deno.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2024-05-16	fix(ext/node): homedir() `getpwuid`/`SHGetKnownFolderPath` fallback (#23841)	Divy Srivastava
	Unix: Returns the value of the HOME environment variable if it is set even if it is an empty string. Otherwise, it tries to determine the home directory by invoking the [getpwuid_r](https://linux.die.net/man/3/getpwuid_r) function with the UID of the current user. Windows: Returns the value of the USERPROFILE environment variable if it is set and it is not an empty string. Otherwise, it tries to determine the home directory by invoking the [SHGetKnownFolderPath](https://learn.microsoft.com/en-us/windows/win32/api/shlobj_core/nf-shlobj_core-shgetknownfolderpath) function with [FOLDERID_Profile](https://learn.microsoft.com/en-us/windows/win32/shell/knownfolderid). Fixes https://github.com/denoland/deno/issues/23824
2024-05-10	fix(runtime): Allow opening /dev/fd/XXX for unix (#23743)	Matt Mastracci
	`deno run script.ts <(some command)` is a valid use case -- let's allow this to work without `--allow-all`. Fixes #23703
2024-05-08	fix(runtime): allow nul device on windows (#23741)	Matt Mastracci
	Fixes [23721](https://github.com/denoland/deno/issues/23721)
2024-05-07	fix(runtime): allow r/w access to /etc without --allow-all (#23718)	Luca Casonato
	This is not a special path that can be used to escalate or bypass Deno permissions, such as `--allow-env`.
2024-04-19	feat(runtime): Allow embedders to perform additional access checks on file ↵	Matt Mastracci
	open (#23208) Embedders may have special requirements around file opening, so we add a new `check_open` permission check that is called as part of the file open process.
2024-03-26	fix(runtime): use FQDN in NetDescriptor (#23084)	Nayeem Rahman

2024-03-13	perf(permissions): Fast exit from checks when permission is in ↵	Matt Mastracci
	"fully-granted" state (#22894) Skips the access check if the specific unary permission is in an all-granted state. Generally prevents an allocation or two. Hooks up a quiet "all" permission that is automatically inherited. This permission will be used in the future to indicate that the user wishes to accept all side-effects of the permissions they explicitly granted. The "all" permission is an "ambient flag"-style permission that states whether "allow-all" was passed on the command-line.
2024-03-13	chore(permissions): add allow_all flag (#22890)	Matt Mastracci
	Unlocking a potential perf optimization at a later date -- carry the `allow_all` flag into the permission container.
2024-03-12	fix(runtime): negate partial condition for deny flags (#22866)	Nayeem Rahman

2024-03-12	refactor: add `deno_permissions` crate (#22236)	Divy Srivastava
	Issue https://github.com/denoland/deno/issues/22222 ![image](https://github.com/denoland/deno/assets/34997667/2af8474b-b919-4519-98ce-9d29bc7829f2) This PR moves `runtime/permissions` code to a upstream crate called `deno_permissions`. The `deno_permissions::PermissionsContainer` is put into the OpState and can be used instead of the current trait-based permissions system. For this PR, I've migrated `deno_fetch` to the new crate but kept the rest of the trait-based system as a wrapper of `deno_permissions` crate. Doing the migration all at once is error prone and hard to review. Comparing incremental compile times for `ext/fetch` on Mac M1: \| profile \| `cargo build --bin deno` \| `cargo plonk build --bin deno` \| \| --------- \| ------------- \| ------------------- \| \| `debug` \| 20 s \| 0.8s \| \| `release` \| 4 mins 12 s \| 1.4s \|