-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src,permission: add multiple allow-fs-* flags #49047
src,permission: add multiple allow-fs-* flags #49047
Conversation
Review requested:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we have a test for the warning too?
@RafaelGSS We do have one https://github.com/nodejs/node/pull/49047/files#diff-5928310ee410bbccf3599140510e07ca18546548955f67505349fa1fef2d6b48R83 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Possibly add changes metadata to the YAML blocks? e.g.
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/49047
description: Paths delimited by comma (`,`) are no longer allowed.
doc/api/cli.md
Outdated
* Multiple paths can be allowed using multiple `--allow-fs-read` flags. | ||
Example `--allow-fs-read=/folder1/ --allow-fs-read=/folder1/` | ||
|
||
NOTE: Paths delimited by comma (`,`) are no longer allowed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could also be added as changes
metadata in the YAML block above.
* Multiple paths can be allowed using multiple `--allow-fs-read` flags. | ||
Example `--allow-fs-read=/folder1/ --allow-fs-read=/folder1/` | ||
|
||
Paths delimited by comma (`,`) are no longer allowed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could also be added as changes
metadata in the YAML block above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One import left
It seems the machines are broken. I'll wait a bit to request another CI. |
This comment was marked as outdated.
This comment was marked as outdated.
Support for a single comma separates list for allow-fs-* flags is removed. Instead now multiple flags can be passed to allow multiple paths. Fixes: nodejs/security-wg#1039
Co-authored-by: Rafael Gonzaga <[email protected]>
Co-authored-by: Rafael Gonzaga <[email protected]>
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 deps: * upgrade npm to 10.0.0 (npm team) #49423 * upgrade npm to 10.1.0 (npm team) #49570 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 deps: * upgrade npm to 10.1.0 (npm team) #49570 * upgrade npm to 10.0.0 (npm team) #49423 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) nodejs#49341 deps: * upgrade npm to 10.1.0 (npm team) nodejs#49570 * upgrade npm to 10.0.0 (npm team) nodejs#49423 doc: * move and rename loaders section (Geoffrey Booth) nodejs#49261 * add release key for Ulises Gascon (Ulises Gascón) nodejs#49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) nodejs#46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) nodejs#49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) nodejs#49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) nodejs#48975 PR-URL: nodejs#49592
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) nodejs#49341 deps: * upgrade npm to 10.1.0 (npm team) nodejs#49570 * upgrade npm to 10.0.0 (npm team) nodejs#49423 doc: * move and rename loaders section (Geoffrey Booth) nodejs#49261 * add release key for Ulises Gascon (Ulises Gascón) nodejs#49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) nodejs#46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) nodejs#49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) nodejs#49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) nodejs#48975 PR-URL: nodejs#49592
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047 PR-URL: nodejs#50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: nodejs#49047 PR-URL: nodejs#50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047 PR-URL: nodejs#50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: nodejs#49047 PR-URL: nodejs#50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
Breaking change: Support for a single comma separates list for allow-fs-* flags is removed.
This means that
Will be interpreted as a single file.
When using a single flag and including commas in said flag a warning will be emitted explaining the change.
Instead now multiple flags can be passed to allow multiple paths.
Will allow access to both paths.
Fixes: nodejs/security-wg#1039