1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-18 13:22:55 -05:00
Commit graph

40 commits

Author SHA1 Message Date
Leo Kettmeir
cf49599359
feat: permission stack traces in ops (#26938)
This commit improves permission prompts by adding an option
to print a full trace of where the permissions is being requested.

Due to big performance hint of stack trace collection, this is only
enabled when `DENO_TRACE_PERMISSIONS` env var is present.

Closes https://github.com/denoland/deno/issues/20756

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-20 21:24:04 +00:00
Leo Kettmeir
fe9f0ee593
refactor(runtime/permissions): use concrete error types (#26464) 2024-11-04 09:17:21 -08:00
David Sherret
c8f692057b
refactor: bury descriptor parsing in PermissionsContainer (#25936)
Closes https://github.com/denoland/deno/issues/25634
2024-09-30 09:19:24 -04:00
David Sherret
62e952559f
refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)
This makes the permission system more versatile.
2024-09-16 21:39:37 +01:00
Bartek Iwańczuk
5dedb49ac4
refactor(permissions): remove FromStr implementations, add ::parse methods (#25473)
The `.parse()` calls in permission code are only making it more
confusing, verbosity
is encouraged and welcome in this code even at the cost of not being
concise.

Left a couple TODOs to not use `AnyError`.
2024-09-06 11:28:53 +02:00
Luca Casonato
5cf97f539b
BREAKING(permissions): remove --allow-hrtime (#25367)
Remove `--allow-hrtime` and `--deny-hrtime`. We are doing this because
it is already possible to get access to high resolution timers through
workers and SharedArrayBuffer.

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-09-03 11:24:25 +02:00
Luca Casonato
74ac29bae6
fix(permissions): handle ipv6 addresses correctly (#24397)
Also don't panic on invalid domain names and addresses.

Extracted with cleanups up from #24080

Co-authored-by: Yazan AbdAl-Rahman <yazan.abdalrahman@exalt.ps>
2024-07-05 23:45:06 +01:00
Divy Srivastava
de28e6fc09
refactor: add deno_permissions crate (#22236)
Issue https://github.com/denoland/deno/issues/22222


![image](https://github.com/denoland/deno/assets/34997667/2af8474b-b919-4519-98ce-9d29bc7829f2)

This PR moves `runtime/permissions` code to a upstream crate called
`deno_permissions`. The `deno_permissions::PermissionsContainer` is put
into the OpState and can be used instead of the current trait-based
permissions system.

For this PR, I've migrated `deno_fetch` to the new crate but kept the
rest of the trait-based system as a wrapper of `deno_permissions` crate.
Doing the migration all at once is error prone and hard to review.

Comparing incremental compile times for `ext/fetch` on Mac M1:

| profile | `cargo build --bin deno` | `cargo plonk build --bin deno` |
| --------- | ------------- | ------------------- |
| `debug`   | 20 s          | 0.8s                |
| `release` | 4 mins 12 s   | 1.4s                  |
2024-03-12 10:42:26 -07:00
David Sherret
7e72f3af61
chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
Bartek Iwańczuk
bdeb4bddbf
refactor: rewrite runtime/ ops to op2 (#20459) 2023-09-12 00:10:43 +02:00
Asher Gomez
6fb7e8d93b
feat(permissions): add "--deny-*" flags (#19070)
This commit adds new "--deny-*" permission flags. These are complimentary to
"--allow-*" flags.

These flags can be used to restrict access to certain resources, even if they
were granted using "--allow-*" flags or the "--allow-all" ("-A") flag.

Eg. specifying "--allow-read --deny-read" will result in a permission error,
while "--allow-read --deny-read=/etc" will allow read access to all FS but the
"/etc" directory.

Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly
by adding, a new "PermissionStatus.partial" field. This field denotes that
while permission might be granted to requested resource, it's only partial (ie.
a "--deny-*" flag was specified that excludes some of the requested resources).
Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for
permissions like "Deno.permissions.query({ name: "read", path: "foo/" })"
will return "PermissionStatus { state: "granted", onchange: null, partial: true }",
denoting that some of the subpaths don't have read access.

Closes #18804.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
2023-08-03 13:19:19 +02:00
Nayeem Rahman
34dac6c6ef
refactor(core): remove force_op_registration and cleanup JsRuntimeForSnapshot (#19353)
Addresses
https://github.com/denoland/deno/pull/19308#discussion_r1212248194. 

Removes force_op_registration as it is no longer necessary.
2023-06-03 14:22:32 -06:00
Bartek Iwańczuk
3c9771deb2
Reland "perf(core): preserve ops between snapshots (#18080)" (#18272)
Relanding 4b6305f4f2
2023-03-18 18:30:04 -04:00
Bartek Iwańczuk
d11e89127d
Revert "perf(core): preserve ops between snapshots (#18080)" (#18267)
This reverts commit 4b6305f4f2.
2023-03-18 14:59:51 +00:00
Bartek Iwańczuk
4b6305f4f2
perf(core): preserve ops between snapshots (#18080)
This commit changes the build process in a way that preserves already
registered ops in the snapshot. This allows us to skip creating hundreds of
"v8::String" on each startup, but sadly there is still some op registration
going on startup (however we're registering 49 ops instead of >200 ops). 

This situation could be further improved, by moving some of the ops 
from "runtime/" to a separate extension crates.

