I'm posting this to validate whether it's a desired change before I contribute it. @RafaelGSS
What is the problem this feature will solve?
While working on tooling to surface permissions for specific usecases I noticed the low hanging fruit of DX improvement for permissions as applied to running builds and tests more securely would be to refer to CWD in the policy config. (In my particular case I started inventing a simplified method for defining policies to translate into actual policies)
What is the feature you are proposing to solve the problem?
I'm proposing adding 3 new flags
--allow-cwd-read, --allow-cwd-write ``--allow-cwdand implementing them as a translation to--allow-fs*=process.cwd()` at the start of the program.
What alternatives have you considered?
I could create a mapping from a more approachable policy to the existing flags.
I'm posting this to validate whether it's a desired change before I contribute it. @RafaelGSS
What is the problem this feature will solve?
While working on tooling to surface permissions for specific usecases I noticed the low hanging fruit of DX improvement for permissions as applied to running builds and tests more securely would be to refer to CWD in the policy config. (In my particular case I started inventing a simplified method for defining policies to translate into actual policies)
What is the feature you are proposing to solve the problem?
I'm proposing adding 3 new flags
--allow-cwd-read,--allow-cwd-write``--allow-cwdand implementing them as a translation to--allow-fs*=process.cwd()` at the start of the program.What alternatives have you considered?
I could create a mapping from a more approachable policy to the existing flags.