@frontmcp/ui 0.5.0

package/src/bundler/sandbox/enclave-adapter.d.ts

@@ -0,0 +1,120 @@
+/**
+ * Enclave-VM Secure Code Executor
+ *
+ * Executes bundled code in a secure sandbox using enclave-vm.
+ * Provides defense-in-depth security with:
+ * - AST-based validation (81+ blocked attack vectors)
+ * - Timeout enforcement (default 5000ms)
+ * - Resource limits (maxIterations, maxToolCalls)
+ * - Six security layers
+ *
+ * @packageDocumentation
+ */
+import type { SecurityPolicy } from '../types';
+/**
+ * Context for code execution.
+ */
+export interface ExecutionContext {
+    /**
+     * React module to inject.
+     */
+    React?: unknown;
+    /**
+     * ReactDOM module to inject.
+     */
+    ReactDOM?: unknown;
+    /**
+     * Additional modules to inject.
+     */
+    modules?: Record<string, unknown>;
+    /**
+     * Additional global variables.
+     */
+    globals?: Record<string, unknown>;
+    /**
+     * Security policy to enforce.
+     */
+    security?: SecurityPolicy;
+    /**
+     * Execution timeout in milliseconds.
+     * @default 5000
+     */
+    timeout?: number;
+    /**
+     * Maximum loop iterations allowed.
+     * @default 10000
+     */
+    maxIterations?: number;
+}
+/**
+ * Result of code execution.
+ */
+export interface ExecutionResult<T = unknown> {
+    /**
+     * Exported value from the code.
+     */
+    exports: T;
+    /**
+     * Execution time in ms.
+     */
+    executionTime: number;
+    /**
+     * Console output captured during execution.
+     */
+    consoleOutput?: string[];
+}
+/**
+ * Execute bundled code in a secure enclave-vm sandbox.
+ *
+ * Provides a sandboxed execution context with:
+ * - AST-based code validation (81+ attack vectors blocked)
+ * - Timeout enforcement (default 5000ms)
+ * - Resource limits (maxIterations)
+ * - Six security layers (defense-in-depth)
+ *
+ * @param code - Bundled JavaScript code
+ * @param context - Execution context
+ * @returns Execution result with exports
+ *
+ * @example
+ * ```typescript
+ * const code = `
+ *   const React = require('react');
+ *   function Widget({ data }) {
+ *     return React.createElement('div', null, data.message);
+ *   }
+ *   module.exports = Widget;
+ * `;
+ *
+ * const result = await executeCode(code, {
+ *   React: require('react'),
+ *   timeout: 3000,
+ * });
+ *
+ * console.log(result.exports); // Widget function
+ * ```
+ */
+export declare function executeCode<T = unknown>(code: string, context?: ExecutionContext): Promise<ExecutionResult<T>>;
+/**
+ * Execute bundled code and extract the default export.
+ *
+ * Convenience wrapper around executeCode that extracts
+ * the default export.
+ *
+ * @param code - Bundled JavaScript code
+ * @param context - Execution context
+ * @returns Default export from the code
+ */
+export declare function executeDefault<T = unknown>(code: string, context?: ExecutionContext): Promise<T>;
+/**
+ * Error thrown during code execution.
+ */
+export declare class ExecutionError extends Error {
+    /** Error code for categorization */
+    code?: string;
+    constructor(message: string, cause?: unknown);
+}
+/**
+ * Check if an error is an ExecutionError.
+ */
+export declare function isExecutionError(error: unknown): error is ExecutionError;

package/src/bundler/sandbox/enclave-adapter.js

@@ -0,0 +1,339 @@
+"use strict";
+/**
+ * Enclave-VM Secure Code Executor
+ *
+ * Executes bundled code in a secure sandbox using enclave-vm.
+ * Provides defense-in-depth security with:
+ * - AST-based validation (81+ blocked attack vectors)
+ * - Timeout enforcement (default 5000ms)
+ * - Resource limits (maxIterations, maxToolCalls)
+ * - Six security layers
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ExecutionError = void 0;
+exports.executeCode = executeCode;
+exports.executeDefault = executeDefault;
+exports.isExecutionError = isExecutionError;
+const enclave_vm_1 = require("enclave-vm");
+/**
+ * Default enclave options for secure widget execution.
+ */
+const DEFAULT_ENCLAVE_OPTIONS = {
+    securityLevel: 'SECURE',
+    timeout: 5000,
+    maxIterations: 10000,
+    validate: true,
+    transform: true,
+};
+/**
+ * Threshold of blocked imports that triggers STRICT security level.
+ * When a SecurityPolicy blocks more than this many imports, we escalate to STRICT.
+ */
+const STRICT_SECURITY_BLOCKED_IMPORTS_THRESHOLD = 10;
+/**
+ * Map SecurityPolicy to enclave-vm security level.
+ */
+function mapSecurityLevel(policy) {
+    // If policy has specific blockedImports or restrictive settings, use STRICT
+    if (policy?.blockedImports && policy.blockedImports.length > STRICT_SECURITY_BLOCKED_IMPORTS_THRESHOLD) {
+        return 'STRICT';
+    }
+    // Default to SECURE for widget code
+    return 'SECURE';
+}
+/**
+ * Create a minimal JSX runtime from React.
