1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-11-22 15:06:54 -05:00
Commit graph

70 commits

Author SHA1 Message Date
Matt Mastracci
472a370640
feat(runtime): Allow embedders to perform additional access checks on file open (#23208)
Embedders may have special requirements around file opening, so we add a
new `check_open` permission check that is called as part of the file
open process.
2024-04-19 18:12:03 -06:00
Divy Srivastava
de28e6fc09
refactor: add deno_permissions crate (#22236)
Issue https://github.com/denoland/deno/issues/22222


![image](https://github.com/denoland/deno/assets/34997667/2af8474b-b919-4519-98ce-9d29bc7829f2)

This PR moves `runtime/permissions` code to a upstream crate called
`deno_permissions`. The `deno_permissions::PermissionsContainer` is put
into the OpState and can be used instead of the current trait-based
permissions system.

For this PR, I've migrated `deno_fetch` to the new crate but kept the
rest of the trait-based system as a wrapper of `deno_permissions` crate.
Doing the migration all at once is error prone and hard to review.

Comparing incremental compile times for `ext/fetch` on Mac M1:

| profile | `cargo build --bin deno` | `cargo plonk build --bin deno` |
| --------- | ------------- | ------------------- |
| `debug`   | 20 s          | 0.8s                |
| `release` | 4 mins 12 s   | 1.4s                  |
2024-03-12 10:42:26 -07:00
Bartek Iwańczuk
7b212bc574
refactor(permissions): factor out PermissionPrompter trait, add callbacks (#16975)
This commit refactors several things in "runtime/permissions" module:
- splits it into "mod.rs" and "prompter.rs"
- adds "PermissionPrompter" trait with two implementations:
 * "TtyPrompter"
 * "TestPrompter"
- adds "before" and "after" prompt callback which can be used to hide
progress bar in the CLI (to be done in a follow up)
- "permissions_prompt" API returns "PromptResponse" enum, instead
of a boolean; this allows to add "allow all"/"deny all" functionality
for the prompt
2022-12-18 01:12:28 +01:00
sigmaSd
ddd3506e69
fix(permissions): Allow ancestor path for --allow-ffi (#16765)
This commit changes "--allow-ffi" flag to support "parent paths",
ie. if an FFI library is loaded we are checking if the library has an
ancestor path in the allowlist for the FFI permission descriptor.
2022-12-14 21:38:53 +01:00
Colin Ihrig
37340e2386
chore(unstable): rename Deno.getUid() and Deno.getGid() (#16432)
This commit renames `Deno.getUid()` to `Deno.uid()` and renames
`Deno.getGid()` to `Deno.gid()`.
2022-10-26 16:37:48 -04:00
Divy Srivastava
0b016a7fb8
feat(npm): implement Node API (#13633)
This PR implements the NAPI for loading native modules into Deno. 

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: DjDeveloper <43033058+DjDeveloperr@users.noreply.github.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
2022-10-05 19:36:44 +05:30
Yoshiya Hinosawa
15ea624790
refactor(cli): use shared sys kind parser in flags.rs (#16087) 2022-09-29 19:34:16 +09:00
Yoshiya Hinosawa
fa9e7aab6d
feat: add --allow-sys permission flag (#16028) 2022-09-28 21:46:50 +09:00
Bartek Iwańczuk
212b7dd6da
feat: Add requesting API name to permission prompt (#15936)
Co-authored-by: Leo Kettmeir <crowlkats@toaxl.com>
2022-09-27 22:36:33 +02:00
Yoshiya Hinosawa
f3dd13730c
fix(runtime): refresh perm prompt 3 lines instead of 4 (#16049) 2022-09-27 18:07:49 +09:00
Bartek Iwańczuk
b20431c5f9
feat: Refresh interactive permission prompt (#15907)
Co-authored-by: David Sherret <dsherret@users.noreply.github.com>
2022-09-22 14:16:06 +02:00
Divy Srivastava
698a340ad7
perf: fs optimizations - part 1 (#15873) 2022-09-22 14:39:25 +05:30
Ben Noordhuis
b1b418b81a
chore: fix clippy warnings (#15944)
Stop allowing clippy::derive-partial-eq-without-eq and fix warnings
about deriving PartialEq without also deriving Eq.

