Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lib,src,permission: port path.resolve to C++ #50758

Merged
merged 1 commit into from
Dec 30, 2023

Conversation

RafaelGSS
Copy link
Member

@RafaelGSS RafaelGSS commented Nov 16, 2023

We're porting path.resolve to C++ to be used on the permission model and other places.

Summary: The permission Model now accepts relative paths through the CLI. Example: --experimental-permission --allow-fs-read=./index.js

Refs: nodejs/security-wg#898

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Nov 16, 2023
src/util.cc Outdated Show resolved Hide resolved
src/util.cc Outdated Show resolved Hide resolved
src/util.cc Outdated Show resolved Hide resolved
src/util.cc Outdated Show resolved Hide resolved
src/util.cc Outdated Show resolved Hide resolved
src/util.cc Outdated Show resolved Hide resolved
src/util.cc Outdated Show resolved Hide resolved
@RafaelGSS RafaelGSS added the permission Issues and PRs related to the Permission Model label Nov 17, 2023
@targos
Copy link
Member

targos commented Nov 20, 2023

Why doesn't it remove the JS implementation. I feel it's very dangerous to have two impl. that are used in different places

@RafaelGSS
Copy link
Member Author

RafaelGSS commented Nov 20, 2023

Why doesn't it remove the JS implementation. I feel it's very dangerous to have two impl. that are used in different places

That's the idea, but I'd prefer to do it in a follow-up PR, so we can measure performance, impacts and it will make the review easier.

@RafaelGSS RafaelGSS force-pushed the feat/pm-resolve branch 2 times, most recently from c7ac444 to b2649a3 Compare November 22, 2023 22:52
@RafaelGSS RafaelGSS changed the title lib,src,permissions: port path.resolve to C++ lib,src,permission: port path.resolve to C++ Nov 22, 2023
@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Nov 22, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Nov 22, 2023
@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Nov 23, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Nov 23, 2023
@nodejs-github-bot
Copy link
Collaborator

@joyeecheung
Copy link
Member

Do we know if this implementation is actually equivalent to the JS implementation? Do any of the tests fail if we replace the JS one with this? I think it should be fairly easy to verify if you just add a binding (maybe in node_util.cc) and call that from the path.resolve implementation?

@RafaelGSS
Copy link
Member Author

Do we know if this implementation is actually equivalent to the JS implementation?

It must be. The tests are actually equivalents.

@nodejs-github-bot
Copy link
Collaborator

@joyeecheung
Copy link
Member

It must be. The tests are actually equivalents

Did you mean the unit tests? I am under the impression that for basic APIs those are mostly smoking tests, but path.resolve is used internally quite a lot so the correctness is largely checked via all the indirect usages (e.g. some test might just fail on Windows because the API it uses indirectly uses path.resolve(), or the module loader uses it). It would be better to verify the correctness of the alternative using this form of coverage.

@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Nov 29, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Nov 29, 2023
@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

@RafaelGSS
Copy link
Member Author

@Ceres6 will be looking to the windows errors. I can create the binding test suggested by Joyee.

@nodejs-github-bot
Copy link
Collaborator

@RafaelGSS
Copy link
Member Author

I will wait a couple of days before merging this PR, just to guarantee the errors shown in #51295 aren't related to path.resolve.

@RafaelGSS RafaelGSS added the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 30, 2023
@nodejs-github-bot nodejs-github-bot added commit-queue-failed An error occurred while landing this pull request using GitHub Actions. and removed commit-queue Add this label to land a pull request using GitHub Actions. labels Dec 30, 2023
@nodejs-github-bot
Copy link
Collaborator

Commit Queue failed
- Loading data for nodejs/node/pull/50758
✔  Done loading data for nodejs/node/pull/50758
----------------------------------- PR info ------------------------------------
Title      lib,src,permission: port path.resolve to C++ (#50758)
Author     Rafael Gonzaga  (@RafaelGSS)
Branch     RafaelGSS:feat/pm-resolve -> nodejs:main
Labels     c++, lib / src, notable-change, needs-ci, permission
Commits    1
 - lib,src,permission: port path.resolve to C++
Committers 1
 - RafaelGSS 
PR-URL: https://github.com/nodejs/node/pull/50758
Refs: https://github.com/nodejs/security-wg/issues/898
Reviewed-By: James M Snell 
Reviewed-By: Paolo Insogna 
------------------------------ Generated metadata ------------------------------
PR-URL: https://github.com/nodejs/node/pull/50758
Refs: https://github.com/nodejs/security-wg/issues/898
Reviewed-By: James M Snell 
Reviewed-By: Paolo Insogna 
--------------------------------------------------------------------------------
   ⚠  Commits were pushed since the last approving review:
   ⚠  - lib,src,permission: port path.resolve to C++
   ℹ  This PR was created on Thu, 16 Nov 2023 17:12:16 GMT
   ✔  Approvals: 2
   ✔  - James M Snell (@jasnell) (TSC): https://github.com/nodejs/node/pull/50758#pullrequestreview-1773719337
   ✔  - Paolo Insogna (@ShogunPanda): https://github.com/nodejs/node/pull/50758#pullrequestreview-1793165763
   ✔  Last GitHub CI successful
   ℹ  Last Full PR CI on 2023-12-27T18:11:23Z: https://ci.nodejs.org/job/node-test-pull-request/56560/
- Querying data for job/node-test-pull-request/56560/
   ✔  Last Jenkins CI successful
--------------------------------------------------------------------------------
   ✔  Aborted `git node land` session in /home/runner/work/node/node/.ncu
https://github.com/nodejs/node/actions/runs/7364282650

