v1.13.0

2024-11-21 20:38:55 +00:00 · 2021-08-10 16:22:21 +02:00 · 2021-08-10 16:22:21 +02:00 · d82351d677
commit d82351d677
parent 548e466112
9 changed files with 74 additions and 10 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -560,7 +560,7 @@ dependencies = [

 [[package]]
 name = "deno"
-version = "1.12.2"
+version = "1.13.0"
 dependencies = [
 "atty",
 "base64 0.13.0",
@ -875,7 +875,7 @@ dependencies = [

 [[package]]
 name = "deno_tls"
-version = "0.1.0"
+version = "0.1.1"
 dependencies = [
 "deno_core",
 "lazy_static",
--- a/Releases.md
+++ b/Releases.md
@ -6,6 +6,43 @@ https://github.com/denoland/deno/releases
 We also have one-line install commands at:
 https://github.com/denoland/deno_install

+### 1.13.0 / 2021.08.10
+
+- BREAKING(unstable): Rename Deno.WebSocketUpgrade::websocket to socket (#11542)
+- feat: Add --unsafely-treat-insecure-origin-as-secure flag to disable SSL
+  verification (#11324)
+- feat: add experimental WebSocketStream API (#10365)
+- feat: FFI API replacing native plugins (#11152)
+- feat: stabilize Deno.serveHttp() (#11544)
+- feat: support AbortSignal in writeFile (#11568)
+- feat: support client certificates for connectTls (#11598)
+- feat: type check codeblocks in Markdown file with "deno test --doc" (#11421)
+- feat(extensions/crypto): implement importKey and exportKey for raw HMAC keys
+  (#11367)
+- feat(extensions/crypto): implement verify() for HMAC (#11387)
+- feat(extensions/tls): Optionally support loading native certs (#11491)
+- feat(extensions/web): add structuredClone function (#11572)
+- feat(fmt): format top-level JSX elements/fragments with parens when multi-line
+  (#11582)
+- feat(lsp): ability to set DENO_DIR via settings (#11527)
+- feat(lsp): implement refactoring code actions (#11555)
+- feat(lsp): support clients which do not support disabled code actions (#11612)
+- feat(repl): add --eval flag for evaluating code when the repl starts (#11590)
+- feat(repl): support exports in the REPL (#11592)
+- feat(runtime): allow URL for permissions (#11578)
+- feat(runtime): implement navigator.hardwareConcurrency (#11448)
+- feat(unstable): clean environmental variables for subprocess (#11571)
+- fix: support windows file specifiers with import maps (#11551)
+- fix: Type `Deno.errors.*` as subclasses of `Error` (#10702)
+- fix(doc): panic on invalid url (#11536)
+- fix(extensions/fetch): Add Origin header to outgoing requests for fetch
+  (#11557)
+- fix(extensions/websocket): allow any close code for server (#11614)
+- fix(lsp): do not output to stderr before exiting the process (#11562)
+
+Release notes for std version 0.104.0:
+https://github.com/denoland/deno_std/releases/tag/0.104.0
+
 ### 1.12.2 / 2021.07.26

 - feat(lsp, unstable): add workspace config to status page (#11459)
--- a/cli/Cargo.toml
+++ b/cli/Cargo.toml
@ -2,7 +2,7 @@

 [package]
 name = "deno"
-version = "1.12.2"
+version = "1.13.0"
 authors = ["the Deno authors"]
 default-run = "deno"
 edition = "2018"
--- a/cli/tests/deno_land_unsafe_ssl.ts
+++ b/cli/tests/deno_land_unsafe_ssl.ts
@ -0,0 +1,2 @@
+const r = await fetch("https://google.com");
+console.log(r.status);
--- a/cli/tests/deno_land_unsafe_ssl.ts.out
+++ b/cli/tests/deno_land_unsafe_ssl.ts.out
@ -0,0 +1,2 @@
+DANGER: TLS ceritificate validation is disabled for: deno.land
+200
--- a/cli/tests/integration/mod.rs
+++ b/cli/tests/integration/mod.rs
@ -487,6 +487,20 @@ itest!(cafile_ts_fetch_unsafe_ssl {
  http_server: true,
 });

+itest!(deno_land_unsafe_ssl {
+  args:
+    "run --quiet --reload --allow-net --unsafely-ignore-certificate-errors=deno.land deno_land_unsafe_ssl.ts",
+  output: "deno_land_unsafe_ssl.ts.out",
+});
+
+itest!(localhost_unsafe_ssl {
+  args:
+    "run --quiet --reload --allow-net --unsafely-ignore-certificate-errors=deno.land cafile_url_imports.ts",
+  output: "localhost_unsafe_ssl.ts.out",
+  http_server: true,
+  exit_code: 1,
+});
+
 #[test]
 #[ignore]
 fn cafile_env_fetch() {
--- a/cli/tests/localhost_unsafe_ssl.ts.out
+++ b/cli/tests/localhost_unsafe_ssl.ts.out
@ -0,0 +1,3 @@
+DANGER: TLS ceritificate validation is disabled for: deno.land
+error: error sending request for url (https://localhost:5545/cli/tests/subdir/mod2.ts): error trying to connect: invalid certificate: UnknownIssuer
+    at [WILDCARD]tests/cafile_url_imports.ts:1:0
--- a/extensions/tls/Cargo.toml
+++ b/extensions/tls/Cargo.toml
@ -2,7 +2,7 @@

 [package]
 name = "deno_tls"
-version = "0.1.0"
+version = "0.1.1"
 authors = ["the Deno authors"]
 edition = "2018"
 license = "MIT"
--- a/extensions/tls/lib.rs
+++ b/extensions/tls/lib.rs
@ -25,6 +25,7 @@ use rustls::ServerCertVerified;
 use rustls::ServerCertVerifier;
 use rustls::StoresClientSessions;
 use rustls::TLSError;
+use rustls::WebPKIVerifier;
 use serde::Deserialize;
 use std::collections::HashMap;
 use std::io::BufReader;
@ -42,17 +43,22 @@ pub struct NoCertificateVerification(pub Vec<String>);
 impl ServerCertVerifier for NoCertificateVerification {
  fn verify_server_cert(
    &self,
-    _roots: &RootCertStore,
-    _presented_certs: &[Certificate],
-    dns_name: DNSNameRef<'_>,
-    _ocsp: &[u8],
+    roots: &RootCertStore,
+    presented_certs: &[Certificate],
+    dns_name_ref: DNSNameRef<'_>,
+    ocsp: &[u8],
  ) -> Result<ServerCertVerified, TLSError> {
-    let dns_name: &str = dns_name.into();
+    let dns_name: &str = dns_name_ref.into();
    let dns_name: String = dns_name.to_owned();
    if self.0.is_empty() || self.0.contains(&dns_name) {
      Ok(ServerCertVerified::assertion())
    } else {
-      Err(TLSError::General(dns_name))
+      WebPKIVerifier::new().verify_server_cert(
+        roots,
+        presented_certs,
+        dns_name_ref,
+        ocsp,
+      )
    }
  }