src,lib: stabilize permission model

Move permission model from 1.1 (Active Development) to 2.0 (Stable). PR-URL: https://github.com/nodejs/node/pull/56201 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
2025-08-15 13:48:44 +02:00 · 2024-12-12 09:11:58 -03:00 · 2024-12-12 09:11:58 -03:00 · be04d06488
commit be04d06488
parent 33f0f1656b
53 changed files with 143 additions and 147 deletions
--- a/benchmark/fs/readfile-permission-enabled.js
+++ b/benchmark/fs/readfile-permission-enabled.js
@ -17,7 +17,7 @@ const bench = common.createBenchmark(main, {
  concurrent: [1, 10],
 }, {
  flags: [
-    '--experimental-permission',
+    '--permission',
    '--allow-fs-read=*',
    '--allow-fs-write=*',
    '--allow-child-process',
--- a/benchmark/permission/permission-processhas-fs-read.js
+++ b/benchmark/permission/permission-processhas-fs-read.js
@ -11,7 +11,7 @@ const rootPath = path.resolve(__dirname, '../../..');
 const options = {
  flags: [
-    '--experimental-permission',
+    '--permission',
    `--allow-fs-read=${rootPath}`,
    '--allow-child-process',
    '--no-warnings',
--- a/benchmark/permission/permission-startup.js
+++ b/benchmark/permission/permission-startup.js
@ -48,7 +48,7 @@ function spawnProcess(script, bench, state) {
 function main({ count, script, nFiles, prefixPath }) {
  script = path.resolve(__dirname, '../../', `${script}.js`);
  const optionsWithScript = [
-    '--experimental-permission',
+    '--permission',
    `--allow-fs-read=${script}`,
    ...mockFiles(nFiles, prefixPath).map((file) => '--allow-fs-read=' + file),
    script,
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@ -123,7 +123,7 @@ require('nodejs-addon-example');
 ```
 ```console
-$ node --experimental-permission --allow-fs-read=* index.js
+$ node --permission --allow-fs-read=* index.js
 node:internal/modules/cjs/loader:1319
  return process.dlopen(module, path.toNamespacedPath(filename));
                 ^
@ -165,7 +165,7 @@ childProcess.spawn('node', ['-e', 'require("fs").writeFileSync("/new-file", "exa
 ```
 ```console
-$ node --experimental-permission --allow-fs-read=* index.js
+$ node --permission --allow-fs-read=* index.js
 node:internal/child_process:388
  const err = this._handle.spawn(options);
                           ^
@ -189,12 +189,15 @@ Error: Access to this API has been restricted
 <!-- YAML
 added: v20.0.0
 changes:
  - version: REPLACEME
    pr-url: https://github.com/nodejs/node/pull/56201
    description: Permission Model and --allow-fs flags are stable.
  - version: v20.7.0
    pr-url: https://github.com/nodejs/node/pull/49047
    description: Paths delimited by comma (`,`) are no longer allowed.
 -->
-> Stability: 1.1 - Active development
+> Stability: 2 - Stable.
 This flag configures file system read permissions using
 the [Permission Model][].
@ -210,7 +213,7 @@ Examples can be found in the [File System Permissions][] documentation.
 The initializer module also needs to be allowed. Consider the following example:
 ```console
-$ node --experimental-permission index.js
+$ node --permission index.js
 Error: Access to this API has been restricted
    at node:internal/main/run_main_module:23:47 {
@ -223,7 +226,7 @@ Error: Access to this API has been restricted
 The process needs to have access to the `index.js` module:
 ```bash
-node --experimental-permission --allow-fs-read=/path/to/index.js index.js
+node --permission --allow-fs-read=/path/to/index.js index.js
 ```
 ### `--allow-fs-write`
@ -231,12 +234,15 @@ node --experimental-permission --allow-fs-read=/path/to/index.js index.js
 <!-- YAML
 added: v20.0.0
 changes:
  - version: REPLACEME
    pr-url: https://github.com/nodejs/node/pull/56201
    description: Permission Model and --allow-fs flags are stable.
  - version: v20.7.0
    pr-url: https://github.com/nodejs/node/pull/49047
    description: Paths delimited by comma (`,`) are no longer allowed.
 -->
-> Stability: 1.1 - Active development
+> Stability: 2 - Stable.
 This flag configures file system write permissions using
 the [Permission Model][].
@ -282,7 +288,7 @@ new WASI({
 ```
 ```console
-$ node --experimental-permission --allow-fs-read=* index.js
+$ node --permission --allow-fs-read=* index.js
 Error: Access to this API has been restricted
    at node:internal/main/run_main_module:30:49 {
@ -313,7 +319,7 @@ new Worker(__filename);
 ```
 ```console
-$ node --experimental-permission --allow-fs-read=* index.js
+$ node --permission --allow-fs-read=* index.js
 Error: Access to this API has been restricted
    at node:internal/main/run_main_module:17:47 {
@ -935,24 +941,6 @@ added:
 Enable experimental support for the network inspection with Chrome DevTools.
 ### `--experimental-permission`
 <!-- YAML
 added: v20.0.0
 -->
 > Stability: 1.1 - Active development
 Enable the Permission Model for current process. When enabled, the
 following permissions are restricted:
 * File System - manageable through
  [`--allow-fs-read`][], [`--allow-fs-write`][] flags
 * Child Process - manageable through [`--allow-child-process`][] flag
 * Worker Threads - manageable through [`--allow-worker`][] flag
 * WASI - manageable through [`--allow-wasi`][] flag
 * Addons - manageable through [`--allow-addons`][] flag
 ### `--experimental-print-required-tla`
 <!-- YAML
@ -1783,6 +1771,28 @@ unless either the `--pending-deprecation` command-line flag, or the
 are used to provide a kind of selective "early warning" mechanism that
 developers may leverage to detect deprecated API usage.
 ### `--permission`
 <!-- YAML
 added: v20.0.0
 changes:
  - version: REPLACEME
    pr-url: https://github.com/nodejs/node/pull/56201
    description: Permission Model is now stable.
 -->
 > Stability: 2 - Stable.
 Enable the Permission Model for current process. When enabled, the
 following permissions are restricted:
 * File System - manageable through
  [`--allow-fs-read`][], [`--allow-fs-write`][] flags
 * Child Process - manageable through [`--allow-child-process`][] flag
 * Worker Threads - manageable through [`--allow-worker`][] flag
 * WASI - manageable through [`--allow-wasi`][] flag
 * Addons - manageable through [`--allow-addons`][] flag
 ### `--preserve-symlinks`
 <!-- YAML
@ -3092,6 +3102,7 @@ one is included in the list below.
 * `--openssl-legacy-provider`
 * `--openssl-shared-config`
 * `--pending-deprecation`
 * `--permission`
 * `--preserve-symlinks-main`
 * `--preserve-symlinks`
 * `--prof-process`
--- a/doc/api/permissions.md
+++ b/doc/api/permissions.md
@ -28,25 +28,25 @@ If you find a potential security vulnerability, please refer to our
 <!-- type=misc -->
-> Stability: 1.1 - Active development
+> Stability: 2 - Stable.
 <!-- name=permission-model -->
 The Node.js Permission Model is a mechanism for restricting access to specific
 resources during execution.
-The API exists behind a flag [`--experimental-permission`][] which when enabled,
+The API exists behind a flag [`--permission`][] which when enabled,
 will restrict access to all available permissions.
-The available permissions are documented by the [`--experimental-permission`][]
+The available permissions are documented by the [`--permission`][]
 flag.
-When starting Node.js with `--experimental-permission`,
+When starting Node.js with `--permission`,
 the ability to access the file system through the `fs` module, spawn processes,
 use `node:worker_threads`, use native addons, use WASI, and enable the runtime inspector
 will be restricted.
 ```console
-$ node --experimental-permission index.js
+$ node --permission index.js
 Error: Access to this API has been restricted
    at node:internal/main/run_main_module:23:47 {
@ -64,7 +64,7 @@ flag. For WASI, use the [`--allow-wasi`][] flag.
 #### Runtime API
-When enabling the Permission Model through the [`--experimental-permission`][]
+When enabling the Permission Model through the [`--permission`][]
 flag a new property `permission` is added to the `process` object.
 This property contains one function:
@ -90,10 +90,8 @@ To allow access to the file system, use the [`--allow-fs-read`][] and
 [`--allow-fs-write`][] flags:
 ```console
-$ node --experimental-permission --allow-fs-read=* --allow-fs-write=* index.js
+$ node --permission --allow-fs-read=* --allow-fs-write=* index.js
 Hello world!
