New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(v6.x backport) src: allow CLI args in env with NODE_OPTIONS #12677

Closed
wants to merge 9 commits into
base: v6.x-staging
from

Conversation

Projects
None yet
8 participants
@sam-github
Member

sam-github commented Apr 26, 2017

Not all CLI options are supported, those that are problematic from a
security or implementation point of view are disallowed, as are ones
that are inappropriate (for example, -e, -p, --i), or that only make
sense when changed with code changes (such as options that change the
javascript syntax or add new APIs).

PR-URL: #12028
Reviewed-By: James M Snell jasnell@gmail.com
Reviewed-By: Michael Dawson michael_dawson@ca.ibm.com
Reviewed-By: Refael Ackermann refack@gmail.com
Reviewed-By: Gibson Fahnestock gibfahn@gmail.com
Reviewed-By: Bradley Farias bradley.meck@gmail.com

EDIT: also pushed #13002 and #13172 onto this PR, so it combines all the NODE_OPTIONS PRs. Note that they are all released as of 8.0.0.

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)
@gibfahn

This comment has been minimized.

Show comment
Hide comment
@gibfahn

gibfahn May 10, 2017

Member

@sam-github needs a rebase (but this probably needs to bake in v7.x first, so maybe leave it)

Member

gibfahn commented May 10, 2017

@sam-github needs a rebase (but this probably needs to bake in v7.x first, so maybe leave it)

@sam-github

This comment has been minimized.

Show comment
Hide comment
@sam-github

sam-github May 10, 2017

Member

rebased without conflicts

Member

sam-github commented May 10, 2017

rebased without conflicts

@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins May 16, 2017

Member

@sam-github SafeGetenv() is now in v6.x-staging

feel free to rework this PR

Member

MylesBorins commented May 16, 2017

@sam-github SafeGetenv() is now in v6.x-staging

feel free to rework this PR

@sam-github

This comment has been minimized.

Show comment
Hide comment
@sam-github

This comment has been minimized.

Show comment
Hide comment
@sam-github

sam-github May 26, 2017

Member

@nodejs/lts, ci was all green, can I land this?

Member

sam-github commented May 26, 2017

@nodejs/lts, ci was all green, can I land this?

@gibfahn

This comment has been minimized.

Show comment
Hide comment
@gibfahn

gibfahn May 26, 2017

Member

cc/ @MylesBorins I can't remember whether we said it was better to wait till the release goes out and v6.x-staging is rebased.

Member

gibfahn commented May 26, 2017

cc/ @MylesBorins I can't remember whether we said it was better to wait till the release goes out and v6.x-staging is rebased.

@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins May 30, 2017

Member

@gibfahn with this being a minor it likely shouldn't land until our next minor release

Member

MylesBorins commented May 30, 2017

@gibfahn with this being a minor it likely shouldn't land until our next minor release

@gibfahn

This comment has been minimized.

Show comment
Hide comment
@gibfahn

gibfahn Jun 18, 2017

Member

@sam-github could you include #12660 and #12692 as well?

Member

gibfahn commented Jun 18, 2017

@sam-github could you include #12660 and #12692 as well?

@sam-github

This comment has been minimized.

Show comment
Hide comment
@sam-github
Member

sam-github commented Oct 11, 2017

@mhdawson

LGTM

MylesBorins added a commit that referenced this pull request Oct 16, 2017

process: add --redirect-warnings command line argument
The --redirect-warnings command line argument allows process warnings
to be written to a specified file rather than printed to stderr.

Also adds an equivalent NODE_REDIRECT_WARNINGS environment variable.

If the specified file cannot be opened or written to for any reason,
the argument is ignored and the warning is printed to stderr.

If the file already exists, it will be appended to.

Backport-PR-URL: #12677
PR-URL: #10116
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Michal Zasso <targos@protonmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 16, 2017

src: use SafeGetenv() for NODE_REDIRECT_WARNINGS
Mutations of the environment can invalidate pointers to environment
variables, so make `secure_getenv()` copy them out instead of returning
pointers.

This is the part of #11051 that
applies to be11fb4.
This part wasn't backported to 6.x when #11051 was backported
because the semver-minor introduction
of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the
env var is backported, this last bit of #11051 is needed.

PR-URL: #12677
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>

MylesBorins added a commit that referenced this pull request Oct 16, 2017

src: use a std::vector for preload_modules
A dynamically allocated array was being used, simplify the memory
management by using std::vector.

Backport-PR-URL: #12677
PR-URL: #12241
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>

MylesBorins added a commit that referenced this pull request Oct 16, 2017

src: allow CLI args in env with NODE_OPTIONS
Not all CLI options are supported, those that are problematic from a
security or implementation point of view are disallowed, as are ones
that are inappropriate (for example, -e, -p, --i), or that only make
sense when changed with code changes (such as options that change the
javascript syntax or add new APIs).

Backport-PR-URL: #12677
PR-URL: #12028
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 16, 2017

src: whitelist new options for NODE_OPTIONS
Add --debug-*, --napi-modules

Remove --prof-process, like -p and -e, it causes node to do something
other than run node js scripts.