In one case I removed the PartialEq because it a) wasn't necessary,
and b) sketchy because it was comparing floating point numbers.

IMO, that's a good argument for enforcing the lint rule, because it
would most likely have been caught during review if it had been enabled.
2022-09-19 10:25:03 +02:00
Divy Srivastava
8e1c0e5141
perf(runtime): optimize allocations in read/write checks (#15631) 2022-08-27 20:50:05 +05:30
Bartek Iwańczuk
6bb72a8086
feat(unstable): add more permission checks for ext/node/ (#15581) 2022-08-24 18:07:49 +02:00
Divy Srivastava
cd21cff299
feat(ext/flash): An optimized http/1.1 server (#15405)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Ben Noordhuis <info@bnoordhuis.nl>
Co-authored-by: crowlkats <crowlkats@toaxl.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
2022-08-18 17:35:02 +05:30
Leo Kettmeir
d0ffa0beb5
fix(permissions): ignore empty values (#15447) 2022-08-10 21:13:53 +02:00
David Sherret
635eed9373
chore: fix Windows specific clippy errors (#15212) 2022-07-15 12:30:25 -04:00
Luca Casonato
8d82ba7299
build: require safety comments on unsafe code (#13870)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2022-06-26 00:13:24 +02:00
David Sherret
7919dc902d
fix(permissions): fallback to denied access if the permission prompt fails (#14235) 2022-04-18 09:00:38 -04:00
Luca Casonato
daa7c6d32a
fix: actually don't inherit runtime permissions (#14024) 2022-03-20 22:46:39 +01:00
Luca Casonato
a7bef54d3f
BREAKING: don't inherit permissions by default (#13668)
Previously specifying permissions: {} was the same as specifying
permissions: "inherit". Now it will be the same as permissions: "none".
Not specifying any permissions (permissions: undefined) still means
permissions: "inherit".
2022-03-16 01:43:14 +01:00
David Sherret
3b12afd072
chore: upgrade to Rust 1.59 (#13767) 2022-02-24 20:03:12 -05:00
Leo Kettmeir
4a144c7d6e
chore(permissions): clean up duplicate arguments (#13700) 2022-02-17 15:15:29 +01:00
Ryan Dahl
e5b5753dd3
feat: never prompt for hrtime permission (#13696) 2022-02-17 00:17:24 +01:00
Ryan Dahl
57f4b0e5af
feat: Add hint to permission prompt to display allow flag (#13695) 2022-02-17 00:14:46 +01:00
Andreu Botella
760f4c9e24
chore(ext/timers): move ext/timers to ext/web (#13665) 2022-02-15 12:17:30 +01:00
David Sherret
ad224f53c7
chore: upgrade to rust 1.58 (#13377) 2022-01-15 07:10:12 +01:00
Ryan Dahl
1fb5858009
chore: update copyright to 2022 (#13306)
Co-authored-by: Erfan Safari <erfanshield@outlook.com>
2022-01-07 22:09:52 -05:00
Divy Srivastava
6de53b631f
refactor: use once_cell instead of lazy_static (#13135) 2021-12-18 16:14:42 -05:00
Elias Sjögreen
ee49cce726
feat(ext/ffi): implement UnsafePointer and UnsafePointerView (#12828) 2021-12-15 15:41:49 +01:00
David Sherret
c5a35aba82
chore: fix flaky permissions tests on windows (#12552) 2021-10-26 11:49:07 -04:00
Nayeem Rahman
7a22df9b76
fix(runtime/ops/worker_host): move permission arg parsing to Rust (#12297) 2021-10-13 13:04:44 -04:00
David Sherret
c3e441c5b5
fix: worker environment permissions should accept an array (#12250) 2021-09-30 15:50:59 -04:00
Nayeem Rahman
faefe2300d
fix(cli/permissions): ensure revoked permissions are no longer granted (#12159)
Fixes #12153
2021-09-24 15:48:15 +10:00
Aaron O'Mullan
a33ee087ce
perf(ops): optimize permission check (#11800)
* perf(ops): optimize permission check