 (node:19836) ExperimentalWarning: Permission is an experimental feature
 (Use `node --trace-warnings ...` to show where the warning was created)
 ```
 The valid arguments for both flags are:
@ -167,5 +165,5 @@ There are constraints you need to know before using this system:
 [`--allow-fs-write`]: cli.md#--allow-fs-write
 [`--allow-wasi`]: cli.md#--allow-wasi
 [`--allow-worker`]: cli.md#--allow-worker
-[`--experimental-permission`]: cli.md#--experimental-permission
+[`--permission`]: cli.md#--permission
 [`permission.has()`]: process.md#processpermissionhasscope-reference
--- a/doc/api/process.md
+++ b/doc/api/process.md
@ -3107,7 +3107,7 @@ added: v20.0.0
 * {Object}
-This API is available through the [`--experimental-permission`][] flag.
+This API is available through the [`--permission`][] flag.
 `process.permission` is an object whose methods are used to manage permissions
 for the current process. Additional documentation is available in the
@ -4444,8 +4444,8 @@ cases:
 [`'exit'`]: #event-exit
 [`'message'`]: child_process.md#event-message
 [`'uncaughtException'`]: #event-uncaughtexception
 [`--experimental-permission`]: cli.md#--experimental-permission
 [`--no-deprecation`]: cli.md#--no-deprecation
 [`--permission`]: cli.md#--permission
 [`--unhandled-rejections`]: cli.md#--unhandled-rejectionsmode
 [`Buffer`]: buffer.md
 [`ChildProcess.disconnect()`]: child_process.md#subprocessdisconnect
--- a/doc/node.1
+++ b/doc/node.1
@ -171,8 +171,8 @@ Specify the
 .Ar module
 to use as a custom module loader.
 .
-.It Fl -experimental-permission
+.It Fl -permission
-Enable the experimental permission model.
+Enable the permission model.
 .
 .It Fl -experimental-shadow-realm
 Use this flag to enable ShadowRealm support.
--- a/lib/internal/process/permission.js
+++ b/lib/internal/process/permission.js
@ -9,16 +9,16 @@ const { validateString, validateBuffer } = require('internal/validators');
 const { Buffer } = require('buffer');
 const { isBuffer } = Buffer;
-let experimentalPermission;
+let _permission;
 module.exports = ObjectFreeze({
  __proto__: null,
  isEnabled() {
-    if (experimentalPermission === undefined) {
+    if (_permission === undefined) {
      const { getOptionValue } = require('internal/options');
-      experimentalPermission = getOptionValue('--experimental-permission');
+      _permission = getOptionValue('--permission');
    }
-    return experimentalPermission;
+    return _permission;
  },
  has(scope, reference) {
    validateString(scope, 'scope');
--- a/lib/internal/process/pre_execution.js
+++ b/lib/internal/process/pre_execution.js
@ -520,14 +520,13 @@ function initializeClusterIPC() {
 }
 function initializePermission() {
-  const experimentalPermission = getOptionValue('--experimental-permission');
+  const permission = getOptionValue('--permission');
-  if (experimentalPermission) {
+  if (permission) {
    process.binding = function binding(_module) {
      throw new ERR_ACCESS_DENIED('process.binding');
    };
    // Guarantee path module isn't monkey-patched to bypass permission model
    ObjectFreeze(require('path'));
    emitExperimentalWarning('Permission');
    const { has } = require('internal/process/permission');
    const warnFlags = [
      '--allow-addons',
@ -579,7 +578,7 @@ function initializePermission() {
    ArrayPrototypeForEach(availablePermissionFlags, (flag) => {
      const value = getOptionValue(flag);
      if (value.length) {
-        throw new ERR_MISSING_OPTION('--experimental-permission');
+        throw new ERR_MISSING_OPTION('--permission');
      }
    });
  }
--- a/src/env.cc
+++ b/src/env.cc
@ -920,7 +920,7 @@ Environment::Environment(IsolateData* isolate_data,
                                      std::move(traced_value));
  }
-  if (options_->experimental_permission) {
+  if (options_->permission) {
    permission()->EnablePermissions();
    // The process shouldn't be able to neither
    // spawn/worker nor use addons or enable inspector
--- a/src/node_options.cc
+++ b/src/node_options.cc