Backport-PR-URL: #12677
PR-URL: #13002
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>

MylesBorins added a commit that referenced this pull request Oct 16, 2017

src: allow --tls-cipher-list in NODE_OPTIONS
Backport-PR-URL: #12677
PR-URL: #13172
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 16, 2017

test: chdir before running test-cli-node-options
When test-cli-node-options is run it uses the --trace-events-enabled
option which generates a file named node_trace.1.log. This commit
changes the working directory to the test tmp directory to avoid this
file being created in the project root.

Backport-PR-URL: #12677
PR-URL: #12660
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 16, 2017

test: add hasCrypto check to test-cli-node-options
Currently when configure --without-ssl the test will throw the following
error:
bad option: --use-openssl-ca

This commit checks if crypto was enabled and skips the crypto related
tests if that is the case.

Backport-PR-URL: #12677
PR-URL: #12692
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>/

MylesBorins added a commit that referenced this pull request Oct 16, 2017

src: --abort-on-uncaught-exception in NODE_OPTIONS
Allow --abort-on-uncaught-exception in NODE_OPTIONS, its useful to
enable for post-mortem debugging.

Backport-PR-URL: #12677
PR-URL: #13932
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins
Member

MylesBorins commented Oct 16, 2017

landed in f35071b...a76c2ae

@sam-github

This comment has been minimized.

Show comment
Hide comment
@sam-github

sam-github Oct 16, 2017

Member

Lovely, thanks @MylesBorins

Member

sam-github commented Oct 16, 2017

Lovely, thanks @MylesBorins

@sam-github sam-github deleted the sam-github:backport-12028-to-v6.x branch Oct 16, 2017

@MylesBorins MylesBorins referenced this pull request Oct 17, 2017

Merged

v6.12.0 proposal #16263

MylesBorins added a commit that referenced this pull request Oct 25, 2017

process: add --redirect-warnings command line argument
The --redirect-warnings command line argument allows process warnings
to be written to a specified file rather than printed to stderr.

Also adds an equivalent NODE_REDIRECT_WARNINGS environment variable.

If the specified file cannot be opened or written to for any reason,
the argument is ignored and the warning is printed to stderr.

If the file already exists, it will be appended to.

Backport-PR-URL: #12677
PR-URL: #10116
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Michal Zasso <targos@protonmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 25, 2017

src: use SafeGetenv() for NODE_REDIRECT_WARNINGS
Mutations of the environment can invalidate pointers to environment
variables, so make `secure_getenv()` copy them out instead of returning
pointers.

This is the part of #11051 that
applies to be11fb4.
This part wasn't backported to 6.x when #11051 was backported
because the semver-minor introduction
of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the
env var is backported, this last bit of #11051 is needed.

PR-URL: #12677
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>

MylesBorins added a commit that referenced this pull request Oct 25, 2017

src: use a std::vector for preload_modules
A dynamically allocated array was being used, simplify the memory
management by using std::vector.

Backport-PR-URL: #12677
PR-URL: #12241
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>

MylesBorins added a commit that referenced this pull request Oct 25, 2017

src: allow CLI args in env with NODE_OPTIONS
Not all CLI options are supported, those that are problematic from a
security or implementation point of view are disallowed, as are ones
that are inappropriate (for example, -e, -p, --i), or that only make
sense when changed with code changes (such as options that change the
javascript syntax or add new APIs).

Backport-PR-URL: #12677
PR-URL: #12028
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 25, 2017

src: whitelist new options for NODE_OPTIONS
Add --debug-*, --napi-modules

Remove --prof-process, like -p and -e, it causes node to do something
other than run node js scripts.

Backport-PR-URL: #12677
PR-URL: #13002
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>

MylesBorins added a commit that referenced this pull request Oct 25, 2017

src: allow --tls-cipher-list in NODE_OPTIONS
Backport-PR-URL: #12677
PR-URL: #13172
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 25, 2017

test: chdir before running test-cli-node-options
When test-cli-node-options is run it uses the --trace-events-enabled
option which generates a file named node_trace.1.log. This commit
changes the working directory to the test tmp directory to avoid this
file being created in the project root.

Backport-PR-URL: #12677
PR-URL: #12660
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

MylesBorins added a commit that referenced this pull request Oct 25, 2017

test: add hasCrypto check to test-cli-node-options
Currently when configure --without-ssl the test will throw the following
error:
bad option: --use-openssl-ca

This commit checks if crypto was enabled and skips the crypto related
tests if that is the case.

Backport-PR-URL: #12677
PR-URL: #12692
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>/

MylesBorins added a commit that referenced this pull request Oct 25, 2017

src: --abort-on-uncaught-exception in NODE_OPTIONS
Allow --abort-on-uncaught-exception in NODE_OPTIONS, its useful to
enable for post-mortem debugging.

