src,lib: stabilize permission model · nodejs/node@57bb983

```

```console

$ node --experimental-permission --allow-fs-read=* index.js

$ node --permission --allow-fs-read=* index.js

node:internal/modules/cjs/loader:1319

return process.dlopen(module, path.toNamespacedPath(filename));

^

```

```console

$ node --experimental-permission --allow-fs-read=* index.js

$ node --permission --allow-fs-read=* index.js

node:internal/child_process:388

const err = this._handle.spawn(options);

^

<!-- YAML

added: v20.0.0

changes:

- version: REPLACEME

pr-url: https://github.com/nodejs/node/pull/56201

description: Permission Model and --allow-fs flags are stable.

- version: v20.7.0

pr-url: https://github.com/nodejs/node/pull/49047

description: Paths delimited by comma (`,`) are no longer allowed.

-->

> Stability: 1.1 - Active development

> Stability: 2 - Stable.

This flag configures file system read permissions using

the [Permission Model][].

The initializer module also needs to be allowed. Consider the following example:

```console

$ node --experimental-permission index.js

$ node --permission index.js

Error: Access to this API has been restricted

at node:internal/main/run_main_module:23:47 {

The process needs to have access to the `index.js` module:

```bash

node --experimental-permission --allow-fs-read=/path/to/index.js index.js

node --permission --allow-fs-read=/path/to/index.js index.js

```

### `--allow-fs-write`

<!-- YAML

added: v20.0.0

changes:

- version: REPLACEME

pr-url: https://github.com/nodejs/node/pull/56201

description: Permission Model and --allow-fs flags are stable.

- version: v20.7.0

pr-url: https://github.com/nodejs/node/pull/49047

description: Paths delimited by comma (`,`) are no longer allowed.

-->

> Stability: 1.1 - Active development

> Stability: 2 - Stable.

This flag configures file system write permissions using

the [Permission Model][].

```

```console

$ node --experimental-permission --allow-fs-read=* index.js

$ node --permission --allow-fs-read=* index.js

Error: Access to this API has been restricted

at node:internal/main/run_main_module:30:49 {

```

```console

$ node --experimental-permission --allow-fs-read=* index.js

$ node --permission --allow-fs-read=* index.js

Error: Access to this API has been restricted

at node:internal/main/run_main_module:17:47 {

Enable experimental support for the network inspection with Chrome DevTools.

### `--experimental-permission`

<!-- YAML

added: v20.0.0

-->

> Stability: 1.1 - Active development

Enable the Permission Model for current process. When enabled, the

following permissions are restricted:

* File System - manageable through

[`--allow-fs-read`][], [`--allow-fs-write`][] flags

* Child Process - manageable through [`--allow-child-process`][] flag

* Worker Threads - manageable through [`--allow-worker`][] flag

* WASI - manageable through [`--allow-wasi`][] flag

* Addons - manageable through [`--allow-addons`][] flag

### `--experimental-print-required-tla`

<!-- YAML

are used to provide a kind of selective "early warning" mechanism that

developers may leverage to detect deprecated API usage.

### `--permission`

<!-- YAML

added: v20.0.0

changes:

- version: REPLACEME

pr-url: https://github.com/nodejs/node/pull/56201

description: Permission Model is now stable.

-->

> Stability: 2 - Stable.

Enable the Permission Model for current process. When enabled, the

following permissions are restricted:

* File System - manageable through

[`--allow-fs-read`][], [`--allow-fs-write`][] flags

* Child Process - manageable through [`--allow-child-process`][] flag

* Worker Threads - manageable through [`--allow-worker`][] flag

* WASI - manageable through [`--allow-wasi`][] flag

* Addons - manageable through [`--allow-addons`][] flag

### `--preserve-symlinks`

<!-- YAML

* `--openssl-legacy-provider`

* `--openssl-shared-config`

* `--pending-deprecation`

* `--permission`

* `--preserve-symlinks-main`

* `--preserve-symlinks`

* `--prof-process`