diff options
| author | Bartek IwaĆczuk <biwanczuk@gmail.com> | 2024-09-17 23:32:52 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-18 00:32:52 +0200 |
| commit | a7d67e3a7a6b2c66f366dd3448b82cbc297a4e77 (patch) | |
| tree | 40ae66b68afdc4aa2dc255d6d3c334193408d646 | |
| parent | 97b8c9be3897f2a17439b217d1cd9884c39c087f (diff) | |
feat: update warning message for --allow-run with no list (#25693)
Ref https://github.com/denoland/deno/pull/25215#discussion_r1762064605
| -rw-r--r-- | cli/args/mod.rs | 2 | ||||
| -rw-r--r-- | tests/specs/permission/deny_run_binary_absolute_path/main.out | 2 | ||||
| -rw-r--r-- | tests/specs/run/allow_run_insecure_warnings/no_allow_list.out | 2 | ||||
| -rw-r--r-- | tests/testdata/run/deny_some_permission_args.out | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/cli/args/mod.rs b/cli/args/mod.rs index db8cf149e..0851dfd6c 100644 --- a/cli/args/mod.rs +++ b/cli/args/mod.rs @@ -1705,7 +1705,7 @@ fn warn_insecure_allow_run_flags(flags: &Flags) { // discourage using --allow-run without an allow list if allow_run_list.is_empty() { log::warn!( - "{} --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)", + "{} --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)", colors::yellow("Warning") ); } diff --git a/tests/specs/permission/deny_run_binary_absolute_path/main.out b/tests/specs/permission/deny_run_binary_absolute_path/main.out index 7f11e7880..fef29eae7 100644 --- a/tests/specs/permission/deny_run_binary_absolute_path/main.out +++ b/tests/specs/permission/deny_run_binary_absolute_path/main.out @@ -1,4 +1,4 @@ -Warning --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses) +Warning --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses) NotCapable: Requires run access to "deno", run again with the --allow-run flag at [WILDCARD] { name: "NotCapable" diff --git a/tests/specs/run/allow_run_insecure_warnings/no_allow_list.out b/tests/specs/run/allow_run_insecure_warnings/no_allow_list.out index 277d0036c..293b4446a 100644 --- a/tests/specs/run/allow_run_insecure_warnings/no_allow_list.out +++ b/tests/specs/run/allow_run_insecure_warnings/no_allow_list.out @@ -1 +1 @@ -Warning --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses) +Warning --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses) diff --git a/tests/testdata/run/deny_some_permission_args.out b/tests/testdata/run/deny_some_permission_args.out index fe3e57d69..be2e832fe 100644 --- a/tests/testdata/run/deny_some_permission_args.out +++ b/tests/testdata/run/deny_some_permission_args.out @@ -1,4 +1,4 @@ -Warning --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses) +Warning --allow-run without an allow list is susceptible to exploits. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses) PermissionStatus { state: "granted", onchange: null, partial: true } PermissionStatus { state: "denied", onchange: null } PermissionStatus { state: "granted", onchange: null } |