1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-27 01:29:14 -05:00
Commit graph

88 commits

Author SHA1 Message Date
Leo Kettmeir
cf49599359
feat: permission stack traces in ops (#26938)
This commit improves permission prompts by adding an option
to print a full trace of where the permissions is being requested.

Due to big performance hint of stack trace collection, this is only
enabled when `DENO_TRACE_PERMISSIONS` env var is present.

Closes https://github.com/denoland/deno/issues/20756

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-20 21:24:04 +00:00
David Sherret
119910f339
fix(permissions): say to use --allow-run instead of --allow-all (#26842)
For https://github.com/denoland/deno/issues/26839
2024-11-12 17:14:19 -05:00
Leo Kettmeir
fe9f0ee593
refactor(runtime/permissions): use concrete error types (#26464) 2024-11-04 09:17:21 -08:00
Leo Kettmeir
f26c8bcf31
refactor(runtime/ops): use concrete error types (#26409) 2024-10-22 01:41:08 -07:00
David Sherret
fc739dc5eb
refactor: use deno_path_util (#25918) 2024-09-28 07:55:01 -04:00
Nathan Whitaker
fbddd5a2eb
fix(node): Pass NPM_PROCESS_STATE to subprocesses via temp file instead of env var (#25896)
Fixes https://github.com/denoland/deno/issues/25401. Fixes
https://github.com/denoland/deno/issues/25841. Fixes
https://github.com/denoland/deno/issues/25891.
2024-09-27 12:35:37 -07:00
David Sherret
62e952559f
refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)
This makes the permission system more versatile.
2024-09-16 21:39:37 +01:00
Nathan Whitaker
18b89d948d
fix(ext/node): Implement detached option in child_process (#25218)
Fixes https://github.com/denoland/deno/issues/25193.
2024-09-12 19:24:58 +00:00
Luca Casonato
7bfcb4dd10
feat(cli): use NotCapable error for permission errors (#25431)
Closes #7394

---------

Co-authored-by: snek <snek@deno.com>
2024-09-10 11:12:24 -07:00
David Sherret
dd208a6df0
fix(regression): do not expose resolved path in Deno.Command permission denied error (#25434)
Regression from https://github.com/denoland/deno/pull/25370
2024-09-04 22:57:49 +00:00
David Sherret
74fc66da11
fix: lock down allow-run permissions more (#25370)
`--allow-run` even with an allow list has essentially been
`--allow-all`... this locks it down more.

1. Resolves allow list for `--allow-run=` on startup to an absolute
path, then uses these paths when evaluating if a command can execute.
Also, adds these paths to `--deny-write`
1. Resolves the environment (cwd and env vars) before evaluating
permissions and before executing a command. Then uses this environment
to evaluate the permissions and then evaluate the command.
2024-09-04 14:51:24 +02:00
Bartek Iwańczuk
71e4ac774b
BREAKING(unstable): drop support for Deno.run.{clearEnv,gid,uid} (#25371)
These are unstable options and the APIs is now deprecated. To limit
amount of unstable flags we elected to have these APIs removed.
2024-09-03 11:07:02 +02:00
David Sherret
c6793f52b9
fix(permissions): disallow any LD_ or DYLD_ prefixed env var without full --allow-run permissions (#25271)
Follow up to https://github.com/denoland/deno/pull/25221

I looked into what the list was and it was quite extensive, so I think
as suggested in
https://github.com/denoland/deno/issues/11964#issuecomment-2314585135 we
should disallow this for any `LD_` prefixed env var.
2024-08-28 21:11:37 -04:00
David Sherret
1a6fd38f2f
fix(permissions): disallow launching subprocess with LD_PRELOAD env var without full run permissions (#25221)
Ref https://github.com/denoland/deno/pull/25215

Closes https://github.com/denoland/deno/issues/11964
2024-08-27 22:03:09 -04:00
Nathan Whitaker
8749d651fb
fix(node): Create additional pipes for child processes (#25016)
Linux/macos only currently.

