New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: prevent node mode to be used as script runner by other apps #40579
Conversation
/cc @deepak1556 @bpasero this change will get rid of the patch used by VS Code, please check if there will be any unwanted behavior. |
4b35cf5
to
ca110a0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💯 for the tests!
ca110a0
to
8da3bab
Compare
Release Notes Persisted
|
I was unable to backport this PR to "26-x-y" cleanly; |
I was unable to backport this PR to "27-x-y" cleanly; |
I have automatically backported this PR to "28-x-y", please check out #40710 |
Description of Change
See the code comment for the purpose of this change:
Note that this change is only needed on macOS, because on other platforms there is no restriction on invoking another app with custom arguments. In other words, this change is merely to satisfy the security requirements in Apple's ecosystem.
Checklist
npm test
passesRelease Notes
Notes: Prevent node mode to be used as script runner by other apps on macOS.