(feat) add workspace trust (#1086)

#1051 Not removing the the ls server path scope for now to ensure backwards compatibility. Lift that restriction and bump the minimum required VS Code version later.
sveltejs · Jul 8, 2021 · 7abeef4 · 7abeef4
1 parent 0e8f5b2
commit 7abeef4
Show file tree

Hide file tree

Showing 9 changed files with 83 additions and 5 deletions.
diff --git a/packages/language-server/src/importPackage.ts b/packages/language-server/src/importPackage.ts
@@ -4,6 +4,17 @@ import * as svelte from 'svelte/compiler';
 import sveltePreprocess from 'svelte-preprocess';
 import { Logger } from './logger';
 
+/**
+ * Whether or not the current workspace can be trusted.
+ * TODO rework this to a class which depends on the LsConfigManager
+ * and inject that class into all places where it's needed (Document etc.)
+ */
+let isTrusted = true;
+
+export function setIsTrusted(_isTrusted: boolean) {
+    isTrusted = _isTrusted;
+}
+
 /**
  * This function encapsulates the require call in one place
  * so we can replace its content inside rollup builds
@@ -15,8 +26,12 @@ function dynamicRequire(dynamicFileToRequire: string): any {
 }
 
 export function getPackageInfo(packageName: string, fromPath: string) {
+    const paths = [__dirname];
+    if (isTrusted) {
+        paths.unshift(fromPath);
+    }
     const packageJSONPath = require.resolve(`${packageName}/package.json`, {
-        paths: [fromPath, __dirname]
+        paths
     });
     // eslint-disable-next-line @typescript-eslint/no-var-requires
     const { version } = dynamicRequire(packageJSONPath);

diff --git a/packages/language-server/src/lib/documents/configLoader.ts b/packages/language-server/src/lib/documents/configLoader.ts
@@ -52,6 +52,7 @@ export class ConfigLoader {
     private configFiles = new Map<string, SvelteConfig>();
     private configFilesAsync = new Map<string, Promise<SvelteConfig>>();
     private filePathToConfigPath = new Map<string, string>();
+    private disabled = false;
 
     constructor(
         private globSync: typeof _glob.sync,
@@ -60,6 +61,13 @@ export class ConfigLoader {
         private dynamicImport: typeof _dynamicImport
     ) {}
 
+    /**
+     * Enable/disable loading of configs (for security reasons for example)
+     */
+    setDisabled(disabled: boolean): void {
+        this.disabled = disabled;
+    }
+
     /**
      * Tries to load all `svelte.config.js` files below given directory
      * and the first one found inside/above that directory.
@@ -141,7 +149,9 @@ export class ConfigLoader {
 
     private async loadConfig(configPath: string, directory: string) {
         try {
-            let config = (await this.dynamicImport(pathToFileURL(configPath)))?.default;
+            let config = this.disabled
+                ? {}
+                : (await this.dynamicImport(pathToFileURL(configPath)))?.default;
             config = {
                 ...config,
                 compilerOptions: {

diff --git a/packages/language-server/src/ls-config.ts b/packages/language-server/src/ls-config.ts
@@ -252,6 +252,7 @@ export class LSConfigManager {
     };
     private prettierConfig: any = {};
     private emmetConfig: VSCodeEmmetConfig = {};
+    private isTrusted = true;
 
     /**
      * Updates config.
@@ -324,6 +325,18 @@ export class LSConfigManager {
         });
     }
 
+    /**
+     * Whether or not the current workspace can be trusted.
+     * If not, certain operations should be disabled.
+     */
+    getIsTrusted(): boolean {
+        return this.isTrusted;
+    }
+
+    updateIsTrusted(isTrusted: boolean): void {
+        this.isTrusted = isTrusted;
+    }
+
     private _updateTsUserPreferences(lang: TsUserConfigLang, config: TSUserConfig) {
         this.tsUserPreferences[lang] = {
             ...this.tsUserPreferences[lang],

diff --git a/packages/language-server/src/plugins/svelte/SveltePlugin.ts b/packages/language-server/src/plugins/svelte/SveltePlugin.ts
@@ -47,7 +47,7 @@ export class SveltePlugin
     constructor(private configManager: LSConfigManager) {}
 
     async getDiagnostics(document: Document): Promise<Diagnostic[]> {
-        if (!this.featureEnabled('diagnostics')) {
+        if (!this.featureEnabled('diagnostics') || !this.configManager.getIsTrusted()) {
             return [];
         }
 

diff --git a/packages/language-server/src/server.ts b/packages/language-server/src/server.ts
@@ -35,6 +35,8 @@ import {
 } from './plugins';
 import { debounceThrottle, isNotNullOrUndefined, normalizeUri, urlToPath } from './utils';
 import { FallbackWatcher } from './lib/FallbackWatcher';
+import { configLoader } from './lib/documents/configLoader';
+import { setIsTrusted } from './importPackage';
 
 namespace TagCloseRequest {
     export const type: RequestType<TextDocumentPositionParams, string | null, any> =
@@ -102,6 +104,14 @@ export function startServer(options?: LSOptions) {
             watcher.onDidChangeWatchedFiles(onDidChangeWatchedFiles);
         }
 
+        const isTrusted: boolean = evt.initializationOptions?.isTrusted ?? true;
+        configLoader.setDisabled(!isTrusted);
+        setIsTrusted(isTrusted);
+        configManager.updateIsTrusted(isTrusted);
+        if (!isTrusted) {
+            Logger.log('Workspace is not trusted, running with reduced capabilities.');
+        }
+
         // Backwards-compatible way of setting initialization options (first `||` is the old style)
         configManager.update(
             evt.initializationOptions?.configuration?.svelte?.plugin ||

diff --git a/packages/language-server/test/lib/documents/configLoader.test.ts b/packages/language-server/test/lib/documents/configLoader.test.ts
@@ -2,6 +2,7 @@ import { ConfigLoader } from '../../../src/lib/documents/configLoader';
 import path from 'path';
 import { pathToFileURL, URL } from 'url';
 import assert from 'assert';
+import { spy } from 'sinon';
 
 describe('ConfigLoader', () => {
     function configFrom(path: string) {
@@ -163,4 +164,17 @@ describe('ConfigLoader', () => {
             configFrom(normalizePath('some/svelte.config.js'))
         );
     });
+
+    it('should not load config when disabled', async () => {
+        const moduleLoader = spy();
+        const configLoader = new ConfigLoader(
+            () => [],
+            { existsSync: () => true },
+            path,
+            moduleLoader
+        );
+        configLoader.setDisabled(true);
+        await configLoader.awaitConfig(normalizePath('some/file.svelte'));
+        assert.deepStrictEqual(moduleLoader.notCalled, true);
+    });
 });
diff --git a/packages/language-server/test/plugins/svelte/SveltePlugin.test.ts b/packages/language-server/test/plugins/svelte/SveltePlugin.test.ts
@@ -12,10 +12,11 @@ import * as importPackage from '../../../src/importPackage';
 import sinon from 'sinon';
 
 describe('Svelte Plugin', () => {
-    function setup(content: string, prettierConfig?: any) {
+    function setup(content: string, prettierConfig?: any, trusted = true) {
         const document = new Document('file:///hello.svelte', content);
         const docManager = new DocumentManager(() => document);
         const pluginManager = new LSConfigManager();
+        pluginManager.updateIsTrusted(trusted);
         pluginManager.updatePrettierConfig(prettierConfig);
         const plugin = new SveltePlugin(pluginManager);
         docManager.openDocument(<any>'some doc');
@@ -52,6 +53,14 @@ describe('Svelte Plugin', () => {
         assert.deepStrictEqual(diagnostics, [diagnostic]);
     });
 
+    it('provides no diagnostic errors when untrusted', async () => {
+        const { plugin, document } = setup('<div bind:whatever></div>', {}, false);
+
+        const diagnostics = await plugin.getDiagnostics(document);
+
+        assert.deepStrictEqual(diagnostics, []);
+    });
+
     describe('#formatDocument', () => {
         function stubPrettier(config: any) {
             const formatStub = sinon.stub().returns('formatted');

diff --git a/packages/svelte-vscode/package.json b/packages/svelte-vscode/package.json
@@ -43,6 +43,12 @@
         "onLanguage:svelte",
         "onCommand:svelte.restartLanguageServer"
     ],
+    "capabilities": {
+        "untrustedWorkspaces": {
+            "supported": "limited",
+            "description": "The extension requires workspace trust because it executes code specified by the workspace. Loading the user's node_modules and loading svelte config files is disabled when untrusted"
+        }
+    },
     "contributes": {
         "typescriptServerPlugins-disabled": [
             {

diff --git a/packages/svelte-vscode/src/extension.ts b/packages/svelte-vscode/src/extension.ts
@@ -100,7 +100,8 @@ export function activate(context: ExtensionContext) {
                 typescript: workspace.getConfiguration('typescript'),
                 javascript: workspace.getConfiguration('javascript')
             },
-            dontFilterIncompleteCompletions: true // VSCode filters client side and is smarter at it than us
+            dontFilterIncompleteCompletions: true, // VSCode filters client side and is smarter at it than us
+            isTrusted: (workspace as any).isTrusted
         }
     };