@secure-exec/core 0.1.1-rc.3 → 0.2.0-rc.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm-compiler.d.ts +5 -1
- package/dist/esm-compiler.js +5 -1
- package/dist/fs-helpers.d.ts +1 -1
- package/dist/generated/isolate-runtime.d.ts +15 -15
- package/dist/generated/isolate-runtime.js +15 -15
- package/dist/index.d.ts +24 -5
- package/dist/index.js +23 -3
- package/dist/isolate-runtime/apply-custom-global-policy.js +3 -3
- package/dist/isolate-runtime/apply-timing-mitigation-freeze.js +2 -2
- package/dist/isolate-runtime/apply-timing-mitigation-off.js +2 -2
- package/dist/isolate-runtime/bridge-attach.js +2 -2
- package/dist/isolate-runtime/bridge-initial-globals.js +145 -6
- package/dist/isolate-runtime/eval-script-result.js +1 -1
- package/dist/isolate-runtime/global-exposure-helpers.js +2 -2
- package/dist/isolate-runtime/init-commonjs-module-globals.js +2 -2
- package/dist/isolate-runtime/override-process-cwd.js +1 -1
- package/dist/isolate-runtime/override-process-env.js +1 -1
- package/dist/isolate-runtime/require-setup.js +2868 -494
- package/dist/isolate-runtime/set-commonjs-file-globals.js +2 -2
- package/dist/isolate-runtime/set-stdin-data.js +1 -1
- package/dist/isolate-runtime/setup-dynamic-import.js +78 -19
- package/dist/isolate-runtime/setup-fs-facade.js +62 -23
- package/dist/kernel/command-registry.d.ts +44 -0
- package/dist/kernel/command-registry.js +114 -0
- package/dist/kernel/device-layer.d.ts +12 -0
- package/dist/kernel/device-layer.js +262 -0
- package/dist/kernel/dns-cache.d.ts +29 -0
- package/dist/kernel/dns-cache.js +52 -0
- package/dist/kernel/fd-table.d.ts +84 -0
- package/dist/kernel/fd-table.js +278 -0
- package/dist/kernel/file-lock.d.ts +34 -0
- package/dist/kernel/file-lock.js +122 -0
- package/dist/kernel/host-adapter.d.ts +50 -0
- package/dist/kernel/host-adapter.js +8 -0
- package/dist/kernel/index.d.ts +36 -0
- package/dist/kernel/index.js +34 -0
- package/dist/kernel/inode-table.d.ts +43 -0
- package/dist/kernel/inode-table.js +85 -0
- package/dist/kernel/kernel.d.ts +9 -0
- package/dist/kernel/kernel.js +1393 -0
- package/dist/kernel/permissions.d.ts +27 -0
- package/dist/kernel/permissions.js +118 -0
- package/dist/kernel/pipe-manager.d.ts +64 -0
- package/dist/kernel/pipe-manager.js +267 -0
- package/dist/kernel/proc-layer.d.ts +11 -0
- package/dist/kernel/proc-layer.js +501 -0
- package/dist/kernel/process-table.d.ts +124 -0
- package/dist/kernel/process-table.js +631 -0
- package/dist/kernel/pty.d.ts +108 -0
- package/dist/kernel/pty.js +541 -0
- package/dist/kernel/socket-table.d.ts +312 -0
- package/dist/kernel/socket-table.js +1188 -0
- package/dist/kernel/timer-table.d.ts +54 -0
- package/dist/kernel/timer-table.js +108 -0
- package/dist/kernel/types.d.ts +500 -0
- package/dist/kernel/types.js +89 -0
- package/dist/kernel/user.d.ts +29 -0
- package/dist/kernel/user.js +35 -0
- package/dist/kernel/vfs.d.ts +54 -0
- package/dist/kernel/vfs.js +8 -0
- package/dist/kernel/wait.d.ts +45 -0
- package/dist/kernel/wait.js +112 -0
- package/dist/kernel/wstatus.d.ts +21 -0
- package/dist/kernel/wstatus.js +33 -0
- package/dist/module-resolver.d.ts +4 -0