@ -456,11 +456,12 @@ EnvironmentOptionsParser::EnvironmentOptionsParser() {
            "experimental ES Module import.meta.resolve() parentURL support",
            &EnvironmentOptions::experimental_import_meta_resolve,
            kAllowedInEnvvar);
-  AddOption("--experimental-permission",
+  AddOption("--permission",
            "enable the permission system",
-            &EnvironmentOptions::experimental_permission,
+            &EnvironmentOptions::permission,
            kAllowedInEnvvar,
            false);
  AddAlias("--experimental-permission", "--permission");
  AddOption("--allow-fs-read",
            "allow permissions to read the filesystem",
            &EnvironmentOptions::allow_fs_read,
--- a/src/node_options.h
+++ b/src/node_options.h
@ -132,7 +132,7 @@ class EnvironmentOptions : public Options {
  bool experimental_import_meta_resolve = false;
  std::string input_type;  // Value of --input-type
  bool entry_is_url = false;
-  bool experimental_permission = false;
+  bool permission = false;
  std::vector<std::string> allow_fs_read;
  std::vector<std::string> allow_fs_write;
  bool allow_addons = false;
--- a/test/addons/no-addons/permission.js
+++ b/test/addons/no-addons/permission.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
--- a/test/es-module/test-cjs-legacyMainResolve-permission.js
+++ b/test/es-module/test-cjs-legacyMainResolve-permission.js
@ -1,6 +1,6 @@
 'use strict';
-// Flags: --expose-internals --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --expose-internals --permission --allow-fs-read=* --allow-child-process
 require('../common');
@ -40,7 +40,7 @@ describe('legacyMainResolve', () => {
        process.execPath,
        [
          '--expose-internals',
-          '--experimental-permission',
+          '--permission',
          ...allowReadFiles,
          '-e',
          `
@ -98,7 +98,7 @@ describe('legacyMainResolve', () => {
        process.execPath,
        [
          '--expose-internals',
-          '--experimental-permission',
+          '--permission',
          ...allowReadFiles,
          '-e',
          `
--- a/test/es-module/test-esm-loader-hooks.mjs
+++ b/test/es-module/test-esm-loader-hooks.mjs
@ -182,7 +182,7 @@ describe('Loader hooks', { concurrency: !process.env.TEST_PARALLEL }, () => {
  it('should work without worker permission', async () => {
    const { code, signal, stdout, stderr } = await spawnPromisified(execPath, [
      '--no-warnings',
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read',
      '*',
      '--experimental-loader',
@ -199,7 +199,7 @@ describe('Loader hooks', { concurrency: !process.env.TEST_PARALLEL }, () => {
  it('should allow loader hooks to spawn workers when allowed by the CLI flags', async () => {
    const { code, signal, stdout, stderr } = await spawnPromisified(execPath, [
      '--no-warnings',
-      '--experimental-permission',
+      '--permission',
      '--allow-worker',
      '--allow-fs-read',
      '*',
@ -217,7 +217,7 @@ describe('Loader hooks', { concurrency: !process.env.TEST_PARALLEL }, () => {
  it('should not allow loader hooks to spawn workers if restricted by the CLI flags', async () => {
    const { code, signal, stdout, stderr } = await spawnPromisified(execPath, [
      '--no-warnings',
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read',
      '*',
      '--experimental-loader',
--- a/test/fixtures/dotenv/node-options.env
+++ b/test/fixtures/dotenv/node-options.env
@ -1,6 +1,6 @@
 CUSTOM_VARIABLE=hello-world
 NODE_NO_WARNINGS=1
-NODE_OPTIONS="--experimental-permission --allow-fs-read=*"
+NODE_OPTIONS="--permission --allow-fs-read=*"
 TZ=Pacific/Honolulu
 UV_THREADPOOL_SIZE=5
 BASIC=overridden
--- a/test/parallel/test-cli-bad-options.js
+++ b/test/parallel/test-cli-bad-options.js
@ -14,8 +14,8 @@ if (process.features.inspector) {
 }
 requiresArgument('--eval');
-missingOption('--allow-fs-read=*', '--experimental-permission');
+missingOption('--allow-fs-read=*', '--permission');
