This PR reduces the flakiness of the case `req.body.getReader().read()
throws the error with reasonable error message`.
The case tries to cause BadResource error by premature disconnection
from the client, but it sometimes completes the request when the reading
of tcp data happens quickly. This PR tries to prevent that scenario by
adding some delays when reading & writing http messages.
This improves peer dependency resolution to be more relaxed and resolve
non-version matching ancestors similar to pnpm rather than introducing
duplicate dependencies. Deno will warn when this occurs. In the future,
we should look into introducing an option to have Deno error in this
scenario.
Fixes#20198
The Web Crypto implementation has been artificially limiting `ECDSA` to
only the “recommended” curve/hash pairs (`P‑256/SHA‑256` and
`P‑384/SHA‑384`). The underlying `ring` APIs enforced those pairs, so
any attempt to verify signatures produced with different digests (e.g.
`P‑384` with `SHA‑256`) failed with a “Not implemented” error.
This PR rewires the ECDSA sign/verify path to use RustCrypto’s `ecdsa`
crate instead of `ring`, computes digests separately, and uses the
prehash signing/verifying API so that any `sha1`, `sha256`, `sha384` or
`sha512` can be used with either curve. The JS `SubtleCrypto` bindings
were updated to drop the hard coded checks, and a new unit test
exercises `P‑384 + SHA‑256` to ensure non‑matching combos now round
trip.
---------
Signed-off-by: Gene Parmesan Thomas <201852096+gopoto@users.noreply.github.com>
Signed-off-by: gopoto <201852096+gopoto@users.noreply.github.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
Deno.serve `Request` abort signals are aborted by default even when it
is finished successfully. This PR gates this behavior behind the
"legacy_abort" which is the default right now.
Turning the `no_legacy_abort` runtime option on is a **breaking change**
and will only abort request signals when there is a failure, thereby
cannot be used to determine if the request finished. This aligns with
`fetch` API.
Ref https://github.com/denoland/deno/issues/27005
`import.meta.log` enables basic log filtering through
`env_logger`/`DENO_LOG`. Log levels are supported, and filenames can
also be used. for example: `DENO_LOG=ext:deno_http::00_serve.ts=warn`
This adds support for using a local copy of an npm package.
```js
// deno.json
{
"patch": [
"../path/to/local_npm_package"
],
// required until Deno 2.3, but it will still be considered unstable
"unstable": ["npm-patch"]
}
```
1. Requires using a node_modules folder.
2. When using `"nodeModulesDir": "auto"`, it recreates the folder in the
node_modules directory on each run which will slightly increase startup
time.
3. When using the default with a package.json (`"nodeModulesDir":
"manual"`), updating the package requires running `deno install`. This
is to get the package into the node_modules directory of the current
workspace. This is necessary instead of linking because packages can
have multiple "copy packages" due to peer dep resolution.
Caveat: Specifying a local copy of an npm package or making changes to
its dependencies will purge npm packages from the lockfile. This might
cause npm resolution to resolve differently and it may end up not using
the local copy of the npm package. It's very difficult to only
invalidate resolution midway through the graph and then only rebuild
that part of the resolution, so this is just a first pass that can be
improved in the future. In practice, this probably won't be an issue for
most people.
Another limitation is this also requires the npm package name to exist
in the registry at the moment.
Adds support for re-exporting an ES module from a CJS one and then
importing the CJS module from ESM. Also fixes a bug where require esm
wasn't working in deno compile.
