summaryrefslogtreecommitdiff
path: root/cli
diff options
context:
space:
mode:
Diffstat (limited to 'cli')
-rw-r--r--cli/Cargo.toml1
-rw-r--r--cli/diagnostics.rs2
-rw-r--r--cli/dts/lib.deno.ns.d.ts8
-rw-r--r--cli/dts/lib.deno.unstable.d.ts76
-rw-r--r--cli/flags.rs54
-rw-r--r--cli/standalone.rs2
-rw-r--r--cli/tests/integration/lsp_tests.rs12
-rw-r--r--cli/tests/test/allow_all.out4
-rw-r--r--cli/tests/test/allow_all.ts2
-rw-r--r--cli/tests/test/allow_none.out6
-rw-r--r--cli/tests/test/allow_none.ts2
-rw-r--r--cli/tests/test/ignore_permissions.ts2
-rw-r--r--cli/tests/unit/test_util.ts4
-rw-r--r--cli/tests/workers/no_permissions_worker.js4
-rw-r--r--cli/tools/standalone.rs2
15 files changed, 102 insertions, 79 deletions
diff --git a/cli/Cargo.toml b/cli/Cargo.toml
index 5d71f6037..22b734f13 100644
--- a/cli/Cargo.toml
+++ b/cli/Cargo.toml
@@ -25,6 +25,7 @@ deno_console = { version = "0.13.0", path = "../extensions/console" }
deno_core = { version = "0.95.0", path = "../core" }
deno_crypto = { version = "0.27.0", path = "../extensions/crypto" }
deno_fetch = { version = "0.36.0", path = "../extensions/fetch" }
+deno_ffi = { version = "0.1.0", path = "../extensions/ffi" }
deno_http = { version = "0.4.0", path = "../extensions/http" }
deno_net = { version = "0.4.0", path = "../extensions/net" }
deno_timers = { version = "0.11.0", path = "../extensions/timers" }
diff --git a/cli/diagnostics.rs b/cli/diagnostics.rs
index 18506ccc8..01c096a11 100644
--- a/cli/diagnostics.rs
+++ b/cli/diagnostics.rs
@@ -54,7 +54,7 @@ const UNSTABLE_DENO_PROPS: &[&str] = &[
"listen",
"listenDatagram",
"loadavg",
- "openPlugin",
+ "dlopen",
"osRelease",
"ppid",
"resolveDns",
diff --git a/cli/dts/lib.deno.ns.d.ts b/cli/dts/lib.deno.ns.d.ts
index a312f4bda..40ef4a76c 100644
--- a/cli/dts/lib.deno.ns.d.ts
+++ b/cli/dts/lib.deno.ns.d.ts
@@ -2131,7 +2131,7 @@ declare namespace Deno {
| "write"
| "net"
| "env"
- | "plugin"
+ | "ffi"
| "hrtime";
/** The current status of the permission. */
@@ -2167,8 +2167,8 @@ declare namespace Deno {
variable?: string;
}
- export interface PluginPermissionDescriptor {
- name: "plugin";
+ export interface FFIPermissionDescriptor {
+ name: "ffi";
}
export interface HrtimePermissionDescriptor {
@@ -2183,7 +2183,7 @@ declare namespace Deno {
| WritePermissionDescriptor
| NetPermissionDescriptor
| EnvPermissionDescriptor
- | PluginPermissionDescriptor
+ | FFIPermissionDescriptor
| HrtimePermissionDescriptor;
export interface PermissionStatusEventMap {
diff --git a/cli/dts/lib.deno.unstable.d.ts b/cli/dts/lib.deno.unstable.d.ts
index 64efa0a2f..ab4a63729 100644
--- a/cli/dts/lib.deno.unstable.d.ts
+++ b/cli/dts/lib.deno.unstable.d.ts
@@ -107,36 +107,44 @@ declare namespace Deno {
swapFree: number;
}
- /** **UNSTABLE**: new API, yet to be vetted.
- *
- * Open and initialize a plugin.