Part of https://github.com/denoland/deno/issues/23524 (fixes it on
platforms other than windows).
Part of #16899  (fixes it on platforms other than windows).

After this PR, playwright is functional on mac/linux.
2024-08-15 09:38:46 -07:00
Nathan Whitaker
cd59fc53a5
fix(node): Rework node:child_process IPC (#24763)
Fixes https://github.com/denoland/deno/issues/24756. Fixes
https://github.com/denoland/deno/issues/24796.

This also gets vitest working when using
[`--pool=forks`](https://vitest.dev/guide/improving-performance#pool)
(which is the default as of vitest 2.0). Ref
https://github.com/denoland/deno/issues/23882.

---

This PR resolves a handful of issues with child_process IPC. In
particular:

- We didn't support sending typed array views over IPC
- Opening an IPC channel resulted in the event loop never exiting
- Sending a `null` over IPC would terminate the channel
- There was some UB in the read implementation (transmuting an `&[u8]`
to `&mut [u8]`)
- The `send` method wasn't returning anything, so there was no way to
signal backpressure (this also resulted in the benchmark
`child_process_ipc.mjs` being misleading, as it tried to respect
backpressure. That gave node much worse results at larger message sizes,
and gave us much worse results at smaller message sizes).
- We weren't setting up the `channel` property on the `process` global
(or on the `ChildProcess` object), and also didn't have a way to
ref/unref the channel
- Calling `kill` multiple times (or disconnecting the channel, then
calling kill) would throw an error
- Node couldn't spawn a deno subprocess and communicate with it over IPC
2024-07-30 16:13:24 -07:00
Divy Srivastava
3735a1a542
fix(ext/node): support stdin child_process IPC & fd stdout/stderr (#24106)
Add supports for "ipc" and fd options in child_process spawn API.

Internal changes: Adds a hidden rid and "ipc_for_internal_use" option to
Deno.Command. Used by `node:child_process`

Example:
```js
const out = fs.openSync("./logfile.txt", 'a')
const proc = spawn(process.execPath, ["./main.mjs", "child"], {
  stdio: ["ipc", out, "inherit"]
});
```

Ref #16753
2024-06-07 22:51:32 +05:30
David Sherret
386d5c8310
refactor: remove PermissionsContainer in deno_runtime (#24119)
Also removes permissions being passed in for node resolution. It was
completely useless because we only checked it for reading package.json
files, but Deno reading package.json files for resolution is perfectly
fine.

My guess is this is also a perf improvement because Deno is doing less
work.
2024-06-06 23:37:53 -04:00
林炳权
96b581bdd2
chore: update to Rust 1.75 (#21731) 2024-01-01 23:22:48 +01:00
David Sherret
7e72f3af61
chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
Divy Srivastava
55fac9f5ea
fix(node): child_process IPC on Windows (#21597)
This PR implements the child_process IPC pipe between parent and child.
The implementation uses Windows named pipes created by parent and passes
the inheritable file handle to the child.

I've also replace parts of the initial implementation which passed the
raw parent fd to JS with resource ids instead. This way no file handle
is exposed to the JS land (both parent and child).

`IpcJsonStreamResource` can stream upto 800MB/s of JSON data on Win 11
AMD Ryzen 7 16GB (without `memchr` vectorization)
2023-12-19 13:37:22 +01:00
Divy Srivastava
5a91a065b8
fix: implement child_process IPC (#21490)
This PR implements the Node child_process IPC functionality in Deno on
Unix systems.

