@nyariv/sandboxjs 0.8.22 → 0.8.24

package/dist/node/SandboxExec.d.ts

@@ -0,0 +1,25 @@
+import { IEvalContext } from './eval.js';
+import { Change, ExecReturn } from './executor.js';
+import { IContext, IExecContext, IGlobals, IOptionParams, IScope, SubscriptionSubject } from './utils.js';
+export default class SandboxExec {
+    evalContext?: IEvalContext | undefined;
+    context: IContext;
+    setSubscriptions: WeakMap<SubscriptionSubject, Map<string, Set<(modification: Change) => void>>>;
+    changeSubscriptions: WeakMap<SubscriptionSubject, Set<(modification: Change) => void>>;
+    sandboxFunctions: WeakMap<(...args: any[]) => any, IExecContext>;
+    constructor(options?: IOptionParams, evalContext?: IEvalContext | undefined);
+    static get SAFE_GLOBALS(): IGlobals;
+    static get SAFE_PROTOTYPES(): Map<any, Set<string>>;
+    subscribeGet(callback: (obj: SubscriptionSubject, name: string) => void, context: IExecContext): {
+        unsubscribe: () => void;
+    };
+    subscribeSet(obj: object, name: string, callback: (modification: Change) => void, context: SandboxExec | IExecContext): {
+        unsubscribe: () => void;
+    };
+    subscribeSetGlobal(obj: SubscriptionSubject, name: string, callback: (modification: Change) => void): {
+        unsubscribe: () => void;
+    };
+    getContext(fn: (...args: any[]) => any): IExecContext | undefined;
+    executeTree<T>(context: IExecContext, scopes?: IScope[]): ExecReturn<T>;
+    executeTreeAsync<T>(context: IExecContext, scopes?: IScope[]): Promise<ExecReturn<T>>;
+}

package/dist/node/SandboxExec.js

@@ -0,0 +1,176 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var executor = require('./executor.js');
+var utils = require('./utils.js');
+
+function subscribeSet(obj, name, callback, context) {
+    if (!(obj instanceof Object))
+        throw new Error('Invalid subscription object, got ' + (typeof obj === 'object' ? 'null' : typeof obj));
+    const names = context.setSubscriptions.get(obj) || new Map();
+    context.setSubscriptions.set(obj, names);
+    const callbacks = names.get(name) || new Set();
+    names.set(name, callbacks);
+    callbacks.add(callback);
+    let changeCbs;
+    const val = obj[name];
+    if (val instanceof Object) {
+        changeCbs = context.changeSubscriptions.get(val) || new Set();
+        changeCbs.add(callback);
+        context.changeSubscriptions.set(val, changeCbs);
+    }
+    return {
+        unsubscribe: () => {
+            callbacks.delete(callback);
+            changeCbs?.delete(callback);
+        },
+    };
+}
+class SandboxExec {
+    constructor(options, evalContext) {
+        this.evalContext = evalContext;
+        this.setSubscriptions = new WeakMap();
+        this.changeSubscriptions = new WeakMap();
+        this.sandboxFunctions = new WeakMap();
+        const opt = Object.assign({
+            audit: false,
+            forbidFunctionCalls: false,
+            forbidFunctionCreation: false,
+            globals: SandboxExec.SAFE_GLOBALS,
+            prototypeWhitelist: SandboxExec.SAFE_PROTOTYPES,
+            prototypeReplacements: new Map(),
+        }, options || {});
+        this.context = utils.createContext(this, opt);
+    }
+    static get SAFE_GLOBALS() {
+        return {
+            Function,
+            console: {
+                debug: console.debug,
+                error: console.error,
+                info: console.info,
+                log: console.log,
+                table: console.table,
+                warn: console.warn,
+            },
+            isFinite,
+            isNaN,
+            parseFloat,
+            parseInt,
+            decodeURI,
+            decodeURIComponent,
+            encodeURI,
+            encodeURIComponent,
+            escape,
+            unescape,
+            Boolean,
+            Number,
+            BigInt,
+            String,
+            Object,
+            Array,
+            Symbol,
+            Error,
+            EvalError,
+            RangeError,
+            ReferenceError,
+            SyntaxError,
+            TypeError,
+            URIError,
+            Int8Array,
+            Uint8Array,
+            Uint8ClampedArray,
+            Int16Array,
+            Uint16Array,
+            Int32Array,
+            Uint32Array,
+            Float32Array,
+            Float64Array,
+            Map,
+            Set,
+            WeakMap,
+            WeakSet,
+            Promise,
+            Intl,
+            JSON,
+            Math,
+            Date,
+            RegExp,
+        };
+    }
+    static get SAFE_PROTOTYPES() {
+        const protos = [
+            utils.SandboxGlobal,
+            Function,
+            Boolean,
+            Number,
+            BigInt,
+            String,
+            Date,
+            Error,
+            Array,
+            Int8Array,
+            Uint8Array,
+            Uint8ClampedArray,
+            Int16Array,
+            Uint16Array,
+            Int32Array,
+            Uint32Array,
+            Float32Array,
+            Float64Array,
+            Map,
+            Set,
+            WeakMap,
+            WeakSet,
+            Promise,
+            Symbol,
+            Date,
+            RegExp,
+        ];
+        const map = new Map();
+        protos.forEach((proto) => {
+            map.set(proto, new Set());
+        });
+        map.set(Object, new Set([
+            'entries',
+            'fromEntries',
+            'getOwnPropertyNames',
+            'is',
+            'keys',
+            'hasOwnProperty',
+            'isPrototypeOf',
+            'propertyIsEnumerable',
+            'toLocaleString',
+            'toString',
+            'valueOf',
+            'values',
+        ]));
+        return map;
+    }
+    subscribeGet(callback, context) {
+        context.getSubscriptions.add(callback);
+        return { unsubscribe: () => context.getSubscriptions.delete(callback) };
+    }
+    subscribeSet(obj, name, callback, context) {
+        return subscribeSet(obj, name, callback, context);
+    }
+    subscribeSetGlobal(obj, name, callback) {
+        return subscribeSet(obj, name, callback, this);
+    }
+    getContext(fn) {
+        return this.sandboxFunctions.get(fn);
+    }
+    executeTree(context, scopes = []) {
+        return executor.executeTree({
+            ticks: BigInt(0),
+        }, context, context.tree, scopes);
+    }
+    executeTreeAsync(context, scopes = []) {
+        return executor.executeTreeAsync({
+            ticks: BigInt(0),
+        }, context, context.tree, scopes);
+    }
+}
+
+exports.default = SandboxExec;

package/dist/node/eval.d.ts

@@ -0,0 +1,18 @@
+import { lispifyFunction } from './parser.js';
+import { IExecContext, Ticks } from './utils.js';
+export interface IEvalContext {
+    sandboxFunction: typeof sandboxFunction;
+    sandboxedEval: typeof sandboxedEval;
+    sandboxedSetTimeout: typeof sandboxedSetTimeout;
+    sandboxedSetInterval: typeof sandboxedSetInterval;
+    lispifyFunction: typeof lispifyFunction;
+}
+export type SandboxFunction = (code: string, ...args: string[]) => () => unknown;
+export type SandboxEval = (code: string) => unknown;
+export type SandboxSetTimeout = (handler: TimerHandler, timeout?: number, ...args: unknown[]) => any;
+export type SandboxSetInterval = (handler: TimerHandler, timeout?: number, ...args: unknown[]) => any;
+export declare function createEvalContext(): IEvalContext;
+export declare function sandboxFunction(context: IExecContext, ticks?: Ticks): SandboxFunction;
+export declare function sandboxedEval(func: SandboxFunction): SandboxEval;
+export declare function sandboxedSetTimeout(func: SandboxFunction): SandboxSetTimeout;
+export declare function sandboxedSetInterval(func: SandboxFunction): SandboxSetInterval;

package/dist/node/executor.d.ts

@@ -1,140 +1,98 @@
-import { LispItem, Lisp, LispArray } from "./parser.js";
-import { IExecContext, Ticks } from "./Sandbox.js";
-export declare type SandboxFunction = (code: string, ...args: any[]) => () => any;
-export declare type sandboxedEval = (code: string) => any;
-export declare type sandboxSetTimeout = (handler: TimerHandler, timeout?: any, ...args: any[]) => any;
-export declare type sandboxSetInterval = (handler: TimerHandler, timeout?: any, ...args: any[]) => any;
-export declare type Done = (err?: any, res?: any) => void;
+import { LispItem, Lisp, LispFamily, ExtractLispOp } from './parser.js';
+import { IAuditReport, IExecContext, IScope, LispType, Prop, Scope, Ticks } from './utils.js';
+export type Done<T = any> = (err?: any, res?: T | typeof optional) => void;
 export declare class ExecReturn<T> {
-    auditReport: IAuditReport;
+    auditReport: IAuditReport | undefined;
     result: T;
     returned: boolean;
     breakLoop: boolean;
     continueLoop: boolean;
-    constructor(auditReport: IAuditReport, result: T, returned: boolean, breakLoop?: boolean, continueLoop?: boolean);
-}
-export interface IAuditReport {
-    globalsAccess: Set<any>;
-    prototypeAccess: {
-        [name: string]: Set<string>;
-    };
-}
-export interface IGlobals {
-    [key: string]: any;
+    constructor(auditReport: IAuditReport | undefined, result: T, returned: boolean, breakLoop?: boolean, continueLoop?: boolean);
 }
+export type Unknown = undefined | null | Record<string | number, unknown>;
 export interface IChange {
     type: string;
 }
 export interface ICreate extends IChange {
-    type: "create";
+    type: 'create';
     prop: number | string;
 }
 export interface IReplace extends IChange {
-    type: "replace";
+    type: 'replace';
 }
 export interface IDelete extends IChange {
-    type: "delete";
+    type: 'delete';
     prop: number | string;
 }
 export interface IReverse extends IChange {
-    type: "reverse";
+    type: 'reverse';
 }
 export interface ISort extends IChange {
-    type: "sort";
+    type: 'sort';
 }
 export interface IPush extends IChange {
-    type: "push";
+    type: 'push';
     added: unknown[];
 }
 export interface IPop extends IChange {
-    type: "pop";
+    type: 'pop';
     removed: unknown[];
 }
 export interface IShift extends IChange {
-    type: "shift";
+    type: 'shift';
     removed: unknown[];
 }
 export interface IUnShift extends IChange {
-    type: "unshift";
+    type: 'unshift';
     added: unknown[];
 }
 export interface ISplice extends IChange {
-    type: "splice";
+    type: 'splice';
     startIndex: number;
     deleteCount: number;
     added: unknown[];
     removed: unknown[];
 }
 export interface ICopyWithin extends IChange {
-    type: "copyWithin";
+    type: 'copyWithin';
     startIndex: number;
     endIndex: number;
     added: unknown[];
     removed: unknown[];
 }
-export declare type Change = ICreate | IReplace | IDelete | IReverse | ISort | IPush | IPop | IUnShift | IShift | ISplice | ICopyWithin;
-export declare type replacementCallback = (obj: any, isStaticAccess: boolean) => any;
-export declare class Prop {
-    context: {
-        [key: string]: any;
-    };
-    prop: string;
-    isConst: boolean;
-    isGlobal: boolean;
-    isVariable: boolean;
-    constructor(context: {
-        [key: string]: any;
-    }, prop: string, isConst?: boolean, isGlobal?: boolean, isVariable?: boolean);
-    get(context: IExecContext): any;
-}
-declare enum VarType {
-    let = "let",
-    const = "const",
-    var = "var"
-}
-export declare class Scope {
-    parent: Scope;
-    const: {
-        [key: string]: true;
-    };
-    let: {
-        [key: string]: true;
-    };
-    var: {
-        [key: string]: true;
-    };
-    globals: {
-        [key: string]: true;
-    };
-    allVars: {
-        [key: string]: any;
-    } & Object;
-    functionThis?: any;
-    constructor(parent: Scope, vars?: {}, functionThis?: any);
-    get(key: string, functionScope?: boolean): Prop;
-    set(key: string, val: any): Prop;
-    declare(key: string, type?: VarType, value?: any, isGlobal?: boolean): any;
-}
-export interface IScope {
-    [key: string]: any;
-}
-export declare class FunctionScope implements IScope {
-}
-export declare class LocalScope implements IScope {
-}
-export declare class SandboxError extends Error {
-}
-export declare function sandboxFunction(context: IExecContext, ticks?: Ticks): SandboxFunction;
-export declare function createFunction(argNames: string[], parsed: LispItem, ticks: Ticks, context: IExecContext, scope?: Scope, name?: string): any;
-export declare function createFunctionAsync(argNames: string[], parsed: LispItem, ticks: Ticks, context: IExecContext, scope?: Scope, name?: string): any;
-export declare function sandboxedEval(func: SandboxFunction): sandboxedEval;
-export declare function sandboxedSetTimeout(func: SandboxFunction): sandboxSetTimeout;
-export declare function sandboxedSetInterval(func: SandboxFunction): sandboxSetInterval;
+export type Change = ICreate | IReplace | IDelete | IReverse | ISort | IPush | IPop | IUnShift | IShift | ISplice | ICopyWithin;
+declare const optional: {};
+export declare const sandboxedFunctions: WeakSet<object>;
+export declare function createFunction(argNames: string[], parsed: Lisp[], ticks: Ticks, context: IExecContext, scope?: Scope, name?: string): (...args: unknown[]) => unknown;
+export declare function createFunctionAsync(argNames: string[], parsed: Lisp[], ticks: Ticks, context: IExecContext, scope?: Scope, name?: string): (...args: unknown[]) => Promise<unknown>;
 export declare function assignCheck(obj: Prop, context: IExecContext, op?: string): void;
-declare type OpCallback = (exec: Execution, done: Done, ticks: Ticks, a: LispItem | string[], b: LispItem | Lisp[], obj: Prop | any | undefined, context: IExecContext, scope: Scope, bobj?: Prop | any | undefined, inLoopOrSwitch?: string) => void;
-export declare let ops: Map<string, OpCallback>;
-export declare function execMany(ticks: Ticks, exec: Execution, tree: LispArray, done: Done, scope: Scope, context: IExecContext, inLoopOrSwitch?: string): void;
-declare type Execution = (ticks: Ticks, tree: LispItem, scope: Scope, context: IExecContext, done: Done, inLoopOrSwitch?: string) => void;
+export declare class KeyVal {
+    key: string | SpreadObject;
+    val: unknown;
+    constructor(key: string | SpreadObject, val: unknown);
+}
+export declare class SpreadObject {
+    item: {
+        [key: string]: unknown;
+    };
+    constructor(item: {
+        [key: string]: unknown;
+    });
+}
+export declare class SpreadArray {
+    item: unknown[];
+    constructor(item: unknown[]);
+}
+export declare class If {
+    t: Lisp;
+    f: Lisp;
+    constructor(t: Lisp, f: Lisp);
+}
+type OpCallback = (exec: Execution, done: Done, ticks: Ticks, a: any, b: any, obj: any, context: IExecContext, scope: Scope, bobj?: any, inLoopOrSwitch?: string) => void;
+export declare const ops: Map<LispType, OpCallback>;
+export declare function addOps<Type extends LispFamily>(type: ExtractLispOp<Type>, cb: OpCallback): void;
+export declare function execMany(ticks: Ticks, exec: Execution, tree: Lisp[], done: Done, scope: Scope, context: IExecContext, inLoopOrSwitch?: string): void;
+type Execution = <T = any>(ticks: Ticks, tree: LispItem, scope: Scope, context: IExecContext, done: Done<T>, inLoopOrSwitch?: string) => void;
 export interface AsyncDoneRet {
     isInstant: boolean;
     instant: any;
@@ -146,8 +104,11 @@ export declare function asyncDone(callback: (done: Done) => void): AsyncDoneRet;
 export declare function syncDone(callback: (done: Done) => void): {
     result: any;
 };
-export declare function execAsync(ticks: Ticks, tree: LispItem, scope: Scope, context: IExecContext, doneOriginal: Done, inLoopOrSwitch?: string): Promise<void>;
-export declare function execSync(ticks: Ticks, tree: LispItem, scope: Scope, context: IExecContext, done: Done, inLoopOrSwitch?: string): void;
-export declare function executeTree<T>(ticks: Ticks, context: IExecContext, executionTree: LispItem, scopes?: (IScope)[], inLoopOrSwitch?: string): ExecReturn<T>;
-export declare function executeTreeAsync<T>(ticks: Ticks, context: IExecContext, executionTree: LispItem, scopes?: (IScope)[], inLoopOrSwitch?: string): Promise<ExecReturn<T>>;
+export declare function execAsync<T = any>(ticks: Ticks, tree: LispItem, scope: Scope, context: IExecContext, doneOriginal: Done<T>, inLoopOrSwitch?: string): Promise<void>;
+export declare function execSync<T = any>(ticks: Ticks, tree: LispItem, scope: Scope, context: IExecContext, done: Done<T>, inLoopOrSwitch?: string): void;
+export declare const currentTicks: {
+    current: Ticks;
+};
+export declare function executeTree<T>(ticks: Ticks, context: IExecContext, executionTree: Lisp[], scopes?: IScope[], inLoopOrSwitch?: string): ExecReturn<T>;
+export declare function executeTreeAsync<T>(ticks: Ticks, context: IExecContext, executionTree: Lisp[], scopes?: IScope[], inLoopOrSwitch?: string): Promise<ExecReturn<T>>;
 export {};