@secure-exec/core 0.1.1-rc.3 → 0.2.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (102) hide show
  1. package/dist/esm-compiler.d.ts +5 -1
  2. package/dist/esm-compiler.js +5 -1
  3. package/dist/fs-helpers.d.ts +1 -1
  4. package/dist/generated/isolate-runtime.d.ts +15 -15
  5. package/dist/generated/isolate-runtime.js +15 -15
  6. package/dist/index.d.ts +24 -5
  7. package/dist/index.js +23 -3
  8. package/dist/isolate-runtime/apply-custom-global-policy.js +3 -3
  9. package/dist/isolate-runtime/apply-timing-mitigation-freeze.js +2 -2
  10. package/dist/isolate-runtime/apply-timing-mitigation-off.js +2 -2
  11. package/dist/isolate-runtime/bridge-attach.js +2 -2
  12. package/dist/isolate-runtime/bridge-initial-globals.js +145 -6
  13. package/dist/isolate-runtime/eval-script-result.js +1 -1
  14. package/dist/isolate-runtime/global-exposure-helpers.js +2 -2
  15. package/dist/isolate-runtime/init-commonjs-module-globals.js +2 -2
  16. package/dist/isolate-runtime/override-process-cwd.js +1 -1
  17. package/dist/isolate-runtime/override-process-env.js +1 -1
  18. package/dist/isolate-runtime/require-setup.js +1600 -338
  19. package/dist/isolate-runtime/set-commonjs-file-globals.js +2 -2
  20. package/dist/isolate-runtime/set-stdin-data.js +1 -1
  21. package/dist/isolate-runtime/setup-dynamic-import.js +47 -19
  22. package/dist/isolate-runtime/setup-fs-facade.js +62 -23
  23. package/dist/kernel/command-registry.d.ts +44 -0
  24. package/dist/kernel/command-registry.js +114 -0
  25. package/dist/kernel/device-layer.d.ts +12 -0
  26. package/dist/kernel/device-layer.js +262 -0
  27. package/dist/kernel/dns-cache.d.ts +29 -0
  28. package/dist/kernel/dns-cache.js +52 -0
  29. package/dist/kernel/fd-table.d.ts +84 -0
  30. package/dist/kernel/fd-table.js +278 -0
  31. package/dist/kernel/file-lock.d.ts +34 -0
  32. package/dist/kernel/file-lock.js +123 -0
  33. package/dist/kernel/host-adapter.d.ts +50 -0
  34. package/dist/kernel/host-adapter.js +8 -0
  35. package/dist/kernel/index.d.ts +36 -0
  36. package/dist/kernel/index.js +34 -0
  37. package/dist/kernel/inode-table.d.ts +43 -0
  38. package/dist/kernel/inode-table.js +85 -0
  39. package/dist/kernel/kernel.d.ts +9 -0
  40. package/dist/kernel/kernel.js +1396 -0
  41. package/dist/kernel/permissions.d.ts +27 -0
  42. package/dist/kernel/permissions.js +118 -0
  43. package/dist/kernel/pipe-manager.d.ts +64 -0
  44. package/dist/kernel/pipe-manager.js +267 -0
  45. package/dist/kernel/proc-layer.d.ts +11 -0
  46. package/dist/kernel/proc-layer.js +501 -0
  47. package/dist/kernel/process-table.d.ts +124 -0
  48. package/dist/kernel/process-table.js +631 -0
  49. package/dist/kernel/pty.d.ts +108 -0
  50. package/dist/kernel/pty.js +541 -0
  51. package/dist/kernel/socket-table.d.ts +305 -0
  52. package/dist/kernel/socket-table.js +1124 -0
  53. package/dist/kernel/timer-table.d.ts +54 -0
  54. package/dist/kernel/timer-table.js +108 -0
  55. package/dist/kernel/types.d.ts +500 -0
  56. package/dist/kernel/types.js +89 -0
  57. package/dist/kernel/user.d.ts +29 -0
  58. package/dist/kernel/user.js +35 -0
  59. package/dist/kernel/vfs.d.ts +54 -0
  60. package/dist/kernel/vfs.js +8 -0
  61. package/dist/kernel/wait.d.ts +45 -0
  62. package/dist/kernel/wait.js +112 -0
  63. package/dist/kernel/wstatus.d.ts +21 -0
  64. package/dist/kernel/wstatus.js +33 -0
  65. package/dist/module-resolver.d.ts +4 -0
  66. package/dist/module-resolver.js +4 -0
  67. package/dist/package-bundler.d.ts +6 -1
  68. package/dist/runtime-driver.d.ts +3 -1
  69. package/dist/shared/bridge-contract.d.ts +329 -20
  70. package/dist/shared/bridge-contract.js +60 -5
  71. package/dist/shared/console-formatter.js +8 -4
  72. package/dist/shared/global-exposure.js +269 -19
  73. package/dist/shared/in-memory-fs.d.ts +30 -11
  74. package/dist/shared/in-memory-fs.js +383 -109
  75. package/dist/shared/permissions.d.ts +4 -6
  76. package/dist/shared/permissions.js +19 -39
  77. package/dist/types.d.ts +8 -159
  78. package/dist/types.js +5 -0
  79. package/package.json +12 -22
  80. package/dist/bridge/active-handles.d.ts +0 -22
  81. package/dist/bridge/active-handles.js +0 -55
  82. package/dist/bridge/child-process.d.ts +0 -99
  83. package/dist/bridge/child-process.js +0 -670
  84. package/dist/bridge/fs.d.ts +0 -281
  85. package/dist/bridge/fs.js +0 -2235
  86. package/dist/bridge/index.d.ts +0 -10
  87. package/dist/bridge/index.js +0 -41
  88. package/dist/bridge/module.d.ts +0 -75
  89. package/dist/bridge/module.js +0 -308
  90. package/dist/bridge/network.d.ts +0 -350
  91. package/dist/bridge/network.js +0 -2050
  92. package/dist/bridge/os.d.ts +0 -13
  93. package/dist/bridge/os.js +0 -256
  94. package/dist/bridge/polyfills.d.ts +0 -2
  95. package/dist/bridge/polyfills.js +0 -11
  96. package/dist/bridge/process.d.ts +0 -89
  97. package/dist/bridge/process.js +0 -1015
  98. package/dist/bridge.js +0 -12496
  99. package/dist/python-runtime.d.ts +0 -16
  100. package/dist/python-runtime.js +0 -45
  101. package/dist/runtime.d.ts +0 -31
  102. package/dist/runtime.js +0 -69
package/dist/python-runtime.d.ts DELETED
@@ -1,16 +0,0 @@
1
- import type { ExecOptions, ExecResult, PythonRunOptions, PythonRunResult, StdioHook } from "./shared/api-types.js";
2
- import type { PythonRuntimeDriverFactory, SystemDriver } from "./types.js";
3
- export interface PythonRuntimeOptions {
4
- systemDriver: SystemDriver;
5
- runtimeDriverFactory: PythonRuntimeDriverFactory;
6
- cpuTimeLimitMs?: number;
7
- onStdio?: StdioHook;
8
- }
9
- export declare class PythonRuntime {
10
- private readonly runtimeDriver;
11
- constructor(options: PythonRuntimeOptions);
12
- run<T = unknown>(code: string, options?: PythonRunOptions): Promise<PythonRunResult<T>>;
13
- exec(code: string, options?: ExecOptions): Promise<ExecResult>;
14
- dispose(): void;
15
- terminate(): Promise<void>;
16
- }
package/dist/python-runtime.js DELETED
@@ -1,45 +0,0 @@
1
- import { filterEnv } from "./shared/permissions.js";
2
- const DEFAULT_SANDBOX_CWD = "/root";
3
- const DEFAULT_SANDBOX_HOME = "/root";
4
- const DEFAULT_SANDBOX_TMPDIR = "/tmp";
5
- export class PythonRuntime {
6
- runtimeDriver;
7
- constructor(options) {
8
- const { systemDriver, runtimeDriverFactory } = options;
9
- const processConfig = {
10
- ...(systemDriver.runtime.process ?? {}),
11
- };
12
- processConfig.cwd ??= DEFAULT_SANDBOX_CWD;
13
- processConfig.env = filterEnv(processConfig.env, systemDriver.permissions);
14
- const osConfig = {
15
- ...(systemDriver.runtime.os ?? {}),
16
- };
17
- osConfig.homedir ??= DEFAULT_SANDBOX_HOME;
18
- osConfig.tmpdir ??= DEFAULT_SANDBOX_TMPDIR;
19
- this.runtimeDriver = runtimeDriverFactory.createRuntimeDriver({
20
- system: systemDriver,
21
- runtime: {
22
- process: processConfig,
23
- os: osConfig,
24
- },
25
- cpuTimeLimitMs: options.cpuTimeLimitMs,
26
- onStdio: options.onStdio,
27
- });
28
- }
29
- async run(code, options = {}) {
30
- return this.runtimeDriver.run(code, options);
31
- }
32
- async exec(code, options) {
33
- return this.runtimeDriver.exec(code, options);
34
- }
35
- dispose() {
36
- this.runtimeDriver.dispose();
37
- }
38
- async terminate() {
39
- if (this.runtimeDriver.terminate) {
40
- await this.runtimeDriver.terminate();
41
- return;
42
- }
43
- this.runtimeDriver.dispose();
44
- }
45
- }
package/dist/runtime.d.ts DELETED
@@ -1,31 +0,0 @@
1
- import type { NetworkAdapter, NodeRuntimeDriverFactory, SystemDriver } from "./types.js";
2
- import type { StdioHook, ExecOptions, ExecResult, RunResult, TimingMitigation } from "./shared/api-types.js";
3
- import type { ResourceBudgets } from "./runtime-driver.js";
4
- export interface NodeRuntimeOptions {
5
- systemDriver: SystemDriver;
6
- runtimeDriverFactory: NodeRuntimeDriverFactory;
7
- memoryLimit?: number;
8
- cpuTimeLimitMs?: number;
9
- timingMitigation?: TimingMitigation;
10
- onStdio?: StdioHook;
11
- payloadLimits?: {
12
- base64TransferBytes?: number;
13
- jsonPayloadBytes?: number;
14
- };
15
- resourceBudgets?: ResourceBudgets;
16
- }
17
- export declare class NodeRuntime {
18
- private readonly runtimeDriver;
19
- constructor(options: NodeRuntimeOptions);
20
- get network(): Pick<NetworkAdapter, "fetch" | "dnsLookup" | "httpRequest">;
21
- get __unsafeIsoalte(): unknown;
22
- __unsafeCreateContext(options?: {
23
- env?: Record<string, string>;
24
- cwd?: string;
25
- filePath?: string;
26
- }): Promise<unknown>;
27
- run<T = unknown>(code: string, filePath?: string): Promise<RunResult<T>>;
28
- exec(code: string, options?: ExecOptions): Promise<ExecResult>;
29
- dispose(): void;
30
- terminate(): Promise<void>;
31
- }
package/dist/runtime.js DELETED
@@ -1,69 +0,0 @@
1
- import { createNetworkStub, filterEnv } from "./shared/permissions.js";
2
- const DEFAULT_SANDBOX_CWD = "/root";
3
- const DEFAULT_SANDBOX_HOME = "/root";
4
- const DEFAULT_SANDBOX_TMPDIR = "/tmp";
5
- export class NodeRuntime {
6
- runtimeDriver;
7
- constructor(options) {
8
- const { systemDriver, runtimeDriverFactory } = options;
9
- const processConfig = {
10
- ...(systemDriver.runtime.process ?? {}),
11
- };
12
- processConfig.cwd ??= DEFAULT_SANDBOX_CWD;
13
- processConfig.env = filterEnv(processConfig.env, systemDriver.permissions);
14
- const osConfig = {
15
- ...(systemDriver.runtime.os ?? {}),
16
- };
17
- osConfig.homedir ??= DEFAULT_SANDBOX_HOME;
18
- osConfig.tmpdir ??= DEFAULT_SANDBOX_TMPDIR;
19
- this.runtimeDriver = runtimeDriverFactory.createRuntimeDriver({
20
- system: systemDriver,
21
- runtime: {
22
- process: processConfig,
23
- os: osConfig,
24
- },
25
- memoryLimit: options.memoryLimit,
26
- cpuTimeLimitMs: options.cpuTimeLimitMs,
27
- timingMitigation: options.timingMitigation,
28
- onStdio: options.onStdio,
29
- payloadLimits: options.payloadLimits,
30
- resourceBudgets: options.resourceBudgets,
31
- });
32
- }
33
- get network() {
34
- const adapter = this.runtimeDriver.network ?? createNetworkStub();
35
- return {
36
- fetch: (url, options) => adapter.fetch(url, options),
37
- dnsLookup: (hostname) => adapter.dnsLookup(hostname),
38
- httpRequest: (url, options) => adapter.httpRequest(url, options),
39
- };
40
- }
41
- get __unsafeIsoalte() {
42
- if (this.runtimeDriver.unsafeIsolate === undefined) {
43
- throw new Error("Driver runtime does not expose unsafe isolate access");
44
- }
45
- return this.runtimeDriver.unsafeIsolate;
46
- }
47
- async __unsafeCreateContext(options = {}) {
48
- if (!this.runtimeDriver.createUnsafeContext) {
49
- throw new Error("Driver runtime does not expose unsafe context creation");
50
- }
51
- return this.runtimeDriver.createUnsafeContext(options);
52
- }
53
- async run(code, filePath) {
54
- return this.runtimeDriver.run(code, filePath);
55
- }
56
- async exec(code, options) {
57
- return this.runtimeDriver.exec(code, options);
58
- }
59
- dispose() {
60
- this.runtimeDriver.dispose();
61
- }
62
- async terminate() {
63
- if (this.runtimeDriver.terminate) {
64
- await this.runtimeDriver.terminate();
65
- return;
66
- }
67
- this.runtimeDriver.dispose();
68
- }
69
- }