For `fd > 2` a duplex unix pipe is set up between the parent and child
processes. Currently implements data passing via the channel in the JSON
serialization format.
2023-12-13 11:14:16 +01:00
Bartek Iwańczuk
c464cd7073
refactor: FeatureChecker integration in ext/ crates (#20797)
Towards https://github.com/denoland/deno/issues/20779.
2023-10-12 15:55:50 +00:00
Shreyas
d72f5d573a
fix: Deno.Command - improve error message when cwd is not a directory (#20460) 2023-09-18 17:48:54 +00:00
Matt Mastracci
81d50e1b66
chore: bump deno_core and cargo update (#20480)
Bump deno_core, pulling in new rusty_v8. Requires some op2/deprecation
fixes.
2023-09-13 22:01:31 +00:00
Matt Mastracci
bfd230fd78
chore: update inner #\![allow] to #[allow] (#20463)
Functions should generally be annotated with `#[allow]` blocks rather
than using inner `#![allow]` annotations.
2023-09-11 17:12:33 -06:00
Bartek Iwańczuk
bdeb4bddbf
refactor: rewrite runtime/ ops to op2 (#20459) 2023-09-12 00:10:43 +02:00
林炳权
2080669943
chore: update to Rust 1.72 (#20258)
<!--
Before submitting a PR, please read https://deno.com/manual/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
7. Open as a draft PR if your work is still in progress. The CI won't
run
   all steps, but you can add '[ci]' to a commit message to force it to.
8. If you would like to run the benchmarks on the CI, add the 'ci-bench'
label.
-->

As the title.

---------

Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2023-08-26 22:04:12 -06:00
sigmaSd
cfb9478a43
fix(runtime): print process name in case of spawn error (#19855)
Fix https://github.com/denoland/deno/issues/19400

Co-authored-by: David Sherret <dsherret@users.noreply.github.com>
2023-07-19 01:24:30 +02:00
Bartek Iwańczuk
dda0f1c343
refactor(serde_v8): split ZeroCopyBuf into JsBuffer and ToJsBuffer (#19566)
`ZeroCopyBuf` was convenient to use, but sometimes it did hide details
that some copies were necessary in certain cases. Also it made it way to easy
for the caller to pass around and convert into different values. This commit
splits `ZeroCopyBuf` into `JsBuffer` (an array buffer coming from V8) and
`ToJsBuffer` (a Rust buffer that will be converted into a V8 array buffer).

As a result some magical conversions were removed (they were never used)
limiting the API surface and preparing for changes in #19534.
2023-06-22 23:37:56 +02:00
Nayeem Rahman
34dac6c6ef
refactor(core): remove force_op_registration and cleanup JsRuntimeForSnapshot (#19353)
Addresses
https://github.com/denoland/deno/pull/19308#discussion_r1212248194. 

Removes force_op_registration as it is no longer necessary.
2023-06-03 14:22:32 -06:00
David Sherret
18e9f4642c
fix(lsp): hard to soft error when unable to get completion info (#19091) 2023-05-11 12:04:27 -04:00
Nayeem Rahman
2ba9ccc1ab
fix(runtime): ChildProcess::kill() doesn't require additional perms (#15339)
Fixes #15217.
2023-05-11 14:53:45 +02:00
David Sherret
5270c43e41
refactor(ext/fs): boxed deno_fs::FileSystem (#18945)
1. Boxed `File` and `FileSystem` to allow more easily passing this
through the CLI code (as shown within this pr).
2. `StdFileResource` is now `FileResource`. `FileResource` now contains
an `Rc<dyn File>`.
2023-05-04 14:28:42 -04:00
Bartek Iwańczuk
3c9771deb2
Reland "perf(core): preserve ops between snapshots (#18080)" (#18272)
Relanding 4b6305f4f2
2023-03-18 18:30:04 -04:00
Bartek Iwańczuk
d11e89127d
Revert "perf(core): preserve ops between snapshots (#18080)" (#18267)
This reverts commit 4b6305f4f2.
2023-03-18 14:59:51 +00:00
Bartek Iwańczuk
4b6305f4f2
perf(core): preserve ops between snapshots (#18080)
This commit changes the build process in a way that preserves already
registered ops in the snapshot. This allows us to skip creating hundreds of
"v8::String" on each startup, but sadly there is still some op registration
going on startup (however we're registering 49 ops instead of >200 ops). 

