src,permission: add multiple allow-fs-* flags#49047
Merged
Uh oh!
There was an error while loading. Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Collaborator
nodejs-github-bot commented Aug 6, 2023
Review requested:
|
nodejs-github-bot added c++ 
Member
RafaelGSS left a comment
RafaelGSS left a comment There was a problem hiding this comment.
Can we have a test for the warning too?
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
ContributorAuthor
@RafaelGSS We do have one https://github.com/nodejs/node/pull/49047/files#diff-5928310ee410bbccf3599140510e07ca18546548955f67505349fa1fef2d6b48R83 |
Member
richardlau left a comment
richardlau left a comment There was a problem hiding this comment.
Possibly add changes metadata to the YAML blocks? e.g.
changes: - version: REPLACEME pr-url: https://github.com/nodejs/node/pull/49047 description: Paths delimited by comma (`,`) are no longer allowed. doc/api/cli.md Outdated
| * Multiple paths can be allowed using multiple `--allow-fs-read` flags. | ||
| Example `--allow-fs-read=/folder1/ --allow-fs-read=/folder1/` | ||
| NOTE: Paths delimited by comma (`,`) are no longer allowed. |
Member
There was a problem hiding this comment.
This could also be added as changes metadata in the YAML block above.
| * Multiple paths can be allowed using multiple `--allow-fs-read` flags. | ||
| Example `--allow-fs-read=/folder1/ --allow-fs-read=/folder1/` | ||
| Paths delimited by comma (`,`) are no longer allowed. |
Member
There was a problem hiding this comment.
This could also be added as changes metadata in the YAML block above.
github-actionsbot removed the request-ci Collaborator
nodejs-github-bot commented Aug 11, 2023
Uh oh!
There was an error while loading. Please reload this page.
RafaelGSS added the commit-queue-squash github-actionsbot removed the request-ci Collaborator
nodejs-github-bot commented Aug 11, 2023
Member
RafaelGSS commented Aug 11, 2023
It seems the machines are broken. I'll wait a bit to request another CI. |
github-actionsbot removed the request-ci This comment was marked as outdated.
This comment was marked as outdated.
github-actionsbot removed the request-ci Collaborator
nodejs-github-bot commented Aug 12, 2023
Support for a single comma separates list for allow-fs-* flags is removed. Instead now multiple flags can be passed to allow multiple paths. Fixes: nodejs/security-wg#1039
Co-authored-by: Rafael Gonzaga <[email protected]>
Co-authored-by: Rafael Gonzaga <[email protected]>
UlisesGascon added a commit that referenced this pull request Sep 13, 2023
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 13, 2023
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 16, 2023
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 18, 2023
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 deps: * upgrade npm to 10.0.0 (npm team) #49423 * upgrade npm to 10.1.0 (npm team) #49570 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 18, 2023
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341 deps: * upgrade npm to 10.1.0 (npm team) #49570 * upgrade npm to 10.0.0 (npm team) #49423 doc: * move and rename loaders section (Geoffrey Booth) #49261 * add release key for Ulises Gascon (Ulises Gascón) #49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) #49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) #49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975 PR-URL: #49592
UlisesGascon added a commit to UlisesGascon/node that referenced this pull request Sep 18, 2023
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) nodejs#49341 deps: * upgrade npm to 10.1.0 (npm team) nodejs#49570 * upgrade npm to 10.0.0 (npm team) nodejs#49423 doc: * move and rename loaders section (Geoffrey Booth) nodejs#49261 * add release key for Ulises Gascon (Ulises Gascón) nodejs#49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) nodejs#46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) nodejs#49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) nodejs#49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) nodejs#48975 PR-URL: nodejs#49592
alexfernandez pushed a commit to alexfernandez/node that referenced this pull request Nov 1, 2023
Notable changes: crypto: * update root certificates to NSS 3.93 (Node.js GitHub Bot) nodejs#49341 deps: * upgrade npm to 10.1.0 (npm team) nodejs#49570 * upgrade npm to 10.0.0 (npm team) nodejs#49423 doc: * move and rename loaders section (Geoffrey Booth) nodejs#49261 * add release key for Ulises Gascon (Ulises Gascón) nodejs#49196 lib: * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) nodejs#46391 src: * support multiple `--env-file` declarations (Yagiz Nizipli) nodejs#49542 src,permission: * add multiple allow-fs-* flags (Carlos Espa) nodejs#49047 test_runner: * (SEMVER-MINOR) expose location of tests (Colin Ihrig) nodejs#48975 PR-URL: nodejs#49592
tniessen added a commit to tniessen/node that referenced this pull request Nov 10, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047
tniessen added a commit to tniessen/node that referenced this pull request Nov 17, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047
nodejs-github-bot pushed a commit that referenced this pull request Nov 19, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
tniessen added a commit to tniessen/node that referenced this pull request Nov 21, 2023
nodejs-github-bot pushed a commit that referenced this pull request Nov 22, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
targos pushed a commit that referenced this pull request Nov 23, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
targos pushed a commit that referenced this pull request Nov 23, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
martenrichter pushed a commit to martenrichter/node that referenced this pull request Nov 26, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047 PR-URL: nodejs#50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
martenrichter pushed a commit to martenrichter/node that referenced this pull request Nov 26, 2023
Refs: nodejs#49047 PR-URL: nodejs#50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
lucshi pushed a commit to lucshi/node that referenced this pull request Nov 27, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: nodejs#48491 Refs: nodejs#49047 PR-URL: nodejs#50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
lucshi pushed a commit to lucshi/node that referenced this pull request Nov 27, 2023
Refs: nodejs#49047 PR-URL: nodejs#50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
RafaelGSS pushed a commit that referenced this pull request Nov 29, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
RafaelGSS pushed a commit that referenced this pull request Nov 29, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
RafaelGSS pushed a commit that referenced this pull request Nov 30, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
RafaelGSS pushed a commit that referenced this pull request Nov 30, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
UlisesGascon pushed a commit that referenced this pull request Dec 11, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
UlisesGascon pushed a commit that referenced this pull request Dec 11, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
UlisesGascon pushed a commit that referenced this pull request Dec 13, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
UlisesGascon pushed a commit that referenced this pull request Dec 15, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
UlisesGascon pushed a commit that referenced this pull request Dec 19, 2023
The use of string_view and subsequent copying to a string was supposed to be a minor optimization in 640a7918, however, since 413c16e, no string splitting occurs anymore. Therefore, we can simply pass around some references instead of using string_view or copying strings. Refs: #48491 Refs: #49047 PR-URL: #50662 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
UlisesGascon pushed a commit that referenced this pull request Dec 19, 2023
Refs: #49047 PR-URL: #50845 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]> Reviewed-By: Deokjin Kim <[email protected]>
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Breaking change: Support for a single comma separates list for allow-fs-* flags is removed.
This means that
Will be interpreted as a single file.
When using a single flag and including commas in said flag a warning will be emitted explaining the change.
Instead now multiple flags can be passed to allow multiple paths.
Will allow access to both paths.
Fixes: nodejs/security-wg#1039