You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have tried Deno several times, before version 1.0, and with the latest version. One obvious problem I see, and which I think is huge, is the permission system. Currently, when we run a script with Deno, we have to specify the different permissions we want using arguments like --allow-run, --allow-read.... or --all or -A in order to accept all permissions.
The point is that by allowing all permissions on a program, we expose ourselves to serious risk to the machine or the user, but out of "developer laziness", we don't want to have an execution line like:
deno run --allow-read --allow-net --allow-write --allow-env mod.ts
That's why I propose a new way of working. Arguments are still important, especially for everything CI. At the same time, for a better user experience, I can see something like:
deno run mod.ts
mod.ts needs the net permission. Do you allow it?
- Yes
- No
> Yes
mod.ts needs the write permission. Do you allow it?
- Yes
- No
> Yes
Once the developer has entered his preferences, they are cached, so that he doesn't have to specify them again.
An alternative would be to have a configuration file for this, specifically, add this possibility to the current configuration system.
I think a better developer experience at this level would bring more developers into the project, or at least interest a part of the community.
This is an open suggestion, and I would love to hear from the developers and the Deno team about this one.
The text was updated successfully, but these errors were encountered:
Hi 👋🏻
I have tried Deno several times, before version 1.0, and with the latest version. One obvious problem I see, and which I think is huge, is the permission system. Currently, when we run a script with Deno, we have to specify the different permissions we want using arguments like
--allow-run,--allow-read.... or--allor-Ain order to accept all permissions.The point is that by allowing all permissions on a program, we expose ourselves to serious risk to the machine or the user, but out of "developer laziness", we don't want to have an execution line like:
That's why I propose a new way of working. Arguments are still important, especially for everything CI. At the same time, for a better user experience, I can see something like:
Once the developer has entered his preferences, they are cached, so that he doesn't have to specify them again.
An alternative would be to have a configuration file for this, specifically, add this possibility to the current configuration system.
I think a better developer experience at this level would bring more developers into the project, or at least interest a part of the community.
This is an open suggestion, and I would love to hear from the developers and the Deno team about this one.
The text was updated successfully, but these errors were encountered: