| Age | Commit message (Collapse) | Author |
|---|
|
Although using `--allow-run` without an allow list gives basically no
security, I think we should remove this warning because it gets in the
way and the only way to disable it is via --quiet.
|
|
(#25811)
|
|
This replaces `--allow-net` for import permissions and makes the
security sandbox stricter by also checking permissions for statically
analyzable imports.
By default, this has a value of
`--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`,
but that can be overridden by providing a different set of hosts.
Additionally, when no value is provided, import permissions are inferred
from the CLI arguments so the following works because
`fresh.deno.dev:443` will be added to the list of allowed imports:
```ts
deno run -A -r https://fresh.deno.dev
```
---------
Co-authored-by: David Sherret <dsherret@gmail.com>
|
|
Towards https://github.com/denoland/deno/issues/25269
|
|
Reverts #25690
This was not an issue with the ts compiler anymore. Discussion here:
https://github.com/dprint/dprint-plugin-typescript/pull/664#issuecomment-2357000053
|
|
Ref https://github.com/denoland/deno/pull/25215#discussion_r1762064605
|
|
Closes #22583
|
|
|
|
This makes the permission system more versatile.
|
|
Ref https://github.com/denoland/deno/issues/25241
Rewritten these tests:
- check::package_json_basic
- check::package_json_fail_check
- check::package_json_with_deno_json
- info::package_json_basic
- test::package_json_basic
- run::package_json_auto_discovered_for_npm_binary
- run::package_json_with_deno_json
|
|
|
|
Closes #25518
|
|
Mainly I removed `Temporal.Calendar` and `Temporal.TimeZone` and
replaced them to APIs that handle calendar and timezone as strings.
https://github.com/tc39/proposal-temporal/pull/2925
Related #24836
|
|
Closes #7394
---------
Co-authored-by: snek <snek@deno.com>
|
|
This was accidentally enabled in byonm, but it requires the
`--unstable-bare-node-builtins` flag.
Closes #25358
|
|
This commit improves error messages for unstable APIs:
- `--unstable-broadcast-channel`
- `--unstable-cron`
- `--unstable-http`
- `--unstable-kv`
- `--unstable-temporal`
By providing information and hints what went wrong and how the
error can be fixed. It reuses the same infra that was added in
https://github.com/denoland/deno/pull/21764.
|
|
Towards #22079
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
|
|
Part of #25162
Closes #11826
|
|
Follow up to https://github.com/denoland/deno/pull/25430
|
|
This commit adds support for executing top-level `.cjs` files,
as well as import `.cjs` files from within npm packages.
This works only for `.cjs` files, the contents of sibling `package.json`
are not consulted for the `"type"` field.
Closes https://github.com/denoland/deno/issues/25384
---------
Signed-off-by: David Sherret <dsherret@users.noreply.github.com>
Co-authored-by: Luca Casonato <hello@lcas.dev>
Co-authored-by: David Sherret <dsherret@users.noreply.github.com>
|
|
...' (#25430)
Running a file like:
```
import "@std/dotenv/load";
```
Without a mapping in `imports` field of `deno.json` or `dependencies` of
`package.json`
will now error out with a hint:
```
error: Relative import path "@std/dotenv/load" not prefixed with / or ./ or ../
hint: Try running `deno add @std/dotenv/load`
at [WILDCARD]bare_specifier_without_import/main.ts:1:8
```
Closes https://github.com/denoland/deno/issues/24699
---------
Co-authored-by: David Sherret <dsherret@users.noreply.github.com>
|
|
denied error (#25434)
Regression from https://github.com/denoland/deno/pull/25370
|
|
Towards #22079
|
|
Deno has been using a deny list, which doesn't make sense because a lot
of these options don't even work.
Closes #25363
|
|
`--allow-run` even with an allow list has essentially been
`--allow-all`... this locks it down more.
1. Resolves allow list for `--allow-run=` on startup to an absolute
path, then uses these paths when evaluating if a command can execute.