---------

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2023-03-18 12:51:21 +01:00
Matt Mastracci
e55b448730
feat(core) deno_core::extension! macro to simplify extension registration (#18210)
This implements two macros to simplify extension registration and centralize a lot of the boilerplate as a base for future improvements:

* `deno_core::ops!` registers a block of `#[op]`s, optionally with type
parameters, useful for places where we share lists of ops
* `deno_core::extension!` is used to register an extension, and creates
two methods that can be used at runtime/snapshot generation time:
`init_ops` and `init_ops_and_esm`.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-03-17 18:22:15 +00:00
David Sherret
f5840bdcd3
chore: upgrade to Rust 1.67 (#17548)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-01-27 10:43:16 -05:00
Leo Kettmeir
c41d4ff90e
feat(core): allow specifying name and dependencies of an Extension (#17301) 2023-01-08 23:48:46 +01:00
Bartek Iwańczuk
fac6447815
refactor(permissions): add PermissionsContainer struct for internal mutability (#17134)
Turns out we were cloning permissions which after prompting were discarded,
so the state of permissions was never preserved. To handle that we need to store
all permissions behind "Arc<Mutex<>>" (because there are situations where we
need to send them to other thread).

Testing and benching code still uses "Permissions" in most places - it's undesirable
to share the same permission set between various test/bench files - otherwise
granting or revoking permissions in one file would influence behavior of other test
files.
2023-01-07 17:25:34 +01:00
David Sherret
10e4b2e140
chore: update copyright year to 2023 (#17247)
Yearly tradition of creating extra noise in git.
2023-01-02 21:00:42 +00:00
Yoshiya Hinosawa
15ea624790
refactor(cli): use shared sys kind parser in flags.rs (#16087) 2022-09-29 19:34:16 +09:00
Yoshiya Hinosawa
fa9e7aab6d
feat: add --allow-sys permission flag (#16028) 2022-09-28 21:46:50 +09:00
Aaron O'Mullan
88d0f01948
feat(ops): custom arity (#13949)
Also cleanup & drop ignored wildcard op-args
2022-03-14 23:38:53 +01:00
Divy Srivastava
b4e42953e1
feat(core): codegen ops (#13861)
Co-authored-by: Aaron O'Mullan <aaron.omullan@gmail.com>
2022-03-14 18:44:15 +01:00
Ryan Dahl
1fb5858009
chore: update copyright to 2022 (#13306)
Co-authored-by: Erfan Safari <erfanshield@outlook.com>
2022-01-07 22:09:52 -05:00
Bartek Iwańczuk
c59f90d01f
chore: upgrade to Rust 1.57.0 (#12968) 2021-12-04 14:19:06 +01:00
Nayeem Rahman
7a22df9b76
fix(runtime/ops/worker_host): move permission arg parsing to Rust (#12297) 2021-10-13 13:04:44 -04:00
Elias Sjögreen
33c8d790c3
feat: ffi to replace plugins (#11152)
This commit removes implementation of "native plugins" and replaces
it with FFI API.

Effectively "Deno.openPlugin" API was replaced with "Deno.dlopen" API.
2021-08-06 23:28:10 +02:00
Aaron O'Mullan
d5f39fd121
cleanup(ops): remove unused ZeroCopyBuf arg-types (#10530) 2021-05-08 14:37:42 +02:00
Aaron O'Mullan
8377957666
refactor(runtime): use Extensions (#10461) 2021-05-02 19:22:57 -04:00
crowlKats
8b59d9f7bc
feat(permissions): allow env permission to take values (#9825) 2021-04-13 13:25:21 +02:00
Aaron O'Mullan
46b1c653c0
refactor(deno): remove concept of bin & json ops (#10145) 2021-04-12 15:55:05 -04:00
crowlKats
e7b7129b7a
feat(permissions): allow run permission to take values (#9833)
This commit adds allowlist support to `--allow-run` flag.

Additionally `Deno.permissions.query()` allows to query for specific
programs within allowlist.
2021-04-10 00:12:00 +02:00
Aaron O'Mullan
2aed322dd5
refactor: convert ops to use serde_v8 (#10009)
This commit rewrites most of the ops to use "serde_v8" instead
of "json" serialization.
2021-04-05 18:40:24 +02:00
Aaron O'Mullan
058579da56
refactor(ops): remove variadic buffers (#9944) 2021-04-02 09:47:57 -04:00
crowlKats
b59151f39e
move runtime ops to serde ops (#9828) 2021-03-18 14:42:01 -04:00
crowlKats
0e70d9e59b
refactor: clean up permission handling (#9367) 2021-03-17 17:45:12 -04:00
Ryan Dahl
2b75a11559
update copyright to 2021 (#9081) 2021-01-10 21:59:07 -05:00
Nayeem Rahman
22e0ee92a6
BREAKING(unstable): Use hosts for net allowlists (#8845)
Allowlist checking already uses hosts but for some reason 
requests, revokes and the runtime permissions API use URLs.

- BREAKING(lib.deno.unstable.d.ts): Change 
NetPermissionDescriptor::url to NetPermissionDescriptor::host

- fix(runtime/permissions): Don't add whole URLs to the 
allowlist on request

- fix(runtime/permissions): Harden strength semantics:
({ name: "net", host: "127.0.0.1" } is stronger than 
{ name: "net", host: "127.0.0.1:8000" }) for blocklisting

- refactor(runtime/permissions): Use tuples for hosts, make 
the host optional in Permissions::{query_net, request_net, revoke_net}()
2020-12-30 23:35:28 +01:00
Bartek Iwańczuk
2e74f164b6
refactor: deno_runtime crate (#8640)
This commit moves Deno JS runtime, ops, permissions and
inspector implementation to new "deno_runtime" crate located
in "runtime/" directory.

Details in "runtime/README.md".

Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
2020-12-13 19:45:53 +01:00
Renamed from cli/ops/permissions.rs (Browse further)