- *
- * ```ts
- * import { assert } from "https://deno.land/std/testing/asserts.ts";
- * const rid = Deno.openPlugin("./path/to/some/plugin.so");
- *
- * // The Deno.core namespace is needed to interact with plugins, but this is
- * // internal so we use ts-ignore to skip type checking these calls.
- * // @ts-ignore
- * const { op_test_sync, op_test_async } = Deno.core.ops();
- *
- * assert(op_test_sync);
- * assert(op_test_async);
- *
- * // @ts-ignore
- * const result = Deno.core.opSync("op_test_sync");
- *
- * // @ts-ignore
- * const result = await Deno.core.opAsync("op_test_sync");
- * ```
- *
- * Requires `allow-plugin` permission.
+ /** All possible types for interfacing with foreign functions */
+ export type NativeType =
+ | "void"
+ | "u8"
+ | "i8"
+ | "u16"
+ | "i16"
+ | "u32"
+ | "i32"
+ | "u64"
+ | "i64"
+ | "usize"
+ | "isize"
+ | "f32"
+ | "f64";
+
+ /** A foreign function as defined by its parameter and result types */
+ export interface ForeignFunction {
+ parameters: NativeType[];
+ result: NativeType;
+ }
+
+ /** A dynamic library resource */
+ export interface DynamicLibrary<S extends Record<string, ForeignFunction>> {
+ /** All of the registered symbols along with functions for calling them */
+ symbols: { [K in keyof S]: (...args: unknown[]) => unknown };
+
+ close(): void;
+ }
+
+ /** **UNSTABLE**: new API
*
- * The plugin system is not stable and will change in the future, hence the
- * lack of docs. For now take a look at the example
- * https://github.com/denoland/deno/tree/main/test_plugin
+ * Opens a dynamic library and registers symbols
*/
- export function openPlugin(filename: string): number;
+ export function dlopen<S extends Record<string, ForeignFunction>>(
+ filename: string,
+ symbols: S,
+ ): DynamicLibrary<S>;
/** The log category for a diagnostic message. */
export enum DiagnosticCategory {
@@ -1043,14 +1051,14 @@ declare namespace Deno {
*/
net?: "inherit" | boolean | string[];
- /** Specifies if the `plugin` permission should be requested or revoked.
- * If set to `"inherit"`, the current `plugin` permission will be inherited.
- * If set to `true`, the global `plugin` permission will be requested.
- * If set to `false`, the global `plugin` permission will be revoked.
+ /** Specifies if the `ffi` permission should be requested or revoked.
+ * If set to `"inherit"`, the current `ffi` permission will be inherited.
+ * If set to `true`, the global `ffi` permission will be requested.
+ * If set to `false`, the global `ffi` permission will be revoked.
*
* Defaults to "inherit".
*/
- plugin?: "inherit" | boolean;
+ ffi?: "inherit" | boolean;
/** Specifies if the `read` permission should be requested or revoked.
* If set to `"inherit"`, the current `read` permission will be inherited.
@@ -1137,7 +1145,7 @@ declare interface WorkerOptions {
* For example: `["https://deno.land", "localhost:8080"]`.
