From b0525edd6fb2fa414407ec73c981051d692d1c26 Mon Sep 17 00:00:00 2001
From: David Sherret <dsherret@users.noreply.github.com>
Date: Tue, 17 Sep 2024 00:08:02 +0100
Subject: feat: warn when using `--allow-run` with no allow list (#25215)

---
 tests/testdata/run/deny_some_permission_args.out | 1 +
 1 file changed, 1 insertion(+)

(limited to 'tests/testdata/run')

diff --git a/tests/testdata/run/deny_some_permission_args.out b/tests/testdata/run/deny_some_permission_args.out
index abb5274ee..fe3e57d69 100644
--- a/tests/testdata/run/deny_some_permission_args.out
+++ b/tests/testdata/run/deny_some_permission_args.out
@@ -1,3 +1,4 @@
+Warning --allow-run can be trivially exploited. Prefer specifying an allow list (https://docs.deno.com/runtime/fundamentals/security/#running-subprocesses)
 PermissionStatus { state: "granted", onchange: null, partial: true }
 PermissionStatus { state: "denied", onchange: null }
 PermissionStatus { state: "granted", onchange: null }
-- 
cgit v1.2.3