- package/dist/module-resolver.js +4 -0
- package/dist/package-bundler.d.ts +6 -1
- package/dist/runtime-driver.d.ts +3 -1
- package/dist/shared/bridge-contract.d.ts +349 -22
- package/dist/shared/bridge-contract.js +62 -5
- package/dist/shared/console-formatter.js +8 -4
- package/dist/shared/global-exposure.js +364 -19
- package/dist/shared/in-memory-fs.d.ts +33 -11
- package/dist/shared/in-memory-fs.js +439 -130
- package/dist/shared/permissions.d.ts +4 -6
- package/dist/shared/permissions.js +19 -39
- package/dist/types.d.ts +8 -159
- package/dist/types.js +5 -0
- package/package.json +12 -22
- package/dist/bridge/active-handles.d.ts +0 -22
- package/dist/bridge/active-handles.js +0 -55
- package/dist/bridge/child-process.d.ts +0 -99
- package/dist/bridge/child-process.js +0 -670
- package/dist/bridge/fs.d.ts +0 -281
- package/dist/bridge/fs.js +0 -2235
- package/dist/bridge/index.d.ts +0 -10
- package/dist/bridge/index.js +0 -41
- package/dist/bridge/module.d.ts +0 -75
- package/dist/bridge/module.js +0 -308
- package/dist/bridge/network.d.ts +0 -350
- package/dist/bridge/network.js +0 -2050
- package/dist/bridge/os.d.ts +0 -13
- package/dist/bridge/os.js +0 -256
- package/dist/bridge/polyfills.d.ts +0 -2
- package/dist/bridge/polyfills.js +0 -11
- package/dist/bridge/process.d.ts +0 -89
- package/dist/bridge/process.js +0 -1015
- package/dist/bridge.js +0 -12496
- package/dist/python-runtime.d.ts +0 -16
- package/dist/python-runtime.js +0 -45
- package/dist/runtime.d.ts +0 -31
- package/dist/runtime.js +0 -69
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,27 @@
|
|
|
1
|
-
export
|
|
1
|
+
export { createKernel } from "./kernel/kernel.js";
|
|
2
|
+
export type { Kernel, KernelOptions, KernelInterface, ExecOptions as KernelExecOptions, ExecResult as KernelExecResult, SpawnOptions as KernelSpawnOptions, ManagedProcess, RuntimeDriver as KernelRuntimeDriver, ProcessContext, DriverProcess, ProcessEntry, ProcessInfo, FDStat, FileDescription, FDEntry, Pipe, PermissionDecision, PermissionCheck, FsAccessRequest, NetworkAccessRequest, ChildProcessAccessRequest, EnvAccessRequest, KernelErrorCode, Termios, TermiosCC, OpenShellOptions, ShellHandle, ConnectTerminalOptions, Permissions, } from "./kernel/types.js";
|
|
3
|
+
export { KernelError, defaultTermios } from "./kernel/types.js";
|
|
4
|
+
export type { VirtualFileSystem, VirtualDirEntry, VirtualStat, } from "./kernel/vfs.js";
|
|
5
|
+
export { FDTableManager, ProcessFDTable } from "./kernel/fd-table.js";
|
|
6
|
+
export { ProcessTable } from "./kernel/process-table.js";
|
|
7
|
+
export { TimerTable } from "./kernel/timer-table.js";
|
|
8
|
+
export type { KernelTimer, TimerTableOptions } from "./kernel/timer-table.js";
|
|
9
|
+
export { createDeviceLayer } from "./kernel/device-layer.js";
|
|
10
|
+
export { createProcLayer, createProcessScopedFileSystem, resolveProcSelfPath, } from "./kernel/proc-layer.js";
|
|
11
|
+
export { PipeManager } from "./kernel/pipe-manager.js";
|
|
12
|
+
export { PtyManager } from "./kernel/pty.js";
|
|
13
|
+
export type { LineDisciplineConfig } from "./kernel/pty.js";
|
|
14
|
+