+ */
+function createJSXRuntime(React) {
+    const R = React;
+    return {
+        jsx: (type, props, key) => {
+            const { children, ...rest } = props;
+            return R.createElement(type, key ? { ...rest, key } : rest, children);
+        },
+        jsxs: (type, props, key) => {
+            const { children, ...rest } = props;
+            return R.createElement(type, key ? { ...rest, key } : rest, children);
+        },
+        jsxDEV: (type, props, key, _isStaticChildren, _source, _self) => {
+            const { children, ...rest } = props;
+            return R.createElement(type, key ? { ...rest, key } : rest, children);
+        },
+        Fragment: R.Fragment,
+    };
+}
+/**
+ * Dangerous global keys that should never be injected from user context.
+ * These could potentially bypass enclave security if allowed.
+ */
+const DANGEROUS_GLOBAL_KEYS = new Set([
+    'process',
+    'require',
+    '__dirname',
+    '__filename',
+    'Buffer',
+    'eval',
+    'Function',
+    'constructor',
+    'global',
+    'globalThis',
+    'module',
+    'exports',
+    '__proto__',
+]);
+/**
+ * Sanitize a key for use as a global variable name.
+ * Replaces non-alphanumeric characters (except _ and $) with underscores.
+ */
+function sanitizeGlobalKey(key) {
+    return key.replace(/[^a-zA-Z0-9_$]/g, '_');
+}
+/**
+ * Build globals object from execution context.
+ */
+function buildGlobals(context) {
+    const globals = {};
+    // Add React and ReactDOM if provided
+    if (context.React) {
+        globals['React'] = context.React;
+    }
+    if (context.ReactDOM) {
+        globals['ReactDOM'] = context.ReactDOM;
+    }
+    // Add JSX runtime if React is available
+    if (context.React) {
+        const jsxRuntime = createJSXRuntime(context.React);
+        globals['__jsx'] = jsxRuntime['jsx'];
+        globals['__jsxs'] = jsxRuntime['jsxs'];
+        globals['__jsxDEV'] = jsxRuntime['jsxDEV'];
+        globals['Fragment'] = jsxRuntime['Fragment'];
+    }
+    // Add modules as globals (enclave-vm handles require internally)
+    if (context.modules) {
+        for (const [key, value] of Object.entries(context.modules)) {
+            // Sanitize key and make modules accessible as globals
+            const sanitizedKey = sanitizeGlobalKey(key);
+            if (DANGEROUS_GLOBAL_KEYS.has(sanitizedKey)) {
+                throw new ExecutionError(`Dangerous module key '${key}' (sanitized: '${sanitizedKey}') is not allowed in execution context`, { code: 'SECURITY_VIOLATION' });
+            }
+            globals[sanitizedKey] = value;
+        }
+    }
+    // Add user globals with security filtering
+    if (context.globals) {
+        for (const [key, value] of Object.entries(context.globals)) {
+            // Check for dangerous keys (both original and sanitized)
+            if (DANGEROUS_GLOBAL_KEYS.has(key)) {
+                throw new ExecutionError(`Dangerous global key '${key}' is not allowed in execution context`, {
+                    code: 'SECURITY_VIOLATION',
+                });
+            }
+            // Sanitize the key for safe global variable naming
+            const sanitizedKey = sanitizeGlobalKey(key);
+            if (DANGEROUS_GLOBAL_KEYS.has(sanitizedKey)) {
+                throw new ExecutionError(`Dangerous global key '${key}' (sanitized: '${sanitizedKey}') is not allowed in execution context`, { code: 'SECURITY_VIOLATION' });
+            }
+            globals[sanitizedKey] = value;
+        }
+    }
+    return globals;
+}
+/**
+ * Build require function for module resolution.
+ */
+function buildRequireFunction(context) {
+    // Normalize all context.modules keys to lowercase for consistent lookup
+    const normalizedContextModules = {};
+    if (context.modules) {
+        for (const [key, value] of Object.entries(context.modules)) {
+            normalizedContextModules[key.toLowerCase()] = value;
+        }
+    }
+    const modules = {
+        react: context.React,
+        'react-dom': context.ReactDOM,
+        'react/jsx-runtime': context.React ? createJSXRuntime(context.React) : undefined,
+        'react/jsx-dev-runtime': context.React ? createJSXRuntime(context.React) : undefined,
+        ...normalizedContextModules,
+    };
+    return (id) => {
+        const normalizedId = id.toLowerCase();
+        if (normalizedId in modules) {
+            const mod = modules[normalizedId];
+            if (mod === undefined) {
+                throw new Error(`Module '${id}' is not available. Did you forget to provide it in the context?`);
+            }
+            return mod;
+        }
+        throw new Error(`Module '${id}' is not available in the sandbox environment`);
+    };
+}
+/**
+ * Execute bundled code in a secure enclave-vm sandbox.
