1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-12 10:37:52 -05:00
denoland-deno/tests/specs/cert/cafile_ts_fetch/__test__.jsonc
Bartek Iwańczuk 5504acea67
feat: add --allow-import flag (#25469)
This replaces `--allow-net` for import permissions and makes the
security sandbox stricter by also checking permissions for statically
analyzable imports.

By default, this has a value of
`--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`,
but that can be overridden by providing a different set of hosts.

Additionally, when no value is provided, import permissions are inferred
from the CLI arguments so the following works because
`fresh.deno.dev:443` will be added to the list of allowed imports:

```ts
deno run -A -r https://fresh.deno.dev
```

---------

Co-authored-by: David Sherret <dsherret@gmail.com>
2024-09-26 01:50:54 +00:00

19 lines
715 B
Text

{
"steps": [{
"args": "run --quiet --reload --allow-net --allow-import --cert RootCA.pem cafile_ts_fetch.ts",
"flaky": true,
"output": "cafile_ts_fetch.ts.out"
}, {
"args": "eval --cert RootCA.pem fetch('https://localhost:5545/cert/cafile_ts_fetch.ts.out').then(r=>r.text()).then(t=>console.log(t.trimEnd()))",
"flaky": true,
"output": "cafile_ts_fetch.ts.out"
}, {
"args": "info --quiet --allow-import --cert RootCA.pem https://localhost:5545/cert/cafile_info.ts",
"flaky": true,
"output": "cafile_info.ts.out"
}, {
"args": "cache --quiet --allow-import --cert RootCA.pem http://localhost:4545/cert/cafile_url_imports.ts",
"flaky": true,
"output": ""
}]
}