feat(cli): shorthands for --allow-* flags

[samyosm]

As per #19530, adds the following short flags:

short	long
-E	--allow-env
-F	--allow-ffi
-T	--allow-hrtime
-N	--allow-net
-R	--allow-read
-X	--allow-run
-S	--allow-sys
-W	--allow-write

[CLAassistant]

All committers have signed the CLA.

[dsherret]

Sorry, I'm against this because it degrades the permission system by obscuring the meaning of the permission flags.

[samyosm]

How could it not? All shorthands do; you can't preserve much meaning with a single letter. They only allow those that are aware of them to be quicker and more productive. E.g. ls -A instead of ls --almost-all.

[dsherret]

How could it not? All shorthands do; you can't preserve much meaning with a single letter.

Exactly. That's a huge issue for people who aren't aware of what the shorthand flags mean because this relates to Deno's security model. Looking at a deno command on the command line should be easily auditable for what permissions are being allowed.

[samyosm]

I'd argue that shorthands are as easily auditable as their longer form the more people use them. That's why some people aren't even aware of ls --all. Once people get a hand of shorthands they will prefer to use them. This is a similar situation to vim or tailwind.

[dsherret]

I'd argue that shorthands are as easily auditable as their longer form the more people use them. That's why some people aren't even aware of ls --all. Once people get a hand of shorthands they will prefer to use them. This is a similar situation to vim or tailwind.

I disagree with the ls, vim, and tailwind comparison because those don't expand a security sandbox.

I think it's less auditable because it requires looking up or knowing what each shorthand does. It also requires people to be on their toes about new shorthand flags that could open up the security sandbox. It's especially harmful to beginners who might accidentally open their security sandbox for scripts they don't want to because they never realized Deno even had short non-descriptive flags that opened the security sandbox and they just copy and pasted some command.

[samyosm]

I guess you are right. I'll wait the ending words of #19530 before closing this PR.

[catuhana]

I don't think this should land as stated by reviewer, but if its going to happen somehow, instead of reserving new ones I think these short flags make more sense:

Short	Long
-Ae	--allow-env
-Af	--allow-ffi
-At	--allow-hrtime
-An	--allow-network
-Ar	--allow-read
-Ax	--allow-run
-As	--allow-sys
-Aw	--allow-write

[bartlomieju]

Thank you for the PR @samyosm, but as it stands there's no support for this features in the core team. We are exploring alternative ways of making it more convenient to specify which permissions to apply including #12763. I'm going to close it without a merge.