+ *
+ * Provides a sandboxed execution context with:
+ * - AST-based code validation (81+ attack vectors blocked)
+ * - Timeout enforcement (default 5000ms)
+ * - Resource limits (maxIterations)
+ * - Six security layers (defense-in-depth)
+ *
+ * @param code - Bundled JavaScript code
+ * @param context - Execution context
+ * @returns Execution result with exports
+ *
+ * @example
+ * ```typescript
+ * const code = `
+ *   const React = require('react');
+ *   function Widget({ data }) {
+ *     return React.createElement('div', null, data.message);
+ *   }
+ *   module.exports = Widget;
+ * `;
+ *
+ * const result = await executeCode(code, {
+ *   React: require('react'),
+ *   timeout: 3000,
+ * });
+ *
+ * console.log(result.exports); // Widget function
+ * ```
+ */
+async function executeCode(code, context = {}) {
+    const consoleOutput = [];
+    // Build globals with console capture
+    const globals = buildGlobals(context);
+    // Add sandboxed console
+    globals['console'] = {
+        log: (...args) => {
+            consoleOutput.push(args.map(String).join(' '));
+        },
+        info: (...args) => {
+            consoleOutput.push(`[INFO] ${args.map(String).join(' ')}`);
+        },
+        warn: (...args) => {
+            consoleOutput.push(`[WARN] ${args.map(String).join(' ')}`);
+        },
+        error: (...args) => {
+            consoleOutput.push(`[ERROR] ${args.map(String).join(' ')}`);
+        },
+        debug: (...args) => {
+            consoleOutput.push(`[DEBUG] ${args.map(String).join(' ')}`);
+        },
+        trace: () => { },
+        dir: () => { },
+        table: () => { },
+        group: () => { },
+        groupEnd: () => { },
+        time: () => { },
+        timeEnd: () => { },
+        assert: () => { },
+        clear: () => { },
+        count: () => { },
+        countReset: () => { },
+    };
+    // Add require function
+    globals['require'] = buildRequireFunction(context);
+    // Create enclave with options
+    const enclave = new enclave_vm_1.Enclave({
+        ...DEFAULT_ENCLAVE_OPTIONS,
+        timeout: context.timeout ?? DEFAULT_ENCLAVE_OPTIONS.timeout,
+        maxIterations: context.maxIterations ?? DEFAULT_ENCLAVE_OPTIONS.maxIterations,
+        securityLevel: mapSecurityLevel(context.security),
+        globals,
+        allowFunctionsInGlobals: true, // Required for React components
+    });
+    try {
+        // Wrap code in module pattern to match CommonJS behavior
+        const wrappedCode = `
+      const module = { exports: {} };
+      const exports = module.exports;
+      const __filename = 'widget.js';
+      const __dirname = '/';
+      ${code}
+      return module.exports;
+    `;
+        const result = await enclave.run(wrappedCode);
+        if (!result.success) {
+            const errorMessage = result.error?.message ?? 'Execution failed';
+            const errorCode = result.error?.code;
+            // Map enclave error codes to descriptive messages
+            if (errorCode === 'TIMEOUT') {
+                throw new ExecutionError(`Execution timed out after ${context.timeout ?? DEFAULT_ENCLAVE_OPTIONS.timeout}ms`, {
+                    code: 'TIMEOUT',
+                });
+            }
+            if (errorCode === 'MAX_ITERATIONS') {
+                throw new ExecutionError(`Maximum iterations exceeded (${context.maxIterations ?? DEFAULT_ENCLAVE_OPTIONS.maxIterations})`, {
+                    code: 'MAX_ITERATIONS',
+                });
+            }
+            if (errorCode === 'VALIDATION_ERROR') {
+                throw new ExecutionError(`Security validation failed: ${errorMessage}`, { code: 'SECURITY_VIOLATION' });
+            }
+            throw new ExecutionError(errorMessage, result.error);
+        }
+        return {
+            exports: result.value,
+            executionTime: result.stats.duration,
+            consoleOutput: consoleOutput.length > 0 ? consoleOutput : undefined,
+        };
+    }
+    finally {
+        enclave.dispose();
+    }
+}
+/**
+ * Execute bundled code and extract the default export.
+ *
+ * Convenience wrapper around executeCode that extracts
+ * the default export.
+ *
+ * @param code - Bundled JavaScript code
+ * @param context - Execution context
+ * @returns Default export from the code
+ */
+async function executeDefault(code, context = {}) {
+    const result = await executeCode(code, context);
+    // Check for default export
+    if ('default' in result.exports) {
+        return result.exports.default;
+    }
+    // Check for named exports
+    const exportKeys = Object.keys(result.exports);
+    // Handle empty exports - throw error as code should export something
+    if (exportKeys.length === 0) {
+        throw new ExecutionError('Code did not export any values');
+    }
+    // If only one named export, return it as the default
+    if (exportKeys.length === 1) {
+        return result.exports[exportKeys[0]];
+    }
+    // Multiple exports - return the whole exports object
+    return result.exports;
+}
+/**
+ * Error thrown during code execution.
+ */
+class ExecutionError extends Error {
+    /** Error code for categorization */
+    code;
+    constructor(message, cause) {
+        super(message, { cause });
+        this.name = 'ExecutionError';
+        // Extract code from cause if present
+        if (cause && typeof cause === 'object' && 'code' in cause) {
+            this.code = cause.code;
+        }
+    }
+}
+exports.ExecutionError = ExecutionError;
+/**
+ * Check if an error is an ExecutionError.
