| Age | Commit message (Collapse) | Author |
|---|
|
open (#23208)
Embedders may have special requirements around file opening, so we add a
new `check_open` permission check that is called as part of the file
open process.
|
|
Issue https://github.com/denoland/deno/issues/22222
This PR moves `runtime/permissions` code to a upstream crate called
`deno_permissions`. The `deno_permissions::PermissionsContainer` is put
into the OpState and can be used instead of the current trait-based
permissions system.
For this PR, I've migrated `deno_fetch` to the new crate but kept the
rest of the trait-based system as a wrapper of `deno_permissions` crate.
Doing the migration all at once is error prone and hard to review.
Comparing incremental compile times for `ext/fetch` on Mac M1:
| profile | `cargo build --bin deno` | `cargo plonk build --bin deno` |
| --------- | ------------- | ------------------- |
| `debug` | 20 s | 0.8s |
| `release` | 4 mins 12 s | 1.4s |
|
|
(#16975)
This commit refactors several things in "runtime/permissions" module:
- splits it into "mod.rs" and "prompter.rs"
- adds "PermissionPrompter" trait with two implementations:
* "TtyPrompter"
* "TestPrompter"
- adds "before" and "after" prompt callback which can be used to hide
progress bar in the CLI (to be done in a follow up)
- "permissions_prompt" API returns "PromptResponse" enum, instead
of a boolean; this allows to add "allow all"/"deny all" functionality
for the prompt
|
|
This commit changes "--allow-ffi" flag to support "parent paths",
ie. if an FFI library is loaded we are checking if the library has an
ancestor path in the allowlist for the FFI permission descriptor.
|
|
This commit renames `Deno.getUid()` to `Deno.uid()` and renames
`Deno.getGid()` to `Deno.gid()`.
|
|
This PR implements the NAPI for loading native modules into Deno.
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: DjDeveloper <43033058+DjDeveloperr@users.noreply.github.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
|
|
|
|
|
|
Co-authored-by: Leo Kettmeir <crowlkats@toaxl.com>
|
|
|
|
Co-authored-by: David Sherret <dsherret@users.noreply.github.com>
|
|
|
|
Stop allowing clippy::derive-partial-eq-without-eq and fix warnings
about deriving PartialEq without also deriving Eq.
In one case I removed the PartialEq because it a) wasn't necessary,
and b) sketchy because it was comparing floating point numbers.
IMO, that's a good argument for enforcing the lint rule, because it
would most likely have been caught during review if it had been enabled.
|
|
|
|
|
|
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Ben Noordhuis <info@bnoordhuis.nl>
Co-authored-by: crowlkats <crowlkats@toaxl.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
|
|
|
|
|
|
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
|
|
(#14235)
|
|
|
|
Previously specifying permissions: {} was the same as specifying
permissions: "inherit". Now it will be the same as permissions: "none".
Not specifying any permissions (permissions: undefined) still means
permissions: "inherit".
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Co-authored-by: Erfan Safari <erfanshield@outlook.com>
|
|
|
|
|
|
|
|
|
|
|
|
Fixes #12153
|
|
* perf(ops): optimize permission check
Removes the overhead of permission check on access granted (should be common case):
Delta measured on `perf_now` from `deno_common` bench:
- before: `528ns/op
- after: `166ns/op`
So ~3x faster
|
|
|
|
Fixes #9750
|
|
This commit removes implementation of "native plugins" and replaces
it with FFI API.
Effectively "Deno.openPlugin" API was replaced with "Deno.dlopen" API.
|
|
|
|
(#11289)
parking_lot is already transitively used in tokio via the "full" cargo feature
|
|
This commits moves implementation of net related APIs available on "Deno"
namespace to "deno_net" extension.
Following APIs were moved:
- Deno.listen()
- Deno.connect()
- Deno.listenTls()
- Deno.serveHttp()
- Deno.shutdown()
- Deno.resolveDns()
- Deno.listenDatagram()
- Deno.startTls()
- Deno.Conn
- Deno.Listener
- Deno.DatagramConn
|
|
tools/lint.js to hang on Windows (#10888)
Also fix Windows only clippy issues.
|
|
|
|
Move timers out of runtime/ and into a standalone op crate.
|
|
|
|
|
|
Co-authored-by: Yoshiya Hinosawa <stibium121@gmail.com>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
|
|
This commit adds allowlist support to `--allow-run` flag.
Additionally `Deno.permissions.query()` allows to query for specific
programs within allowlist.
|
|
This commit adds blob URL support. Blob URLs are stored in a process
global storage, that can be accessed from all workers, and the module
loader. Blob URLs can be created using `URL.createObjectURL` and revoked
using `URL.revokeObjectURL`.
This commit does not add support for `fetch`ing blob URLs. This will be
added in a follow up commit.
|
