A permission descriptor merged with it's status.
See https://github.com/denoland/deno/blob/master/cli/js/lib.deno.unstable.d.ts
A denied status for a permission.
See:
The "powerful feature" "env" which needs permission.
See:
Note that the definition of PermissionName
in the above spec is swapped
out for a set of Deno permissions which are not web-compatible.
A granted status for a permission.
See:
The "powerful feature" "hrtime" which needs permission.
See:
Note that the definition of PermissionName
in the above spec is swapped
out for a set of Deno permissions which are not web-compatible.
Regex for matching HTTP/HTTPS protocols.
The "powerful feature" "net" which needs permission.
See:
Note that the definition of PermissionName
in the above spec is swapped
out for a set of Deno permissions which are not web-compatible.
The "powerful feature" "plugin" which needs permission.
See:
Note that the definition of PermissionName
in the above spec is swapped
out for a set of Deno permissions which are not web-compatible.
A prompt status for a permission.
See:
The "powerful feature" "read" which needs permission.
See:
Note that the definition of PermissionName
in the above spec is swapped
out for a set of Deno permissions which are not web-compatible.
The "powerful feature" "run" which needs permission.
See:
Note that the definition of PermissionName
in the above spec is swapped
out for a set of Deno permissions which are not web-compatible.
The "powerful feature" "write" which needs permission.
See:
Note that the definition of PermissionName
in the above spec is swapped
out for a set of Deno permissions which are not web-compatible.
A map of top-level permissions to their flag.
A list of top-level permissions that support an optional allowlist.
A list of all top-level permissions as descriptors.
Returns a permission's allowlist value if it exists, otherwise an empty string ("") is returned.
Adds the current grant status to each the provided permission descriptors.
The requested permission statuses.
Filters the provided permissions to those which support an allowlist but have be left with top-level scope.
Provides a set of defences for your application.
This is done by verifying:
Optional configuration parameters for the guard include:
granted
- a list of Deno permission names or descriptors
that should be permitted by the guard. Default: []
.exitOnMissing
- a flag to determine whether the guard
should stop the process when permissions listed in the granted
array have not been granted. Default: false
.exitOnExtra
- a flag to determine whether the guard should
stop the process when permissions not listed in the granted
array have been granted. Default: true
.revoke
- flag to determine whether the guard should
revoke top-level permissions not listed in the granted
array.log
- a flag to determine the guard should log any
warnings or errors to the console. Default: false
.If the guard determines to stop the process, the exit code will
be 1
, i.e. Deno.exit(1)
.
As the Deno Permissions API is currently tagged as "unstable", this
method will currently only perform the above defenses if the process
is started with the --unstable
flag. Once the API becomes stable,
this flag will no longer be required. If the flag is not provided,
guard will simply return as a no-op, so it is safe to use the guard
in applications that won't be passed the --unstable
flag.
Handles the optional logging and process exiting for scenarios in which configured / required permissions are missing.
Handles the optional logging and process exiting for scenarios in which insecure and ungranted top-level permissions have been set.
Handles the optional logging of recommendations when a top-level permission has been requested that supports allowlisting.
Generated using TypeDoc
A Deno permission name or a full permission descriptor.
See https://github.com/denoland/deno/blob/master/cli/js/lib.deno.unstable.d.ts