@run0/jiki 0.1.0

package/src/polyfills/zlib.ts

@@ -0,0 +1,244 @@
+import pako from "pako";
+import { BufferImpl, Transform } from "./stream";
+
+export function gzipSync(data: string | Uint8Array): BufferImpl {
+  const input =
+    typeof data === "string" ? new TextEncoder().encode(data) : data;
+  return BufferImpl.from(pako.gzip(input));
+}
+
+export function gunzipSync(data: Uint8Array): BufferImpl {
+  return BufferImpl.from(pako.ungzip(data));
+}
+
+export function deflateSync(data: string | Uint8Array): BufferImpl {
+  const input =
+    typeof data === "string" ? new TextEncoder().encode(data) : data;
+  return BufferImpl.from(pako.deflate(input));
+}
+
+export function inflateSync(data: Uint8Array): BufferImpl {
+  return BufferImpl.from(pako.inflate(data));
+}
+
+export function deflateRawSync(data: string | Uint8Array): BufferImpl {
+  const input =
+    typeof data === "string" ? new TextEncoder().encode(data) : data;
+  return BufferImpl.from(pako.deflateRaw(input));
+}
+
+export function inflateRawSync(data: Uint8Array): BufferImpl {
+  return BufferImpl.from(pako.inflateRaw(data));
+}
+
+export function gzip(
+  data: string | Uint8Array,
+  cb: (err: Error | null, result?: BufferImpl) => void,
+): void {
+  try {
+    cb(null, gzipSync(data));
+  } catch (e) {
+    cb(e as Error);
+  }
+}
+
+export function gunzip(
+  data: Uint8Array,
+  cb: (err: Error | null, result?: BufferImpl) => void,
+): void {
+  try {
+    cb(null, gunzipSync(data));
+  } catch (e) {
+    cb(e as Error);
+  }
+}
+
+export function deflate(
+  data: string | Uint8Array,
+  cb: (err: Error | null, result?: BufferImpl) => void,
+): void {
+  try {
+    cb(null, deflateSync(data));
+  } catch (e) {
+    cb(e as Error);
+  }
+}
+
+export function inflate(
+  data: Uint8Array,
+  cb: (err: Error | null, result?: BufferImpl) => void,
+): void {
+  try {
+    cb(null, inflateSync(data));
+  } catch (e) {
+    cb(e as Error);
+  }
+}
+
+export function unzipSync(data: Uint8Array): BufferImpl {
+  try {
+    return gunzipSync(data);
+  } catch {
+    return inflateSync(data);
+  }
+}
+
+export function unzip(
+  data: Uint8Array,
+  cb: (err: Error | null, result?: BufferImpl) => void,
+): void {
+  try {
+    cb(null, unzipSync(data));
+  } catch (e) {
+    cb(e as Error);
+  }
+}
+
+class ZlibTransform extends Transform {
+  private processor: pako.Deflate | pako.Inflate;
+  private _chunks: Uint8Array[] = [];
+
+  constructor(processor: pako.Deflate | pako.Inflate) {
+    super();
+    this.processor = processor;
+    // pako calls onData for each output chunk during push()
+    (this.processor as any).onData = (chunk: Uint8Array) => {
+      this._chunks.push(chunk);
+    };
+  }
+
+  _transform(
+    chunk: unknown,
+    _encoding: string,
+    callback: (err?: Error | null, data?: unknown) => void,
+  ): void {
+    try {
+      const input =
+        chunk instanceof Uint8Array
+          ? chunk
+          : new TextEncoder().encode(String(chunk));
+      this._chunks = [];
+      this.processor.push(input, false);
+      // Emit any chunks produced by onData callback
+      for (const c of this._chunks) {
+        this.push(c);
+      }
+      callback();
+    } catch (err) {
+      callback(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+
+  _flush(callback: (err?: Error | null, data?: unknown) => void): void {
+    try {
+      this._chunks = [];
+      this.processor.push(new Uint8Array(0), true); // finalize
+      // Emit final chunks produced by onData callback
+      for (const c of this._chunks) {
+        this.push(c);
+      }
+      callback();
+    } catch (err) {
+      callback(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+
+  end(
+    chunkOrCb?: unknown,
+    encodingOrCb?: string | (() => void),
+    cb?: () => void,
+  ): this {
+    if (this.writableEnded) return this;
+    // Handle the case where first arg is a callback
+    if (typeof chunkOrCb === "function") {
+      cb = chunkOrCb as () => void;
+      chunkOrCb = undefined;
+    }
+    this.writableEnded = true;
+    // Write any final chunk
+    if (chunkOrCb != null) {
+      this.write(chunkOrCb as string | Uint8Array, encodingOrCb as string);
+    }
+    // Call _flush to finalize compression/decompression
+    this._flush(err => {
+      if (err) {
+        this.emit("error", err);
+      }
+      // Signal end of readable stream
+      this.push(null);
+      this.writableFinished = true;
+      this.emit("finish");
+      this.emit("close");
+      if (cb) cb();
+      if (typeof encodingOrCb === "function") encodingOrCb();
+    });
+    return this;
+  }
+}
+
+export function createGzip() {
+  return new ZlibTransform(new pako.Deflate({ gzip: true }));
+}
+export function createGunzip() {
+  return new ZlibTransform(new pako.Inflate());
+}
+export function createDeflate() {
+  return new ZlibTransform(new pako.Deflate());
+}
+export function createInflate() {
+  return new ZlibTransform(new pako.Inflate());
+}
+
+export function brotliCompressSync(data: string | Uint8Array): BufferImpl {
+  const input =
+    typeof data === "string" ? new TextEncoder().encode(data) : data;
+  // Use pako deflate as brotli substitute (actual brotli needs wasm/native)
+  const compressed = pako.deflate(input);
+  return BufferImpl.from(compressed);
+}
+export function brotliDecompressSync(data: Uint8Array): BufferImpl {
+  const decompressed = pako.inflate(data);
+  return BufferImpl.from(decompressed);
+}
+
+export const constants = {
+  Z_NO_FLUSH: 0,
+  Z_PARTIAL_FLUSH: 1,
+  Z_SYNC_FLUSH: 2,
+  Z_FULL_FLUSH: 3,
+  Z_FINISH: 4,
+  Z_OK: 0,
+  Z_STREAM_END: 1,
+  Z_NEED_DICT: 2,
+  Z_ERRNO: -1,
+  Z_STREAM_ERROR: -2,
+  Z_DEFAULT_COMPRESSION: -1,
+  Z_BEST_SPEED: 1,
+  Z_BEST_COMPRESSION: 9,
+  Z_NO_COMPRESSION: 0,
+  BROTLI_OPERATION_PROCESS: 0,
+  BROTLI_OPERATION_FLUSH: 1,
+  BROTLI_OPERATION_FINISH: 2,
+};
+
+export default {
+  gzip,
+  gzipSync,
+  gunzip,
+  gunzipSync,
+  deflate,
+  deflateSync,
+  inflate,
+  inflateSync,
+  deflateRawSync,
+  inflateRawSync,
+  unzip,
+  unzipSync,
+  brotliCompressSync,
+  brotliDecompressSync,
+  createGzip,
+  createGunzip,
+  createDeflate,
+  createInflate,
+  constants,
+};

