From 2f4be6e9441c7d5b0afd0d37dccd48d3057bcd3f Mon Sep 17 00:00:00 2001
From: Kitson Kelly <me@kitsonkelly.com>
Date: Sun, 15 Mar 2020 21:34:22 +1100
Subject: Remove Object.prototype.__proto__ (#4341)

---
 cli/js/compiler.ts | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'cli/js/compiler.ts')

diff --git a/cli/js/compiler.ts b/cli/js/compiler.ts
index 1dddd984c..914a0baf0 100644
--- a/cli/js/compiler.ts
+++ b/cli/js/compiler.ts
@@ -400,6 +400,12 @@ function bootstrapWasmCompilerRuntime(): void {
   globalThis.onmessage = wasmCompilerOnMessage;
 }
 
+// Removes the `__proto__` for security reasons.  This intentionally makes
+// Deno non compliant with ECMA-262 Annex B.2.2.1
+//
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+delete (Object.prototype as any).__proto__;
+
 Object.defineProperties(globalThis, {
   bootstrapWasmCompilerRuntime: {
     value: bootstrapWasmCompilerRuntime,
-- 
cgit v1.2.3