+ */
+function isExecutionError(error) {
+    return error instanceof ExecutionError;
+}
+//# sourceMappingURL=enclave-adapter.js.map

package/src/bundler/sandbox/enclave-adapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enclave-adapter.js","sourceRoot":"","sources":["../../../../src/bundler/sandbox/enclave-adapter.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AA6RH,kCAkGC;AAYD,wCAuBC;AAuBD,4CAEC;AAzbD,2CAAoF;AAiEpF;;GAEG;AACH,MAAM,uBAAuB,GAAkC;IAC7D,aAAa,EAAE,QAAQ;IACvB,OAAO,EAAE,IAAI;IACb,aAAa,EAAE,KAAK;IACpB,QAAQ,EAAE,IAAI;IACd,SAAS,EAAE,IAAI;CAChB,CAAC;AAEF;;;GAGG;AACH,MAAM,yCAAyC,GAAG,EAAE,CAAC;AAErD;;GAEG;AACH,SAAS,gBAAgB,CAAC,MAAuB;IAC/C,4EAA4E;IAC5E,IAAI,MAAM,EAAE,cAAc,IAAI,MAAM,CAAC,cAAc,CAAC,MAAM,GAAG,yCAAyC,EAAE,CAAC;QACvG,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,oCAAoC;IACpC,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,KAAc;IACtC,MAAM,CAAC,GAAG,KAGT,CAAC;IAEF,OAAO;QACL,GAAG,EAAE,CAAC,IAAa,EAAE,KAA8B,EAAE,GAAY,EAAE,EAAE;YACnE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;YACpC,OAAO,CAAC,CAAC,aAAa,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,EAAE,CAAC,IAAa,EAAE,KAA8B,EAAE,GAAY,EAAE,EAAE;YACpE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;YACpC,OAAO,CAAC,CAAC,aAAa,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,EAAE,CACN,IAAa,EACb,KAA8B,EAC9B,GAAuB,EACvB,iBAA0B,EAC1B,OAAgB,EAChB,KAAc,EACd,EAAE;YACF,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;YACpC,OAAO,CAAC,CAAC,aAAa,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACxE,CAAC;QACD,QAAQ,EAAE,CAAC,CAAC,QAAQ;KACrB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,SAAS;IACT,SAAS;IACT,WAAW;IACX,YAAY;IACZ,QAAQ;IACR,MAAM;IACN,UAAU;IACV,aAAa;IACb,QAAQ;IACR,YAAY;IACZ,QAAQ;IACR,SAAS;IACT,WAAW;CACZ,CAAC,CAAC;AAEH;;;GAGG;AACH,SAAS,iBAAiB,CAAC,GAAW;IACpC,OAAO,GAAG,CAAC,OAAO,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,OAAyB;IAC7C,MAAM,OAAO,GAA4B,EAAE,CAAC;IAE5C,qCAAqC;IACrC,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC;IACnC,CAAC;IACD,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO,CAAC,UAAU,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC;IACzC,CAAC;IAED,wCAAwC;IACxC,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACnD,OAAO,CAAC,OAAO,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QACrC,OAAO,CAAC,QAAQ,CAAC,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;QACvC,OAAO,CAAC,UAAU,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC3C,OAAO,CAAC,UAAU,CAAC,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;IAC/C,CAAC;IAED,iEAAiE;IACjE,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3D,sDAAsD;YACtD,MAAM,YAAY,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,qBAAqB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC5C,MAAM,IAAI,cAAc,CACtB,yBAAyB,GAAG,kBAAkB,YAAY,wCAAwC,EAClG,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAC/B,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC;QAChC,CAAC;IACH,CAAC;IAED,2CAA2C;IAC3C,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3D,yDAAyD;YACzD,IAAI,qBAAqB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnC,MAAM,IAAI,cAAc,CAAC,yBAAyB,GAAG,uCAAuC,EAAE;oBAC5F,IAAI,EAAE,oBAAoB;iBAC3B,CAAC,CAAC;YACL,CAAC;YACD,mDAAmD;YACnD,MAAM,YAAY,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,qBAAqB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC5C,MAAM,IAAI,cAAc,CACtB,yBAAyB,GAAG,kBAAkB,YAAY,wCAAwC,EAClG,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAC/B,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC;QAChC,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,OAAyB;IACrD,wEAAwE;IACxE,MAAM,wBAAwB,GAA4B,EAAE,CAAC;IAC7D,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3D,wBAAwB,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,GAAG,KAAK,CAAC;QACtD,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAA4B;QACvC,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,WAAW,EAAE,OAAO,CAAC,QAAQ;QAC7B,mBAAmB,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS;QAChF,uBAAuB,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS;QACpF,GAAG,wBAAwB;KAC5B,CAAC;IAEF,OAAO,CAAC,EAAU,EAAW,EAAE;QAC7B,MAAM,YAAY,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;QAEtC,IAAI,YAAY,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;YAClC,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,WAAW,EAAE,kEAAkE,CAAC,CAAC;YACnG,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,WAAW,EAAE,+CAA+C,CAAC,CAAC;IAChF,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACI,KAAK,UAAU,WAAW,CAC/B,IAAY,EACZ,UAA4B,EAAE;IAE9B,MAAM,aAAa,GAAa,EAAE,CAAC;IAEnC,qCAAqC;IACrC,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAEtC,wBAAwB;IACxB,OAAO,CAAC,SAAS,CAAC,GAAG;QACnB,GAAG,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;YAC1B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;YAC3B,aAAa,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;YAC3B,aAAa,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7D,CAAC;QACD,KAAK,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;YAC5B,aAAa,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,KAAK,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;YAC5B,aAAa,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;QACf,GAAG,EAAE,GAAG,EAAE,GAAE,CAAC;QACb,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;QACf,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;QACf,QAAQ,EAAE,GAAG,EAAE,GAAE,CAAC;QAClB,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;QACd,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC;QACjB,MAAM,EAAE,GAAG,EAAE,GAAE,CAAC;QAChB,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;QACf,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;QACf,UAAU,EAAE,GAAG,EAAE,GAAE,CAAC;KACrB,CAAC;IAEF,uBAAuB;IACvB,OAAO,CAAC,SAAS,CAAC,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;IAEnD,8BAA8B;IAC9B,MAAM,OAAO,GAAG,IAAI,oBAAO,CAAC;QAC1B,GAAG,uBAAuB;QAC1B,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,uBAAuB,CAAC,OAAO;QAC3D,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,uBAAuB,CAAC,aAAa;QAC7E,aAAa,EAAE,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC;QACjD,OAAO;QACP,uBAAuB,EAAE,IAAI,EAAE,gCAAgC;KAChE,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,yDAAyD;QACzD,MAAM,WAAW,GAAG;;;;;QAKhB,IAAI;;KAEP,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAI,WAAW,CAAC,CAAC;QAEjD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,kBAAkB,CAAC;YACjE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC;YAErC,kDAAkD;YAClD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;gBAC5B,MAAM,IAAI,cAAc,CAAC,6BAA6B,OAAO,CAAC,OAAO,IAAI,uBAAuB,CAAC,OAAO,IAAI,EAAE;oBAC5G,IAAI,EAAE,SAAS;iBAChB,CAAC,CAAC;YACL,CAAC;YACD,IAAI,SAAS,KAAK,gBAAgB,EAAE,CAAC;gBACnC,MAAM,IAAI,cAAc,CACtB,gCAAgC,OAAO,CAAC,aAAa,IAAI,uBAAuB,CAAC,aAAa,GAAG,EACjG;oBACE,IAAI,EAAE,gBAAgB;iBACvB,CACF,CAAC;YACJ,CAAC;YACD,IAAI,SAAS,KAAK,kBAAkB,EAAE,CAAC;gBACrC,MAAM,IAAI,cAAc,CAAC,+BAA+B,YAAY,EAAE,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,CAAC;YAC1G,CAAC;YAED,MAAM,IAAI,cAAc,CAAC,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QACvD,CAAC;QAED,OAAO;YACL,OAAO,EAAE,MAAM,CAAC,KAAU;YAC1B,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ;YACpC,aAAa,EAAE,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS;SACpE,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,OAAO,CAAC,OAAO,EAAE,CAAC;IACpB,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,cAAc,CAAc,IAAY,EAAE,UAA4B,EAAE;IAC5F,MAAM,MAAM,GAAG,MAAM,WAAW,CAA4C,IAAI,EAAE,OAAO,CAAC,CAAC;IAE3F,2BAA2B;IAC3B,IAAI,SAAS,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QAChC,OAAO,MAAM,CAAC,OAAO,CAAC,OAAY,CAAC;IACrC,CAAC;IAED,0BAA0B;IAC1B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAE/C,qEAAqE;IACrE,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,cAAc,CAAC,gCAAgC,CAAC,CAAC;IAC7D,CAAC;IAED,qDAAqD;IACrD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAM,CAAC;IAC5C,CAAC;IAED,qDAAqD;IACrD,OAAO,MAAM,CAAC,OAAY,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,MAAa,cAAe,SAAQ,KAAK;IACvC,oCAAoC;IACpC,IAAI,CAAU;IAEd,YAAY,OAAe,EAAE,KAAe;QAC1C,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC1B,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;QAE7B,qCAAqC;QACrC,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;YAC1D,IAAI,CAAC,IAAI,GAAI,KAA0B,CAAC,IAAI,CAAC;QAC/C,CAAC;IACH,CAAC;CACF;AAbD,wCAaC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,KAAc;IAC7C,OAAO,KAAK,YAAY,cAAc,CAAC;AACzC,CAAC","sourcesContent":["/**\n * Enclave-VM Secure Code Executor\n *\n * Executes bundled code in a secure sandbox using enclave-vm.\n * Provides defense-in-depth security with:\n * - AST-based validation (81+ blocked attack vectors)\n * - Timeout enforcement (default 5000ms)\n * - Resource limits (maxIterations, maxToolCalls)\n * - Six security layers\n *\n * @packageDocumentation\n */\n\nimport { Enclave, type CreateEnclaveOptions, type SecurityLevel } from 'enclave-vm';\nimport type { SecurityPolicy } from '../types';\n\n/**\n * Context for code execution.\n */\nexport interface ExecutionContext {\n  /**\n   * React module to inject.\n   */\n  React?: unknown;\n\n  /**\n   * ReactDOM module to inject.\n   */\n  ReactDOM?: unknown;\n\n  /**\n   * Additional modules to inject.\n   */\n  modules?: Record<string, unknown>;\n\n  /**\n   * Additional global variables.\n   */\n  globals?: Record<string, unknown>;\n\n  /**\n   * Security policy to enforce.\n   */\n  security?: SecurityPolicy;\n\n  /**\n   * Execution timeout in milliseconds.\n   * @default 5000\n   */\n  timeout?: number;\n\n  /**\n   * Maximum loop iterations allowed.\n   * @default 10000\n   */\n  maxIterations?: number;\n}\n\n/**\n * Result of code execution.\n */\nexport interface ExecutionResult<T = unknown> {\n  /**\n   * Exported value from the code.\n   */\n  exports: T;\n\n  /**\n   * Execution time in ms.\n   */\n  executionTime: number;\n\n  /**\n   * Console output captured during execution.\n   */\n  consoleOutput?: string[];\n}\n\n/**\n * Default enclave options for secure widget execution.\n */\nconst DEFAULT_ENCLAVE_OPTIONS: Partial<CreateEnclaveOptions> = {\n  securityLevel: 'SECURE',\n  timeout: 5000,\n  maxIterations: 10000,\n  validate: true,\n  transform: true,\n};\n\n/**\n * Threshold of blocked imports that triggers STRICT security level.\n * When a SecurityPolicy blocks more than this many imports, we escalate to STRICT.\n */\nconst STRICT_SECURITY_BLOCKED_IMPORTS_THRESHOLD = 10;\n\n/**\n * Map SecurityPolicy to enclave-vm security level.\n */\nfunction mapSecurityLevel(policy?: SecurityPolicy): SecurityLevel {\n  // If policy has specific blockedImports or restrictive settings, use STRICT\n  if (policy?.blockedImports && policy.blockedImports.length > STRICT_SECURITY_BLOCKED_IMPORTS_THRESHOLD) {\n    return 'STRICT';\n  }\n  // Default to SECURE for widget code\n  return 'SECURE';\n}\n\n/**\n * Create a minimal JSX runtime from React.\n */\nfunction createJSXRuntime(React: unknown): Record<string, unknown> {\n  const R = React as {\n    createElement: (...args: unknown[]) => unknown;\n    Fragment: unknown;\n  };\n\n  return {\n    jsx: (type: unknown, props: Record<string, unknown>, key?: string) => {\n      const { children, ...rest } = props;\n      return R.createElement(type, key ? { ...rest, key } : rest, children);\n    },\n    jsxs: (type: unknown, props: Record<string, unknown>, key?: string) => {\n      const { children, ...rest } = props;\n      return R.createElement(type, key ? { ...rest, key } : rest, children);\n    },\n    jsxDEV: (\n      type: unknown,\n      props: Record<string, unknown>,\n      key: string | undefined,\n      _isStaticChildren: boolean,\n      _source: unknown,\n      _self: unknown,\n    ) => {\n      const { children, ...rest } = props;\n      return R.createElement(type, key ? { ...rest, key } : rest, children);\n    },\n    Fragment: R.Fragment,\n  };\n}\n\n/**\n * Dangerous global keys that should never be injected from user context.\n * These could potentially bypass enclave security if allowed.\n */\nconst DANGEROUS_GLOBAL_KEYS = new Set([\n  'process',\n  'require',\n  '__dirname',\n  '__filename',\n  'Buffer',\n  'eval',\n  'Function',\n  'constructor',\n  'global',\n  'globalThis',\n  'module',\n  'exports',\n  '__proto__',\n]);\n\n/**\n * Sanitize a key for use as a global variable name.\n * Replaces non-alphanumeric characters (except _ and $) with underscores.\n */\nfunction sanitizeGlobalKey(key: string): string {\n  return key.replace(/[^a-zA-Z0-9_$]/g, '_');\n}\n\n/**\n * Build globals object from execution context.\n */\nfunction buildGlobals(context: ExecutionContext): Record<string, unknown> {\n  const globals: Record<string, unknown> = {};\n\n  // Add React and ReactDOM if provided\n  if (context.React) {\n    globals['React'] = context.React;\n  }\n  if (context.ReactDOM) {\n    globals['ReactDOM'] = context.ReactDOM;\n  }\n\n  // Add JSX runtime if React is available\n  if (context.React) {\n    const jsxRuntime = createJSXRuntime(context.React);\n    globals['__jsx'] = jsxRuntime['jsx'];\n    globals['__jsxs'] = jsxRuntime['jsxs'];\n    globals['__jsxDEV'] = jsxRuntime['jsxDEV'];\n    globals['Fragment'] = jsxRuntime['Fragment'];\n  }\n\n  // Add modules as globals (enclave-vm handles require internally)\n  if (context.modules) {\n    for (const [key, value] of Object.entries(context.modules)) {\n      // Sanitize key and make modules accessible as globals\n      const sanitizedKey = sanitizeGlobalKey(key);\n      if (DANGEROUS_GLOBAL_KEYS.has(sanitizedKey)) {\n        throw new ExecutionError(\n          `Dangerous module key '${key}' (sanitized: '${sanitizedKey}') is not allowed in execution context`,\n          { code: 'SECURITY_VIOLATION' },\n        );\n      }\n      globals[sanitizedKey] = value;\n    }\n  }\n\n  // Add user globals with security filtering\n  if (context.globals) {\n    for (const [key, value] of Object.entries(context.globals)) {\n      // Check for dangerous keys (both original and sanitized)\n      if (DANGEROUS_GLOBAL_KEYS.has(key)) {\n        throw new ExecutionError(`Dangerous global key '${key}' is not allowed in execution context`, {\n          code: 'SECURITY_VIOLATION',\n        });\n      }\n      // Sanitize the key for safe global variable naming\n      const sanitizedKey = sanitizeGlobalKey(key);\n      if (DANGEROUS_GLOBAL_KEYS.has(sanitizedKey)) {\n        throw new ExecutionError(\n          `Dangerous global key '${key}' (sanitized: '${sanitizedKey}') is not allowed in execution context`,\n          { code: 'SECURITY_VIOLATION' },\n        );\n      }\n      globals[sanitizedKey] = value;\n    }\n  }\n\n  return globals;\n}\n\n/**\n * Build require function for module resolution.\n */\nfunction buildRequireFunction(context: ExecutionContext): (id: string) => unknown {\n  // Normalize all context.modules keys to lowercase for consistent lookup\n  const normalizedContextModules: Record<string, unknown> = {};\n  if (context.modules) {\n    for (const [key, value] of Object.entries(context.modules)) {\n      normalizedContextModules[key.toLowerCase()] = value;\n    }\n  }\n\n  const modules: Record<string, unknown> = {\n    react: context.React,\n    'react-dom': context.ReactDOM,\n    'react/jsx-runtime': context.React ? createJSXRuntime(context.React) : undefined,\n    'react/jsx-dev-runtime': context.React ? createJSXRuntime(context.React) : undefined,\n    ...normalizedContextModules,\n  };\n\n  return (id: string): unknown => {\n    const normalizedId = id.toLowerCase();\n\n    if (normalizedId in modules) {\n      const mod = modules[normalizedId];\n      if (mod === undefined) {\n        throw new Error(`Module '${id}' is not available. Did you forget to provide it in the context?`);\n      }\n      return mod;\n    }\n\n    throw new Error(`Module '${id}' is not available in the sandbox environment`);\n  };\n}\n\n/**\n * Execute bundled code in a secure enclave-vm sandbox.