package/src/runtime-helpers.ts

@@ -0,0 +1,83 @@
+import type { RequireFunction } from "./kernel";
+
+export function wrapDynamicImport(
+  localRequire: RequireFunction,
+): (specifier: string) => Promise<unknown> {
+  return async (specifier: string): Promise<unknown> => {
+    const exported = localRequire(specifier);
+    if (
+      exported &&
+      typeof exported === "object" &&
+      ("default" in (exported as object) ||
+        "__esModule" in (exported as object))
+    ) {
+      return exported;
+    }
+    return {
+      default: exported,
+      ...(exported && typeof exported === "object" ? (exported as object) : {}),
+    };
+  };
+}
+
+const CONSOLE_METHODS = [
+  "log",
+  "error",
+  "warn",
+  "info",
+  "debug",
+  "trace",
+  "dir",
+  "table",
+  "time",
+  "timeEnd",
+  "timeLog",
+  "assert",
+  "clear",
+  "count",
+  "countReset",
+  "group",
+  "groupCollapsed",
+  "groupEnd",
+] as const;
+
+export function buildConsoleProxy(
+  hook?: (method: string, args: unknown[]) => void,
+): typeof console | Record<string, (...args: unknown[]) => void> {
+  if (!hook) return console;
+  const proxy: Record<string, (...args: unknown[]) => void> = {};
+  for (const name of CONSOLE_METHODS) {
+    proxy[name] = (...args: unknown[]) => {
+      hook(name, args);
+      (console as any)[name]?.(...args);
+    };
+  }
+  return proxy;
+}
+
+export function buildModuleWrapper(
+  code: string,
+  filename?: string,
+): (
+  exports: unknown,
+  require: RequireFunction,
+  mod: unknown,
+  __filename: string,
+  __dirname: string,
+  process: unknown,
+  console: unknown,
+  import_meta: unknown,
+  __dynamicImport: unknown,
+) => void {
+  // Append //# sourceURL so browser DevTools display the correct filename.
+  const sourceURL = filename ? `\n//# sourceURL=${filename}` : "";
+  const body = [
+    "(function(exports, require, module, __filename, __dirname, process, console, import_meta, __dynamicImport) {",
+    "(function() {",
+    code,
+    "}).call(exports);",
+    "})",
+    sourceURL,
+  ].join("\n");
+  return new Function("return " + body)();
+}

package/src/runtime-interface.ts

@@ -0,0 +1,46 @@
+import type { MemFS } from "./memfs";
+
+export interface IRuntimeOptions {
+  cwd?: string;
+  env?: Record<string, string>;
+  onConsole?: (method: string, args: unknown[]) => void;
+}
+
+export interface IModule {
+  id: string;
+  filename: string;
+  exports: unknown;
+  loaded: boolean;
+  children: IModule[];
+  paths: string[];
+}
+
+export interface IExecuteResult {
+  exports: unknown;
+  module: IModule;
+}
+
+export interface IRuntime {
+  execute(code: string, filename?: string): Promise<IExecuteResult>;
+  runFile(filename: string): Promise<IExecuteResult>;
+  clearCache(): void;
+  getVFS?(): MemFS;
+  terminate?(): void;
+}
+
+export interface CreateRuntimeOptions extends IRuntimeOptions {
+  sandbox?: string;
+  dangerouslyAllowSameOrigin?: boolean;
+  useWorker?: boolean | "auto";
+}
+
+export interface VFSSnapshot {
+  files: VFSFileEntry[];
+}
+
+export interface VFSFileEntry {
+  path: string;
+  type: "file" | "directory" | "symlink";
+  content?: string;
+  target?: string;
+}

package/src/sandbox.ts

@@ -0,0 +1,178 @@
+/**
+ * Resource limits and sandboxing for jiki containers.
+ *
+ * Provides configurable limits for memory, execution time, file count,
+ * network access, and filesystem path boundaries. Essential for
+ * production deployments where untrusted code runs.
+ *
+ * @example
+ * ```ts
+ * const container = boot({
+ *   sandbox: {
+ *     limits: { maxMemoryMB: 256, maxExecutionMs: 30000, maxFileCount: 10000 },
+ *     network: { allowedHosts: ['registry.npmjs.org'] },
+ *     fs: { allowedPaths: ['/app', '/node_modules'] },
+ *   },
+ * });
+ * ```
+ */
+
+// ---------------------------------------------------------------------------
+// Types
+// ---------------------------------------------------------------------------
+
+export interface SandboxLimits {
+  /** Maximum total VFS memory in megabytes. Default: unlimited. */
+  maxMemoryMB?: number;
+  /** Maximum execution time per run/execute call in milliseconds. Default: unlimited. */
+  maxExecutionMs?: number;
+  /** Maximum number of files in the VFS. Default: unlimited. */
+  maxFileCount?: number;
+  /** Maximum single file size in megabytes. Default: unlimited. */
+  maxFileSizeMB?: number;
+}
+
+export interface SandboxNetwork {
+  /** List of allowed hostnames for network requests. */
+  allowedHosts?: string[];
+  /** Block all network requests. */
+  blockAll?: boolean;
+}
+
+export interface SandboxFs {
+  /** List of allowed path prefixes. Writes outside these paths are rejected. */
+  allowedPaths?: string[];
+  /** Make the entire VFS read-only. */
+  readOnly?: boolean;
+}
+
+export interface SandboxOptions {
+  limits?: SandboxLimits;
+  network?: SandboxNetwork;
+  fs?: SandboxFs;
+}
+
+// ---------------------------------------------------------------------------
+// SandboxGuard
+// ---------------------------------------------------------------------------
+
+/**
+ * Enforces resource limits and access controls for a container.
+ */
+export class SandboxGuard {
+  private opts: SandboxOptions;
+  private fileCount = 0;
+  private totalBytes = 0;
+
+  constructor(options: SandboxOptions = {}) {
+    this.opts = options;
+  }
+
+  /** Check if the sandbox has any restrictions configured. */
+  get isActive(): boolean {
+    return !!(this.opts.limits || this.opts.network || this.opts.fs);
+  }
+
+  // -- VFS limits -----------------------------------------------------------
+
+  /** Check if a file write is allowed by size and count limits. */
+  checkWrite(path: string, sizeBytes: number): void {
+    if (this.opts.fs?.readOnly) {
+      throw new Error(
+        `[sandbox] VFS is read-only: write to '${path}' rejected`,
+      );
+    }
+
+    if (this.opts.fs?.allowedPaths) {
+      const allowed = this.opts.fs.allowedPaths.some(
+        prefix => path === prefix || path.startsWith(prefix + "/"),
+      );
+      if (!allowed) {
+        throw new Error(
+          `[sandbox] Write to '${path}' rejected: outside allowed paths`,
+        );
+      }
+    }
+
+    const limits = this.opts.limits;
+    if (limits?.maxFileSizeMB) {
+      const maxBytes = limits.maxFileSizeMB * 1024 * 1024;
+      if (sizeBytes > maxBytes) {
+        throw new Error(
+          `[sandbox] File '${path}' exceeds max file size (${(sizeBytes / 1024 / 1024).toFixed(1)} MB > ${limits.maxFileSizeMB} MB)`,
+        );
+      }
+    }
+
+    if (limits?.maxMemoryMB) {
+      const maxBytes = limits.maxMemoryMB * 1024 * 1024;
+      if (this.totalBytes + sizeBytes > maxBytes) {
+        throw new Error(
+          `[sandbox] VFS memory limit exceeded (${limits.maxMemoryMB} MB)`,
+        );
+      }
+    }
+
+    if (limits?.maxFileCount && this.fileCount >= limits.maxFileCount) {
+      throw new Error(
+        `[sandbox] VFS file count limit exceeded (${limits.maxFileCount})`,
+      );
+    }
+  }
+
+  /** Track a file being added to the VFS. */
+  trackWrite(sizeBytes: number): void {
+    this.fileCount++;
+    this.totalBytes += sizeBytes;
+  }
+
+  /** Track a file being removed from the VFS. */
+  trackDelete(sizeBytes: number): void {
+    this.fileCount = Math.max(0, this.fileCount - 1);
+    this.totalBytes = Math.max(0, this.totalBytes - sizeBytes);
+  }
+
+  // -- Network limits -------------------------------------------------------
+
+  /** Check if a network request to the given URL is allowed. */
+  checkNetwork(url: string): void {
+    if (!this.opts.network) return;
+
+    if (this.opts.network.blockAll) {
+      throw new Error(`[sandbox] All network requests are blocked`);
+    }
+
+    if (this.opts.network.allowedHosts) {
+      try {
+        const hostname = new URL(url).hostname;
+        if (!this.opts.network.allowedHosts.includes(hostname)) {
+          throw new Error(
+            `[sandbox] Network request to '${hostname}' rejected: not in allowed hosts`,
+          );
+        }
+      } catch (e) {
+        if (e instanceof Error && e.message.startsWith("[sandbox]")) throw e;
+        throw new Error(`[sandbox] Invalid URL: ${url}`);
+      }
+    }
+  }
+
+  // -- Execution limits -----------------------------------------------------
+
+  /** Get the execution timeout in milliseconds, or `undefined` if unlimited. */
+  get executionTimeout(): number | undefined {
+    return this.opts.limits?.maxExecutionMs;
+  }
+
+  // -- Diagnostics ----------------------------------------------------------
+
+  get currentFileCount(): number {
+    return this.fileCount;
+  }
+  get currentMemoryBytes(): number {
+    return this.totalBytes;
+  }
+  get currentMemoryMB(): number {
+    return this.totalBytes / (1024 * 1024);
+  }
+}