This situation could be further improved, by moving some of the ops 
from "runtime/" to a separate extension crates.

---------

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2023-03-18 12:51:21 +01:00
Matt Mastracci
e55b448730
feat(core) deno_core::extension! macro to simplify extension registration (#18210)
This implements two macros to simplify extension registration and centralize a lot of the boilerplate as a base for future improvements:

* `deno_core::ops!` registers a block of `#[op]`s, optionally with type
parameters, useful for places where we share lists of ops
* `deno_core::extension!` is used to register an extension, and creates
two methods that can be used at runtime/snapshot generation time:
`init_ops` and `init_ops_and_esm`.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-03-17 18:22:15 +00:00
David Sherret
ff4b03f233
chore(tests): ability to capture stdout and stderr separately (#18035)
This is to allow making assertions on stdout and stderr separately.
2023-03-06 09:16:50 -05:00
Bartek Iwańczuk
de0d148d93
refactor(runtime): merge "spawn" into "process" (#18022)
This commit merges "runtime/js/40_spawn.js" into
"runtime/js/40_process.js", and "runtime::ops::spawn" 
into "runtime::ops::process".

It makes little sense to have them separated given that we want to
factor out these APIs into a separate extension crate.
2023-03-05 12:19:34 +00:00
Bartek Iwańczuk
7afa3aceb0
refactor(runtime): factor out deno_io extension crate (#18001)
This is a prerequisite to factor out FS ops to a separate crate.
2023-03-05 00:39:48 +00:00
David Sherret
f5840bdcd3
chore: upgrade to Rust 1.67 (#17548)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-01-27 10:43:16 -05:00
Divy Srivastava
d5634164cb
chore: use rustfmt imports_granularity option (#17421)
Closes https://github.com/denoland/deno/issues/2699
Closes https://github.com/denoland/deno/issues/2347

Uses unstable rustfmt features. Since dprint invokes `rustfmt` we do not
need to switch the cargo toolchain to nightly. Do we care about
formatting stability of our codebase across Rust versions? (I don't)
2023-01-14 23:18:58 -05:00
Leo Kettmeir
c41d4ff90e
feat(core): allow specifying name and dependencies of an Extension (#17301) 2023-01-08 23:48:46 +01:00
Bartek Iwańczuk
fac6447815
refactor(permissions): add PermissionsContainer struct for internal mutability (#17134)
Turns out we were cloning permissions which after prompting were discarded,
so the state of permissions was never preserved. To handle that we need to store
all permissions behind "Arc<Mutex<>>" (because there are situations where we
need to send them to other thread).

Testing and benching code still uses "Permissions" in most places - it's undesirable
to share the same permission set between various test/bench files - otherwise
granting or revoking permissions in one file would influence behavior of other test
files.
2023-01-07 17:25:34 +01:00
David Sherret
10e4b2e140
chore: update copyright year to 2023 (#17247)
Yearly tradition of creating extra noise in git.
2023-01-02 21:00:42 +00:00
Bartek Iwańczuk
212b7dd6da
feat: Add requesting API name to permission prompt (#15936)
Co-authored-by: Leo Kettmeir <crowlkats@toaxl.com>
2022-09-27 22:36:33 +02:00
Ben Noordhuis
b1b418b81a
chore: fix clippy warnings (#15944)
Stop allowing clippy::derive-partial-eq-without-eq and fix warnings
about deriving PartialEq without also deriving Eq.

In one case I removed the PartialEq because it a) wasn't necessary,
and b) sketchy because it was comparing floating point numbers.

IMO, that's a good argument for enforcing the lint rule, because it
would most likely have been caught during review if it had been enabled.
2022-09-19 10:25:03 +02:00
David Sherret
635eed9373
chore: fix Windows specific clippy errors (#15212) 2022-07-15 12:30:25 -04:00
Luca Casonato
8d82ba7299
build: require safety comments on unsafe code (#13870)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2022-06-26 00:13:24 +02:00