1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-29 18:49:07 -05:00
Commit graph

70 commits

Author SHA1 Message Date
Leo Kettmeir
cf49599359
feat: permission stack traces in ops (#26938)
This commit improves permission prompts by adding an option
to print a full trace of where the permissions is being requested.

Due to big performance hint of stack trace collection, this is only
enabled when `DENO_TRACE_PERMISSIONS` env var is present.

Closes https://github.com/denoland/deno/issues/20756

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-20 21:24:04 +00:00
Leo Kettmeir
ed13efc4ac
refactor(ext/net): use concrete error type (#26227) 2024-10-17 09:43:04 -07:00
Leo Kettmeir
64c304a452
refactor(ext/tls): use concrete error types (#26174) 2024-10-12 16:53:38 -07:00
Luca Casonato
3134abefa4
BREAKING(ext/net): improved error code accuracy (#25383)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-09-27 14:07:20 +00:00
David Sherret
62e952559f
refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)
This makes the permission system more versatile.
2024-09-16 21:39:37 +01:00
Asher Gomez
ace1202227
BREAKING(net): remove Deno.ConnectTlsOptions.{certChain,certFile,privateKey} and Deno.ListenTlsOptions.certChain,certFile,keyFile} (#25525)
Towards #22079
2024-09-10 21:55:42 +00:00
Nathan Whitaker
e92a05b551
feat(serve): Opt-in parallelism for deno serve (#24920)
Adds a `parallel` flag to `deno serve`. When present, we spawn multiple
workers to parallelize serving requests.


```bash
deno serve --parallel main.ts
```

Currently on linux we use `SO_REUSEPORT` and rely on the fact that the
kernel will distribute connections in a round-robin manner.

On mac and windows, we sort of emulate this by cloning the underlying
file descriptor and passing a handle to each worker. The connections
will not be guaranteed to be fairly distributed (and in practice almost
certainly won't be), but the distribution is still spread enough to
provide a significant performance increase.

---
(Run on an Macbook Pro with an M3 Max, serving `deno.com`

baseline::
```
❯ wrk -d 30s -c 125 --latency http://127.0.0.1:8000
Running 30s test @ http://127.0.0.1:8000
  2 threads and 125 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency   239.78ms   13.56ms 330.54ms   79.12%
    Req/Sec   258.58     35.56   360.00     70.64%
  Latency Distribution
     50%  236.72ms
     75%  248.46ms
     90%  256.84ms
     99%  268.23ms
  15458 requests in 30.02s, 2.47GB read
Requests/sec:    514.89
Transfer/sec:     84.33MB
```

this PR (`with --parallel` flag)
```
❯ wrk -d 30s -c 125 --latency http://127.0.0.1:8000
Running 30s test @ http://127.0.0.1:8000
  2 threads and 125 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency   117.40ms  142.84ms 590.45ms   79.07%
    Req/Sec     1.33k   175.19     1.77k    69.00%
  Latency Distribution
     50%   22.34ms
     75%  223.67ms
     90%  357.32ms
     99%  460.50ms
  79636 requests in 30.07s, 12.74GB read
Requests/sec:   2647.96
Transfer/sec:    433.71MB
```
2024-08-14 22:26:21 +00:00
Bartek Iwańczuk
8db420d552
chore: upgrade to reqwest 0.12.4 and rustls 0.22 (#24388)
Reland of https://github.com/denoland/deno/pull/24056 that doesn't
suffer from the problem that was discovered in
https://github.com/denoland/deno/pull/24261.

It uses upgraded `hyper` and `hyper-util` that fixed the previous
problem in https://github.com/hyperium/hyper/pull/3691.
2024-07-02 02:09:47 +02:00
Divy Srivastava
b4939f3379
fix: upgrade deno_core to 0.291.0 (#24297) 2024-06-21 10:49:39 +05:30
Bartek Iwańczuk
b94707af7d
Revert "chore: upgrade to reqwest 0.12.4 and rustls 0.22 (#24056)" (#24262)
This reverts commit fb31eaa9ca.

