starred/pkl
1
0
Fork 0
mirror of https://github.com/apple/pkl.git synced 2026-01-13 15:13:38 +01:00
Code Issues 198 Packages Projects Releases 10 Wiki Activity

[Question/Issue?] Unable to read package: resource when it's included in allowed resources #248

New Issue
Closed
opened 2025-12-30 01:22:40 +01:00 by adam · 4 comments
adam commented 2025-12-30 01:22:40 +01:00
Owner
Copy Link

Originally created by @z-jxy on GitHub (Nov 13, 2024).

Version: Pkl 0.27.0 (macOS 14.3.1, native)

I maintain a binding and was requested to support for the default allowed resources from the cli (env:,prop:,package:,projectpackage:), but ran into issues with reading packages.

.pkl:

package = read("package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0#/toml.pkl")

Evaluating this using the cli works, but when trying to evaluate it through my binding it says the resource isn't in the allowlist

–– Pkl Error ––
Refusing to read resource `https://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0` because it does not match any entry in the resource allowlist (`--allowed-resources`).

4 | package = read(\"package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0#/toml.pkl\")
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

allowlist:

allowed_modules: vec![
    "pkl:".into(),
    "repl:".into(),
    "file:".into(),
    "https:".into(),
    "package:".into(),
],
allowed_resources: vec![
    "env:".into(),
    "prop:".into(),
    "package:".into(),
    "projectpackage:".into(),
],

I was able to get this working by adding https: to the allowed resources, but not sure why this happens if the cli's default allowed resources doesn't include it and can read it without issues.

Also, in the docs, allowed resources are described as "Comma-separated list of URI patterns that determine which external resources can be read." My impression was that this was only for the read function, or does this extend to other places as well? I ask because the examples I've seen for including packages is through import, so I was wondering what the use case is for the example I'm trying? Not sure if it's intended to be used a different way

Originally created by @z-jxy on GitHub (Nov 13, 2024). Version: `Pkl 0.27.0 (macOS 14.3.1, native)` I maintain a binding and was requested to support for the [default allowed resources](https://pkl-lang.org/main/current/pkl-cli/index.html#common-options) from the cli (`env:,prop:,package:,projectpackage:`), but ran into issues with reading packages. .pkl: ```pkl package = read("package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0#/toml.pkl") ``` Evaluating this using the cli works, but when trying to evaluate it through my binding it says the resource isn't in the allowlist ``` –– Pkl Error –– Refusing to read resource `https://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0` because it does not match any entry in the resource allowlist (`--allowed-resources`). 4 | package = read(\"package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0#/toml.pkl\") ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ``` allowlist: ```rust allowed_modules: vec![ "pkl:".into(), "repl:".into(), "file:".into(), "https:".into(), "package:".into(), ], allowed_resources: vec![ "env:".into(), "prop:".into(), "package:".into(), "projectpackage:".into(), ], ``` I was able to get this working by adding `https:` to the allowed resources, but not sure why this happens if the cli's default allowed resources doesn't include it and can read it without issues. Also, in the docs, allowed resources are described as "Comma-separated list of URI patterns that determine which external resources can be read." My impression was that this was only for the `read` function, or does this extend to other places as well? I ask because the examples I've seen for including packages is through import, so I was wondering what the use case is for the example I'm trying? Not sure if it's intended to be used a different way
adam closed this issue 2025-12-30 01:22:41 +01:00
adam commented 2025-12-30 01:22:43 +01:00
Author
Owner
Copy Link

@bioball commented on GitHub (Nov 13, 2024):

When Pkl evals a package, it will make some HTTPS requests. When it makes these HTTPS requests, it treats them as resource reads.

BTW: it doesn't do this if the package is already cached.

$ pkl download-package package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0
$ pkl eval -x 'read("package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0#/toml.pkl").text.length' --allowed-resources package:,prop: pkl:base
@bioball commented on GitHub (Nov 13, 2024): When Pkl evals a package, it will make some HTTPS requests. When it makes these HTTPS requests, it treats them as resource reads. BTW: it doesn't do this if the package is already cached. ``` $ pkl download-package package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0 $ pkl eval -x 'read("package://pkg.pkl-lang.org/pkl-pantry/pkl.toml@1.0.0#/toml.pkl").text.length' --allowed-resources package:,prop: pkl:base ```
adam commented 2025-12-30 01:22:43 +01:00
Author
Owner
Copy Link

@z-jxy commented on GitHub (Nov 13, 2024):

So https: is implicitly required in the allowed resources if the package isn't cached? I'm able to read the package with only package: allowed using the cli and I don't think it's cached

@z-jxy commented on GitHub (Nov 13, 2024): So `https:` is implicitly required in the allowed resources if the package isn't cached? I'm able to read the package with only `package:` allowed using the cli and I don't think it's cached
adam commented 2025-12-30 01:22:44 +01:00
Author
Owner
Copy Link

@bioball commented on GitHub (Nov 13, 2024):

These patterns are simply regexes; you can, for example, set the allowed resource pattern as: --allowed-resources https://pkl-lang\\.org,package://pkl-lang\\.org,prop:, and this will only allow imports from pkl-lang.org.

But, yes, this is an unfortunate coupling; there's currently no easy way to say: "I want to allow packages to be eval'd, but not direct HTTPS imports/reads".

@bioball commented on GitHub (Nov 13, 2024): These patterns are simply regexes; you can, for example, set the allowed resource pattern as: `--allowed-resources https://pkl-lang\\.org,package://pkl-lang\\.org,prop:`, and this will only allow imports from `pkl-lang.org`. But, yes, this is an unfortunate coupling; there's currently no easy way to say: "I want to allow packages to be eval'd, but not direct HTTPS imports/reads".
adam commented 2025-12-30 01:22:44 +01:00
Author
Owner
Copy Link

@z-jxy commented on GitHub (Nov 13, 2024):

Makes sense, that clears up my confusion. Thanks!

@z-jxy commented on GitHub (Nov 13, 2024): Makes sense, that clears up my confusion. Thanks!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
duplicate
enhancement
good first issue
help wanted
pull-request
Mirrored from GitHub Pull Request
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pkl#248
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?