From 1cce3060227f7bc53a8d5ad938f092362cf78855 Mon Sep 17 00:00:00 2001
From: Nayeem Rahman <nayeemrmn99@gmail.com>
Date: Wed, 30 Aug 2023 18:52:01 +0100
Subject: fix(runtime/permissions): Resolve executable specifiers in allowlists
 and queries (#14130)

Closes #14122.

Adds two extensions to `--allow-run` behaviour:
- When `--allow-run=foo` is specified and `foo` is found in the `PATH`
at startup, `RunDescriptor::Path(which("foo"))` is added to the
allowlist alongside `RunDescriptor::Name("foo")`. Currently only the
latter is.
- When run permission for `foo` is queried and `foo` is found in the
`PATH` at runtime, either `RunDescriptor::Path(which("foo"))` or
`RunDescriptor::Name("foo")` would qualify in the allowlist. Currently
only the latter does.
---
 cli/tests/integration/run_tests.rs | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'cli/tests/integration/run_tests.rs')

diff --git a/cli/tests/integration/run_tests.rs b/cli/tests/integration/run_tests.rs
index 22096cb60..e7ff19954 100644
--- a/cli/tests/integration/run_tests.rs
+++ b/cli/tests/integration/run_tests.rs
@@ -3617,6 +3617,11 @@ itest!(followup_dyn_import_resolved {
   output: "run/followup_dyn_import_resolves/main.ts.out",
 });
 
+itest!(allow_run_allowlist_resolution {
+  args: "run --quiet --unstable -A allow_run_allowlist_resolution.ts",
+  output: "allow_run_allowlist_resolution.ts.out",
+});
+
 itest!(unhandled_rejection {
   args: "run --check run/unhandled_rejection.ts",
   output: "run/unhandled_rejection.ts.out",
-- 
cgit v1.2.3