Reverting because users reported spurious errors when downloading
dependencies - https://github.com/denoland/deno/issues/24260.

Closes https://github.com/denoland/deno/issues/24260
2024-06-19 16:09:17 +02:00
Bartek Iwańczuk
fb31eaa9ca
chore: upgrade to reqwest 0.12.4 and rustls 0.22 (#24056)
This commit updates Deno to use `reqwest` at 0.12.4
and `rustls` at 0.22. Other related crates were updated
as well to match versions accepted by `reqwest` and `rustls`.

Note: we are not using the latest available `rustls` yet,
but this upgrade was non-trivial already, so a bump to
0.23 for `rustls` will be done in a separate commit.

Closes #23370

---------

Signed-off-by: Ryan Dahl <ry@tinyclouds.org>
Signed-off-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-06-13 22:41:26 +02:00
Matt Mastracci
684377c92c
refactor(ext/tls): Implement required functionality for later SNI support (#23686)
Precursor to #23236 

This implements the SNI features, but uses private symbols to avoid
exposing the functionality at this time. Note that to properly test this
feature, we need to add a way for `connectTls` to specify a hostname.
This is something that should be pushed into that API at a later time as
well.

```ts
Deno.test(
  { permissions: { net: true, read: true } },
  async function listenResolver() {
    let sniRequests = [];
    const listener = Deno.listenTls({
      hostname: "localhost",
      port: 0,
      [resolverSymbol]: (sni: string) => {
        sniRequests.push(sni);
        return {
          cert,
          key,
        };
      },
    });

    {
      const conn = await Deno.connectTls({
        hostname: "localhost",
        [serverNameSymbol]: "server-1",
        port: listener.addr.port,
      });
      const [_handshake, serverConn] = await Promise.all([
        conn.handshake(),
        listener.accept(),
      ]);
      conn.close();
      serverConn.close();
    }

    {
      const conn = await Deno.connectTls({
        hostname: "localhost",
        [serverNameSymbol]: "server-2",
        port: listener.addr.port,
      });
      const [_handshake, serverConn] = await Promise.all([
        conn.handshake(),
        listener.accept(),
      ]);
      conn.close();
      serverConn.close();
    }

    assertEquals(sniRequests, ["server-1", "server-2"]);
    listener.close();
  },
);
```

---------

Signed-off-by: Matt Mastracci <matthew@mastracci.com>
2024-05-09 10:54:47 -06:00
Bartek Iwańczuk
6a09a16d71
feat(ext/net): extract TLS key and certificate from interfaces (#23327)
Relands #23325
2024-04-18 11:21:08 -06:00
Matt Mastracci
47061a4539
feat(ext/net): Refactor TCP socket listeners for future clustering mode (#23037)
Changes:

- Implements a TCP socket listener that will allow for round-robin
load-balancing in-process.
 - Cleans up the raw networking code to make it easier to work with.
2024-04-08 16:18:14 -06:00
Matt Mastracci
cb12a93503
refactor(ext/tls): use cppgc to deduplicate the tls key loading code (#23289)
Pass the certificates and key files as CPPGC objects.

Towards #23233
2024-04-08 15:01:02 -06:00
David Sherret
ad6b00a2bf
chore: enable clippy unused_async rule (#22834) 2024-03-11 23:48:00 -04:00
Asher Gomez
9a43a2b495
feat: Deno.ConnectTlsOptions.{cert,key} (#22274)
Towards #22197
2024-02-18 07:30:58 -07:00
Bartek Iwańczuk
ac2da1e9ff
Revert "chore: bump rustls-tokio-stream and rustls (#21955)" (#22097)
This reverts commit 971eb0e5e8.