Also, adds these paths to `--deny-write`
1. Resolves the environment (cwd and env vars) before evaluating
permissions and before executing a command. Then uses this environment
to evaluate the permissions and then evaluate the command.
|
|
Aligns the error messages in the ext/fetch folder to be in-line with the
Deno style guide.
https://github.com/denoland/deno/issues/25269
|
|
Remove `--allow-hrtime` and `--deny-hrtime`. We are doing this because
it is already possible to get access to high resolution timers through
workers and SharedArrayBuffer.
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
|
|
|
|
Towards https://github.com/denoland/deno/issues/25241
Removes code for tests of unstable APIs that were stabilized with Deno
2.0.0-rc.0.
|
|
|
|
- fix for https://github.com/denoland/deno/issues/25160
- changes needed to land https://github.com/denoland/deno/pull/25140
|
|
Fixes several tests blocking https://github.com/denoland/deno/pull/25213
by replacing `window` global that is gone in Deno 2 with `globalThis`.
Also adjusted a few tests using deprecated `rid` field.
|
|
This commit remove `--lock-write` that was deprecated in v1.45 release.
Closes https://github.com/denoland/deno/issues/24167.
---------
Co-authored-by: Asher Gomez <ashersaupingomez@gmail.com>
|
|
This won't be fully stabilized until 2.0 is released.
|
|
1. On emit, checks for the prescence of import assertions.
1. Warns and doesn't store the parsed source in the emit cache in this
case.
|
|
|
|
This commit improves error messages that `fetch` generates on failure.
Fixes #24835
|
|
- upgrade to v8 12.8
- optimizes DataView bigint methods
- fixes global interceptors
- includes CPED methods for ALS
- fix global resolution
- makes global resolution consistent using host_defined_options.
originally a separate patch but due to the global interceptor bug it
needs to be included in this pr for all tests to pass.
|
|
|
|
This change aims to replace all relative import specifiers targeted at
`tests/util/std` with mapped ones (using a `deno.json` file). Towards
updating the `std` git submodule.
|
|
(#24593)
Originally landed in
https://github.com/denoland/deno/commit/f6fd6619e708a515831f707438368d81b0c9aa56.
Reverted in https://github.com/denoland/deno/pull/24574.
This reland contains a fix that sends "Accept: */*" header for calls made
from "FileFetcher". Absence of this header made downloading source code
from JSR broken. This is tested by ensuring this header is present in the
test server that servers JSR packages.
---------
Co-authored-by: Sean McArthur <sean@seanmonstar.com>
|
|
(#24237)" (#24574)
This reverts commit f6fd6619e708a515831f707438368d81b0c9aa56.
I'm seeing a difference between canary and 1.45.2. In
`deno-docs/reference_gen` I can't download dax when running `deno task
types`
```
~/src/deno-docs/reference_gen# deno upgrade --canary
Looking up latest canary version
Found latest version f6fd6619e708a515831f707438368d81b0c9aa56
Downloading https://dl.deno.land/canary/f6fd6619e708a515831f707438368d81b0c9aa56/deno-aarch64-apple-darwin.zip
Deno is upgrading to version f6fd6619e708a515831f707438368d81b0c9aa56
Archive: /var/folders/9v/kys6gqns6kl8nksyn4l1f9v40000gn/T/.tmpb5lDnq/deno.zip
inflating: deno
Upgraded successfully
~/src/deno-docs/reference_gen# deno -v
deno 1.45.2+f6fd661
~/src/deno-docs/reference_gen# rm -rf /Users/ry/Library/Caches/deno
~/src/deno-docs/reference_gen# deno task types
Task types deno task types:deno && deno task types:node
Task types:deno deno run --allow-read --allow-write --allow-run --allow-env --allow-sys deno-docs.ts
error: JSR package manifest for '@david/dax' failed to load. expected value at line 1 column 1
at file:///Users/ry/src/deno-docs/reference_gen/deno-docs.ts:2:15
~/src/deno-docs/reference_gen# deno upgrade --version 1.45.2
Downloading https://github.com/denoland/deno/releases/download/v1.45.2/deno-aarch64-apple-darwin.zip
Deno is upgrading to version 1.45.2
Archive: /var/folders/9v/kys6gqns6kl8nksyn4l1f9v40000gn/T/.tmp3R7uhF/deno.zip
inflating: deno
Upgraded successfully
~/src/deno-docs/reference_gen# rm -rf /Users/ry/Library/Caches/deno
~/src/deno-docs/reference_gen# deno task types
Task types deno task types:deno && deno task types:node
Task types:deno deno run --allow-read --allow-write --allow-run --allow-env --allow-sys deno-docs.ts
Task types:node deno run --allow-read --allow-write=. --allow-env --allow-sys node-docs.ts
```
|
|
This commit re-implements `ext/fetch` and all dependent crates
using `hyper` and `hyper-util`, instead of `reqwest`.
The reasoning is that we want to have greater control and access
to low level `hyper` APIs when implementing `fetch` API as well
as `node:http` module.
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
|
|
Adds much better support for the unstable Deno workspaces as well as
support for npm workspaces. npm workspaces is still lacking in that we
only install packages into the root node_modules folder. We'll make it
smarter over time in order for it to figure out when to add node_modules
folders within packages.
This includes a breaking change in config file resolution where we stop
searching for config files on the first found package.json unless it's
in a workspace. For the previous behaviour, the root deno.json needs to
be updated to be a workspace by adding `"workspace":
["./path-to-pkg-json-folder-goes-here"]`. See details in
https://github.com/denoland/deno_config/pull/66
Closes #24340
Closes #24159
Closes #24161
Closes #22020
Closes #18546
Closes #16106
Closes #24160
|
|
(#23986)
This makes `DOMException`'s `stack` property behave the same as native
errors' – `stack` is now an own accessor property on every instance, and
the getter calls `Error.prepareStackTrace`.
Upgrades `deno_core` to 0.284.0.
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
|
|
This patch fixes stdin read hanging on user input when switching tty
mode on Windows
Fixes #21111
On Windows, when switching from line to raw mode:
- Cancel ongoing console read by writing a return keypress to its input
buffer. This blocks the main thread until any ongoing read has been
cancelled to prevent interference with the screen state.
- On the read thread, restore the cursor position to where it was before
writing the enter, undoing its effect on the screen state.
- Restart reading and notify the main thread.
|
|
checksum errors (#23979)
Includes:
* https://github.com/denoland/deno_graph/pull/486
* https://github.com/denoland/deno_graph/pull/488
* https://github.com/denoland/deno_lockfile/pull/25
* https://github.com/denoland/deno_lockfile/pull/22
* https://github.com/denoland/deno_graph/pull/483
* https://github.com/denoland/deno_graph/pull/470
|
|
Enhanced warning message for --env flag with run and eval subcommands.
The commit is specifically made to address issue #23674 by improving the
warning messages that appear when using the --env flag with run or eval
subcommands in the following scenarios:
1. Missing environment file.
2. Incorrect syntax in the environment file content.
**Changes made**
- Distinguishes between cases of missing environment file and wrong
syntax in the environment file content.
- Shows a concise warning message to convey the case/issue occurred.
**Code changes & enhancements**
- Implemented a match statement to handle different types of errors
received while getting and parsing the file content to display a concise
warning message, rather than simple error check and then displaying the
same warning message for whatever the type of error is.
- Updated the related existing tests to reflect the new warning
messages.
- Added two test cases to cover the wrong environment file content
syntax with both run and eval subcommands.
**Impact**
The use of --env flag with both run/eval would be more user-friendly as
it gives a precise description of what is not right when using
incorrectly.
If you could give it a look, @dsherret , I appreciate your feedback on
these changes.
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
|
|
v8 12.6 w/pointer compression enabled.
Closes https://github.com/denoland/deno/issues/18935
|
|
Part of https://github.com/denoland/deno/issues/23624
|
