Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(ses): update permits for stage 2.7.4 proposals #2693

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

fix(ses): update permits for stage 2.7.4 proposals #2693

wants to merge 2 commits into from
+73 −11

Conversation

erights
Copy link
Contributor

@erights erights commented Jan 22, 2025
edited
Loading

Closes: #XXXX
Refs: /~https://github.com/tc39/proposals

Description

The permits.js file should stay reasonably up to date with /~https://github.com/tc39/proposals stage 4, 3, and 2.7 proposals. Those it is not yet ready to list, it should at least include in a TODO comment. For non-ancient proposals, each such entry should cite the proposal url.

Security Considerations

The entire reason for the permits mechanism is so that elements added to the primordials are not enabled for Hardened JS until the Hardened JS stewards have vetted them. This is mostly by having vetted the specs during the proposal process, assuming that the implementations follow the spec correctly enough for security purposes. When we later find that an implementation has not, this is a separate security concern to be dealt with then, probably by repair, but conceivably by withdrawing the permit.

Reviewers: Therefore, when reviewing each newly permitted entry, please think about whether it may threaten any security property of Hardened JS.

Scaling Considerations

none

Documentation Considerations

The closer we stay to permitting the JS that is shipping, and that developers have come to expect, the fewer surprises we need to explain.

Testing Considerations

Not sure what would help. Suggestions welcome.

Compatibility Considerations

Code that was feature testing for one of these new features might find one present that had previously been absent. If both branches of the code are correct, well, that is why it feature tests, so all is happy. However, the newly taken branch may have been previously untested.

Upgrade Considerations

See the discussion above about feature testing. Such code, even when correct on both branches, may fail to deterministically replay a previous run done without the feature.

@erights erights self-assigned this Jan 22, 2025
@erights erights marked this pull request as ready for review January 22, 2025 01:43
kriskowal
kriskowal approved these changes Jan 22, 2025
View reviewed changes
packages/ses/src/permits.js

// /~https://github.com/tc39/proposal-source-phase-imports
// TODO %AbstractModuleSource%, ModuleSource?
// ModuleSource: 'ModuleSource',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ModuleSource already appears below.

@kriskowal kriskowal changed the title fix(ses): update permits for stage 2.7..4 proposals fix(ses): update permits for stage 2.7.4 proposals Jan 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kriskowal kriskowal kriskowal approved these changes

@mhofman mhofman Awaiting requested review from mhofman

@gibson042 gibson042 Awaiting requested review from gibson042

Assignees

@erights erights

Labels
next-release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@erights @kriskowal