To unblock v1.40 release.
2024-01-25 04:47:45 +01:00
Matt Mastracci
971eb0e5e8
chore: bump rustls-tokio-stream and rustls (#21955) 2024-01-16 21:51:54 +01:00
Bartek Iwańczuk
f3bb0a1a0e
feat: stabilize Deno.connectTls options and Deno.TlsConn.handshake (#21889) 2024-01-14 17:06:26 +00:00
cions
881a62869d
fix: android support (#19437)
<!--
Before submitting a PR, please read https://deno.com/manual/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
7. Open as a draft PR if your work is still in progress. The CI won't
run
   all steps, but you can add '[ci]' to a commit message to force it to.
8. If you would like to run the benchmarks on the CI, add the 'ci-bench'
label.
-->

---------

Signed-off-by: Matt Mastracci <matthew@mastracci.com>
Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2024-01-10 06:04:14 -07:00
David Sherret
7e72f3af61
chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
Matt Mastracci
6b42cecc06
feat(ext/net): use rustls_tokio_stream (#21205)
Fixes #21121 and #19498

Migrates fully to rustls_tokio_stream. We no longer need to maintain our
own TlsStream implementation to properly support duplex.

This should fix a number of errors with TLS and websockets, HTTP and
"other" places where it's failing.
2023-11-15 16:12:46 -07:00
Matt Mastracci
42c426e769
feat(ext/websocket): websockets over http2 (#21040)
Implements `WebSocket` over http/2. This requires a conformant http/2
server supporting the extended connect protocol.

Passes approximately 100 new WPT tests (mostly `?wpt_flags=h2` versions
of existing websockets APIs).

This is implemented as a fallback when http/1.1 fails, so a server that
supports both h1 and h2 WebSockets will still end up on the http/1.1
upgrade path.

The patch also cleas up the websockets handshake to split it up into
http, https+http1 and https+http2, making it a little less intertwined.

This uncovered a likely bug in the WPT test server:
https://github.com/web-platform-tests/wpt/issues/42896
2023-11-01 21:11:01 +00:00
Bartek Iwańczuk
a5568066b3
refactor: use deno_core::FeatureChecker for unstable checks (#20765) 2023-10-04 21:42:17 +02:00
Bartek Iwańczuk
08d2a32060
refactor: rewrite ext/net/ ops to op2 (#20471) 2023-09-12 15:39:21 +02:00
Matt Mastracci
b1ce2e4167
fix(ext/web): add stream tests to detect v8slice split bug (#20253)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-08-23 17:03:05 -06:00
Evan
ece2a3de5b
fix(ext/net): implement a graceful error on an invalid SSL certificate (#20157)
The goal of this PR is to address issue #19520 where Deno panics when
encountering an invalid SSL certificate.

This PR achieves that goal by removing an `.expect()` statement and
implementing a match statement on `tsl_config` (found in
[/ext/net/ops_tsl.rs](e071382768/ext/net/ops_tls.rs (L1058)))
to check whether the desired configuration is valid

---------

Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2023-08-15 00:11:12 +00:00
Bartek Iwańczuk
106e1bd90e
fix: remove unstable check for Deno.listenTls#alpnProtocols (#19732) 2023-07-06 13:45:15 +00:00
Bartek Iwańczuk
39872646eb
feat: stabilize 'alpnProtocols' setting (#19704)
Ref https://github.com/denoland/deno/issues/19685
2023-07-04 15:28:50 +02:00
Matt Mastracci
9845361153
refactor(core): bake single-thread assumptions into spawn/spawn_blocking (#19056)
Partially supersedes #19016.

This migrates `spawn` and `spawn_blocking` to `deno_core`, and removes
the requirement for `spawn` tasks to be `Send` given our single-threaded
executor.

While we don't need to technically do anything w/`spawn_blocking`, this
allows us to have a single `JoinHandle` type that works for both cases,
and allows us to more easily experiment with alternative
`spawn_blocking` implementations that do not require tokio (ie: rayon).

