@ccheever/exact-ibex-runtime 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (161) hide show
  1. package/package.json +63 -0
  2. package/src/abort/AbortController.ts +23 -0
  3. package/src/abort/AbortSignal.ts +152 -0
  4. package/src/abort/index.ts +2 -0
  5. package/src/accessibility.ts +12 -0
  6. package/src/arraybuffer-detach.ts +109 -0
  7. package/src/base64/base64.ts +168 -0
  8. package/src/base64/index.ts +1 -0
  9. package/src/blob/Blob.ts +259 -0
  10. package/src/blob/File.ts +59 -0
  11. package/src/blob/FormData.ts +323 -0
  12. package/src/blob/index.ts +3 -0
  13. package/src/bootstrap.ts +1946 -0
  14. package/src/broadcast/BroadcastChannel.ts +280 -0
  15. package/src/broadcast/index.ts +5 -0
  16. package/src/cache/Cache.ts +349 -0
  17. package/src/cache/CacheStorage.ts +89 -0
  18. package/src/cache/index.ts +27 -0
  19. package/src/camera/index.ts +6202 -0
  20. package/src/camera/processor.worker.ts +194 -0
  21. package/src/camera/scene.ts +195 -0
  22. package/src/clipboard/Clipboard.ts +129 -0
  23. package/src/clipboard/ClipboardItem.ts +97 -0
  24. package/src/clipboard/index.ts +6 -0
  25. package/src/clone/index.ts +1 -0
  26. package/src/clone/structuredClone.ts +389 -0
  27. package/src/clone/transferableSymbols.ts +2 -0
  28. package/src/compression/CompressionStream.ts +146 -0
  29. package/src/compression/DecompressionStream.ts +342 -0
  30. package/src/compression/index.ts +4 -0
  31. package/src/console/Console.ts +341 -0
  32. package/src/console/index.ts +2 -0
  33. package/src/core/accessibility-state.ts +263 -0
  34. package/src/core/accessibility.ts +184 -0
  35. package/src/core/agent-state.ts +37 -0
  36. package/src/core/diagnostics-logs.ts +144 -0
  37. package/src/core/host-call-bridge.ts +16 -0
  38. package/src/core/i18n-helpers.ts +189 -0
  39. package/src/core/locale-state.ts +253 -0
  40. package/src/core/locale.ts +95 -0
  41. package/src/crypto/Crypto.ts +2743 -0
  42. package/src/crypto/index.ts +1 -0
  43. package/src/diagnostics/logs.ts +7 -0
  44. package/src/encoding/TextDecoder.ts +1181 -0
  45. package/src/encoding/TextDecoderStream.ts +58 -0
  46. package/src/encoding/TextEncoder.ts +180 -0
  47. package/src/encoding/TextEncoderStream.ts +39 -0
  48. package/src/encoding/index.ts +8 -0
  49. package/src/events/CloseEvent.ts +91 -0
  50. package/src/events/DOMException.ts +409 -0
  51. package/src/events/ErrorEvent.ts +39 -0
  52. package/src/events/Event.ts +151 -0
  53. package/src/events/EventTarget.ts +280 -0
  54. package/src/events/FocusEvent.ts +27 -0
  55. package/src/events/KeyboardEvent.ts +46 -0
  56. package/src/events/MessageEvent.ts +61 -0
  57. package/src/events/ProgressEvent.ts +33 -0
  58. package/src/events/PromiseRejectionEvent.ts +31 -0
  59. package/src/events/index.ts +52 -0
  60. package/src/eventsource/EventSource.ts +371 -0
  61. package/src/eventsource/index.ts +2 -0
  62. package/src/fetch/Headers.ts +642 -0
  63. package/src/fetch/Request.ts +760 -0
  64. package/src/fetch/Response.ts +543 -0
  65. package/src/fetch/body.ts +1256 -0
  66. package/src/fetch/cookie-jar.ts +566 -0
  67. package/src/fetch/demo.ts +207 -0
  68. package/src/fetch/errors.ts +101 -0
  69. package/src/fetch/fetch.ts +2610 -0
  70. package/src/fetch/index.ts +101 -0
  71. package/src/fetch/native-bridge.ts +65 -0
  72. package/src/fetch/types.ts +258 -0
  73. package/src/filereader/FileReader.ts +236 -0
