@secure-exec/core 0.1.0-rc.1

package/dist/runtime.js

@@ -0,0 +1,69 @@
+import { createNetworkStub, filterEnv } from "./shared/permissions.js";
+const DEFAULT_SANDBOX_CWD = "/root";
+const DEFAULT_SANDBOX_HOME = "/root";
+const DEFAULT_SANDBOX_TMPDIR = "/tmp";
+export class NodeRuntime {
+    runtimeDriver;
+    constructor(options) {
+        const { systemDriver, runtimeDriverFactory } = options;
+        const processConfig = {
+            ...(systemDriver.runtime.process ?? {}),
+        };
+        processConfig.cwd ??= DEFAULT_SANDBOX_CWD;
+        processConfig.env = filterEnv(processConfig.env, systemDriver.permissions);
+        const osConfig = {
+            ...(systemDriver.runtime.os ?? {}),
+        };
+        osConfig.homedir ??= DEFAULT_SANDBOX_HOME;
+        osConfig.tmpdir ??= DEFAULT_SANDBOX_TMPDIR;
+        this.runtimeDriver = runtimeDriverFactory.createRuntimeDriver({
+            system: systemDriver,
+            runtime: {
+                process: processConfig,
+                os: osConfig,
+            },
+            memoryLimit: options.memoryLimit,
+            cpuTimeLimitMs: options.cpuTimeLimitMs,
+            timingMitigation: options.timingMitigation,
+            onStdio: options.onStdio,
+            payloadLimits: options.payloadLimits,
+            resourceBudgets: options.resourceBudgets,
+        });
+    }
+    get network() {
+        const adapter = this.runtimeDriver.network ?? createNetworkStub();
+        return {
+            fetch: (url, options) => adapter.fetch(url, options),
+            dnsLookup: (hostname) => adapter.dnsLookup(hostname),
+            httpRequest: (url, options) => adapter.httpRequest(url, options),
+        };
+    }
+    get __unsafeIsoalte() {
+        if (this.runtimeDriver.unsafeIsolate === undefined) {
+            throw new Error("Driver runtime does not expose unsafe isolate access");
+        }
+        return this.runtimeDriver.unsafeIsolate;
+    }
+    async __unsafeCreateContext(options = {}) {
+        if (!this.runtimeDriver.createUnsafeContext) {
+            throw new Error("Driver runtime does not expose unsafe context creation");
+        }
+        return this.runtimeDriver.createUnsafeContext(options);
+    }
+    async run(code, filePath) {
+        return this.runtimeDriver.run(code, filePath);
+    }
+    async exec(code, options) {
+        return this.runtimeDriver.exec(code, options);
+    }
+    dispose() {
+        this.runtimeDriver.dispose();
+    }
+    async terminate() {
+        if (this.runtimeDriver.terminate) {
+            await this.runtimeDriver.terminate();
+            return;
+        }
+        this.runtimeDriver.dispose();
+    }
+}

package/dist/shared/api-types.d.ts

@@ -0,0 +1,71 @@
+export type TimingMitigation = "off" | "freeze";
+export type StdioChannel = "stdout" | "stderr";
+export interface StdioEvent {
+    channel: StdioChannel;
+    message: string;
+}
+export type StdioHook = (event: StdioEvent) => void;
+export interface ProcessConfig {
+    platform?: string;
+    arch?: string;
+    version?: string;
+    cwd?: string;
+    env?: Record<string, string>;
+    argv?: string[];
+    execPath?: string;
+    pid?: number;
+    ppid?: number;
+    uid?: number;
+    gid?: number;
+    /** Stdin data to provide to the script */
+    stdin?: string;
+    /** Internal execution timing policy for bridge/process polyfills */
+    timingMitigation?: TimingMitigation;
+    /** Internal frozen clock source used when timing mitigation is enabled */
+    frozenTimeMs?: number;
+}
+export interface OSConfig {
+    platform?: string;
+    arch?: string;
+    type?: string;
+    release?: string;