Async ops (+~35%):

Before: 

```
time 1310 ms rate 763358
time 1267 ms rate 789265
time 1259 ms rate 794281
time 1266 ms rate 789889
```

After:

```
time 956 ms rate 1046025
time 954 ms rate 1048218
time 924 ms rate 1082251
time 920 ms rate 1086956
```

HTTP serve (+~4.4%):

Before:

```
Running 10s test @ http://localhost:4500
  2 threads and 10 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency    68.78us   19.77us   1.43ms   86.84%
    Req/Sec    68.78k     5.00k   73.84k    91.58%
  1381833 requests in 10.10s, 167.36MB read
Requests/sec: 136823.29
Transfer/sec:     16.57MB
```

After:

```
Running 10s test @ http://localhost:4500
  2 threads and 10 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency    63.12us   17.43us   1.11ms   85.13%
    Req/Sec    71.82k     3.71k   77.02k    79.21%
  1443195 requests in 10.10s, 174.79MB read
Requests/sec: 142921.99
Transfer/sec:     17.31MB
```

Suggested-By: alice@ryhl.io
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-05-14 15:40:01 -06:00
David Sherret
913176313b
perf: lazily create RootCertStore (#18938) 2023-05-01 16:42:05 -04:00
Matt Mastracci
bdffcb409f
feat(ext/http): Rework Deno.serve using hyper 1.0-rc3 (#18619)
This is a rewrite of the `Deno.serve` API to live on top of hyper
1.0-rc3. The code should be more maintainable long-term, and avoids some
of the slower mpsc patterns that made the older code less efficient than
it could have been.

Missing features:

- `upgradeHttp` and `upgradeHttpRaw` (`upgradeWebSocket` is available,
however).
- Automatic compression is unavailable on responses.
2023-04-22 11:48:21 -06:00
Matt Mastracci
e55b448730
feat(core) deno_core::extension! macro to simplify extension registration (#18210)
This implements two macros to simplify extension registration and centralize a lot of the boilerplate as a base for future improvements:

* `deno_core::ops!` registers a block of `#[op]`s, optionally with type
parameters, useful for places where we share lists of ops
* `deno_core::extension!` is used to register an extension, and creates
two methods that can be used at runtime/snapshot generation time:
`init_ops` and `init_ops_and_esm`.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-03-17 18:22:15 +00:00
David Sherret
10e4b2e140
chore: update copyright year to 2023 (#17247)
Yearly tradition of creating extra noise in git.
2023-01-02 21:00:42 +00:00
Luca Casonato
f4f1f4f0b6
feat(ext/net): reusePort for TCP on Linux (#16398) 2022-10-26 19:04:27 +00:00
Bartek Iwańczuk
af62e0833d
Revert "Revert "refactor(ext/net): clean up variadic network ops (#16… (#16422)
…392)" (#16417)"

This reverts commit 8e3f825c92.
2022-10-25 22:50:55 +02:00
Bartek Iwańczuk
8e3f825c92
Revert "refactor(ext/net): clean up variadic network ops (#16392)" (#16417)
Should fix https://github.com/denoland/deno_std/issues/2807
2022-10-25 20:32:51 +02:00
Luca Casonato
c061538417
refactor(ext/net): clean up variadic network ops (#16392)
Previously `op_net_listen`, `op_net_accept`, and various other ops in
ext/net where variadic on the transport. This created a lot of code
bloat. This commit updates the code to instead have separate ops for
each transport.
2022-10-24 14:55:39 +02:00
Yusuke Tanaka
44a89dd6dc
fix(ext/net): return an error from startTls and serveHttp if the original connection is captured elsewhere (#16242)
This commit removes the calls to `expect()` on `std::rc::Rc`, which caused
Deno to panic under certain situations. We now return an error if `Rc`
is referenced by other variables.

