn File>`.
2023-05-04 14:28:42 -04:00
Luca Casonato
bcbdaac7e6
chore(ext/fs): decouple fs trait from deno_core (#18732)
This commit removes the dependencies on `deno_core` for the Fs trait.
This allows to move the trait into a different crate that does not
depend on core in the limit.

This adds a new `bounds` field to `deno_core::extension!` that expands
to `where` clauses on the generated code. This allows to add bounds to
the extension parameters, such as `Fs::File: Resource`.
2023-04-17 16:10:59 +02:00
Luca Casonato
f90caa821c
refactor(ext/fs): abstract FS via FileSystem trait (#18599)
This commit abstracts out the specifics of the underlying system calls
FS operations behind a new `FileSystem` and `File` trait in the
`ext/fs` extension.

This allows other embedders to re-use ext/fs, but substituting in a
different FS backend.

This is likely not the final form of these traits. Eventually they will
be entirely `deno_core::Resource` agnostic, and will live in a seperate
crate.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-04-12 15:13:32 +02:00
Mike Mulchrone
3c5350f949
chore: Improving FS Error Message for op_realpath_sync and op_realpath_async (#18404)
#17526
2023-03-26 12:20:51 +03:00
David Sherret
2fcf1f14cf
feat: TypeScript 5.0.2 (except decorators) (#18294)
This upgrades TypeScript to 5.0.2, but does not have ES decorator
support because swc does not support that yet.
2023-03-21 15:46:40 +00:00
Kamil Ogórek
dd1e650063
fix(runtime): Extract error code for all OS error variants (#17958) 2023-03-19 00:01:50 +00:00
Matt Mastracci
3487fde236
perf(core) Reduce copying and cloning in extension initialization (#18252)
Follow-up to #18210:

* we are passing the generated `cfg` object into the state function
rather than passing individual config fields
 * reduce cloning dramatically by making the state_fn `FnOnce`
 * `take` for `ExtensionBuilder` to avoid more unnecessary copies
 * renamed `config` to `options`
2023-03-17 22:15:27 +00:00
Matt Mastracci
e55b448730
feat(core) deno_core::extension! macro to simplify extension registration (#18210)
This implements two macros to simplify extension registration and centralize a lot of the boilerplate as a base for future improvements:

* `deno_core::ops!` registers a block of `#[op]`s, optionally with type
parameters, useful for places where we share lists of ops
* `deno_core::extension!` is used to register an extension, and creates
two methods that can be used at runtime/snapshot generation time:
`init_ops` and `init_ops_and_esm`.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-03-17 18:22:15 +00:00
Bartek Iwańczuk
48a0b7f98f
feat(fs): support FileInfo.dev on Windows (#18073)
This commit adds support for retrieving `dev` information
when stating files on Windows.

Additionally `Deno.FileInfo` interfaces was changed to always
return 0 for fields that we don't retrieve information for on Windows.

Closes https://github.com/denoland/deno/issues/18053

---------

Co-authored-by: David Sherret <dsherret@gmail.com>
2023-03-16 02:35:13 +01:00
David Sherret
fb021d7cef
refactor: remove usages of map_or / map_or_else (#18212)
These methods are confusing because the arguments are backwards. I feel
like they should have never been added to `Option<T>` and that clippy
should suggest rewriting to
`map(...).unwrap_or(...)`/`map(...).unwrap_or_else(|| ...)`

https://github.com/rust-lang/rfcs/issues/1025
2023-03-15 17:46:36 -04:00
ud2
3db03abf88
fix(ext/fs): retry if file already exists in makeTempFile (#17787)
Closes #17781.
2023-03-13 20:54:34 +01:00
Bartek Iwańczuk
d1685b120b
refactor(core): remove RuntimeOptions::extensions_with_js (#18099)
This commit removes "deno_core::RuntimeOptions::extensions_with_js".

Now it's embedders' responsibility to properly register extensions
that will not contains JavaScript sources when running from an existing
snapshot.

Prerequisite for https://github.com/denoland/deno/pull/18080
2023-03-09 19:22:27 -05:00
Bartek Iwańczuk
8f207c0f3f
refactor: Split extension registration for runtime and snapshotting (#18095)
This commit splits "<ext_name>::init" functions into "init_ops" and
"init_ops_and_esm". That way we don't have to construct list of
ESM sources on each startup if we're running with a snapshot.

In a follow up commit "deno_core" will be changed to not have a split
between "extensions" and "extensions_with_js" - it will be embedders'
responsibility to pass appropriately configured extensions.

Prerequisite for https://github.com/denoland/deno/pull/18080
2023-03-09 14:56:19 +00:00
Bartek Iwańczuk
b32a6f8ad2
refactor(core): don't use Result in ExtensionBuilder::state (#18066)
There's no point for this API to expect result. If something fails it should
result in a panic during build time to signal to embedder that setup is
wrong.
2023-03-07 22:37:37 +01:00
Bartek Iwańczuk
fe368b72c1
refactor: Add "deno_fs" extension crate (#18040)
This commit factors out APIs related to file system from "runtime/"
to a separate "deno_fs" extension crate.
2023-03-07 18:13:44 +09:00
Renamed from runtime/ops/fs.rs (Browse further)