-missingOption('--allow-fs-write=*', '--experimental-permission');
+missingOption('--allow-fs-write=*', '--permission');
 function missingOption(option, requiredOption) {
  const r = spawnSync(process.execPath, [option], { encoding: 'utf8' });
--- a/test/parallel/test-cli-permission-deny-fs.js
+++ b/test/parallel/test-cli-permission-deny-fs.js
@ -12,7 +12,7 @@ const path = require('path');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission', '-e',
+      '--permission', '-e',
      `console.log(process.permission.has("fs"));
       console.log(process.permission.has("fs.read"));
       console.log(process.permission.has("fs.write"));`,
@ -31,7 +31,7 @@ const path = require('path');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-write', tmpPath, '-e',
      `console.log(process.permission.has("fs"));
      console.log(process.permission.has("fs.read"));
@ -51,7 +51,7 @@ const path = require('path');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-write', '*', '-e',
      `console.log(process.permission.has("fs"));
       console.log(process.permission.has("fs.read"));
@ -70,7 +70,7 @@ const path = require('path');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read', '*', '-e',
      `console.log(process.permission.has("fs"));
       console.log(process.permission.has("fs.read"));
@ -89,7 +89,7 @@ const path = require('path');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-write=*', '-p',
      'fs.readFileSync(process.execPath)',
    ]
@ -104,7 +104,7 @@ const path = require('path');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '-p',
      'fs.readFileSync(process.execPath)',
    ]
@ -119,7 +119,7 @@ const path = require('path');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read=*', '-p',
      'fs.writeFileSync("policy-deny-example.md", "# test")',
    ]
@ -145,7 +145,7 @@ const path = require('path');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${firstPath}`,
      file,
    ]
--- a/test/parallel/test-cli-permission-multiple-allow.js
+++ b/test/parallel/test-cli-permission-multiple-allow.js
@ -12,7 +12,7 @@ const path = require('path');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-write', tmpPath, '--allow-fs-write', otherPath, '-e',
      `console.log(process.permission.has("fs"));
      console.log(process.permission.has("fs.read"));
@ -36,7 +36,7 @@ const path = require('path');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-write',
      tmpPath,
      '--allow-fs-write',
@ -63,7 +63,7 @@ const path = require('path');
  const { status, stdout, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read=*',
      `--allow-fs-write=${filePath}`,
      '-e',
--- a/test/parallel/test-compile-cache-api-permission.js
+++ b/test/parallel/test-compile-cache-api-permission.js
@ -26,7 +26,7 @@ const fs = require('fs');
  spawnSyncAndAssert(
    process.execPath,
    [
-      '--experimental-permission', `--allow-fs-read=${scriptDir}`, `--allow-fs-write=${scriptDir}`,
+      '--permission', `--allow-fs-read=${scriptDir}`, `--allow-fs-write=${scriptDir}`,
      '-r', wrapper, empty,
    ],
    {
--- a/test/parallel/test-compile-cache-permission-allowed.js
+++ b/test/parallel/test-compile-cache-permission-allowed.js
@ -23,7 +23,7 @@ function testAllowed(readDir, writeDir, envDir) {
  spawnSyncAndAssert(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${dummyDir}`,
      `--allow-fs-read=${readDir}`,
      `--allow-fs-write=${writeDir}`,
@ -47,7 +47,7 @@ function testAllowed(readDir, writeDir, envDir) {
  spawnSyncAndAssert(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${dummyDir}`,
      `--allow-fs-read=${readDir}`,
      `--allow-fs-write=${writeDir}`,
--- a/test/parallel/test-compile-cache-permission-disallowed.js
+++ b/test/parallel/test-compile-cache-permission-disallowed.js
@ -24,7 +24,7 @@ function testDisallowed(dummyDir, cacheDirInPermission, cacheDirInEnv) {
  spawnSyncAndAssert(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${dummyDir}`,  // No read or write permission for cache dir.