Fixes #9360
Fixes #13345
Fixes #13926
Fixes #16241

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2022-10-18 11:28:27 +09:00
Luca Casonato
3b6b75bb46
feat(core): improve resource read & write traits (#16115)
This commit introduces two new buffer wrapper types to `deno_core`. The
main benefit of these new wrappers is that they can wrap a number of
different underlying buffer types. This allows for a more flexible read
and write API on resources that will require less copying of data
between different buffer representations.

- `BufView` is a read-only view onto a buffer. It can be backed by
`ZeroCopyBuf`, `Vec<u8>`, and `bytes::Bytes`.
- `BufViewMut` is a read-write view onto a buffer. It can be cheaply
converted into a `BufView`. It can be backed by `ZeroCopyBuf` or
`Vec<u8>`.

Both new buffer views have a cursor. This means that the start point of
the view can be constrained to write / read from just a slice of the
view. Only the start point of the slice can be adjusted. The end point
is fixed. To adjust the end point, the underlying buffer needs to be
truncated.

Readable resources have been changed to better cater to resources that
do not support BYOB reads. The basic `read` method now returns a
`BufView` instead of taking a `ZeroCopyBuf` to fill. This allows the
operation to return buffers that the resource has already allocated,
instead of forcing the caller to allocate the buffer. BYOB reads are
still very useful for resources that support them, so a new `read_byob`
method has been added that takes a `BufViewMut` to fill. `op_read`
attempts to use `read_byob` if the resource supports it, which falls
back to `read` and performs an additional copy if it does not. For
Rust->JS reads this change should have no impact, but for Rust->Rust
reads, this allows the caller to avoid an additional copy in many
scenarios. This combined with the support for `BufView` to be backed by
`bytes::Bytes` allows us to avoid one data copy when piping from a
`fetch` response into an `ext/http` response.

Writable resources have been changed to take a `BufView` instead of a
`ZeroCopyBuf` as an argument. This allows for less copying of data in
certain scenarios, as described above. Additionally a new
`Resource::write_all` method has been added that takes a `BufView` and
continually attempts to write the resource until the entire buffer has
been written. Certain resources like files can override this method to
provide a more efficient `write_all` implementation.
2022-10-09 14:49:25 +00:00
Bartek Iwańczuk
212b7dd6da
feat: Add requesting API name to permission prompt (#15936)
Co-authored-by: Leo Kettmeir <crowlkats@toaxl.com>
2022-09-27 22:36:33 +02:00
Luca Casonato
8d82ba7299
build: require safety comments on unsafe code (#13870)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2022-06-26 00:13:24 +02:00
Colin Ihrig
649e5ce023
fix: finish TLS handshake before shutting down (#14547)
This commit ensures that the TLS handshake completes before
attempting to close the connection.
2022-05-10 08:27:08 -04:00
Divy Srivastava
57f7e07c13
Reland "perf(http): optimize ReadableStreams backed by a resource" (#14346) 2022-04-22 16:19:08 +05:30
Bartek Iwańczuk
03019e7781
Revert various PRs related to "ext/http" (#14339)
* Revert "feat(ext/http): stream auto resp body compression (#14325)"
* Revert "core: introduce `resource.read_return` (#14331)"
* Revert "perf(http): optimize `ReadableStream`s backed by a resource (#14284)"
2022-04-21 02:22:55 +02:00
Divy Srivastava
2612b6f20f
core: introduce resource.read_return (#14331) 2022-04-20 18:39:13 +02:00
Aaron O'Mullan
94885bc293
experiment(serde_v8): derive_more enabled opaque wrappers (#14096) 2022-04-02 14:37:11 +02:00
Bert Belder
c5270abad7
feat(unstable): Add Deno.upgradeHttp API (#13618)
This commit adds "Deno.upgradeHttp" API, which
allows to "hijack" connection and switch protocols, to eg.
implement WebSocket required for Node compat.

Co-authored-by: crowlkats <crowlkats@toaxl.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2022-03-16 14:54:18 +01:00
Aaron O'Mullan
bb53135ed8
cleanup(core): OpPair => OpDecl (#13952) 2022-03-15 23:43:17 +01:00