1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-22 15:24:46 -05:00
Commit graph

1421 commits

Author SHA1 Message Date
mash-graz
0d43a63636
fix(ext/node): worker_threads ESM handling (#22841)
Fixes #22840
Fixes #22964
2024-03-20 09:12:22 +05:30
Nathan Whitaker
85116226b3
chore: Forward 1.41.3 release commit (#22930)
Forward 1.41.3 release commit

Co-authored-by: denobot <33910674+denobot@users.noreply.github.com>
Co-authored-by: nathanwhit <nathanwhit@users.noreply.github.com>
2024-03-14 21:23:24 +00:00
Divy Srivastava
b00f076017
fix(ext/node): Support private EC key signing (#22914)
Fixes https://github.com/denoland/deno/issues/18972

Support for web-push VAPID keys & jws signing

- Fixes EC keygen to return raw private key and uncompressed public key
point.
- Support for `EC PRIVATE KEY`
2024-03-14 14:53:50 +01:00
David Sherret
b3ca3b2f25
chore: rough first pass on spec tests (#22877) 2024-03-13 16:21:13 +00:00
Divy Srivastava
aef9bca876
chore: upgrade deno_core to 0.270.0 (#22826)
Upgrade to V8 12.3
2024-03-13 15:40:38 +00:00
Asher Gomez
5cfa03ceca
fix(ext/node): initial crypto.createPublicKey() support (#22509)
Closes #21807

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-03-13 08:17:23 +00:00
David Sherret
c10d96cb21
fix(slow-types): improved exports tracing and infer type literals in as exprs (#22849)
Several fixes in deno_graph:

* https://github.com/denoland/deno_graph/pull/411
* https://github.com/denoland/deno_graph/pull/413
* https://github.com/denoland/deno_graph/pull/414
* https://github.com/denoland/deno_graph/pull/415
* https://github.com/denoland/deno_graph/pull/416
* https://github.com/denoland/deno_graph/pull/417

Also created https://github.com/denoland/publish_smoke_tests to help
prevent regressions in the future.

Closes https://github.com/denoland/deno/issues/22829
Closes https://github.com/denoland/deno/issues/22819
Closes https://github.com/denoland/deno/issues/22802
2024-03-12 17:45:38 +00:00
Divy Srivastava
de28e6fc09
refactor: add deno_permissions crate (#22236)
Issue https://github.com/denoland/deno/issues/22222


![image](https://github.com/denoland/deno/assets/34997667/2af8474b-b919-4519-98ce-9d29bc7829f2)

This PR moves `runtime/permissions` code to a upstream crate called
`deno_permissions`. The `deno_permissions::PermissionsContainer` is put
into the OpState and can be used instead of the current trait-based
permissions system.

For this PR, I've migrated `deno_fetch` to the new crate but kept the
rest of the trait-based system as a wrapper of `deno_permissions` crate.
Doing the migration all at once is error prone and hard to review.

Comparing incremental compile times for `ext/fetch` on Mac M1:

| profile | `cargo build --bin deno` | `cargo plonk build --bin deno` |
| --------- | ------------- | ------------------- |
| `debug`   | 20 s          | 0.8s                |
| `release` | 4 mins 12 s   | 1.4s                  |
2024-03-12 10:42:26 -07:00
Nathan Whitaker
28b362adfc
fix(runtime): Restore default signal handler after user handlers are unregistered (#22757)
<!--
Before submitting a PR, please read
https://docs.deno.com/runtime/manual/references/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
7. Open as a draft PR if your work is still in progress. The CI won't
run
   all steps, but you can add '[ci]' to a commit message to force it to.
8. If you would like to run the benchmarks on the CI, add the 'ci-bench'
label.
-->

Fixes #22724. Fixes #7164.

This does add a dependency on `signal-hook`, but it's just a higher
level API on top of `signal-hook-registry` (which we and `tokio` already
depend on) and doesn't add any transitive deps.
2024-03-11 10:22:28 -07:00
Dimitris Apostolou
dff056ae41
fix: fix crate vulnerabilities (#22825)
https://rustsec.org/advisories/RUSTSEC-2024-0003
https://rustsec.org/advisories/RUSTSEC-2024-0020
2024-03-10 02:38:03 +01:00
Divy Srivastava
0bed4d3e51
fix(ext/node): support junction symlinks on Windows (#22762)
Fixes https://github.com/denoland/deno/issues/20609

Vitepress support! `vitepress dev` and `vitepress build` via BYONM
2024-03-09 09:07:29 +05:30
denobot
44da066359
chore: forward v1.41.2 release commit to main (#22793)
This is the release commit being forwarded back to main for 1.41.2

Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-03-08 09:12:36 +00:00
David Sherret
2dfc0aca7c
fix(publish): make include and exclude work (#22720)
1. Stops `deno publish` using some custom include/exclude behaviour from
other sub commands
2. Takes ancestor directories into account when resolving gitignore
3. Backards compatible change that adds ability to unexclude an exclude
by using a negated glob at a more specific level for all sub commands
(see https://github.com/denoland/deno_config/pull/44).
2024-03-07 20:16:32 -05:00
Bartek Iwańczuk
2d5b19277b
chore: upgrade deno_core (#22782) 2024-03-08 00:06:28 +01:00
Matt Mastracci
4791d16a8e
perf(cli): use faster_hex (#22761)
`cli::util::checksum` was showing up on flame graphs because it was
concatenating allocated strings. We can use `faster-hex` to improve it.
2024-03-07 10:00:43 -07:00
Nathan Whitaker
9df917c0be
chore: upgrade deno_core (#22725)
<!--
Before submitting a PR, please read
https://docs.deno.com/runtime/manual/references/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
7. Open as a draft PR if your work is still in progress. The CI won't
run
   all steps, but you can add '[ci]' to a commit message to force it to.
8. If you would like to run the benchmarks on the CI, add the 'ci-bench'
label.
-->
2024-03-06 15:08:10 -08:00
Bartek Iwańczuk
6b48aff8fb
fix: don't include source maps in release mode (#22751)
Due to bug in `deno_ast` the `source_map` setting is ignored and source
map is always emitted. This is fixed by updating `deno_ast`.
2024-03-06 22:53:02 +00:00
Bartek Iwańczuk
d9fa2dd550
chore: upgrade deno_core (#22699)
Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2024-03-05 01:17:39 +00:00
dependabot[bot]
c559e813e1
chore(deps): bump mio from 0.8.10 to 0.8.11 (#22696)
Bumps [mio](https://github.com/tokio-rs/mio) from 0.8.10 to 0.8.11.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md">mio's
changelog</a>.</em></p>
<blockquote>
<h1>0.8.11</h1>
<ul>
<li>Fix receiving IOCP events after deregistering a Windows named pipe
(<a
href="https://redirect.github.com/tokio-rs/mio/pull/1760">tokio-rs/mio#1760</a>,
backport pr:
<a
href="https://redirect.github.com/tokio-rs/mio/pull/1761">tokio-rs/mio#1761</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0328bdef90"><code>0328bde</code></a>
Release v0.8.11</li>
<li><a
href="7084498512"><code>7084498</code></a>
Fix warnings</li>
<li><a
href="90d4fe00df"><code>90d4fe0</code></a>
named-pipes: fix receiving IOCP events after deregister</li>
<li><a
href="c710a307f8"><code>c710a30</code></a>
Add v0.8.x to the CI</li>
<li><a
href="c29e21c244"><code>c29e21c</code></a>
Release v0.8.10</li>
<li>See full diff in <a
href="https://github.com/tokio-rs/mio/compare/v0.8.10...v0.8.11">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mio&package-manager=cargo&previous-version=0.8.10&new-version=0.8.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/denoland/deno/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 17:04:14 -07:00
Matt Mastracci
736b91edd0
perf(cli): use new deno_core timers (#22569)
Improves #19100 

Fixes #20356

Replaces #20428



Changes made in deno_core to support this:

 - [x] Errors must be handled in setTimeout callbacks
 - [x] Microtask ordering is not-quite-right
 - [x] Timer cancellation must be checked right before dispatch
 - [x] Timer sanitizer
 - [x] Move high-res timer to deno_core
 - [x] Timers need opcall tracing
2024-03-01 11:15:18 -07:00
denobot
404422519c
chore: forward v1.41.1 release commit to main (#22643)
Co-authored-by: dsherret <dsherret@users.noreply.github.com>
2024-02-29 20:56:08 -05:00
David Sherret
814eb42060
fix: relative dynamic imports in jsr packages (#22624)
Relative dynamic imports were broken. It now properly allows them and
verifies the checksum.

Fix in https://github.com/denoland/deno_graph/pull/408
2024-02-29 00:06:16 +01:00
Divy Srivastava
9b5d2f8c1b
feat(publish): provenance attestation (#22573)
Supply chain security for JSR.

```
$ deno publish --provenance

Successfully published @divy/test_provenance@0.0.3
Provenance transparency log available at https://search.sigstore.dev/?logIndex=73657418
```

0. Package has been published.
1. Fetches the version manifest and verifies it's matching with uploaded
files and exports.
2. Builds the attestation SLSA payload using Github actions env.
3. Creates an ephemeral key pair for signing the github token
(aud=sigstore) and DSSE pre authentication tag.
4. Requests a X.509 signing certificate from Fulcio using the challenge
and ephemeral public key PEM.
5. Prepares a DSSE envelop for Rekor to witness. Posts an intoto entry
to Rekor and gets back the transparency log index.
6. Builds the provenance bundle and posts it to JSR.
2024-02-28 07:58:02 +05:30
David Sherret
e9fe71acb5
fix(unstable): sloppy imports should resolve .d.ts files during types resolution (#22602) 2024-02-27 18:30:21 +00:00
Matt Mastracci
47c2a63d87
chore: bump deno_core (#22596)
Migrations:

 - snapshot code updated
 - runtime stats API tweaks
2024-02-27 08:05:57 -07:00
Bartek Iwańczuk
f1a691274e
feat(publish): discover jsr.json and jsr.jsonc files (#22587)
Closes https://github.com/denoland/deno/issues/22491
2024-02-27 08:27:21 +00:00
David Sherret
6567dc94a9
fix(lsp): import map expansion (#22553) 2024-02-24 00:21:09 -05:00
David Sherret
22cd8ebf1f
perf(fmt): reduce memory usage and improve performance (#22570)
Reduces memory usage of the fmt command and fixes a memory leak.

Also improves slightly improves performance.
2024-02-23 16:11:45 -05:00
Divy Srivastava
f49abcc1ac
feat(publish): respect .gitignore during deno publish (#22514)
Files from `.gitignore`, global git config, `.git/info/exclude` and
`deno.json`'s `exclude` are ignored.
2024-02-23 07:56:34 +05:30
denobot
118445103b
1.41.0 (#22524)
Bumped versions for 1.41.0

Co-authored-by: bartlomieju <bartlomieju@users.noreply.github.com>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-02-22 02:44:05 +01:00
Matt Mastracci
27579f6fcb
chore(io): Add a cross-platform unidirectional pipe implementation (#22522)
Currently useful for `deno test` and internal tests, but could
potentially be exposed at a later time as a `Deno` API.
2024-02-22 01:00:57 +00:00
David Sherret
190776f30d
perf: linter lsp memory leak fix and deno_graph executor (#22519)
Updates dependent crates which includes an investigation fix by @irbull
in Deno's LSP when linting code. Huge thanks to Ian for tracking down
this issue.

Also includes Divy's deno_graph executor change, which reduces memory
usage when loading jsr specifiers and makes them faster.

Co-authored-by: irbull <irbull@users.noreply.github.com>
Co-authored-by: littledivy <littledivy@users.noreply.github.com>
2024-02-21 21:58:37 +00:00
Matt Mastracci
76ebf567e2
fix(ext/fs): make errors in tempfile creation clearer (#22498)
When using a prefix or suffix containing an invalid filename character,
it's not entirely clear where the errors come from. We make these errors
more consistent across platforms.

In addition, all permission prompts for tempfile and tempdir were
printing the same API name.

We also take the opportunity to make the tempfile random space larger by
2x (using a base32-encoded u64 rather than a hex-encoded u32).
2024-02-21 20:11:04 +00:00
David Sherret
a2c1cc5a1a
fix(publish): better no-slow-types type discovery (#22517) 2024-02-21 14:12:36 -05:00
Bartek Iwańczuk
bd66080217
chore: upgrade deno_core and V8 (#22505)
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-02-21 17:31:18 +00:00
Bartek Iwańczuk
5020705011
chore: bump deno_lint to 0.57.0 (#22513) 2024-02-21 10:43:49 -05:00
David Sherret
f90889e5ee
perf(jsr): fast check cache and lazy fast check graph (#22485) 2024-02-20 21:29:57 +00:00
David Sherret
66424032a2
feat(unstable/lint): no-slow-types for JSR packages (#22430)
1. Renames zap/fast-check to instead be a `no-slow-types` lint rule.
1. This lint rule is automatically run when doing `deno lint` for
packages (deno.json files with a name, version, and exports field)
1. This lint rules still occurs on publish. It can be skipped by running
with `--no-slow-types`
2024-02-19 15:28:41 +00:00
Asher Gomez
2b279ad630
chore: move test_util to tests/util/server (#22444)
As discussed with @mmastrac.

---------

Signed-off-by: Asher Gomez <ashersaupingomez@gmail.com>
Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2024-02-19 06:34:24 -07:00
Matt Mastracci
08071f9561
chore: bump deno_core (#22443)
Migrations:

 - Use the new SnapshotSerializer for TSC/compiler snapshots
2024-02-17 22:22:46 +00:00
David Sherret
e06934fe77
fix(fmt): remove debug output when formatting dynamic imports (#22433)
deno fmt sometimes had stuff like:

```
NODE: Evaluation
```

...in the output.
2024-02-16 14:19:24 +00:00
David Sherret
4f80d83774
feat(unstable): single checksum per JSR package in the lockfile (#22421)
This changes the lockfile to not store JSR specifiers in the "remote"
section. Instead a single JSR integrity is stored per package in the
lockfile, which is a hash of the version's `x.x.x_meta.json` file, which
contains hashes for every file in the package. The hashes in this file
are then compared against when loading.

Additionally, when using `{ "vendor": true }` in a deno.json, the files
can be modified without causing lockfile errors—the checksum is only
checked when copying into the vendor folder and not afterwards
(eventually we should add this behaviour for non-jsr specifiers as
well). As part of this change, the `vendor` folder creation is not
always automatic in the LSP and running an explicit cache command is
necessary. The code required to track checksums in the LSP would have
been too complex for this PR, so that all goes through deno_graph now.
The vendoring is still automatic when running from the CLI.
2024-02-15 14:49:35 -05:00
denobot
7d47a85b57
chore: forward v1.40.5 release commit to main (#22424)
This is the release commit being forwarded back to main for 1.40.5

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-02-15 12:15:36 +05:30
Matt Mastracci
e23fc6d88c
chore: deno_core bump (#22407)
- Adding `None` flag for warmup script.
 - Modify opcall trace interface to match new Rust implementation
2024-02-13 19:44:37 -07:00
Lino Le Van
d236fc8b43
chore: bump deno_graph to 0.65.3 (#22397) 2024-02-13 00:56:10 +00:00
Nayeem Rahman
49d82e609f
feat(lsp): jsr support first pass (#22382)
This implementation heavily depends on there being a lockfile, meaning
JSR specifiers will always diagnose as uncached unless it's there. In
practice this affects cases where a `deno.json` isn't being used. Our
NPM specifier support isn't subject to this.

The reason for this is that the version constraint solving code is
currently buried in `deno_graph` and not usable from the LSP, so the
only way to reuse that logic is the solved-version map in the lockfile's
`packages.specifiers`.
2024-02-12 22:12:49 +00:00
Matt Mastracci
26d9b2f317
chore: deno_core bump (#22379)
- Updates to V8 12.1.285.27

https://github.com/denoland/rusty_v8/pull/1383

 - Swaps Box for Rc for `source_map_getter`
2024-02-10 19:08:02 -07:00
David Sherret
d2477f7806
fix: cache bust jsr deps on constraint failure (#22372)
Removes the `FileFetcher`'s internal cache because I don't believe it's
necessary (we already cache this kind of stuff in places like deno_graph
or config files in different places). Removing it fixes this bug because
this functionality was already implemented in deno_graph and lowers
memory usage of the CLI a little bit.
2024-02-10 10:02:31 -05:00
David Sherret
f232c36c48
fix: lockfile was sometimes getting corrupt when changing config deps (#22359)
Tests are in the deno_lockfile repo.

Closes #22250
2024-02-09 18:03:05 -05:00
Matt Mastracci
dcbbcd23f5
refactor: split integration tests from CLI (part 1) (#22308)
This PR separates integration tests from CLI tests into a new project
named `cli_tests`. This is a prerequisite for an integration test runner
that can work with either the CLI binary in the current project, or one
that is built ahead of time.

## Background

Rust does not have the concept of artifact dependencies yet
(https://github.com/rust-lang/cargo/issues/9096). Because of this, the
only way we can ensure a binary is built before running associated tests
is by hanging tests off the crate with the binary itself.

Unfortunately this means that to run those tests, you _must_ build the
binary and in the case of the deno executable that might be a 10 minute
wait in release mode.

## Implementation

To allow for tests to run with and without the requirement that the
binary is up-to-date, we split the integration tests into a project of
their own. As these tests would not require the binary to build itself
before being run as-is, we add a stub integration `[[test]]` target in
the `cli` project that invokes these tests using `cargo test`.

The stub test runner we add has `harness = false` so that we can get
access to a `main` function. This `main` function's sole job is to
`execvp` the command `cargo test -p deno_cli`, effectively "calling"
another cargo target.

This ensures that the deno executable is always correctly rebuilt before
running the stub test runner from `cli`, and gets us closer to be able
to run the entire integration test suite on arbitrary deno executables
(and therefore split the build into multiple phases).

The new `cli_tests` project lives within `cli` to avoid a large PR. In
later PRs, the test data will be split from the `cli` project. As there
are a few thousand files, it'll be better to do this as a completely
separate PR to avoid noise.
2024-02-09 13:33:05 -07:00