*/
net?: "inherit" | boolean | string[];
- plugin?: "inherit" | boolean;
+ ffi?: "inherit" | boolean;
read?: "inherit" | boolean | Array<string | URL>;
run?: "inherit" | boolean | Array<string | URL>;
write?: "inherit" | boolean | Array<string | URL>;
diff --git a/cli/flags.rs b/cli/flags.rs
index 086b20e10..f42dd771c 100644
--- a/cli/flags.rs
+++ b/cli/flags.rs
@@ -133,7 +133,7 @@ pub struct Flags {
pub allow_env: Option<Vec<String>>,
pub allow_hrtime: bool,
pub allow_net: Option<Vec<String>>,
- pub allow_plugin: bool,
+ pub allow_ffi: Option<Vec<String>>,
pub allow_read: Option<Vec<PathBuf>>,
pub allow_run: Option<Vec<String>>,
pub allow_write: Option<Vec<PathBuf>>,
@@ -235,8 +235,15 @@ impl Flags {
_ => {}
}
- if self.allow_plugin {
- args.push("--allow-plugin".to_string());
+ match &self.allow_ffi {
+ Some(ffi_allowlist) if ffi_allowlist.is_empty() => {
+ args.push("--allow-ffi".to_string());
+ }
+ Some(ffi_allowlist) => {
+ let s = format!("--allow-ffi={}", ffi_allowlist.join(","));
+ args.push(s);
+ }
+ _ => {}
}
if self.allow_hrtime {
@@ -253,7 +260,7 @@ impl From<Flags> for PermissionsOptions {
allow_env: flags.allow_env,
allow_hrtime: flags.allow_hrtime,
allow_net: flags.allow_net,
- allow_plugin: flags.allow_plugin,
+ allow_ffi: flags.allow_ffi,
allow_read: flags.allow_read,
allow_run: flags.allow_run,
allow_write: flags.allow_write,
@@ -1228,9 +1235,13 @@ fn permission_args<'a, 'b>(app: App<'a, 'b>) -> App<'a, 'b> {
.help("Allow running subprocesses"),
)
.arg(
- Arg::with_name("allow-plugin")
- .long("allow-plugin")
- .help("Allow loading plugins"),
+ Arg::with_name("allow-ffi")
+ .long("allow-ffi")
+ .min_values(0)
+ .takes_value(true)
+ .use_delimiter(true)
+ .require_equals(true)
+ .help("Allow loading dynamic libraries"),
)
.arg(
Arg::with_name("allow-hrtime")
@@ -1577,7 +1588,7 @@ fn eval_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
flags.allow_run = Some(vec![]);
flags.allow_read = Some(vec![]);
flags.allow_write = Some(vec![]);
- flags.allow_plugin = true;
+ flags.allow_ffi = Some(vec![]);
flags.allow_hrtime = true;
// TODO(@satyarohith): remove this flag in 2.0.
let as_typescript = matches.is_present("ts");
@@ -1696,7 +1707,7 @@ fn repl_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
flags.allow_run = Some(vec![]);
flags.allow_read = Some(vec![]);
flags.allow_write = Some(vec![]);
- flags.allow_plugin = true;
+ flags.allow_ffi = Some(vec![]);
flags.allow_hrtime = true;
}
@@ -1876,9 +1887,12 @@ fn permission_args_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
debug!("run allowlist: {:#?}", &flags.allow_run);
}
- if matches.is_present("allow-plugin") {
- flags.allow_plugin = true;
+ if let Some(ffi_wl) = matches.values_of("allow-ffi") {
+ let ffi_allowlist: Vec<String> = ffi_wl.map(ToString::to_string).collect();
+ flags.allow_ffi = Some(ffi_allowlist);
+ debug!("ffi allowlist: {:#?}", &flags.allow_ffi);
}
+
if matches.is_present("allow-hrtime") {
flags.allow_hrtime = true;
}
@@ -1888,7 +1902,7 @@ fn permission_args_parse(flags: &mut Flags, matches: &clap::ArgMatches) {
flags.allow_net = Some(vec![]);
flags.allow_run = Some(vec![]);
flags.allow_write = Some(vec![]);
- flags.allow_plugin = true;
+ flags.allow_ffi = Some(vec![]);
flags.allow_hrtime = true;
}
if matches.is_present("prompt") {
@@ -2227,7 +2241,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
@@ -2564,7 +2578,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
@@ -2587,7 +2601,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
@@ -2611,7 +2625,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
