Deno•14mo ago

`deno run` that never writes to `DENO_DIR` or `deno.lock`?

I am working on an application that embeds a

deno

deno

1.46.3 binary and uses it to

deno run

deno run

some app plugins.
The plugins are folders that are included in our app bundle, which contain deno configuration and

.ts

.ts

files.
Because we need to sign our app bundle, and some plugins are bundled within the app bundle, we run into the issue where the signature will be invalidated due to

deno run --cached-only

deno run --cached-only

being able to modify

deno.lock

deno.lock

and any already-cached

deno-deps

deno-deps

.

We don't want to use

--frozen

--frozen

, because this would return an error instead of an invalid signature. We don't want to

compile

compile

because having many copies of deno would make our app much larger in size.

It seems like some combination of

--cached-only

--cached-only

--no-remote

--no-remote

or maybe

--vendor

--vendor

could help us out, but we haven't had luck yet. Another approach we may explore is using the OS filesystem to mark our bundled plugin folders as readonly.

No replies yetBe the first to reply to this messageJoin

`deno run` that never writes to `DENO_DIR` or `deno.lock`?

Similar Threads

Similar Threads

Similar Threads