process: disallow adding options to process.allowedNodeEnvironmentFlags

Make no-op direct calls of `Set` prototype methods to
`process.allowedNodeEnvironmentFlags`.

```js
const { add } = Set.prototype;
add.call(process.allowedNodeEnvironmentFlags, '--user-option`);
process.allowedNodeEnvironmentFlags.has('--user-option') === false;
```

Author: aduh95

lib/internal/process/per_thread.js

@@ -6,21 +6,24 @@
 
 const {
   ArrayPrototypeEvery,
+  ArrayPrototypeIncludes,
   ArrayPrototypeMap,
   ArrayPrototypePush,
   ArrayPrototypeSplice,
   BigUint64Array,
   Float64Array,
   NumberMAX_SAFE_INTEGER,
-  ObjectDefineProperty,
   ObjectFreeze,
   ReflectApply,
   RegExpPrototypeTest,
-  SafeSet,
+  SafeArrayIterator,
+  Set,
   StringPrototypeEndsWith,
   StringPrototypeReplace,
   StringPrototypeSlice,
   StringPrototypeStartsWith,
+  Symbol,
+  SymbolIterator,
   Uint32Array,
 } = primordials;
 
@@ -41,6 +44,8 @@ const {
 } = require('internal/validators');
 const constants = internalBinding('constants').os.signals;
 
+const kSet = Symbol('internal set');
+
 function assert(x, msg) {
   if (!x) throw new ERR_ASSERTION(msg || 'assertion error');
 }
@@ -293,18 +298,18 @@ function buildAllowedFlags() {
 
   // Save these for comparison against flags provided to
   // process.allowedNodeEnvironmentFlags.has() which lack leading dashes.
-  const nodeFlags = new SafeSet(ArrayPrototypeMap(allowedNodeEnvironmentFlags,
-                                                  trimLeadingDashes));
-
-  class NodeEnvironmentFlagsSet extends SafeSet {
-    constructor(...args) {
-      super(...args);
-
-      // The super constructor consumes `add`, but
-      // disallow any future adds.
-      ObjectDefineProperty(this, 'add', {
-        value: () => this
-      });
+  const nodeFlags = ArrayPrototypeMap(allowedNodeEnvironmentFlags,
+                                      trimLeadingDashes);
+
+  class NodeEnvironmentFlagsSet extends Set {
+    constructor(iterable) {
+      super();
+      this[kSet] = new Set(new SafeArrayIterator(iterable));
+    }
+
+    add() {
+      // No-op, `Set` API compatible
+      return this;
     }
 
     delete() {
@@ -313,7 +318,7 @@ function buildAllowedFlags() {
     }
 
     clear() {
-      // No-op
+      // No-op, `Set` API compatible
     }
 
     has(key) {
@@ -328,13 +333,32 @@ function buildAllowedFlags() {
         key = StringPrototypeReplace(key, replaceUnderscoresRegex, '-');
         if (RegExpPrototypeTest(leadingDashesRegex, key)) {
           key = StringPrototypeReplace(key, trailingValuesRegex, '');
-          return super.has(key);
+          return this[kSet].has(key);
         }
-        return nodeFlags.has(key);
+        return ArrayPrototypeIncludes(nodeFlags, key);
       }
       return false;
     }
+
+    entries() {
+      return this[kSet].entries();
+    }
+
+    forEach(callback, thisArg = undefined) {
+      this[kSet].forEach((v) => ReflectApply(callback, thisArg, [v, v, this]));
+    }
+
+    get size() {
+      return this[kSet].size;
+    }
+
+    values() {
+      return this[kSet].values();
+    }
   }
+  NodeEnvironmentFlagsSet.prototype.keys =
+  NodeEnvironmentFlagsSet.prototype[SymbolIterator] =
+    NodeEnvironmentFlagsSet.prototype.values;
 
   ObjectFreeze(NodeEnvironmentFlagsSet.prototype.constructor);
   ObjectFreeze(NodeEnvironmentFlagsSet.prototype);

test/parallel/test-process-env-allowed-flags.js

@@ -1,6 +1,6 @@
 'use strict';
 
-require('../common');
+const common = require('../common');
 const assert = require('assert');
 
 // Assert legit flags are allowed, and bogus flags are disallowed
@@ -62,15 +62,41 @@ const assert = require('assert');
                      true);
 
   process.allowedNodeEnvironmentFlags.add('foo');
+  Set.prototype.add.call(process.allowedNodeEnvironmentFlags, 'foo');
   assert.strictEqual(process.allowedNodeEnvironmentFlags.has('foo'), false);
-  process.allowedNodeEnvironmentFlags.forEach((flag) => {
-    assert.strictEqual(flag === 'foo', false);
-  });
 
-  process.allowedNodeEnvironmentFlags.clear();
-  assert.strictEqual(process.allowedNodeEnvironmentFlags.size > 0, true);
+  const thisArg = {};
+  process.allowedNodeEnvironmentFlags.forEach(
+    common.mustCallAtLeast(function(flag, _, set) {
+      assert.notStrictEqual(flag, 'foo');
+      assert.strictEqual(this, thisArg);
+      assert.strictEqual(set, process.allowedNodeEnvironmentFlags);
+    }),
+    thisArg
+  );
+
+  for (const flag of process.allowedNodeEnvironmentFlags.keys()) {
+    assert.notStrictEqual(flag, 'foo');
+  }
+  for (const flag of process.allowedNodeEnvironmentFlags.values()) {
+    assert.notStrictEqual(flag, 'foo');
+  }
+  for (const flag of process.allowedNodeEnvironmentFlags) {
+    assert.notStrictEqual(flag, 'foo');
+  }
+  for (const [flag] of process.allowedNodeEnvironmentFlags.entries()) {
+    assert.notStrictEqual(flag, 'foo');
+  }
 
   const size = process.allowedNodeEnvironmentFlags.size;
+
+  process.allowedNodeEnvironmentFlags.clear();
+  assert.strictEqual(process.allowedNodeEnvironmentFlags.size, size);
+  Set.prototype.clear.call(process.allowedNodeEnvironmentFlags);
+  assert.strictEqual(process.allowedNodeEnvironmentFlags.size, size);
+
   process.allowedNodeEnvironmentFlags.delete('-r');
   assert.strictEqual(process.allowedNodeEnvironmentFlags.size, size);
+  Set.prototype.delete.call(process.allowedNodeEnvironmentFlags, '-r');
+  assert.strictEqual(process.allowedNodeEnvironmentFlags.size, size);
 }