@@ -2648,7 +2662,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
@@ -2678,7 +2692,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
@@ -2698,7 +2712,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
@@ -2732,7 +2746,7 @@ mod tests {
allow_run: Some(vec![]),
allow_read: Some(vec![]),
allow_write: Some(vec![]),
- allow_plugin: true,
+ allow_ffi: Some(vec![]),
allow_hrtime: true,
..Flags::default()
}
diff --git a/cli/standalone.rs b/cli/standalone.rs
index 9a693d961..3c8dabd3a 100644
--- a/cli/standalone.rs
+++ b/cli/standalone.rs
@@ -195,7 +195,7 @@ fn metadata_to_flags(metadata: &Metadata) -> Flags {
allow_env: permissions.allow_env,
allow_hrtime: permissions.allow_hrtime,
allow_net: permissions.allow_net,
- allow_plugin: permissions.allow_plugin,
+ allow_ffi: permissions.allow_ffi,
allow_read: permissions.allow_read,
allow_run: permissions.allow_run,
allow_write: permissions.allow_write,
diff --git a/cli/tests/integration/lsp_tests.rs b/cli/tests/integration/lsp_tests.rs
index e66b59c2b..a27ebec45 100644
--- a/cli/tests/integration/lsp_tests.rs
+++ b/cli/tests/integration/lsp_tests.rs
@@ -502,7 +502,7 @@ fn lsp_hover_unstable_disabled() {
"uri": "file:///a/file.ts",
"languageId": "typescript",
"version": 1,
- "text": "console.log(Deno.openPlugin);\n"
+ "text": "console.log(Deno.dlopen);\n"
}
}),
);
@@ -537,7 +537,7 @@ fn lsp_hover_unstable_disabled() {
},
"end": {
"line": 0,
- "character": 27
+ "character": 23
}
}
}))
@@ -555,7 +555,7 @@ fn lsp_hover_unstable_enabled() {
"uri": "file:///a/file.ts",
"languageId": "typescript",
"version": 1,
- "text": "console.log(Deno.openPlugin);\n"
+ "text": "console.log(Deno.ppid);\n"
}
}),
);
@@ -580,9 +580,9 @@ fn lsp_hover_unstable_enabled() {
"contents":[
{
"language":"typescript",
- "value":"function Deno.openPlugin(filename: string): number"
+ "value":"const Deno.ppid: number"
},
- "**UNSTABLE**: new API, yet to be vetted.\n\nOpen and initialize a plugin.\n\n```ts\nimport { assert } from \"https://deno.land/std/testing/asserts.ts\";\nconst rid = Deno.openPlugin(\"./path/to/some/plugin.so\");\n\n// The Deno.core namespace is needed to interact with plugins, but this is\n// internal so we use ts-ignore to skip type checking these calls.\n// @ts-ignore\nconst { op_test_sync, op_test_async } = Deno.core.ops();\n\nassert(op_test_sync);\nassert(op_test_async);\n\n// @ts-ignore\nconst result = Deno.core.opSync(\"op_test_sync\");\n\n// @ts-ignore\nconst result = await Deno.core.opAsync(\"op_test_sync\");\n```\n\nRequires `allow-plugin` permission.\n\nThe plugin system is not stable and will change in the future, hence the\nlack of docs. For now take a look at the example\nhttps://github.com/denoland/deno/tree/main/test_plugin"
+ "The pid of the current process's parent."
],
"range":{
"start":{
@@ -591,7 +591,7 @@ fn lsp_hover_unstable_enabled() {
},
"end":{
"line":0,
- "character":27
+ "character":21
}
}
}))
diff --git a/cli/tests/test/allow_all.out b/cli/tests/test/allow_all.out
index 3be26c6e0..9b7367b94 100644
--- a/cli/tests/test/allow_all.out
+++ b/cli/tests/test/allow_all.out
@@ -10,8 +10,8 @@ test env false ... ok [WILDCARD]
test env true ... ok [WILDCARD]
test run false ... ok [WILDCARD]
test run true ... ok [WILDCARD]
-test plugin false ... ok [WILDCARD]
-test plugin true ... ok [WILDCARD]
+test ffi false ... ok [WILDCARD]
+test ffi true ... ok [WILDCARD]
test hrtime false ... ok [WILDCARD]
test hrtime true ... ok [WILDCARD]
diff --git a/cli/tests/test/allow_all.ts b/cli/tests/test/allow_all.ts
