search

denoland / deno

A modern runtime for JavaScript and TypeScript.
https://deno.com
MIT License
96.73k stars 5.34k forks source link

Showing 3rd party library required permissions when running deno install #23148

Open shoppingjaws opened 6 months ago

shoppingjaws commented 6 months ago

Hi developers, How about displaying necessary permissions when installing a third-party library to enhance secure coding practices?

current deno install

deno install https://deno.land/x/dax/mod.ts
✅ Successfully installed dax
/xxx/deno/1.39.3/.deno/bin/dax

suggested deno install

Required Permissions
- allow-read=/etc
- allow-env=PATH
....
deno install https://deno.land/x/dax/mod.ts
✅ Successfully installed dax
/xxx/deno/1.39.3/.deno/bin/dax

If it works well, developers can code more safely.

lucacasonato commented 4 months ago

How would we determine which permissions to show?