      `--allow-fs-write=${dummyDir}`,
      script,
@ -47,7 +47,7 @@ function testDisallowed(dummyDir, cacheDirInPermission, cacheDirInEnv) {
  spawnSyncAndAssert(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${dummyDir}`,
      `--allow-fs-read=${cacheDirInPermission}`,  // Read-only
      `--allow-fs-write=${dummyDir}`,
@ -71,7 +71,7 @@ function testDisallowed(dummyDir, cacheDirInPermission, cacheDirInEnv) {
  spawnSyncAndAssert(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${dummyDir}`,
      `--allow-fs-write=${cacheDirInPermission}`,  // Write-only
      script,
--- a/test/parallel/test-permission-allow-addons-cli.js
+++ b/test/parallel/test-permission-allow-addons-cli.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-addons --allow-fs-read=*
+// Flags: --permission --allow-addons --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-allow-child-process-cli.js
+++ b/test/parallel/test-permission-allow-child-process-cli.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-child-process --allow-fs-read=*
+// Flags: --permission --allow-child-process --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-allow-wasi-cli.js
+++ b/test/parallel/test-permission-allow-wasi-cli.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-wasi --allow-fs-read=*
+// Flags: --permission --allow-wasi --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-allow-worker-cli.js
+++ b/test/parallel/test-permission-allow-worker-cli.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-worker --allow-fs-read=*
+// Flags: --permission --allow-worker --allow-fs-read=*
 'use strict';
 require('../common');
--- a/test/parallel/test-permission-child-process-cli.js
+++ b/test/parallel/test-permission-child-process-cli.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-experimental.js
+++ b/test/parallel/test-permission-experimental.js
@ -1,13 +0,0 @@
 // Flags: --experimental-permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
 common.skipIfWorker();
 const assert = require('assert');
 // This test ensures that the experimental message is emitted
 // when using permission system
 process.on('warning', common.mustCall((warning) => {
  assert.match(warning.message, /Permission is an experimental feature/);
 }, 1));
--- a/test/parallel/test-permission-fs-absolute-path.js
+++ b/test/parallel/test-permission-fs-absolute-path.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -13,7 +13,7 @@ const { spawnSync } = require('child_process');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read', '*',
      '--allow-fs-write', path.resolve('../fixtures/permission/deny/regular-file.md'),
      '-e',
--- a/test/parallel/test-permission-fs-internal-module-stat.js
+++ b/test/parallel/test-permission-fs-internal-module-stat.js
@ -1,4 +1,4 @@
-// Flags: --expose-internals --experimental-permission --allow-fs-read=test/common* --allow-fs-read=tools* --allow-fs-read=test/parallel* --allow-child-process
+// Flags: --expose-internals --permission --allow-fs-read=test/common* --allow-fs-read=tools* --allow-fs-read=test/parallel* --allow-child-process
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-fs-read.js
+++ b/test/parallel/test-permission-fs-read.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -28,7 +28,7 @@ const commonPath = path.join(__filename, '../../common');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission', `--allow-fs-read=${file}`, `--allow-fs-read=${commonPathWildcard}`, file,
+      '--permission', `--allow-fs-read=${file}`, `--allow-fs-read=${commonPathWildcard}`, file,
    ],
    {
      env: {
--- a/test/parallel/test-permission-fs-relative-path.js
+++ b/test/parallel/test-permission-fs-relative-path.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -12,7 +12,7 @@ const { spawnSync } = require('child_process');
  const { status, stdout } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read', '*',
      '--allow-fs-write', '../fixtures/permission/deny/regular-file.md',
      '-e',
--- a/test/parallel/test-permission-fs-require.js
+++ b/test/parallel/test-permission-fs-require.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -14,7 +14,7 @@ const { spawnSync } = require('node:child_process');
  const { status, stdout, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read', mainModule,
      '--allow-fs-read', requiredModule,
      mainModule,
@ -31,7 +31,7 @@ const { spawnSync } = require('node:child_process');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read', mainModule,
      mainModule,
    ]
@ -48,7 +48,7 @@ const { spawnSync } = require('node:child_process');