Backport-PR-URL: #12677
PR-URL: #13932
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

@MylesBorins MylesBorins referenced this pull request Nov 3, 2017

Merged

v4.8.6 proposal #16500

MylesBorins added a commit that referenced this pull request Nov 6, 2017

2017-11-07, Version 6.12.0 'Boron' (LTS)
Notable Changes:

* assert:
  - assert.fail() can now take one or two arguments (Rich Trott)
    #12293
* crypto:
  - add sign/verify support for RSASSA-PSS (Tobias Nießen)
    #11705
* deps:
  - upgrade openssl sources to 1.0.2m (Shigeki Ohtsu)
    #16691
  - upgrade libuv to 1.15.0 (cjihrig)
    #15745
  - upgrade libuv to 1.14.1 (cjihrig)
    #14866
  - upgrade libuv to 1.13.1 (cjihrig)
    #14117
  - upgrade libuv to 1.12.0 (cjihrig)
    #13306
* fs:
  - Add support for fs.write/fs.writeSync(fd, buffer, cb) and
    fs.write/fs.writeSync(fd, buffer, offset, cb) as documented
    (Andreas Lind) #7856
* inspector:
  - enable --inspect-brk (Refael Ackermann)
    #12615
* process:
  - add --redirect-warnings command line argument (James M Snell)
    #10116
* src:
  - allow CLI args in env with NODE_OPTIONS (Sam Roberts)
    #12028)
  - --abort-on-uncaught-exception in NODE_OPTIONS (Sam Roberts)
    #13932
  - allow --tls-cipher-list in NODE_OPTIONS (Sam Roberts)
    #13172
  - use SafeGetenv() for NODE_REDIRECT_WARNINGS (Sam Roberts)
    #12677
* test:
  - remove common.fail() (Rich Trott)
    #12293

PR-URL: #16263

MylesBorins added a commit that referenced this pull request Nov 7, 2017

2017-11-07, Version 6.12.0 'Boron' (LTS)
Notable Changes:

* assert:
  - assert.fail() can now take one or two arguments (Rich Trott)
    #12293
* crypto:
  - add sign/verify support for RSASSA-PSS (Tobias Nießen)
    #11705
* deps:
  - upgrade openssl sources to 1.0.2m (Shigeki Ohtsu)
    #16691
  - upgrade libuv to 1.15.0 (cjihrig)
    #15745
  - upgrade libuv to 1.14.1 (cjihrig)
    #14866
  - upgrade libuv to 1.13.1 (cjihrig)
    #14117
  - upgrade libuv to 1.12.0 (cjihrig)
    #13306
* fs:
  - Add support for fs.write/fs.writeSync(fd, buffer, cb) and
    fs.write/fs.writeSync(fd, buffer, offset, cb) as documented
    (Andreas Lind) #7856
* inspector:
  - enable --inspect-brk (Refael Ackermann)
    #12615
* process:
  - add --redirect-warnings command line argument (James M Snell)
    #10116
* src:
  - allow CLI args in env with NODE_OPTIONS (Sam Roberts)
    #12028)
  - --abort-on-uncaught-exception in NODE_OPTIONS (Sam Roberts)
    #13932
  - allow --tls-cipher-list in NODE_OPTIONS (Sam Roberts)
    #13172
  - use SafeGetenv() for NODE_REDIRECT_WARNINGS (Sam Roberts)
    #12677
* test:
  - remove common.fail() (Rich Trott)
    #12293

PR-URL: #16263

msoechting added a commit to hpicgs/node that referenced this pull request Feb 7, 2018

2017-11-07, Version 6.12.0 'Boron' (LTS)
Notable Changes:

* assert:
  - assert.fail() can now take one or two arguments (Rich Trott)
    nodejs#12293
* crypto:
  - add sign/verify support for RSASSA-PSS (Tobias Nießen)
    nodejs#11705
* deps:
  - upgrade openssl sources to 1.0.2m (Shigeki Ohtsu)
    nodejs#16691
  - upgrade libuv to 1.15.0 (cjihrig)
    nodejs#15745
  - upgrade libuv to 1.14.1 (cjihrig)
    nodejs#14866
  - upgrade libuv to 1.13.1 (cjihrig)
    nodejs#14117
  - upgrade libuv to 1.12.0 (cjihrig)
    nodejs#13306
* fs:
  - Add support for fs.write/fs.writeSync(fd, buffer, cb) and
    fs.write/fs.writeSync(fd, buffer, offset, cb) as documented
    (Andreas Lind) nodejs#7856
* inspector:
  - enable --inspect-brk (Refael Ackermann)
    nodejs#12615
* process:
  - add --redirect-warnings command line argument (James M Snell)
    nodejs#10116
* src:
  - allow CLI args in env with NODE_OPTIONS (Sam Roberts)
    nodejs#12028)
  - --abort-on-uncaught-exception in NODE_OPTIONS (Sam Roberts)
    nodejs#13932
  - allow --tls-cipher-list in NODE_OPTIONS (Sam Roberts)
    nodejs#13172
  - use SafeGetenv() for NODE_REDIRECT_WARNINGS (Sam Roberts)
    nodejs#12677
* test:
  - remove common.fail() (Rich Trott)
    nodejs#12293

PR-URL: nodejs#16263
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment