@jay-framework/secure 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/index.d.ts +284 -0
  2. package/dist/index.js +1027 -0
  3. package/package.json +57 -0
  4. package/readme.md +51 -0
package/package.json ADDED
@@ -0,0 +1,57 @@
1
+ {
2
+ "name": "@jay-framework/secure",
3
+ "version": "0.5.0",
4
+ "type": "module",
5
+ "license": "Apache-2.0",
6
+ "main": "dist/index.js",
7
+ "files": [
8
+ "dist",
9
+ "readme.md"
10
+ ],
11
+ "scripts": {
12
+ "build": "npm run build:js && npm run build:types",
13
+ "build:watch": "npm run build:cli-link && npm run build:js -- --watch",
14
+ "build:js": "vite build",
15
+ "build:types": "tsup lib/index.ts --dts-only --format esm",
16
+ "build:check-types": "tsc",
17
+ "clean": "rimraf dist",
18
+ "confirm": "npm run clean && npm run build && npm run build:check-types && npm run test && npm run definitions && npm run runtime",
19
+ "test": "vitest run",
20
+ "test:watch": "vitest",
21
+ "definitions": "run-p --continue-on-error --aggregate-output --print-label 'definitions:*'",
22
+ "runtime": "run-p --continue-on-error --aggregate-output --print-label 'runtime:*'",
23
+ "definitions:basic": "jay-cli definitions ./test/basic/regular",
24
+ "runtime:basic": "jay-cli runtime ./test/basic/regular",
25
+ "definitions:comp-in-comp": "jay-cli definitions test/comp-in-comp/regular",
26
+ "runtime:comp-in-comp": "jay-cli runtime test/comp-in-comp/regular",
27
+ "definitions:events-basic": "jay-cli definitions test/events-basic/regular",
28
+ "runtime:events-basic": "jay-cli runtime test/events-basic/regular",
29
+ "definitions:events-synthetic": "jay-cli definitions test/events-synthetic/regular",
30
+ "runtime:events-synthetic": "jay-cli runtime test/events-synthetic/regular",
31
+ "definitions:exec-synthetic": "jay-cli definitions test/exec-synthetic/regular",
32
+ "runtime:exec-synthetic": "jay-cli runtime test/exec-synthetic/regular",
33
+ "definitions:tree": "jay-cli definitions test/tree/regular",
34
+ "runtime:tree": "jay-cli runtime test/tree/regular",
35
+ "definitions:top-level-collection-conditions": "jay-cli definitions test/top-level-collection-conditions/regular",
36
+ "runtime:top-level-collection-conditions": "jay-cli runtime test/top-level-collection-conditions/regular"
37
+ },
38
+ "dependencies": {
39
+ "@jay-framework/component": "workspace:^",
40
+ "@jay-framework/json-patch": "workspace:^",
41
+ "@jay-framework/reactive": "workspace:^",
42
+ "@jay-framework/runtime": "workspace:^",
43
+ "@jay-framework/serialization": "workspace:^"
44
+ },
45
+ "devDependencies": {
46
+ "@jay-framework/dev-environment": "workspace:^",
47
+ "@testing-library/jest-dom": "^6.2.0",
48
+ "@types/node": "^20.11.5",
49
+ "caniuse-lite": "^1.0.30001579",
50
+ "npm-run-all2": "^6.1.1",
51
+ "rimraf": "^5.0.5",
52
+ "tsup": "^8.0.1",
53
+ "typescript": "^5.3.3",
54
+ "vite": "^5.0.11",
55
+ "vitest": "^1.2.1"
56
+ }
57
+ }
package/readme.md ADDED
@@ -0,0 +1,51 @@
1
+ # Jay Secure
2
+
3
+ > EXPERIMENTAL - THE JAY-SECURE MODULE IS NOT HARDENED YET TO BE USED FOR SECURITY.
4
+
5
+ The Jay Secure library is the runtime library supporting the sandbox feature of Jay - running headless Jay Components
6
+ in a sandbox, while running the heads, the Jay Element on the main thread.
7
+
8
+ The Jay Secure library includes a few runtime utilities and functions supporting the application split of main and sandbox.
9
+
10
+ > In Jay, we denote main or trusted as the main window, and sandbox or worker as the worker environment.
11
+
12
+ ## comm channel
13
+
14
+ A messaging based protocol between the main and sandbox environments, allowing for an efficient communication.
15
+ The comm channel will batch multiple messages into a single `postMessage` browser call.
16
+
17
+ When creating applications that require sandbox, the setup of the comm channel on the main side is
18
+
19
+ ```typescript
20
+ const jayWorker = new Worker(new URL('jay-sandbox:./sandbox-root', import.meta.url), {
21
+ type: 'module',
22
+ });
23
+
24
+ window.onload = function () {
25
+ setMainPort(new JayPort(new HandshakeMessageJayChannel(jayWorker)));
26
+ // ... setup the application
27
+ };
28
+ ```
29
+
30
+ and on the sandbox or worker side as
31
+
32
+ ```typescript
33
+ // import the application root jay-html file
34
+ setWorkerPort(new JayPort(new HandshakeMessageJayChannel(this)));
35
+ ```
36
+
37
+ See the [examples](../../../examples) for a complete setup.
38
+
39
+ ## main and sandbox
40
+
41
+ The library includes various implementations of component bridges, element bridges, element creation functions and other
42
+ utilities needed for the security module runtime.
43
+
44
+ ## Additional information
45
+
46
+ See the following design log for explanation of the design process and "how it works":
47
+
48
+ - [02 - Jay Element vs Component.md](../../../design-log/02%20-%20Jay%20Element%20vs%20Component.md)
49
+ - [09 - Safe events.md](../../../design-log/09%20-%20Safe%20events.md)
50
+ - [29 - algorithm to split safe code.md](../../../design-log/29%20-%20algorithm%20to%20split%20safe%20code.md)
51
+ - [17 - main and sandbox secure contexts.md](../../../design-log/17%20-%20main%20and%20sandbox%20secure%20contexts.md)