  const { status, stdout, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read', mainModule,
      '--allow-fs-read', requiredModule,
      mainModule,
@ -65,7 +65,7 @@ const { spawnSync } = require('node:child_process');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read', mainModule,
      mainModule,
    ]
--- a/test/parallel/test-permission-fs-symlink-relative.js
+++ b/test/parallel/test-permission-fs-symlink-relative.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-fs-write=*
+// Flags: --permission --allow-fs-read=* --allow-fs-write=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-fs-symlink-target-write.js
+++ b/test/parallel/test-permission-fs-symlink-target-write.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -35,7 +35,7 @@ fs.writeFileSync(path.join(readWriteFolder, 'file'), 'NO evil file contents');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${file}`, `--allow-fs-read=${commonPathWildcard}`, `--allow-fs-read=${readOnlyFolder}`, `--allow-fs-read=${readWriteFolder}`,
      `--allow-fs-write=${readWriteFolder}`, `--allow-fs-write=${writeOnlyFolder}`,
      file,
--- a/test/parallel/test-permission-fs-symlink.js
+++ b/test/parallel/test-permission-fs-symlink.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -36,7 +36,7 @@ const symlinkFromBlockedFile = tmpdir.resolve('example-symlink.md');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${file}`, `--allow-fs-read=${commonPathWildcard}`, `--allow-fs-read=${symlinkFromBlockedFile}`,
      `--allow-fs-write=${symlinkFromBlockedFile}`,
      file,
--- a/test/parallel/test-permission-fs-traversal-path.js
+++ b/test/parallel/test-permission-fs-traversal-path.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-fs-write=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -30,7 +30,7 @@ const commonPathWildcard = path.join(__filename, '../../common*');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${file}`, `--allow-fs-read=${commonPathWildcard}`, `--allow-fs-read=${allowedFolder}`,
      `--allow-fs-write=${allowedFolder}`,
      file,
--- a/test/parallel/test-permission-fs-wildcard.js
+++ b/test/parallel/test-permission-fs-wildcard.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -31,7 +31,7 @@ if (common.isWindows) {
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      ...allowList.flatMap((path) => ['--allow-fs-read', path]),
      '-e',
      `
@ -66,7 +66,7 @@ if (common.isWindows) {
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      ...allowList.flatMap((path) => ['--allow-fs-read', path]),
      '-e',
      `
@ -91,7 +91,7 @@ if (common.isWindows) {
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      `--allow-fs-read=${file}`, `--allow-fs-read=${commonPathWildcard}`, ...allowList.flatMap((path) => ['--allow-fs-read', path]),
      file,
    ],
@ -104,7 +104,7 @@ if (common.isWindows) {
    const { status, stderr } = spawnSync(
      process.execPath,
      [
-        '--experimental-permission',
+        '--permission',
        '--allow-fs-read=/a/b/*',
        '--allow-fs-read=/a/b/d',
        '--allow-fs-read=/etc/passwd.*',
--- a/test/parallel/test-permission-fs-windows-path.js
+++ b/test/parallel/test-permission-fs-windows-path.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -13,7 +13,7 @@ if (!common.isWindows) {
 {
  const { stdout, status } = spawnSync(process.execPath, [
-    '--experimental-permission', '--allow-fs-write', 'C:\\\\', '-e',
+    '--permission', '--allow-fs-write', 'C:\\\\', '-e',
    'console.log(process.permission.has("fs.write", "C:\\\\"))',
  ]);
  assert.strictEqual(stdout.toString(), 'true\n');
@ -22,7 +22,7 @@ if (!common.isWindows) {
 {
  const { stdout, status, stderr } = spawnSync(process.execPath, [
-    '--experimental-permission', '--allow-fs-write="\\\\?\\C:\\"', '-e',
+    '--permission', '--allow-fs-write="\\\\?\\C:\\"', '-e',
    'console.log(process.permission.has("fs.write", "C:\\\\"))',
  ]);
  assert.strictEqual(stdout.toString(), 'false\n', stderr.toString());
@ -31,7 +31,7 @@ if (!common.isWindows) {
 {
  const { stdout, status, stderr } = spawnSync(process.execPath, [
-    '--experimental-permission', '--allow-fs-write', 'C:\\', '-e',
+    '--permission', '--allow-fs-write', 'C:\\', '-e',
    `const path = require('path');
     console.log(process.permission.has('fs.write', path.toNamespacedPath('C:\\\\')))`,
  ]);
@ -41,7 +41,7 @@ if (!common.isWindows) {
 {
  const { stdout, status, stderr } = spawnSync(process.execPath, [
-    '--experimental-permission', '--allow-fs-write', 'C:\\*', '-e',
+    '--permission', '--allow-fs-write', 'C:\\*', '-e',
    "console.log(process.permission.has('fs.write', '\\\\\\\\A\\\\C:\\Users'))",