@RafaelGSS RafaelGSS removed the commit-queue-failed An error occurred while landing this pull request using GitHub Actions. label Dec 30, 2023
@ovflowd ovflowd added the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 30, 2023
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 30, 2023
@nodejs-github-bot nodejs-github-bot merged commit 338a5be into nodejs:main Dec 30, 2023
62 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in 338a5be

@RafaelGSS RafaelGSS added the semver-minor PRs that contain new features and should be released in the next minor version. label Jan 2, 2024
RafaelGSS added a commit that referenced this pull request Jan 2, 2024
Co-Authored-By: Carlos Espa <cespatorres@gmail.com>
PR-URL: #50758
Refs: nodejs/security-wg#898
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Claudio Wunder <cwunder@gnome.org>
RafaelGSS added a commit that referenced this pull request Jan 2, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) #50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) #50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) #51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) #50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) #51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) #51246

PR-URL: TODO
@RafaelGSS RafaelGSS mentioned this pull request Jan 2, 2024
RafaelGSS added a commit that referenced this pull request Jan 2, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) #50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) #50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) #51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) #50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) #51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) #51246

PR-URL: #51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
RafaelGSS added a commit that referenced this pull request Jan 2, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) #50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) #50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) #51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) #50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) #51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) #51246

PR-URL: #51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
RafaelGSS added a commit that referenced this pull request Jan 2, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) #50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) #50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) #51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) #50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) #51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) #51246

PR-URL: #51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
RafaelGSS added a commit to RafaelGSS/node that referenced this pull request Jan 3, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) nodejs#50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) nodejs#50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) nodejs#51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) nodejs#50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) nodejs#51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) nodejs#51246

PR-URL: nodejs#51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
RafaelGSS added a commit that referenced this pull request Jan 5, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) #50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) #50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) #51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) #50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) #51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) #51246

PR-URL: #51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
RafaelGSS added a commit that referenced this pull request Jan 11, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) #50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) #50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) #51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) #50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) #51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) #51246

PR-URL: #51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
RafaelGSS added a commit that referenced this pull request Jan 15, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) #50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) #50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) #51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) #50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) #51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) #51246

PR-URL: #51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
Medhansh404 pushed a commit to Medhansh404/node that referenced this pull request Jan 19, 2024
Notable changes:

doc:
  * (SEMVER-MINOR) add documentation for --build-snapshot-config (Anna Henningsen) nodejs#50453
lib,src,permission:
  * (SEMVER-MINOR) port path.resolve to C++ (Rafael Gonzaga) nodejs#50758
net:
  * (SEMVER-MINOR) add connection attempt events (Paolo Insogna) nodejs#51045
src:
  * (SEMVER-MINOR) support configurable snapshot (Joyee Cheung) nodejs#50453
src,permission:
  * (SEMVER-MINOR) add --allow-addon flag (Rafael Gonzaga) nodejs#51183
timers:
  * (SEMVER-MINOR) export timers.promises (Marco Ippolito) nodejs#51246

PR-URL: nodejs#51342
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
richardlau pushed a commit that referenced this pull request Mar 25, 2024
Co-Authored-By: Carlos Espa <cespatorres@gmail.com>
PR-URL: #50758
Refs: nodejs/security-wg#898
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Claudio Wunder <cwunder@gnome.org>
richardlau pushed a commit that referenced this pull request Mar 25, 2024
Co-Authored-By: Carlos Espa <cespatorres@gmail.com>
PR-URL: #50758
Refs: nodejs/security-wg#898
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Claudio Wunder <cwunder@gnome.org>
@richardlau richardlau mentioned this pull request Mar 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. notable-change PRs with changes that should be highlighted in changelogs. permission Issues and PRs related to the Permission Model semver-minor PRs that contain new features and should be released in the next minor version.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

9 participants