export { CommandRegistry } from "./kernel/command-registry.js";
|
|
15
|
+
export { FileLockManager, LOCK_SH, LOCK_EX, LOCK_UN, LOCK_NB } from "./kernel/file-lock.js";
|
|
16
|
+
export { UserManager } from "./kernel/user.js";
|
|
17
|
+
export type { UserConfig } from "./kernel/user.js";
|
|
18
|
+
export { SocketTable } from "./kernel/socket-table.js";
|
|
19
|
+
export { AF_INET, AF_INET6, AF_UNIX, SOCK_STREAM, SOCK_DGRAM, } from "./kernel/socket-table.js";
|
|
20
|
+
export type { HostNetworkAdapter, HostSocket, HostListener, HostUdpSocket, DnsResult, } from "./kernel/host-adapter.js";
|
|
21
|
+
export { checkChildProcess } from "./kernel/permissions.js";
|
|
22
|
+
export { O_RDONLY, O_WRONLY, O_RDWR, O_CREAT, O_EXCL, O_TRUNC, O_APPEND, O_CLOEXEC, F_DUPFD, F_GETFD, F_SETFD, F_GETFL, F_DUPFD_CLOEXEC, FD_CLOEXEC, SEEK_SET, SEEK_CUR, SEEK_END, FILETYPE_UNKNOWN, FILETYPE_CHARACTER_DEVICE, FILETYPE_DIRECTORY, FILETYPE_REGULAR_FILE, FILETYPE_SYMBOLIC_LINK, FILETYPE_PIPE, SIGHUP, SIGINT, SIGQUIT, SIGKILL, SIGPIPE, SIGALRM, SIGTERM, SIGCHLD, SIGCONT, SIGSTOP, SIGTSTP, SIGWINCH, WNOHANG, } from "./kernel/types.js";
|
|
23
|
+
export { encodeExitStatus, encodeSignalStatus, WIFEXITED, WEXITSTATUS, WIFSIGNALED, WTERMSIG, } from "./kernel/wstatus.js";
|
|
24
|
+
export type { CommandExecutor, NetworkAdapter, NetworkServerAddress, NetworkServerListenOptions, NetworkServerRequest, NetworkServerResponse, SpawnedProcess, } from "./types.js";
|
|
2
25
|
export type { DriverRuntimeConfig, NodeRuntimeDriver, NodeRuntimeDriverFactory, PythonRuntimeDriver, PythonRuntimeDriverFactory, ResourceBudgets, RuntimeDriver, RuntimeDriverFactory, RuntimeDriverOptions, SharedRuntimeDriver, SystemDriver, } from "./runtime-driver.js";
|
|
3
26
|
export type { ExecOptions, ExecResult, ExecutionStatus, OSConfig, ProcessConfig, PythonRunOptions, PythonRunResult, RunResult, StdioChannel, StdioEvent, StdioHook, TimingMitigation, } from "./shared/api-types.js";
|
|
4
27
|
export { TIMEOUT_EXIT_CODE, TIMEOUT_ERROR_MESSAGE, } from "./shared/constants.js";
|
|
@@ -17,10 +40,6 @@ export { exposeCustomGlobal, exposeGlobalBinding, exposeMutableRuntimeStateGloba
|
|
|
17
40
|
export type { IsolateRuntimeSourceId } from "./generated/isolate-runtime.js";
|
|
18
41
|
export { getIsolateRuntimeSource, ISOLATE_RUNTIME_SOURCES, } from "./generated/isolate-runtime.js";
|
|
19
42
|
export { POLYFILL_CODE_MAP } from "./generated/polyfills.js";
|
|
20
|
-
export { NodeRuntime } from "./runtime.js";
|
|
21
|
-
export type { NodeRuntimeOptions } from "./runtime.js";
|
|
22
|
-
export { PythonRuntime } from "./python-runtime.js";
|
|
23
|
-
export type { PythonRuntimeOptions } from "./python-runtime.js";
|
|
24
43
|
export type { DirEntry, StatInfo } from "./fs-helpers.js";
|
|
25
44
|
export { exists, stat, rename, readDirWithTypes, mkdir } from "./fs-helpers.js";
|
|
26
45
|
export { BUILTIN_NAMED_EXPORTS, normalizeBuiltinSpecifier, getPathDir, } from "./module-resolver.js";
|
package/dist/index.js
CHANGED
|
@@ -1,3 +1,26 @@
|
|
|
1
|
+
// Kernel — VFS, process table, FD table, device layer, pipes, PTY, command registry, permissions.