  ]);
  assert.strictEqual(stdout.toString(), 'false\n', stderr.toString());
--- a/test/parallel/test-permission-fs-write-report.js
+++ b/test/parallel/test-permission-fs-write-report.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-fs-write-v8.js
+++ b/test/parallel/test-permission-fs-write-v8.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-fs-write.js
+++ b/test/parallel/test-permission-fs-write.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -24,7 +24,7 @@ const file = fixtures.path('permission', 'fs-write.js');
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read=*',
      `--allow-fs-write=${regularFile}`, `--allow-fs-write=${commonPath}`,
      file,
--- a/test/parallel/test-permission-has.js
+++ b/test/parallel/test-permission-has.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-inspector-brk.js
+++ b/test/parallel/test-permission-inspector-brk.js
@ -14,7 +14,7 @@ common.skipIfInspectorDisabled();
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--allow-fs-read=*',
      '--inspect-brk',
      file,
@ -29,7 +29,7 @@ common.skipIfInspectorDisabled();
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '--inspect-brk',
      '--eval',
      'console.log("Hi!")',
--- a/test/parallel/test-permission-inspector.js
+++ b/test/parallel/test-permission-inspector.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+// Flags: --permission --allow-fs-read=* --allow-child-process
 'use strict';
 const common = require('../common');
@ -26,7 +26,7 @@ if (!common.hasCrypto)
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission',
+      '--permission',
      '-e',
      '(new (require("inspector")).Session()).connect()',
    ],
--- a/test/parallel/test-permission-no-addons.js
+++ b/test/parallel/test-permission-no-addons.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-processbinding.js
+++ b/test/parallel/test-permission-processbinding.js
@ -13,13 +13,13 @@ const fixtures = require('../common/fixtures');
 const file = fixtures.path('permission', 'processbinding.js');
 // Due to linting rules-utils.js:isBinding check, process.binding() should
-// not be called when --experimental-permission is enabled.
+// not be called when --permission is enabled.
 // Always spawn a child process
 {
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission', '--allow-fs-read=*', file,
+      '--permission', '--allow-fs-read=*', file,
    ],
  );
  assert.strictEqual(status, 0, stderr.toString());
--- a/test/parallel/test-permission-warning-flags.js
+++ b/test/parallel/test-permission-warning-flags.js
@ -15,7 +15,7 @@ for (const flag of warnFlags) {
  const { status, stderr } = spawnSync(
    process.execPath,
    [
-      '--experimental-permission', flag, '-e',
+      '--permission', flag, '-e',
      'setTimeout(() => {}, 1)',
    ]
  );
--- a/test/parallel/test-permission-wasi.js
+++ b/test/parallel/test-permission-wasi.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-permission-worker-threads-cli.js
+++ b/test/parallel/test-permission-worker-threads-cli.js
@ -1,4 +1,4 @@
-// Flags: --experimental-permission --allow-fs-read=*
+// Flags: --permission --allow-fs-read=*
 'use strict';
 const common = require('../common');
--- a/test/parallel/test-process-load-env-file.js
+++ b/test/parallel/test-process-load-env-file.js
@ -78,7 +78,7 @@ describe('process.loadEnvFile()', () => {
    `.trim();
    const child = await common.spawnPromisified(
      process.execPath,
-      [ '--eval', code, '--experimental-permission' ],
+      [ '--eval', code, '--permission' ],
      { cwd: __dirname },
    );
    assert.match(child.stderr, /Error: Access to this API has been restricted/);
--- a/test/parallel/test-repl-permission-model.js
+++ b/test/parallel/test-repl-permission-model.js
@ -1,6 +1,6 @@
 'use strict';
-// Flags: --expose-internals --experimental-permission --allow-fs-read=*
+// Flags: --expose-internals --permission --allow-fs-read=*
 const common = require('../common');
 const stream = require('stream');
--- a/tools/run-worker.js
+++ b/tools/run-worker.js
@ -7,7 +7,7 @@ if (typeof require === 'undefined') {
 const path = require('path');
 const { Worker } = require('worker_threads');
-// When --experimental-permission is enabled, the process
+// When --permission is enabled, the process
 // aren't able to spawn any worker unless --allow-worker is passed.
 // Therefore, we skip the permission tests for custom-suites-freestyle
 if (process.permission && !process.permission.has('worker')) {
`@ -1,4 +1,4 @@`
	`// Flags: --experimental-permission --allow-fs-read=*`	`// Flags: --permission --allow-fs-read=*`

	`'use strict';`	`'use strict';`