mirror of
https://github.com/denoland/deno.git
synced 2024-11-25 15:29:32 -05:00
6fb7e8d93b
This commit adds new "--deny-*" permission flags. These are complimentary to
"--allow-*" flags.
These flags can be used to restrict access to certain resources, even if they
were granted using "--allow-*" flags or the "--allow-all" ("-A") flag.
Eg. specifying "--allow-read --deny-read" will result in a permission error,
while "--allow-read --deny-read=/etc" will allow read access to all FS but the
"/etc" directory.
Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly
by adding, a new "PermissionStatus.partial" field. This field denotes that
while permission might be granted to requested resource, it's only partial (ie.
a "--deny-*" flag was specified that excludes some of the requested resources).
Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for
permissions like "Deno.permissions.query({ name: "read", path: "foo/" })"
will return "PermissionStatus { state: "granted", onchange: null, partial: true }",
denoting that some of the subpaths don't have read access.
Closes #18804.
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
|
||
|---|---|---|
| .. | ||
| args | ||
| bench | ||
| cache | ||
| js | ||
| lsp | ||
| napi | ||
| npm | ||
| ops | ||
| schemas | ||
| standalone | ||
| tests | ||
| tools | ||
| tsc | ||
| util | ||
| auth_tokens.rs | ||
| build.rs | ||
| Cargo.toml | ||
| deno.ico | ||
| deno_std.rs | ||
| emit.rs | ||
| errors.rs | ||
| factory.rs | ||
| file_fetcher.rs | ||
| graph_util.rs | ||
| http_util.rs | ||
| js.rs | ||
| main.rs | ||
| module_loader.rs | ||
| node.rs | ||
| README.md | ||
| resolver.rs | ||
| version.rs | ||
| worker.rs | ||
Deno CLI Crate
This provides the actual deno executable and the user-facing APIs.
The deno crate uses the deno_core to provide the executable.