|
|
2
|
+
export { createKernel } from "./kernel/kernel.js";
|
|
3
|
+
export { KernelError, defaultTermios } from "./kernel/types.js";
|
|
4
|
+
// Kernel components.
|
|
5
|
+
export { FDTableManager, ProcessFDTable } from "./kernel/fd-table.js";
|
|
6
|
+
export { ProcessTable } from "./kernel/process-table.js";
|
|
7
|
+
export { TimerTable } from "./kernel/timer-table.js";
|
|
8
|
+
export { createDeviceLayer } from "./kernel/device-layer.js";
|
|
9
|
+
export { createProcLayer, createProcessScopedFileSystem, resolveProcSelfPath, } from "./kernel/proc-layer.js";
|
|
10
|
+
export { PipeManager } from "./kernel/pipe-manager.js";
|
|
11
|
+
export { PtyManager } from "./kernel/pty.js";
|
|
12
|
+
export { CommandRegistry } from "./kernel/command-registry.js";
|
|
13
|
+
export { FileLockManager, LOCK_SH, LOCK_EX, LOCK_UN, LOCK_NB } from "./kernel/file-lock.js";
|
|
14
|
+
export { UserManager } from "./kernel/user.js";
|
|
15
|
+
// Socket table (kernel TCP/UDP/Unix socket management).
|
|
16
|
+
export { SocketTable } from "./kernel/socket-table.js";
|
|
17
|
+
export { AF_INET, AF_INET6, AF_UNIX, SOCK_STREAM, SOCK_DGRAM, } from "./kernel/socket-table.js";
|
|
18
|
+
// Kernel permission helpers (kernel-level, different from SDK-level shared/permissions).
|
|
19
|
+
export { checkChildProcess } from "./kernel/permissions.js";
|
|
20
|
+
// Kernel constants.
|
|
21
|
+
export { O_RDONLY, O_WRONLY, O_RDWR, O_CREAT, O_EXCL, O_TRUNC, O_APPEND, O_CLOEXEC, F_DUPFD, F_GETFD, F_SETFD, F_GETFL, F_DUPFD_CLOEXEC, FD_CLOEXEC, SEEK_SET, SEEK_CUR, SEEK_END, FILETYPE_UNKNOWN, FILETYPE_CHARACTER_DEVICE, FILETYPE_DIRECTORY, FILETYPE_REGULAR_FILE, FILETYPE_SYMBOLIC_LINK, FILETYPE_PIPE, SIGHUP, SIGINT, SIGQUIT, SIGKILL, SIGPIPE, SIGALRM, SIGTERM, SIGCHLD, SIGCONT, SIGSTOP, SIGTSTP, SIGWINCH, WNOHANG, } from "./kernel/types.js";
|
|
22
|
+
// POSIX wstatus encoding/decoding.
|
|
23
|
+
export { encodeExitStatus, encodeSignalStatus, WIFEXITED, WEXITSTATUS, WIFSIGNALED, WTERMSIG, } from "./kernel/wstatus.js";
|
|
1
24
|
// Shared constants.