index e4e12144e..b8f8c647d 100644
--- a/cli/tests/test/allow_all.ts
+++ b/cli/tests/test/allow_all.ts
@@ -6,7 +6,7 @@ const permissions: Deno.PermissionName[] = [
"net",
"env",
"run",
- "plugin",
+ "ffi",
"hrtime",
];
diff --git a/cli/tests/test/allow_none.out b/cli/tests/test/allow_none.out
index 96fb72278..b79c7e6bf 100644
--- a/cli/tests/test/allow_none.out
+++ b/cli/tests/test/allow_none.out
@@ -5,7 +5,7 @@ test write ... FAILED [WILDCARD]
test net ... FAILED [WILDCARD]
test env ... FAILED [WILDCARD]
test run ... FAILED [WILDCARD]
-test plugin ... FAILED [WILDCARD]
+test ffi ... FAILED [WILDCARD]
test hrtime ... FAILED [WILDCARD]
failures:
@@ -30,7 +30,7 @@ run
PermissionDenied: Can't escalate parent thread permissions
[WILDCARD]
-plugin
+ffi
PermissionDenied: Can't escalate parent thread permissions
[WILDCARD]
@@ -45,7 +45,7 @@ failures:
net
env
run
- plugin
+ ffi
hrtime
test result: FAILED. 0 passed; 7 failed; 0 ignored; 0 measured; 0 filtered out [WILDCARD]
diff --git a/cli/tests/test/allow_none.ts b/cli/tests/test/allow_none.ts
index c0a930eb1..7872c774e 100644
--- a/cli/tests/test/allow_none.ts
+++ b/cli/tests/test/allow_none.ts
@@ -6,7 +6,7 @@ const permissions: Deno.PermissionName[] = [
"net",
"env",
"run",
- "plugin",
+ "ffi",
"hrtime",
];
diff --git a/cli/tests/test/ignore_permissions.ts b/cli/tests/test/ignore_permissions.ts
index bd0567a46..ff3084441 100644
--- a/cli/tests/test/ignore_permissions.ts
+++ b/cli/tests/test/ignore_permissions.ts
@@ -6,7 +6,7 @@ Deno.test({
net: true,
env: true,
run: true,
- plugin: true,
+ ffi: true,
hrtime: true,
},
ignore: true,
diff --git a/cli/tests/unit/test_util.ts b/cli/tests/unit/test_util.ts
index 79e93d70d..6745946c6 100644
--- a/cli/tests/unit/test_util.ts
+++ b/cli/tests/unit/test_util.ts
@@ -32,7 +32,7 @@ interface UnitTestPermissions {
net?: boolean;
env?: boolean;
run?: boolean;
- plugin?: boolean;
+ ffi?: boolean;
hrtime?: boolean;
}
@@ -84,7 +84,7 @@ export function unitTest(
net: false,
env: false,
run: false,
- plugin: false,
+ ffi: false,
hrtime: false,
}, options.perms),
};
diff --git a/cli/tests/workers/no_permissions_worker.js b/cli/tests/workers/no_permissions_worker.js
index 8a4f79d57..db0d911ac 100644
--- a/cli/tests/workers/no_permissions_worker.js
+++ b/cli/tests/workers/no_permissions_worker.js
@@ -1,14 +1,14 @@
self.onmessage = async () => {
const hrtime = await Deno.permissions.query({ name: "hrtime" });
const net = await Deno.permissions.query({ name: "net" });
- const plugin = await Deno.permissions.query({ name: "plugin" });
+ const ffi = await Deno.permissions.query({ name: "ffi" });
const read = await Deno.permissions.query({ name: "read" });
const run = await Deno.permissions.query({ name: "run" });
const write = await Deno.permissions.query({ name: "write" });
self.postMessage(
hrtime.state === "denied" &&
net.state === "denied" &&
- plugin.state === "denied" &&
+ ffi.state === "denied" &&
read.state === "denied" &&
run.state === "denied" &&
write.state === "denied",
diff --git a/cli/tools/standalone.rs b/cli/tools/standalone.rs
index dfec6c7dd..5f89b592d 100644
--- a/cli/tools/standalone.rs
+++ b/cli/tools/standalone.rs
@@ -201,7 +201,7 @@ pub fn compile_to_runtime_flags(
allow_env: flags.allow_env,
allow_hrtime: flags.allow_hrtime,
allow_net: flags.allow_net,
- allow_plugin: flags.allow_plugin,
+ allow_ffi: flags.allow_ffi,
allow_read: flags.allow_read,
allow_run: flags.allow_run,
allow_write: flags.allow_write,
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-25 11:36:11 +0000