Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

extension_host: Refactor capability checks (#35139)

Browse source 
This PR refactors the extension capability checks to be centralized in
the `CapabilityGranter`.

Release Notes:

- N/A
This commit is contained in:
Marshall Bowers 2025-07-26 16:53:19 -04:00 committed by GitHub
parent 290f84a9e1
commit d7b403e981
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 193 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

3
crates/extension_host/src/wasm_host/wit/since_v0_6_0.rs
View file

@ -847,7 +847,8 @@ impl process::Host for WasmState {
command: process::Command,
) -> wasmtime::Result<Result<process::Output, String>> {
maybe!(async {
self.manifest.allow_exec(&command.command, &command.args)?;
self.capability_granter
.grant_exec(&command.command, &command.args)?;
let output = util::command::new_smol_command(command.command.as_str())
.args(&command.args)