|
|
2
25
|
export { TIMEOUT_EXIT_CODE, TIMEOUT_ERROR_MESSAGE, } from "./shared/constants.js";
|
|
3
26
|
// Shared utilities.
|
|
@@ -12,9 +35,6 @@ export { exposeCustomGlobal, exposeGlobalBinding, exposeMutableRuntimeStateGloba
|
|
|
12
35
|
export { getIsolateRuntimeSource, ISOLATE_RUNTIME_SOURCES, } from "./generated/isolate-runtime.js";
|
|
13
36
|
// Generated polyfills.
|
|
14
37
|
export { POLYFILL_CODE_MAP } from "./generated/polyfills.js";
|
|
15
|
-
// Runtime facades.
|
|
16
|
-
export { NodeRuntime } from "./runtime.js";
|
|
17
|
-
export { PythonRuntime } from "./python-runtime.js";
|
|
18
38
|
export { exists, stat, rename, readDirWithTypes, mkdir } from "./fs-helpers.js";
|
|
19
39
|
// Module resolution.
|
|
20
40
|
export { BUILTIN_NAMED_EXPORTS, normalizeBuiltinSpecifier, getPathDir, } from "./module-resolver.js";
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/common/global-access.ts
|
|
3
|
+
// ../core/isolate-runtime/src/common/global-access.ts
|
|
4
4
|
function hasOwnGlobal(name) {
|
|
5
5
|
return Object.prototype.hasOwnProperty.call(globalThis, name);
|
|
6
6
|
}
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
return Reflect.get(globalThis, name);
|
|
9
9
|
}
|
|
10
10
|
|
|
11
|
-
// isolate-runtime/src/common/global-exposure.ts
|
|
11
|
+
// ../core/isolate-runtime/src/common/global-exposure.ts
|
|
12
12
|
function defineRuntimeGlobalBinding(name, value, mutable) {
|
|
13
13
|
Object.defineProperty(globalThis, name, {
|
|
14
14
|
value,
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
return createRuntimeGlobalExposer(true);
|
|
36
36
|
}
|
|
37
37
|
|
|
38
|
-
// isolate-runtime/src/inject/apply-custom-global-policy.ts
|
|
38
|
+
// ../core/isolate-runtime/src/inject/apply-custom-global-policy.ts
|
|
39
39
|
var __runtimeExposeCustomGlobal = getRuntimeExposeCustomGlobal();
|
|
40
40
|
var __runtimeExposeMutableGlobal = getRuntimeExposeMutableGlobal();
|
|
41
41
|
var __globalPolicy = globalThis.__runtimeCustomGlobalPolicy ?? {};
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/common/global-access.ts
|
|
3
|
+
// ../core/isolate-runtime/src/common/global-access.ts
|
|
4
4
|
function setGlobalValue(name, value) {
|
|
5
5
|
Reflect.set(globalThis, name, value);
|
|
6
6
|
}
|
|
7
7
|
|
|
8
|
-
// isolate-runtime/src/inject/apply-timing-mitigation-freeze.ts
|
|
8
|
+
// ../core/isolate-runtime/src/inject/apply-timing-mitigation-freeze.ts
|
|
9
9
|
var __timingConfig = globalThis.__runtimeTimingMitigationConfig ?? {};
|
|
10
10
|
var __frozenTimeMs = typeof __timingConfig.frozenTimeMs === "number" && Number.isFinite(__timingConfig.frozenTimeMs) ? __timingConfig.frozenTimeMs : Date.now();
|
|
11
11
|
var __frozenDateNow = () => __frozenTimeMs;
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/common/global-access.ts
|
|
3
|
+
// ../core/isolate-runtime/src/common/global-access.ts
|
|
4
4
|
function setGlobalValue(name, value) {