\n *\n * Provides a sandboxed execution context with:\n * - AST-based code validation (81+ attack vectors blocked)\n * - Timeout enforcement (default 5000ms)\n * - Resource limits (maxIterations)\n * - Six security layers (defense-in-depth)\n *\n * @param code - Bundled JavaScript code\n * @param context - Execution context\n * @returns Execution result with exports\n *\n * @example\n * ```typescript\n * const code = `\n *   const React = require('react');\n *   function Widget({ data }) {\n *     return React.createElement('div', null, data.message);\n *   }\n *   module.exports = Widget;\n * `;\n *\n * const result = await executeCode(code, {\n *   React: require('react'),\n *   timeout: 3000,\n * });\n *\n * console.log(result.exports); // Widget function\n * ```\n */\nexport async function executeCode<T = unknown>(\n  code: string,\n  context: ExecutionContext = {},\n): Promise<ExecutionResult<T>> {\n  const consoleOutput: string[] = [];\n\n  // Build globals with console capture\n  const globals = buildGlobals(context);\n\n  // Add sandboxed console\n  globals['console'] = {\n    log: (...args: unknown[]) => {\n      consoleOutput.push(args.map(String).join(' '));\n    },\n    info: (...args: unknown[]) => {\n      consoleOutput.push(`[INFO] ${args.map(String).join(' ')}`);\n    },\n    warn: (...args: unknown[]) => {\n      consoleOutput.push(`[WARN] ${args.map(String).join(' ')}`);\n    },\n    error: (...args: unknown[]) => {\n      consoleOutput.push(`[ERROR] ${args.map(String).join(' ')}`);\n    },\n    debug: (...args: unknown[]) => {\n      consoleOutput.push(`[DEBUG] ${args.map(String).join(' ')}`);\n    },\n    trace: () => {},\n    dir: () => {},\n    table: () => {},\n    group: () => {},\n    groupEnd: () => {},\n    time: () => {},\n    timeEnd: () => {},\n    assert: () => {},\n    clear: () => {},\n    count: () => {},\n    countReset: () => {},\n  };\n\n  // Add require function\n  globals['require'] = buildRequireFunction(context);\n\n  // Create enclave with options\n  const enclave = new Enclave({\n    ...DEFAULT_ENCLAVE_OPTIONS,\n    timeout: context.timeout ?? DEFAULT_ENCLAVE_OPTIONS.timeout,\n    maxIterations: context.maxIterations ?? DEFAULT_ENCLAVE_OPTIONS.maxIterations,\n    securityLevel: mapSecurityLevel(context.security),\n    globals,\n    allowFunctionsInGlobals: true, // Required for React components\n  });\n\n  try {\n    // Wrap code in module pattern to match CommonJS behavior\n    const wrappedCode = `\n      const module = { exports: {} };\n      const exports = module.exports;\n      const __filename = 'widget.js';\n      const __dirname = '/';\n      ${code}\n      return module.exports;\n    `;\n\n    const result = await enclave.run<T>(wrappedCode);\n\n    if (!result.success) {\n      const errorMessage = result.error?.message ?? 'Execution failed';\n      const errorCode = result.error?.code;\n\n      // Map enclave error codes to descriptive messages\n      if (errorCode === 'TIMEOUT') {\n        throw new ExecutionError(`Execution timed out after ${context.timeout ?? DEFAULT_ENCLAVE_OPTIONS.timeout}ms`, {\n          code: 'TIMEOUT',\n        });\n      }\n      if (errorCode === 'MAX_ITERATIONS') {\n        throw new ExecutionError(\n          `Maximum iterations exceeded (${context.maxIterations ?? DEFAULT_ENCLAVE_OPTIONS.maxIterations})`,\n          {\n            code: 'MAX_ITERATIONS',\n          },\n        );\n      }\n      if (errorCode === 'VALIDATION_ERROR') {\n        throw new ExecutionError(`Security validation failed: ${errorMessage}`, { code: 'SECURITY_VIOLATION' });\n      }\n\n      throw new ExecutionError(errorMessage, result.error);\n    }\n\n    return {\n      exports: result.value as T,\n      executionTime: result.stats.duration,\n      consoleOutput: consoleOutput.length > 0 ? consoleOutput : undefined,\n    };\n  } finally {\n    enclave.dispose();\n  }\n}\n\n/**\n * Execute bundled code and extract the default export.\n *\n * Convenience wrapper around executeCode that extracts\n * the default export.\n *\n * @param code - Bundled JavaScript code\n * @param context - Execution context\n * @returns Default export from the code\n */\nexport async function executeDefault<T = unknown>(code: string, context: ExecutionContext = {}): Promise<T> {\n  const result = await executeCode<{ default?: T } & Record<string, unknown>>(code, context);\n\n  // Check for default export\n  if ('default' in result.exports) {\n    return result.exports.default as T;\n  }\n\n  // Check for named exports\n  const exportKeys = Object.keys(result.exports);\n\n  // Handle empty exports - throw error as code should export something\n  if (exportKeys.length === 0) {\n    throw new ExecutionError('Code did not export any values');\n  }\n\n  // If only one named export, return it as the default\n  if (exportKeys.length === 1) {\n    return result.exports[exportKeys[0]] as T;\n  }\n\n  // Multiple exports - return the whole exports object\n  return result.exports as T;\n}\n\n/**\n * Error thrown during code execution.\n */\nexport class ExecutionError extends Error {\n  /** Error code for categorization */\n  code?: string;\n\n  constructor(message: string, cause?: unknown) {\n    super(message, { cause });\n    this.name = 'ExecutionError';\n\n    // Extract code from cause if present\n    if (cause && typeof cause === 'object' && 'code' in cause) {\n      this.code = (cause as { code: string }).code;\n    }\n  }\n}\n\n/**\n * Check if an error is an ExecutionError.\n */\nexport function isExecutionError(error: unknown): error is ExecutionError {\n  return error instanceof ExecutionError;\n}\n"]}

package/src/bundler/sandbox/executor.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Secure Code Executor
+ *
+ * Executes bundled code in a secure sandbox using enclave-vm.
+ * Provides defense-in-depth security with:
+ * - AST-based validation (81+ blocked attack vectors)
+ * - Timeout enforcement (default 5000ms)
+ * - Resource limits (maxIterations)
+ * - Six security layers
+ *
+ * @packageDocumentation
+ */
+export { executeCode, executeDefault, ExecutionError, isExecutionError, type ExecutionContext, type ExecutionResult, } from './enclave-adapter';

package/src/bundler/sandbox/executor.js

@@ -0,0 +1,22 @@
+"use strict";
+/**
+ * Secure Code Executor
+ *
+ * Executes bundled code in a secure sandbox using enclave-vm.
+ * Provides defense-in-depth security with:
+ * - AST-based validation (81+ blocked attack vectors)
+ * - Timeout enforcement (default 5000ms)
+ * - Resource limits (maxIterations)
+ * - Six security layers
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isExecutionError = exports.ExecutionError = exports.executeDefault = exports.executeCode = void 0;
+// Re-export everything from enclave-adapter
+var enclave_adapter_1 = require("./enclave-adapter");
+Object.defineProperty(exports, "executeCode", { enumerable: true, get: function () { return enclave_adapter_1.executeCode; } });
+Object.defineProperty(exports, "executeDefault", { enumerable: true, get: function () { return enclave_adapter_1.executeDefault; } });
+Object.defineProperty(exports, "ExecutionError", { enumerable: true, get: function () { return enclave_adapter_1.ExecutionError; } });
+Object.defineProperty(exports, "isExecutionError", { enumerable: true, get: function () { return enclave_adapter_1.isExecutionError; } });
+//# sourceMappingURL=executor.js.map

package/src/bundler/sandbox/executor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"executor.js","sourceRoot":"","sources":["../../../../src/bundler/sandbox/executor.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH,4CAA4C;AAC5C,qDAO2B;AANzB,8GAAA,WAAW,OAAA;AACX,iHAAA,cAAc,OAAA;AACd,iHAAA,cAAc,OAAA;AACd,mHAAA,gBAAgB,OAAA","sourcesContent":["/**\n * Secure Code Executor\n *\n * Executes bundled code in a secure sandbox using enclave-vm.\n * Provides defense-in-depth security with:\n * - AST-based validation (81+ blocked attack vectors)\n * - Timeout enforcement (default 5000ms)\n * - Resource limits (maxIterations)\n * - Six security layers\n *\n * @packageDocumentation\n */\n\n// Re-export everything from enclave-adapter\nexport {\n  executeCode,\n  executeDefault,\n  ExecutionError,\n  isExecutionError,\n  type ExecutionContext,\n  type ExecutionResult,\n} from './enclave-adapter';\n"]}

package/src/bundler/sandbox/policy.d.ts

@@ -0,0 +1,61 @@
+/**
+ * Sandbox Security Policy
+ *
+ * Defines and validates security policies for bundler execution.
+ *
+ * @packageDocumentation
+ */
+import type { SecurityPolicy, SecurityViolation } from '../types';
+/**
+ * Validate source code against a security policy.
+ *
+ * @param source - Source code to validate
+ * @param policy - Security policy to enforce
+ * @returns Array of security violations (empty if valid)
+ *
+ * @example
+ * ```typescript
+ * const violations = validateSource(code, DEFAULT_SECURITY_POLICY);
+ * if (violations.length > 0) {
+ *   throw new Error(`Security violations: ${violations.map(v => v.message).join(', ')}`);
+ * }
+ * ```
+ */
+export declare function validateSource(source: string, policy?: SecurityPolicy): SecurityViolation[];
+/**
+ * Validate import statements against policy.
+ *
+ * @param source - Source code to check
+ * @param policy - Security policy
+ * @returns Array of import violations
+ */
+export declare function validateImports(source: string, policy?: SecurityPolicy): SecurityViolation[];
+/**
+ * Validate bundle size against policy.
+ *
+ * @param size - Bundle size in bytes
+ * @param policy - Security policy
+ * @returns Violation if size exceeds limit, undefined otherwise
+ */
+export declare function validateSize(size: number, policy?: SecurityPolicy): SecurityViolation | undefined;
+/**
+ * Create a merged security policy with defaults.
+ *
+ * @param userPolicy - User-provided policy overrides
+ * @returns Merged policy with defaults
+ */
+export declare function mergePolicy(userPolicy?: Partial<SecurityPolicy>): SecurityPolicy;
+/**
+ * Security error thrown when policy is violated.
+ */
+export declare class SecurityError extends Error {
+    readonly violations: SecurityViolation[];
+    constructor(message: string, violations: SecurityViolation[]);
+}
+/**
+ * Throw if any violations exist.
+ *
+ * @param violations - Array of violations to check
+ * @throws SecurityError if violations exist
+ */
+export declare function throwOnViolations(violations: SecurityViolation[]): void;