+    version?: string;
+    homedir?: string;
+    tmpdir?: string;
+    hostname?: string;
+}
+export interface ExecutionStatus {
+    code: number;
+    errorMessage?: string;
+}
+export interface RunResult<T = unknown> extends ExecutionStatus {
+    exports?: T;
+}
+export interface PythonRunOptions {
+    filePath?: string;
+    globals?: string[];
+    env?: Record<string, string>;
+    cwd?: string;
+    stdin?: string;
+    cpuTimeLimitMs?: number;
+    onStdio?: StdioHook;
+}
+export interface PythonRunResult<T = unknown> extends ExecutionStatus {
+    value?: T;
+    globals?: Record<string, unknown>;
+}
+export interface ExecOptions {
+    filePath?: string;
+    env?: Record<string, string>;
+    cwd?: string;
+    /** Stdin data to pass to the script */
+    stdin?: string;
+    /** Maximum CPU time budget in milliseconds */
+    cpuTimeLimitMs?: number;
+    /** Timing side-channel mitigation mode */
+    timingMitigation?: TimingMitigation;
+    /** Optional streaming hook for console output events */
+    onStdio?: StdioHook;
+}
+export interface ExecResult extends ExecutionStatus {
+}

package/dist/shared/api-types.js

@@ -0,0 +1 @@
+export {};

package/dist/shared/bridge-contract.d.ts

@@ -0,0 +1,302 @@
+/**
+ * Bridge contract: typed declarations for the globals shared between the
+ * host (Node.js) and the isolate (sandbox V8 context).
+ *
+ * Two categories:
+ * - Host bridge globals: set by the host before bridge code runs (fs refs, timers, etc.)
+ * - Runtime bridge globals: installed by the bridge bundle itself (active handles, modules, etc.)
+ *
+ * The typed `Ref` aliases describe the isolated-vm calling convention for each global.
+ */
+export type ValueOf<T> = T[keyof T];
+/** Globals injected by the host before the bridge bundle executes. */
+export declare const HOST_BRIDGE_GLOBAL_KEYS: {
+    readonly dynamicImport: "_dynamicImport";
+    readonly loadPolyfill: "_loadPolyfill";
+    readonly resolveModule: "_resolveModule";
+    readonly loadFile: "_loadFile";
+    readonly scheduleTimer: "_scheduleTimer";
+    readonly cryptoRandomFill: "_cryptoRandomFill";
+    readonly cryptoRandomUuid: "_cryptoRandomUUID";
+    readonly fsReadFile: "_fsReadFile";
+    readonly fsWriteFile: "_fsWriteFile";
+    readonly fsReadFileBinary: "_fsReadFileBinary";
+    readonly fsWriteFileBinary: "_fsWriteFileBinary";
+    readonly fsReadDir: "_fsReadDir";
+    readonly fsMkdir: "_fsMkdir";
+    readonly fsRmdir: "_fsRmdir";
+    readonly fsExists: "_fsExists";
+    readonly fsStat: "_fsStat";
+    readonly fsUnlink: "_fsUnlink";
+    readonly fsRename: "_fsRename";
+    readonly fsChmod: "_fsChmod";
+    readonly fsChown: "_fsChown";
+    readonly fsLink: "_fsLink";
+    readonly fsSymlink: "_fsSymlink";
+    readonly fsReadlink: "_fsReadlink";
+    readonly fsLstat: "_fsLstat";
+    readonly fsTruncate: "_fsTruncate";
+    readonly fsUtimes: "_fsUtimes";
+    readonly childProcessSpawnStart: "_childProcessSpawnStart";
+    readonly childProcessStdinWrite: "_childProcessStdinWrite";
+    readonly childProcessStdinClose: "_childProcessStdinClose";
+    readonly childProcessKill: "_childProcessKill";
+    readonly childProcessSpawnSync: "_childProcessSpawnSync";
+    readonly networkFetchRaw: "_networkFetchRaw";
+    readonly networkDnsLookupRaw: "_networkDnsLookupRaw";
+    readonly networkHttpRequestRaw: "_networkHttpRequestRaw";
+    readonly networkHttpServerListenRaw: "_networkHttpServerListenRaw";
+    readonly networkHttpServerCloseRaw: "_networkHttpServerCloseRaw";
+    readonly processConfig: "_processConfig";
+    readonly osConfig: "_osConfig";
+    readonly log: "_log";
+    readonly error: "_error";
+};
+/** Globals exposed by the bridge bundle and runtime scripts inside the isolate. */
+export declare const RUNTIME_BRIDGE_GLOBAL_KEYS: {
+    readonly registerHandle: "_registerHandle";
+    readonly unregisterHandle: "_unregisterHandle";
+    readonly waitForActiveHandles: "_waitForActiveHandles";
+    readonly getActiveHandles: "_getActiveHandles";
+    readonly childProcessDispatch: "_childProcessDispatch";
+    readonly childProcessModule: "_childProcessModule";
+    readonly moduleModule: "_moduleModule";
+    readonly osModule: "_osModule";
+    readonly httpModule: "_httpModule";
+    readonly httpsModule: "_httpsModule";
+    readonly http2Module: "_http2Module";
+    readonly dnsModule: "_dnsModule";
+    readonly httpServerDispatch: "_httpServerDispatch";
+    readonly fsFacade: "_fs";
+    readonly requireFrom: "_requireFrom";
+    readonly moduleCache: "_moduleCache";
+    readonly processExitError: "ProcessExitError";
+};
+export type HostBridgeGlobalKey = ValueOf<typeof HOST_BRIDGE_GLOBAL_KEYS>;
+export type RuntimeBridgeGlobalKey = ValueOf<typeof RUNTIME_BRIDGE_GLOBAL_KEYS>;
+export type BridgeGlobalKey = HostBridgeGlobalKey | RuntimeBridgeGlobalKey;
+export declare const HOST_BRIDGE_GLOBAL_KEY_LIST: ValueOf<{
+    readonly dynamicImport: "_dynamicImport";
+    readonly loadPolyfill: "_loadPolyfill";
+    readonly resolveModule: "_resolveModule";
+    readonly loadFile: "_loadFile";
+    readonly scheduleTimer: "_scheduleTimer";
+    readonly cryptoRandomFill: "_cryptoRandomFill";
+    readonly cryptoRandomUuid: "_cryptoRandomUUID";
+    readonly fsReadFile: "_fsReadFile";
+    readonly fsWriteFile: "_fsWriteFile";
+    readonly fsReadFileBinary: "_fsReadFileBinary";
+    readonly fsWriteFileBinary: "_fsWriteFileBinary";
+    readonly fsReadDir: "_fsReadDir";
+    readonly fsMkdir: "_fsMkdir";
+    readonly fsRmdir: "_fsRmdir";
+    readonly fsExists: "_fsExists";
+    readonly fsStat: "_fsStat";
+    readonly fsUnlink: "_fsUnlink";
+    readonly fsRename: "_fsRename";
+    readonly fsChmod: "_fsChmod";
+    readonly fsChown: "_fsChown";
+    readonly fsLink: "_fsLink";
+    readonly fsSymlink: "_fsSymlink";
+    readonly fsReadlink: "_fsReadlink";
+    readonly fsLstat: "_fsLstat";
+    readonly fsTruncate: "_fsTruncate";
+    readonly fsUtimes: "_fsUtimes";
+    readonly childProcessSpawnStart: "_childProcessSpawnStart";
+    readonly childProcessStdinWrite: "_childProcessStdinWrite";
+    readonly childProcessStdinClose: "_childProcessStdinClose";
+    readonly childProcessKill: "_childProcessKill";
+    readonly childProcessSpawnSync: "_childProcessSpawnSync";
+    readonly networkFetchRaw: "_networkFetchRaw";
+    readonly networkDnsLookupRaw: "_networkDnsLookupRaw";
+    readonly networkHttpRequestRaw: "_networkHttpRequestRaw";
+    readonly networkHttpServerListenRaw: "_networkHttpServerListenRaw";
+    readonly networkHttpServerCloseRaw: "_networkHttpServerCloseRaw";
+    readonly processConfig: "_processConfig";
+    readonly osConfig: "_osConfig";
+    readonly log: "_log";
+    readonly error: "_error";
+}>[];
+export declare const RUNTIME_BRIDGE_GLOBAL_KEY_LIST: ValueOf<{
+    readonly registerHandle: "_registerHandle";
+    readonly unregisterHandle: "_unregisterHandle";
+    readonly waitForActiveHandles: "_waitForActiveHandles";
+    readonly getActiveHandles: "_getActiveHandles";
+    readonly childProcessDispatch: "_childProcessDispatch";
+    readonly childProcessModule: "_childProcessModule";
+    readonly moduleModule: "_moduleModule";
+    readonly osModule: "_osModule";
+    readonly httpModule: "_httpModule";
+    readonly httpsModule: "_httpsModule";
+    readonly http2Module: "_http2Module";
+    readonly dnsModule: "_dnsModule";
+    readonly httpServerDispatch: "_httpServerDispatch";
+    readonly fsFacade: "_fs";
+    readonly requireFrom: "_requireFrom";
+    readonly moduleCache: "_moduleCache";
+    readonly processExitError: "ProcessExitError";
+}>[];
+export declare const BRIDGE_GLOBAL_KEY_LIST: readonly (ValueOf<{
+    readonly dynamicImport: "_dynamicImport";
+    readonly loadPolyfill: "_loadPolyfill";
+    readonly resolveModule: "_resolveModule";
+    readonly loadFile: "_loadFile";
+    readonly scheduleTimer: "_scheduleTimer";
+    readonly cryptoRandomFill: "_cryptoRandomFill";
+    readonly cryptoRandomUuid: "_cryptoRandomUUID";
+    readonly fsReadFile: "_fsReadFile";
+    readonly fsWriteFile: "_fsWriteFile";
+    readonly fsReadFileBinary: "_fsReadFileBinary";
+    readonly fsWriteFileBinary: "_fsWriteFileBinary";
+    readonly fsReadDir: "_fsReadDir";
+    readonly fsMkdir: "_fsMkdir";
+    readonly fsRmdir: "_fsRmdir";
+    readonly fsExists: "_fsExists";
+    readonly fsStat: "_fsStat";
+    readonly fsUnlink: "_fsUnlink";
+    readonly fsRename: "_fsRename";
+    readonly fsChmod: "_fsChmod";
+    readonly fsChown: "_fsChown";
+    readonly fsLink: "_fsLink";
+    readonly fsSymlink: "_fsSymlink";
+    readonly fsReadlink: "_fsReadlink";
+    readonly fsLstat: "_fsLstat";
+    readonly fsTruncate: "_fsTruncate";
+    readonly fsUtimes: "_fsUtimes";
+    readonly childProcessSpawnStart: "_childProcessSpawnStart";
+    readonly childProcessStdinWrite: "_childProcessStdinWrite";
+    readonly childProcessStdinClose: "_childProcessStdinClose";
+    readonly childProcessKill: "_childProcessKill";
+    readonly childProcessSpawnSync: "_childProcessSpawnSync";
+    readonly networkFetchRaw: "_networkFetchRaw";
+    readonly networkDnsLookupRaw: "_networkDnsLookupRaw";
+    readonly networkHttpRequestRaw: "_networkHttpRequestRaw";
+    readonly networkHttpServerListenRaw: "_networkHttpServerListenRaw";
+    readonly networkHttpServerCloseRaw: "_networkHttpServerCloseRaw";
+    readonly processConfig: "_processConfig";
+    readonly osConfig: "_osConfig";
+    readonly log: "_log";
+    readonly error: "_error";
+}> | ValueOf<{
+    readonly registerHandle: "_registerHandle";
+    readonly unregisterHandle: "_unregisterHandle";
+    readonly waitForActiveHandles: "_waitForActiveHandles";
+    readonly getActiveHandles: "_getActiveHandles";
+    readonly childProcessDispatch: "_childProcessDispatch";
+    readonly childProcessModule: "_childProcessModule";
+    readonly moduleModule: "_moduleModule";
+    readonly osModule: "_osModule";
+    readonly httpModule: "_httpModule";
+    readonly httpsModule: "_httpsModule";
+    readonly http2Module: "_http2Module";
+    readonly dnsModule: "_dnsModule";
+    readonly httpServerDispatch: "_httpServerDispatch";
+    readonly fsFacade: "_fs";
+    readonly requireFrom: "_requireFrom";
+    readonly moduleCache: "_moduleCache";
+    readonly processExitError: "ProcessExitError";
+}>)[];
+/** An isolated-vm Reference that resolves async via `{ result: { promise: true } }`. */
+export interface BridgeApplyRef<TArgs extends unknown[], TResult> {
+    apply(ctx: undefined, args: TArgs, options: {
+        result: {
+            promise: true;
+        };
+    }): Promise<TResult>;
+}
+/** An isolated-vm Reference called synchronously (blocks the isolate). */
+export interface BridgeApplySyncRef<TArgs extends unknown[], TResult> {
+    applySync(ctx: undefined, args: TArgs): TResult;
+}
+/**
+ * An isolated-vm Reference that blocks the isolate while the host resolves
+ * a Promise. Used for sync-looking APIs (require, readFileSync) that need
+ * async host operations.
+ */
+export interface BridgeApplySyncPromiseRef<TArgs extends unknown[], TResult> {
+    applySyncPromise(ctx: undefined, args: TArgs): TResult;
+}
+export type DynamicImportBridgeRef = BridgeApplyRef<[
+    string,
+    string
+], Record<string, unknown> | null>;
+export type LoadPolyfillBridgeRef = BridgeApplyRef<[string], string | null>;
+export type ResolveModuleBridgeRef = BridgeApplySyncPromiseRef<[
+    string,
+    string
+], string | null>;
+export type LoadFileBridgeRef = BridgeApplySyncPromiseRef<[string], string | null>;
+export type RequireFromBridgeFn = (request: string, dirname: string) => unknown;
+export type ModuleCacheBridgeRecord = Record<string, unknown>;
+export type ProcessLogBridgeRef = BridgeApplySyncRef<[string], void>;
+export type ProcessErrorBridgeRef = BridgeApplySyncRef<[string], void>;
+export type ScheduleTimerBridgeRef = BridgeApplyRef<[number], void>;
+export type CryptoRandomFillBridgeRef = BridgeApplySyncRef<[number], string>;
+export type CryptoRandomUuidBridgeRef = BridgeApplySyncRef<[], string>;
+export type FsReadFileBridgeRef = BridgeApplySyncPromiseRef<[string], string>;
+export type FsWriteFileBridgeRef = BridgeApplySyncPromiseRef<[string, string], void>;
+export type FsReadFileBinaryBridgeRef = BridgeApplySyncPromiseRef<[string], string>;
+export type FsWriteFileBinaryBridgeRef = BridgeApplySyncPromiseRef<[
+    string,
+    string
+], void>;
+export type FsReadDirBridgeRef = BridgeApplySyncPromiseRef<[string], string>;
+export type FsMkdirBridgeRef = BridgeApplySyncPromiseRef<[string, boolean], void>;
+export type FsRmdirBridgeRef = BridgeApplySyncPromiseRef<[string], void>;
+export type FsExistsBridgeRef = BridgeApplySyncPromiseRef<[string], boolean>;
+export type FsStatBridgeRef = BridgeApplySyncPromiseRef<[string], string>;
+export type FsUnlinkBridgeRef = BridgeApplySyncPromiseRef<[string], void>;
+export type FsRenameBridgeRef = BridgeApplySyncPromiseRef<[string, string], void>;
+export type FsChmodBridgeRef = BridgeApplySyncPromiseRef<[string, number], void>;
+export type FsChownBridgeRef = BridgeApplySyncPromiseRef<[string, number, number], void>;
+export type FsLinkBridgeRef = BridgeApplySyncPromiseRef<[string, string], void>;
+export type FsSymlinkBridgeRef = BridgeApplySyncPromiseRef<[string, string], void>;
+export type FsReadlinkBridgeRef = BridgeApplySyncPromiseRef<[string], string>;
+export type FsLstatBridgeRef = BridgeApplySyncPromiseRef<[string], string>;
+export type FsTruncateBridgeRef = BridgeApplySyncPromiseRef<[string, number], void>;
+export type FsUtimesBridgeRef = BridgeApplySyncPromiseRef<[string, number, number], void>;
+/** Combined filesystem bridge facade installed as `globalThis._fs` in the isolate. */
+export interface FsFacadeBridge {
+    readFile: FsReadFileBridgeRef;
+    writeFile: FsWriteFileBridgeRef;
+    readFileBinary: FsReadFileBinaryBridgeRef;
+    writeFileBinary: FsWriteFileBinaryBridgeRef;
+    readDir: FsReadDirBridgeRef;
+    mkdir: FsMkdirBridgeRef;
+    rmdir: FsRmdirBridgeRef;
+    exists: FsExistsBridgeRef;
+    stat: FsStatBridgeRef;
+    unlink: FsUnlinkBridgeRef;
+    rename: FsRenameBridgeRef;
+    chmod: FsChmodBridgeRef;
+    chown: FsChownBridgeRef;
+    link: FsLinkBridgeRef;
+    symlink: FsSymlinkBridgeRef;
+    readlink: FsReadlinkBridgeRef;
+    lstat: FsLstatBridgeRef;
+    truncate: FsTruncateBridgeRef;
+    utimes: FsUtimesBridgeRef;
+}
+export type ChildProcessSpawnStartBridgeRef = BridgeApplySyncRef<[
+    string,
+    string,
+    string
+], number>;
+export type ChildProcessStdinWriteBridgeRef = BridgeApplySyncRef<[
+    number,
+    Uint8Array
+], void>;
+export type ChildProcessStdinCloseBridgeRef = BridgeApplySyncRef<[number], void>;
+export type ChildProcessKillBridgeRef = BridgeApplySyncRef<[number, number], void>;
+export type ChildProcessSpawnSyncBridgeRef = BridgeApplySyncPromiseRef<[
+    string,
+    string,
+    string
+], string>;
+export type NetworkFetchRawBridgeRef = BridgeApplyRef<[string, string], string>;
+export type NetworkDnsLookupRawBridgeRef = BridgeApplyRef<[string], string>;
+export type NetworkHttpRequestRawBridgeRef = BridgeApplyRef<[string, string], string>;
+export type NetworkHttpServerListenRawBridgeRef = BridgeApplyRef<[string], string>;
+export type NetworkHttpServerCloseRawBridgeRef = BridgeApplyRef<[number], void>;
+export type RegisterHandleBridgeFn = (id: string, description: string) => void;
+export type UnregisterHandleBridgeFn = (id: string) => void;

package/dist/shared/bridge-contract.js

@@ -0,0 +1,82 @@
+/**
+ * Bridge contract: typed declarations for the globals shared between the
+ * host (Node.js) and the isolate (sandbox V8 context).
+ *
+ * Two categories:
+ * - Host bridge globals: set by the host before bridge code runs (fs refs, timers, etc.)
+ * - Runtime bridge globals: installed by the bridge bundle itself (active handles, modules, etc.)
+ *
+ * The typed `Ref` aliases describe the isolated-vm calling convention for each global.
+ */
+function valuesOf(object) {
+    return Object.values(object);
+}
+/** Globals injected by the host before the bridge bundle executes. */
+export const HOST_BRIDGE_GLOBAL_KEYS = {
+    dynamicImport: "_dynamicImport",
+    loadPolyfill: "_loadPolyfill",
+    resolveModule: "_resolveModule",
+    loadFile: "_loadFile",
+    scheduleTimer: "_scheduleTimer",
+    cryptoRandomFill: "_cryptoRandomFill",
+    cryptoRandomUuid: "_cryptoRandomUUID",
+    fsReadFile: "_fsReadFile",
+    fsWriteFile: "_fsWriteFile",
+    fsReadFileBinary: "_fsReadFileBinary",
+    fsWriteFileBinary: "_fsWriteFileBinary",
+    fsReadDir: "_fsReadDir",
+    fsMkdir: "_fsMkdir",
+    fsRmdir: "_fsRmdir",
+    fsExists: "_fsExists",
+    fsStat: "_fsStat",
+    fsUnlink: "_fsUnlink",
+    fsRename: "_fsRename",
+    fsChmod: "_fsChmod",
+    fsChown: "_fsChown",
+    fsLink: "_fsLink",
+    fsSymlink: "_fsSymlink",
+    fsReadlink: "_fsReadlink",
+    fsLstat: "_fsLstat",
+    fsTruncate: "_fsTruncate",
+    fsUtimes: "_fsUtimes",
+    childProcessSpawnStart: "_childProcessSpawnStart",
+    childProcessStdinWrite: "_childProcessStdinWrite",
+    childProcessStdinClose: "_childProcessStdinClose",
+    childProcessKill: "_childProcessKill",
+    childProcessSpawnSync: "_childProcessSpawnSync",
+    networkFetchRaw: "_networkFetchRaw",
+    networkDnsLookupRaw: "_networkDnsLookupRaw",
+    networkHttpRequestRaw: "_networkHttpRequestRaw",
+    networkHttpServerListenRaw: "_networkHttpServerListenRaw",
+    networkHttpServerCloseRaw: "_networkHttpServerCloseRaw",
+    processConfig: "_processConfig",
+    osConfig: "_osConfig",
+    log: "_log",
+    error: "_error",
+};
+/** Globals exposed by the bridge bundle and runtime scripts inside the isolate. */
+export const RUNTIME_BRIDGE_GLOBAL_KEYS = {
+    registerHandle: "_registerHandle",
+    unregisterHandle: "_unregisterHandle",
+    waitForActiveHandles: "_waitForActiveHandles",
+    getActiveHandles: "_getActiveHandles",
+    childProcessDispatch: "_childProcessDispatch",
+    childProcessModule: "_childProcessModule",
+    moduleModule: "_moduleModule",
+    osModule: "_osModule",
+    httpModule: "_httpModule",
+    httpsModule: "_httpsModule",
+    http2Module: "_http2Module",
+    dnsModule: "_dnsModule",
+    httpServerDispatch: "_httpServerDispatch",
+    fsFacade: "_fs",
+    requireFrom: "_requireFrom",
+    moduleCache: "_moduleCache",
+    processExitError: "ProcessExitError",
+};
+export const HOST_BRIDGE_GLOBAL_KEY_LIST = valuesOf(HOST_BRIDGE_GLOBAL_KEYS);
+export const RUNTIME_BRIDGE_GLOBAL_KEY_LIST = valuesOf(RUNTIME_BRIDGE_GLOBAL_KEYS);
+export const BRIDGE_GLOBAL_KEY_LIST = [
+    ...HOST_BRIDGE_GLOBAL_KEY_LIST,
+    ...RUNTIME_BRIDGE_GLOBAL_KEY_LIST,
+];

package/dist/shared/console-formatter.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Controls how deeply and widely console.log arguments are serialized.
+ * Prevents CPU amplification and memory buildup from deeply-nested or
+ * massive objects being logged inside the sandbox.
+ */
+export interface ConsoleSerializationBudget {
+    maxDepth: number;
+    maxKeys: number;
+    maxArrayLength: number;
+    maxOutputLength: number;
+}
+export declare const DEFAULT_CONSOLE_SERIALIZATION_BUDGET: ConsoleSerializationBudget;
+/** Serialize a single value with circular reference detection and budget limits. */
+export declare function safeStringifyConsoleValue(value: unknown, rawBudget: ConsoleSerializationBudget): string;
+/** Format an array of console arguments into a single space-separated string. */
+export declare function formatConsoleArgs(args: unknown[], rawBudget: ConsoleSerializationBudget): string;
+/**
+ * Generate isolate-side JavaScript that installs a `globalThis.console` shim.
+ * The shim serializes arguments using the budget and forwards them to host
+ * bridge references (`_log` / `_error`) via `applySync`.
+ */
+export declare function getConsoleSetupCode(budget?: ConsoleSerializationBudget): string;