  74. package/src/filereader/index.ts +1 -0
  75. package/src/fs/Dirent.ts +39 -0
  76. package/src/fs/ExactFile.ts +450 -0
  77. package/src/fs/Stats.ts +80 -0
  78. package/src/fs/index.ts +944 -0
  79. package/src/fs/promises.ts +386 -0
  80. package/src/fs/shared.ts +328 -0
  81. package/src/http-server/index.js +697 -0
  82. package/src/http-server/index.ts +27 -0
  83. package/src/identity.generated.ts +14 -0
  84. package/src/index.ts +283 -0
  85. package/src/indexeddb/IDBCursor.ts +188 -0
  86. package/src/indexeddb/IDBDatabase.ts +343 -0
  87. package/src/indexeddb/IDBFactory.ts +269 -0
  88. package/src/indexeddb/IDBIndex.ts +194 -0
  89. package/src/indexeddb/IDBKeyRange.ts +109 -0
  90. package/src/indexeddb/IDBObjectStore.ts +468 -0
  91. package/src/indexeddb/IDBRequest.ts +163 -0
  92. package/src/indexeddb/IDBTransaction.ts +207 -0
  93. package/src/indexeddb/index.ts +34 -0
  94. package/src/indexeddb/utils.ts +52 -0
  95. package/src/inspect/index.ts +1 -0
  96. package/src/inspect/inspect.ts +465 -0
  97. package/src/internal/detect.ts +104 -0
  98. package/src/locale.ts +10 -0
  99. package/src/location/index.ts +1059 -0
  100. package/src/locks/LockManager.ts +460 -0
  101. package/src/locks/index.ts +12 -0
  102. package/src/media/VideoFrame.ts +58 -0
  103. package/src/messaging/MessageChannel.ts +31 -0
  104. package/src/messaging/MessagePort.ts +180 -0
  105. package/src/messaging/index.ts +2 -0
  106. package/src/messaging.ts +247 -0
  107. package/src/native/NativeModules.ts +354 -0
  108. package/src/native/index.ts +1 -0
  109. package/src/navigator/Navigator.ts +351 -0
  110. package/src/navigator/index.ts +1 -0
  111. package/src/node/Buffer.ts +1786 -0
  112. package/src/node/index.ts +4 -0
  113. package/src/node/path.ts +495 -0
  114. package/src/node/process.ts +2528 -0
  115. package/src/performance/Performance.ts +532 -0
  116. package/src/performance/index.ts +21 -0
  117. package/src/polyfills/array.ts +236 -0
  118. package/src/polyfills/arraybuffer.ts +172 -0
  119. package/src/polyfills/groupby.ts +85 -0
  120. package/src/polyfills/index.ts +85 -0
  121. package/src/polyfills/intl.ts +1956 -0
  122. package/src/polyfills/iterator.ts +479 -0
  123. package/src/polyfills/promise.ts +37 -0
  124. package/src/polyfills/set.ts +245 -0
  125. package/src/polyfills/string.ts +85 -0
  126. package/src/polyfills/typedarray.ts +110 -0
  127. package/src/promise-rejection-tracking.ts +464 -0
  128. package/src/react-native/index.ts +388 -0
  129. package/src/runtime-entry.ts +55 -0
  130. package/src/scheduling/AnimationFrame.ts +105 -0
  131. package/src/scheduling/IdleCallback.ts +167 -0
  132. package/src/scheduling/index.ts +13 -0
  133. package/src/security/Capabilities.ts +1146 -0
  134. package/src/security/Permissions.ts +392 -0
  135. package/src/security/capability-bits.generated.ts +63 -0
  136. package/src/security/index.ts +16 -0
  137. package/src/sqlite/Database.ts +456 -0
  138. package/src/sqlite/Statement.ts +206 -0
  139. package/src/sqlite/constants.ts +79 -0
  140. package/src/sqlite/errors.ts +25 -0
  141. package/src/sqlite/index.ts +34 -0
  142. package/src/sqlite/module.js +438 -0
  143. package/src/storage/Storage.ts +291 -0
  144. package/src/storage/StorageManager.ts +91 -0
  145. package/src/storage/index.ts +3 -0
  146. package/src/stream-compat.ts +47 -0
  147. package/src/streams/ReadableStream.ts +4131 -0
  148. package/src/streams/TransformStream.ts +375 -0
  149. package/src/streams/WritableStream.ts +866 -0
  150. package/src/streams/index.ts +41 -0
  151. package/src/timers/Timers.ts +296 -0
  152. package/src/timers/index.ts +11 -0
  153. package/src/url/URL.ts +656 -0
  154. package/src/url/URLPattern.ts +850 -0
  155. package/src/url/URLSearchParams.ts +244 -0
  156. package/src/url/index.ts +9 -0
  157. package/src/websocket/WebSocket.ts +770 -0
  158. package/src/websocket/WebSocketError.ts +52 -0
  159. package/src/websocket/WebSocketStream.ts +628 -0
  160. package/src/websocket/index.ts +7 -0
  161. package/src/window/index.ts +872 -0
@@ -0,0 +1,392 @@
1
+ import type {
2
+ CapabilityDenialCategory,
3
+ CapabilityDenialReason,
4
+ } from "../events/DOMException.js";
5
+
6
+ import { runtimeInfo } from "../bootstrap.js";
7
+ import {
8
+ checkCapability,
9
+ getCapabilitySystemInfo,
10
+ getDenialReasonCategory,
11
+ } from "./Capabilities.js";
12
+ import {
13
+ Location,
14
+ getLocationPermissionDetails,
15
+ type LocationPermissionDetails,
16
+ } from "../location/index.js";
17
+ import {
18
+ CAMERA_FEATURES,
19
+ CAMERA_PERMISSIONS,
20
+ getCameraPermissionDetails,
21
+ getMicrophonePermissionDetails,
22
+ type CameraPermissionDetails,
23
+ } from "../camera/index.js";
24
+
25
+ export type PermissionState = "granted" | "denied" | "prompt" | "unavailable";
26
+ export type AccessLayerResult = "allowed" | "denied";
27
+ export type AccessBlockingLayer = "os" | "appRoot" | "viewBroker" | "moduleDeclared";
28
+
29
+ export interface RuntimePlatformInfo {
30
+ os: string;
31
+ family: string;
32
+ runtime: string;
33
+ osVersion?: string;
34
+ }
35
+
36
+ export interface RuntimeOSPermissionEntry {
37
+ state: PermissionState;
38
+ canRequestAgain: boolean | null;
39
+ settingsUrl?: string;
40
+ operations: string[];
41
+ label: string;
42
+ platformDetail?: Record<string, unknown>;
43
+ }
44
+
45
+ export interface RuntimeAccessEntry {
46
+ allowed: boolean;
47
+ layers: {
48
+ os: AccessLayerResult;
49
+ appRoot: AccessLayerResult | null;
50
+ viewBroker: AccessLayerResult | null;
51
+ moduleDeclared: AccessLayerResult | null;
52
+ };
53
+ blockedBy: AccessBlockingLayer[];
54
+ denialReason?: CapabilityDenialReason;
55
+ denialCategory?: CapabilityDenialCategory;
56
+ canRequestAgain?: boolean;
57
+ settingsUrl?: string;
58
+ explanation: string;
59
+ operations: string[];
60
+ }
61
+
62
+ interface PermissionProvider {
63
+ publicPermission: string;
64
+ runtimePermission: string;
65
+ domain: string;
66
+ label: string;
67
+ moduleName: string;
68
+ getFeatures(): string[];
69
+ getOperations(): string[];
70
+ query(): Promise<PermissionDetailsLike>;
71
+ }
72
+
73
+ type PermissionDetailsLike = Pick<
74
+ LocationPermissionDetails,
75
+ "state" | "canRequestAgain" | "settingsUrl" | "platformDetail"
76
+ > &
77
+ Pick<
78
+ CameraPermissionDetails,
79
+ "state" | "canRequestAgain" | "settingsUrl" | "platformDetail"
80
+ >;
81
+
82
+ const LOCATION_FOREGROUND_PERMISSION = "device:location:foreground";
83
+ const LOCATION_RUNTIME_PERMISSION = "device:location:whenInUse";
84
+
85
+ const LOCATION_PROVIDER: PermissionProvider = {
86
+ publicPermission: LOCATION_FOREGROUND_PERMISSION,
87
+ runtimePermission: LOCATION_RUNTIME_PERMISSION,
88
+ domain: "location",
89
+ label: "Foreground location",
90
+ moduleName: "exact/location",
91
+ getFeatures: () => Array.from(Location.features),
92
+ getOperations: () =>
93
+ Object.entries(Location.permissions as Record<string, readonly string[]>)
94
+ .filter(([, permissions]) => permissions.includes(LOCATION_RUNTIME_PERMISSION))
95
+ .map(([operation]) => `exact/location.${operation}`),
96
+ query: () => getLocationPermissionDetails(),
97
+ };
98
+
99
+ const CAMERA_BACK_PROVIDER: PermissionProvider = {
100
+ publicPermission: "device:camera:back",
101
+ runtimePermission: "device:camera",
102
+ domain: "camera",
103
+ label: "Back camera",
104
+ moduleName: "exact/camera",
105
+ getFeatures: () => Array.from(CAMERA_FEATURES),
106
+ getOperations: () =>
107
+ Object.entries(CAMERA_PERMISSIONS)
108
+ .filter(([, permissions]) => permissions.includes("device:camera:back"))
109
+ .map(([operation]) => `exact/camera.${operation}`),
110
+ query: () => getCameraPermissionDetails(),
111
+ };
112
+
113
+ const CAMERA_FRONT_PROVIDER: PermissionProvider = {
114
+ publicPermission: "device:camera:front",
115
+ runtimePermission: "device:camera",
116
+ domain: "camera",
117
+ label: "Front camera",
118
+ moduleName: "exact/camera",
119
+ getFeatures: () => Array.from(CAMERA_FEATURES),
120
+ getOperations: () =>
121
+ Object.entries(CAMERA_PERMISSIONS)
122
+ .filter(([, permissions]) => permissions.includes("device:camera:front"))
123
+ .map(([operation]) => `exact/camera.${operation}`),
124
+ query: () => getCameraPermissionDetails(),
125
+ };
126
+
127
+ const MICROPHONE_PROVIDER: PermissionProvider = {
128
+ publicPermission: "device:microphone",
129
+ runtimePermission: "device:microphone",
130
+ domain: "microphone",
131
+ label: "Microphone",
132
+ moduleName: "exact/camera",
133
+ getFeatures: () => Array.from(CAMERA_FEATURES),
134
+ getOperations: () =>
135
+ Object.entries(CAMERA_PERMISSIONS)
136
+ .filter(([, permissions]) => permissions.includes("device:microphone"))
137
+ .map(([operation]) => `exact/camera.${operation}`),
138
+ query: () => getMicrophonePermissionDetails(),
139
+ };
140
+
141
+ const PERMISSION_PROVIDERS: PermissionProvider[] = [
142
+ LOCATION_PROVIDER,
143
+ CAMERA_BACK_PROVIDER,
144
+ CAMERA_FRONT_PROVIDER,
145
+ MICROPHONE_PROVIDER,
146
+ ];
147
+
148
+ export function getRegisteredPermissionNames(filter?: string): string[] {
149
+ return getPermissionProviders(filter).map((provider) => provider.publicPermission);
150
+ }
151
+
152
+ export function getRegisteredFeatures(): Record<string, string[]> {
153
+ const features: Record<string, string[]> = {};
154
+ for (const provider of PERMISSION_PROVIDERS) {
155
+ const moduleFeatures = provider.getFeatures();
156
+ if (moduleFeatures.length === 0) {
157
+ continue;
158
+ }
159
+ features[provider.moduleName] = moduleFeatures;
160
+ }
161
+ return features;
162
+ }
163
+
164
+ export async function queryRegisteredPermissions(
165
+ filter?: string,
166
+ ): Promise<Record<string, RuntimeOSPermissionEntry>> {
167
+ const permissions: Record<string, RuntimeOSPermissionEntry> = {};
168
+
169
+ for (const provider of getPermissionProviders(filter)) {
170
+ const details = await provider.query();
171
+ permissions[provider.publicPermission] = {
172
+ state: details.state,
173
+ canRequestAgain: details.canRequestAgain,
174
+ settingsUrl: details.settingsUrl,
175
+ operations: provider.getOperations(),
176
+ label: provider.label,
177
+ platformDetail: details.platformDetail,
178
+ };
179
+ }
180
+
181
+ return permissions;
182
+ }
183
+
184
+ export async function evaluateRegisteredPermissionAccess(
185
+ permission: string,
186
+ _options: {
187
+ rootId?: number;
188
+ viewId?: number;
189
+ } = {},
190
+ ): Promise<RuntimeAccessEntry> {
191
+ const provider = findPermissionProvider(permission);
192
+ if (!provider) {
193
+ throw new Error(`Unknown permission: ${permission}`);
194
+ }
195
+
196
+ const permissionDetails = await provider.query();
197
+ const capabilityCheck = checkCapability(provider.runtimePermission);
198
+
199
+ const osLayer: AccessLayerResult =
200
+ permissionDetails.state === "granted" ? "allowed" : "denied";
201
+
202
+ let appRootLayer: AccessLayerResult | null = null;
203
+ if (capabilityCheck.allowed) {
204
+ appRootLayer = "allowed";
205
+ } else if (capabilityCheck.reason === "app_not_granted") {
206
+ appRootLayer = "denied";
207
+ }
208
+
209
+ const blockedBy: AccessBlockingLayer[] = [];
210
+ if (osLayer === "denied") {
211
+ blockedBy.push("os");
212
+ }
213
+ if (appRootLayer === "denied") {
214
+ blockedBy.push("appRoot");
215
+ }
216
+
217
+ const denialReason = deriveDenialReason(permissionDetails, blockedBy[0], capabilityCheck.reason);
218
+ const denialCategory =
219
+ denialReason != null
220
+ ? (getDenialReasonCategory(denialReason) as CapabilityDenialCategory)
221
+ : undefined;
222
+
223
+ return {
224
+ allowed: blockedBy.length === 0,
225
+ layers: {
226
+ os: osLayer,
227
+ appRoot: appRootLayer,
228
+ viewBroker: null,
229
+ moduleDeclared: null,
230
+ },
231
+ blockedBy,
232
+ denialReason,
233
+ denialCategory,
234
+ canRequestAgain:
235
+ blockedBy[0] === "os" ? permissionDetails.canRequestAgain ?? undefined : undefined,
236
+ settingsUrl:
237
+ blockedBy[0] === "os" ? permissionDetails.settingsUrl : undefined,
238
+ explanation: buildAccessExplanation(permissionDetails, blockedBy, appRootLayer),
239
+ operations: provider.getOperations(),
240
+ };
241
+ }
242
+
243
+ export function getRuntimePlatformInfo(): RuntimePlatformInfo {
244
+ const systemInfo = getCapabilitySystemInfo();
245
+ const globalHints = globalThis as {
246
+ __exactPlatform?: unknown;
247
+ HermesInternal?: unknown;
248
+ };
249
+ const runtime =
250
+ typeof runtimeInfo === "object" && runtimeInfo !== null ? runtimeInfo : undefined;
251
+ const exactPlatform =
252
+ typeof globalHints.__exactPlatform === "string" && globalHints.__exactPlatform.length > 0
253
+ ? globalHints.__exactPlatform
254
+ : undefined;
255
+ const runtimePlatform =
256
+ exactPlatform ?? (typeof runtime?.platform === "string" ? runtime.platform : "unknown");
257
+ const runtimeEngine =
258
+ typeof runtime?.engine === "string" && runtime.engine.length > 0
259
+ ? runtime.engine
260
+ : typeof globalHints.HermesInternal !== "undefined"
261
+ ? "hermes"
262
+ : "unknown";
263
+ const rawOs = systemInfo.osName !== "unknown"
264
+ ? systemInfo.osName
265
+ : normalizePlatformName(runtimePlatform);
266
+
267
+ return {
268
+ os: rawOs,
269
+ family: inferPlatformFamily(rawOs),
270
+ runtime: runtimeEngine.toLowerCase(),
271
+ osVersion: systemInfo.osVersion !== "unknown" ? systemInfo.osVersion : undefined,
272
+ };
273
+ }
274
+
275
+ function getPermissionProviders(filter?: string): PermissionProvider[] {
276
+ if (!filter) {
277
+ return PERMISSION_PROVIDERS.slice();
278
+ }
279
+
280
+ return PERMISSION_PROVIDERS.filter((provider) =>
281
+ globMatches(filter, provider.publicPermission),
282
+ );
283
+ }
284
+
285
+ function findPermissionProvider(permission: string): PermissionProvider | null {
286
+ const normalized = permission.trim();
287
+ for (const provider of PERMISSION_PROVIDERS) {
288
+ if (
289
+ provider.publicPermission === normalized ||
290
+ provider.runtimePermission === normalized
291
+ ) {
292
+ return provider;
293
+ }
294
+ }
295
+ return null;
296
+ }
297
+
298
+ function globMatches(pattern: string, value: string): boolean {
299
+ const escaped = pattern
300
+ .replace(/[.+?^${}()|[\]\\]/g, "\\$&")
301
+ .replace(/\*/g, ".*");
302
+ return new RegExp(`^${escaped}$`).test(value);
303
+ }
304
+
305
+ function deriveDenialReason(
306
+ details: PermissionDetailsLike,
307
+ blockedBy: AccessBlockingLayer | undefined,
308
+ capabilityReason: CapabilityDenialReason | undefined,
309
+ ): CapabilityDenialReason | undefined {
310
+ if (blockedBy === "appRoot") {
311
+ return "app_not_granted";
312
+ }
313
+
314
+ if (blockedBy !== "os") {
315
+ return capabilityReason;
316
+ }
317
+
318
+ if (details.state === "prompt") {
319
+ return undefined;
320
+ }
321
+
322
+ if (details.settingsUrl && details.canRequestAgain === false) {
323
+ return "requires_settings";
324
+ }
325
+
326
+ if (details.platformDetail?.nativeStatus === "restricted") {
327
+ return "os_restricted";
328
+ }
329
+
330
+ return "os_denied";
331
+ }
332
+
333
+ function buildAccessExplanation(
334
+ details: PermissionDetailsLike,
335
+ blockedBy: AccessBlockingLayer[],
336
+ appRootLayer: AccessLayerResult | null,
337
+ ): string {
338
+ if (blockedBy.length === 0) {
339
+ return "All currently surfaced layers grant access. View-broker and module-declaration introspection are not implemented yet, so those layers are omitted.";
340
+ }
341
+
342
+ if (blockedBy[0] === "os") {
343
+ if (details.state === "prompt") {
344
+ return "OS permission has not been granted yet. The next use may trigger a permission prompt.";
345
+ }
346
+ if (details.platformDetail?.nativeStatus === "restricted") {
347
+ return "The OS is restricting access to this permission. The app cannot resolve that restriction in-process.";
348
+ }
349
+ if (details.settingsUrl) {
350
+ return "The OS is currently blocking this permission. The user likely needs to re-enable it in Settings.";
351
+ }
352
+ return "The OS is currently denying this permission.";
353
+ }
354
+
355
+ if (blockedBy[0] === "appRoot" && appRootLayer === "denied") {
356
+ return "The app-level capability configuration is blocking this permission before any view-specific checks run.";
357
+ }
358
+
359
+ return "Access is denied by the current runtime configuration.";
360
+ }
361
+
362
+ function normalizePlatformName(platform: string): string {
363
+ switch (platform) {
364
+ case "darwin":
365
+ return "ios";
366
+ case "browser":
367
+ return "web";
368
+ case "win32":
369
+ return "windows";
370
+ case "mac":
371
+ return "macos";
372
+ default:
373
+ return platform;
374
+ }
375
+ }
376
+
377
+ function inferPlatformFamily(os: string): string {
378
+ switch (os) {
379
+ case "ios":
380
+ case "macos":
381
+ case "visionos":
382
+ return "apple";
383
+ case "android":
384
+ return "android";
385
+ case "web":
386
+ return "web";
387
+ case "windows":
388
+ return "windows";
389
+ default:
390
+ return "unknown";
391
+ }
392
+ }
@@ -0,0 +1,63 @@
1
+ // @generated by packages/ibex-devtools/src/scripts/generate-capability-bits.mjs
2
+ // Do not edit by hand.
3
+
4
+ export const CapabilityBit = {
5
+ "network:fetch": 0,
6
+ "network:connect": 1,
7
+ "network:listen": 2,
8
+ "network:local": 3,
9
+ "fs:read": 4,
10
+ "fs:write": 5,
11
+ "fs:list": 6,
12
+ "fs:watch": 7,
13
+ "env:read": 8,
14
+ "process:spawn": 9,
15
+ "process:signal": 10,
16
+ "process:cwd": 11,
17
+ "device:location": 12,
18
+ "device:location:whenInUse": 13,
19
+ "device:location:always": 14,
20
+ "device:location:precise": 15,
21
+ "device:location:reduced": 16,
22
+ "device:camera": 17,
23
+ "device:microphone": 18,
24
+ "device:photos": 19,
25
+ "device:photos:read": 20,
26
+ "device:photos:write": 21,
27
+ "device:photos:limited": 22,
28
+ "device:contacts": 23,
29
+ "device:contacts:read": 24,
30
+ "device:contacts:write": 25,
31
+ "device:sensors": 26,
32
+ "device:motion": 27,
33
+ "device:bluetooth": 28,
34
+ "device:bluetooth:scan": 29,
35
+ "device:bluetooth:connect": 30,
36
+ "device:bluetooth:advertise": 31,
37
+ "device:biometrics": 32,
38
+ "device:credentials": 33,
39
+ "device:credentials:read": 34,
40
+ "device:credentials:write": 35,
41
+ "device:notifications": 36,
42
+ "device:calendar": 37,
43
+ "device:calendar:read": 38,
44
+ "device:calendar:write": 39,
45
+ "device:reminders": 40,
46
+ "device:health": 41,
47
+ "device:health:read": 42,
48
+ "device:health:write": 43,
49
+ "storage:local": 44,
50
+ "storage:session": 45,
51
+ "storage:persist": 46,
52
+ "sqlite:read": 47,
53
+ "sqlite:write": 48,
54
+ "clipboard:read": 49,
55
+ "clipboard:write": 50,
56
+ "crypto:random": 51,
57
+ "crypto:subtle": 52,
58
+ "time:now": 53,
59
+ "time:highres": 54,
60
+ "ipc:channel": 55,
61
+ } as const satisfies Record<string, number>;
62
+
63
+ export type CapabilityBitName = keyof typeof CapabilityBit;
@@ -0,0 +1,16 @@
1
+ /**
2
+ * Security module exports
3
+ *
4
+ * Provides capability-based security for the Ibex runtime.
5
+ * @see JS_RUNTIME_SECURITY.md
6
+ */
7
+
8
+ export * from './Capabilities';
9
+ export * from './Permissions';
10
+
11
+ // Re-export CapabilityDeniedError and related types from DOMException
12
+ export {
13
+ CapabilityDeniedError,
14
+ type CapabilityDenialReason,
15
+ type CapabilityDenialCategory,
16
+ } from '../events/DOMException';