Removes the overhead of permission check on access granted (should be common case):

Delta measured on `perf_now` from `deno_common` bench:
- before: `528ns/op
- after: `166ns/op`

So ~3x faster
2021-09-23 00:45:58 +02:00
David Sherret
5e2c5d0afa
fix: permission prompt stuffing on Windows (#11969) 2021-09-14 08:37:27 -04:00
Ryan Dahl
fb35cd0ef4
fix: permission prompt stuffing (#11931)
Fixes #9750
2021-09-09 08:38:47 -04:00
Elias Sjögreen
33c8d790c3
feat: ffi to replace plugins (#11152)
This commit removes implementation of "native plugins" and replaces
it with FFI API.

Effectively "Deno.openPlugin" API was replaced with "Deno.dlopen" API.
2021-08-06 23:28:10 +02:00
Yusuke Tanaka
8f00b5542c
chore: upgrade Rust to 1.54.0 (#11554) 2021-07-30 15:03:41 +02:00
David Sherret
7fc0e8ec8c
chore: use parking_lot for synchronization primitives to align with tokio (#11289)
parking_lot is already transitively used in tokio via the "full" cargo feature
2021-07-06 23:48:01 -04:00
Bartek Iwańczuk
38a7128cdd
feat: Add "deno_net" extension (#11150)
This commits moves implementation of net related APIs available on "Deno"
namespace to "deno_net" extension.

Following APIs were moved:
- Deno.listen()
- Deno.connect()
- Deno.listenTls()
- Deno.serveHttp()
- Deno.shutdown()
- Deno.resolveDns()
- Deno.listenDatagram()
- Deno.startTls()
- Deno.Conn
- Deno.Listener
- Deno.DatagramConn
2021-06-29 01:43:03 +02:00
David Sherret
6ee983b127
chore(tools): Fix stdout buffer of launched process getting full causing tools/lint.js to hang on Windows (#10888)
Also fix Windows only clippy issues.
2021-06-07 22:29:47 -04:00
Ryan Dahl
18c75f0e42
Switch grant/deny prompt to yes/no (#10547) 2021-05-10 07:11:34 -04:00
Ben Noordhuis
5214acd3d9
refactor: move timers to deno_timers op crate (#10179)
Move timers out of runtime/ and into a standalone op crate.
2021-04-14 21:10:48 +02:00
crowlKats
8b59d9f7bc
feat(permissions): allow env permission to take values (#9825) 2021-04-13 13:25:21 +02:00
Aaron O'Mullan
5c2a8cdbdc
perf(runtime): optimize PermissionState::check (#9993) 2021-04-12 13:24:41 +02:00
crowlKats
fefe93c91b
feat(runtime/permissions): prompt fallback (#9376)
Co-authored-by: Yoshiya Hinosawa <stibium121@gmail.com>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2021-04-12 11:15:43 +09:00
crowlKats
e7b7129b7a
feat(permissions): allow run permission to take values (#9833)
This commit adds allowlist support to `--allow-run` flag.

Additionally `Deno.permissions.query()` allows to query for specific
programs within allowlist.
2021-04-10 00:12:00 +02:00
Luca Casonato
966ce7de8a
feat: blob URL support (#10045)
This commit adds blob URL support. Blob URLs are stored in a process
global storage, that can be accessed from all workers, and the module
loader. Blob URLs can be created using `URL.createObjectURL` and revoked
using `URL.revokeObjectURL`.

This commit does not add support for `fetch`ing blob URLs. This will be
added in a follow up commit.
2021-04-07 15:22:14 +02:00