1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-21 23:04:45 -05:00
denoland-deno/runtime
Bartek Iwańczuk 5504acea67
feat: add --allow-import flag (#25469)
This replaces `--allow-net` for import permissions and makes the
security sandbox stricter by also checking permissions for statically
analyzable imports.

By default, this has a value of
`--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`,
but that can be overridden by providing a different set of hosts.

Additionally, when no value is provided, import permissions are inferred
from the CLI arguments so the following works because
`fresh.deno.dev:443` will be added to the list of allowed imports:

```ts
deno run -A -r https://fresh.deno.dev
```

---------

Co-authored-by: David Sherret <dsherret@gmail.com>
2024-09-26 01:50:54 +00:00
..
examples/extension refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508) 2024-09-16 21:39:37 +01:00
js chore: cleanup unused deprecated code (#25839) 2024-09-26 02:21:38 +02:00
ops chore: upgrade deno_core (#25674) 2024-09-17 01:13:34 +00:00
permissions feat: add --allow-import flag (#25469) 2024-09-26 01:50:54 +00:00
Cargo.toml chore: forward v1.46.3 release commit to main (#25425) 2024-09-04 17:16:24 +00:00
clippy.toml feat(compile): unstable npm and node specifier support (#19005) 2023-05-10 20:06:59 -04:00
code_cache.rs fix: use hash of in-memory bytes only for code cache (#23966) 2024-05-24 10:15:46 -04:00
errors.rs Reland "refactor(fetch): reimplement fetch with hyper instead of reqwest" (#24593) 2024-07-18 01:37:31 +02:00
fmt_errors.rs fix: add suggestion how to fix importing CJS module (#21764) 2024-09-05 12:49:07 +00:00
fs_util.rs fix: do not panic running invalid file specifier (#25530) 2024-09-18 14:51:39 +01:00
inspector_server.rs feat: upgrade deno_core (#25042) 2024-08-19 14:51:16 +00:00
js.rs refactor: remove snapshotting from deno_runtime (#21794) 2024-01-10 16:30:50 +01:00
lib.rs fix: better error for Deno.UnsafeWindowSurface, correct HttpClient name, cleanup unused code (#25833) 2024-09-24 07:04:52 -07:00
permissions.rs feat: add --allow-import flag (#25469) 2024-09-26 01:50:54 +00:00
README.md fix (doc): Typo in runtime/README.md (#20020) 2023-12-13 17:24:32 +00:00
shared.rs BREAKING(buffer): remove Deno.Buffer (#25441) 2024-09-06 18:28:05 +10:00
snapshot.rs refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508) 2024-09-16 21:39:37 +01:00
tokio_util.rs chore: enable clippy::print_stdout and clippy::print_stderr (#23732) 2024-05-08 22:45:06 -04:00
web_worker.rs refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508) 2024-09-16 21:39:37 +01:00
worker.rs refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508) 2024-09-16 21:39:37 +01:00
worker_bootstrap.rs BREAKING: Remove --unstable flag (#25522) 2024-09-09 23:44:29 +02:00

deno_runtime crate

crates docs

This is a slim version of the Deno CLI which removes typescript integration and various tooling (like lint and doc). Basically only JavaScript execution with Deno's operating system bindings (ops).

Stability

This crate is built using battle-tested modules that were originally in the deno crate, however the API of this crate is subject to rapid and breaking changes.

MainWorker

The main API of this crate is MainWorker. MainWorker is a structure encapsulating deno_core::JsRuntime with a set of ops used to implement Deno namespace.

When creating a MainWorker implementors must call MainWorker::bootstrap to prepare JS runtime for use.

MainWorker is highly configurable and allows to customize many of the runtime's properties:

  • module loading implementation
  • error formatting
  • support for source maps
  • support for V8 inspector and Chrome Devtools debugger
  • HTTP client user agent, CA certificate
  • random number generator seed

Worker Web API

deno_runtime comes with support for Worker Web API. The Worker API is implemented using WebWorker structure.

When creating a new instance of MainWorker implementors must provide a callback function that is used when creating a new instance of Worker.

All WebWorker instances are descendents of MainWorker which is responsible for setting up communication with child worker. Each WebWorker spawns a new OS thread that is dedicated solely to that worker.