Skip to content

lib,permission: fix dropping addon permission#64007

Open
mawalu wants to merge 1 commit into
nodejs:mainfrom
mawalu:fix-drop-addons-permission
Open

lib,permission: fix dropping addon permission#64007
mawalu wants to merge 1 commit into
nodejs:mainfrom
mawalu:fix-drop-addons-permission

Conversation

@mawalu

@mawalu mawalu commented Jun 19, 2026

Copy link
Copy Markdown

Loading addons currently does not perform a permission check, instead the addon permission was enforced by setting the existing allow_native_addons option.

Since permission.drop doesn't touch that option, permission.drop('addon') is currently ineffective. Still permission.has reflects the dropped state.

This PR fixes this by adding a permission check and introducing the missing test case for the addon permission.

@nodejs-github-bot

Copy link
Copy Markdown
Collaborator

Review requested:

  • @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. labels Jun 19, 2026
@RafaelGSS RafaelGSS added the permission Issues and PRs related to the Permission Model label Jun 20, 2026
@mawalu

mawalu commented Jun 30, 2026

Copy link
Copy Markdown
Author

First time contributing, is there anything I can do to help getting this merged?

@geeksilva97 geeksilva97 added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 30, 2026
@geeksilva97

geeksilva97 commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

First time contributing, is there anything I can do to help getting this merged?

we need a successfull ci run. I added the tag. it should start ci soon.

@geeksilva97 geeksilva97 added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Jun 30, 2026
@github-actions github-actions Bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 30, 2026
@nodejs-github-bot

Copy link
Copy Markdown
Collaborator

@geeksilva97

geeksilva97 commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

This PR keeps failing in shared libraries.

../../src/crypto/crypto_context.cc:15:10: fatal error: openssl/comp.h: No such file or directory
15 | #include <openssl/comp.h>
| ^~~~~~~~~~~~~~~~
compilation terminated.

@mawalu , could u please rebase this PR with main, just to ensure all deps are good?

Signed-off-by: Martin <martin@asymmetric.re>
@mawalu mawalu force-pushed the fix-drop-addons-permission branch from d7036c1 to 5c64b1b Compare July 1, 2026 08:26
@mawalu

mawalu commented Jul 1, 2026

Copy link
Copy Markdown
Author

@geeksilva97 just rebased on latest main

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. permission Issues and PRs related to the Permission Model

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants