Add `exec_script_allowlist` to replace `exec_script_whitelist`.
To make things slightly more inclusive and descriptive, this
CL introduces an `exec_script_allowlist` value to the dotfile.
It works the same as `exec_script_whitelist`, and in fact
`exec_script_whitelist` is now just a synonym provided for backwards
compatibility.
Bug: 40713186
Change-Id: Ia27c1a60ae6c7ed70626bfad1681247765079be3
Reviewed-on: https://gn-review.googlesource.com/c/gn/+/18100
Reviewed-by: Takuto Ikuta <tikuta@google.com>
Commit-Queue: Dirk Pranke <dpranke@google.com>
diff --git a/docs/language.md b/docs/language.md
index 137300a..629125e 100644
--- a/docs/language.md
+++ b/docs/language.md
@@ -491,7 +491,7 @@
suspended until a Python process completes execution, relying on
external scripts is slow and should be minimized.
-To prevent abuse, files permitted to call `exec_script` can be whitelisted in
+To prevent abuse, files permitted to call `exec_script` can be allowlisted in
the toplevel `.gn` file. Chrome does this to require additional code review
for such additions. See `gn help dotfile`.
diff --git a/docs/reference.md b/docs/reference.md
index 041628c..56c554f 100644
--- a/docs/reference.md
+++ b/docs/reference.md
@@ -6562,7 +6562,7 @@
If no public files are declared, other targets (assuming they have visibility
to depend on this target) can include any file in the sources list. If this
variable is defined on a target, dependent targets may only include files on
- this whitelist unless that target is marked as a friend (see "gn help
+ this allowlist unless that target is marked as a friend (see "gn help
friend").
Header file permissions are also subject to visibility. A target must be
@@ -7199,7 +7199,7 @@
default. They can be checked explicitly by running
"gn check --check-system" or "gn gen --check=system"
- exec_script_whitelist [optional]
+ exec_script_allowlist [optional]
A list of .gn/.gni files (not labels) that have permission to call the
exec_script function. If this list is defined, calls to exec_script will
be checked against this list and GN will fail if the current file isn't
@@ -7213,11 +7213,17 @@
If unspecified, the ability to call exec_script is unrestricted.
Example:
- exec_script_whitelist = [
+ exec_script_allowlist = [
"//base/BUILD.gn",
"//build/my_config.gni",
]
+ exec_script_whitelist [optional]
+ A synonym for "exec_script_allowlist" that exists for backwards
+ compatibility. New code should use "exec_script_allowlist" instead.
+ If both values are set, only the value in "exec_script_allowlist" will
+ have any effect (so don't set both!).
+
export_compile_commands [optional]
A list of label patterns for which to generate a Clang compilation
database (see "gn help label_pattern" for the string format).
@@ -8086,7 +8092,7 @@
GN's header checker helps validate that the includes match the build
dependency graph. Sometimes an include might be conditional or otherwise
problematic, but you want to specifically allow it. In this case, it can be
- whitelisted.
+ allowlisted.
Include lines containing the substring "nogncheck" will be excluded from
header checking. The most common case is a conditional include:
diff --git a/src/gn/build_settings.h b/src/gn/build_settings.h
index 3d1dbf2..e21851a 100644
--- a/src/gn/build_settings.h
+++ b/src/gn/build_settings.h
@@ -134,11 +134,11 @@
// A list of files that can call exec_script(). If the returned pointer is
// null, exec_script may be called from anywhere.
- const SourceFileSet* exec_script_whitelist() const {
- return exec_script_whitelist_.get();
+ const SourceFileSet* exec_script_allowlist() const {
+ return exec_script_allowlist_.get();
}
- void set_exec_script_whitelist(std::unique_ptr<SourceFileSet> list) {
- exec_script_whitelist_ = std::move(list);
+ void set_exec_script_allowlist(std::unique_ptr<SourceFileSet> list) {
+ exec_script_allowlist_ = std::move(list);
}
private:
@@ -162,7 +162,7 @@
ItemDefinedCallback item_defined_callback_;
PrintCallback print_callback_;
- std::unique_ptr<SourceFileSet> exec_script_whitelist_;
+ std::unique_ptr<SourceFileSet> exec_script_allowlist_;
BuildSettings& operator=(const BuildSettings&) = delete;
};
diff --git a/src/gn/command_check.cc b/src/gn/command_check.cc
index 536bc13..fccfebb 100644
--- a/src/gn/command_check.cc
+++ b/src/gn/command_check.cc
@@ -22,7 +22,7 @@
GN's header checker helps validate that the includes match the build
dependency graph. Sometimes an include might be conditional or otherwise
problematic, but you want to specifically allow it. In this case, it can be
- whitelisted.
+ allowlisted.
Include lines containing the substring "nogncheck" will be excluded from
header checking. The most common case is a conditional include:
diff --git a/src/gn/function_exec_script.cc b/src/gn/function_exec_script.cc
index 489388d..6f8bdf5 100644
--- a/src/gn/function_exec_script.cc
+++ b/src/gn/function_exec_script.cc
@@ -27,17 +27,17 @@
bool CheckExecScriptPermissions(const BuildSettings* build_settings,
const FunctionCallNode* function,
Err* err) {
- const SourceFileSet* whitelist = build_settings->exec_script_whitelist();
- if (!whitelist)
- return true; // No whitelist specified, don't check.
+ const SourceFileSet* allowlist = build_settings->exec_script_allowlist();
+ if (!allowlist)
+ return true; // No allowlist specified, don't check.
LocationRange function_range = function->GetRange();
if (!function_range.begin().file())
return true; // No file, might be some internal thing, implicitly pass.
- if (whitelist->find(function_range.begin().file()->name()) !=
- whitelist->end())
- return true; // Whitelisted, this is OK.
+ if (allowlist->find(function_range.begin().file()->name()) !=
+ allowlist->end())
+ return true; // allowlisted, this is OK.
// Disallowed case.
*err = Err(
@@ -53,7 +53,7 @@
"run to compute the value.\n"
"\n"
"The allowed callers of exec_script is maintained in the \"//.gn\" file\n"
- "if you need to modify the whitelist.");
+ "if you need to modify the allowlist.");
return false;
}
diff --git a/src/gn/functions.cc b/src/gn/functions.cc
index 5d958a5..6642768 100644
--- a/src/gn/functions.cc
+++ b/src/gn/functions.cc
@@ -1531,7 +1531,7 @@
if (found_function->second.self_evaluating_args_runner) {
// Self evaluating args functions are special weird built-ins like foreach.
// Rather than force them all to check that they have a block or no block
- // and risk bugs for new additions, check a whitelist here.
+ // and risk bugs for new additions, check an allowlist here.
if (found_function->second.self_evaluating_args_runner != &RunForEach) {
if (!VerifyNoBlockForFunctionCall(function, block, err))
return Value();
diff --git a/src/gn/header_checker.cc b/src/gn/header_checker.cc
index 0abf71a..9978a88 100644
--- a/src/gn/header_checker.cc
+++ b/src/gn/header_checker.cc
@@ -413,7 +413,7 @@
// For all targets containing this file, we require that at least one be
// a direct or public dependency of the current target, and either (1) the
// header is public within the target, or (2) there is a friend definition
- // whitelisting the includor.
+ // allowlisting the includor.
//
// If there is more than one target containing this header, we may encounter
// some error cases before finding a good one. This error stores the previous
@@ -472,7 +472,7 @@
} else if (to_target->allow_circular_includes_from().find(
from_target->label()) !=
to_target->allow_circular_includes_from().end()) {
- // Not a dependency, but this include is whitelisted from the destination.
+ // Not a dependency, but this include is allowlisted from the destination.
found_dependency = true;
last_error = Err();
break;
diff --git a/src/gn/setup.cc b/src/gn/setup.cc
index c2f0aed..912f378 100644
--- a/src/gn/setup.cc
+++ b/src/gn/setup.cc
@@ -98,7 +98,7 @@
default. They can be checked explicitly by running
"gn check --check-system" or "gn gen --check=system"
- exec_script_whitelist [optional]
+ exec_script_allowlist [optional]
A list of .gn/.gni files (not labels) that have permission to call the
exec_script function. If this list is defined, calls to exec_script will
be checked against this list and GN will fail if the current file isn't
@@ -112,11 +112,17 @@
If unspecified, the ability to call exec_script is unrestricted.
Example:
- exec_script_whitelist = [
+ exec_script_allowlist = [
"//base/BUILD.gn",
"//build/my_config.gni",
]
+ exec_script_whitelist [optional]
+ A synonym for "exec_script_allowlist" that exists for backwards
+ compatibility. New code should use "exec_script_allowlist" instead.
+ If both values are set, only the value in "exec_script_allowlist" will
+ have any effect (so don't set both!).
+
export_compile_commands [optional]
A list of label patterns for which to generate a Clang compilation
database (see "gn help label_pattern" for the string format).
@@ -1088,26 +1094,32 @@
check_system_includes_ = check_system_includes_value->boolean_value();
}
- // Fill exec_script_whitelist.
- const Value* exec_script_whitelist_value =
+ // Fill exec_script_allowlist.
+ const Value* exec_script_allowlist_value =
+ dotfile_scope_.GetValue("exec_script_allowlist", true);
+ if (!exec_script_allowlist_value) {
+ // Check for this value as well, for backwards-compatibility.
+ exec_script_allowlist_value =
dotfile_scope_.GetValue("exec_script_whitelist", true);
- if (exec_script_whitelist_value) {
+ }
+
+ if (exec_script_allowlist_value) {
// Fill the list of targets to check.
- if (!exec_script_whitelist_value->VerifyTypeIs(Value::LIST, err)) {
+ if (!exec_script_allowlist_value->VerifyTypeIs(Value::LIST, err)) {
return false;
}
- std::unique_ptr<SourceFileSet> whitelist =
+ std::unique_ptr<SourceFileSet> allowlist =
std::make_unique<SourceFileSet>();
- for (const auto& item : exec_script_whitelist_value->list_value()) {
+ for (const auto& item : exec_script_allowlist_value->list_value()) {
if (!item.VerifyTypeIs(Value::STRING, err)) {
return false;
}
- whitelist->insert(current_dir.ResolveRelativeFile(item, err));
+ allowlist->insert(current_dir.ResolveRelativeFile(item, err));
if (err->has_error()) {
return false;
}
}
- build_settings_.set_exec_script_whitelist(std::move(whitelist));
+ build_settings_.set_exec_script_allowlist(std::move(allowlist));
}
// Fill optional default_args.
diff --git a/src/gn/variables.cc b/src/gn/variables.cc
index 0831bf5..200de32 100644
--- a/src/gn/variables.cc
+++ b/src/gn/variables.cc
@@ -1894,7 +1894,7 @@
If no public files are declared, other targets (assuming they have visibility
to depend on this target) can include any file in the sources list. If this
variable is defined on a target, dependent targets may only include files on
- this whitelist unless that target is marked as a friend (see "gn help
+ this allowlist unless that target is marked as a friend (see "gn help
friend").
Header file permissions are also subject to visibility. A target must be