|
|
5
5
|
Reflect.set(globalThis, name, value);
|
|
6
6
|
}
|
|
7
7
|
|
|
8
|
-
// isolate-runtime/src/inject/apply-timing-mitigation-off.ts
|
|
8
|
+
// ../core/isolate-runtime/src/inject/apply-timing-mitigation-off.ts
|
|
9
9
|
if (typeof globalThis.performance === "undefined" || globalThis.performance === null) {
|
|
10
10
|
setGlobalValue("performance", {
|
|
11
11
|
now: () => Date.now()
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/common/global-exposure.ts
|
|
3
|
+
// ../core/isolate-runtime/src/common/global-exposure.ts
|
|
4
4
|
function defineRuntimeGlobalBinding(name, value, mutable) {
|
|
5
5
|
Object.defineProperty(globalThis, name, {
|
|
6
6
|
value,
|
|
@@ -21,7 +21,7 @@
|
|
|
21
21
|
return createRuntimeGlobalExposer(false);
|
|
22
22
|
}
|
|
23
23
|
|
|
24
|
-
// isolate-runtime/src/inject/bridge-attach.ts
|
|
24
|
+
// ../core/isolate-runtime/src/inject/bridge-attach.ts
|
|
25
25
|
var __runtimeExposeCustomGlobal = getRuntimeExposeCustomGlobal();
|
|
26
26
|
if (typeof globalThis.bridge !== "undefined") {
|
|
27
27
|
__runtimeExposeCustomGlobal("bridge", globalThis.bridge);
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/common/global-exposure.ts
|
|
3
|
+
// ../core/isolate-runtime/src/common/global-exposure.ts
|
|
4
4
|
function defineRuntimeGlobalBinding(name, value, mutable) {
|
|
5
5
|
Object.defineProperty(globalThis, name, {
|
|
6
6
|
value,
|
|
@@ -21,12 +21,17 @@
|
|
|
21
21
|
return createRuntimeGlobalExposer(true);
|
|
22
22
|
}
|
|
23
23
|
|
|
24
|
-
// isolate-runtime/src/
|
|
24
|
+
// ../core/isolate-runtime/src/common/global-access.ts
|
|
25
|
+
function setGlobalValue(name, value) {
|
|
26
|
+
Reflect.set(globalThis, name, value);
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
// ../core/isolate-runtime/src/inject/bridge-initial-globals.ts
|
|
25
30
|
var __runtimeExposeMutableGlobal = getRuntimeExposeMutableGlobal();
|
|
26
31
|
var __bridgeSetupConfig = globalThis.__runtimeBridgeSetupConfig ?? {};
|
|
27
32
|
var __initialCwd = typeof __bridgeSetupConfig.initialCwd === "string" ? __bridgeSetupConfig.initialCwd : "/";
|
|
28
|
-
|
|
29
|
-
|
|
33
|
+
globalThis.__runtimeJsonPayloadLimitBytes = typeof __bridgeSetupConfig.jsonPayloadLimitBytes === "number" && Number.isFinite(__bridgeSetupConfig.jsonPayloadLimitBytes) ? Math.max(0, Math.floor(__bridgeSetupConfig.jsonPayloadLimitBytes)) : 4 * 1024 * 1024;
|
|
34
|
+
globalThis.__runtimePayloadLimitErrorCode = typeof __bridgeSetupConfig.payloadLimitErrorCode === "string" && __bridgeSetupConfig.payloadLimitErrorCode.length > 0 ? __bridgeSetupConfig.payloadLimitErrorCode : "ERR_SANDBOX_PAYLOAD_TOO_LARGE";
|
|
30
35
|
function __scEncode(value, seen) {
|
|
31
36
|
if (value === null) return null;
|
|
32
37
|
if (value === void 0) return { t: "undef" };
|
|
@@ -224,9 +229,11 @@
|
|
|
224
229
|
);
|
|
225
230
|
},
|
|
226
231
|
deserialize: function(buffer) {
|
|
227
|
-
|
|
232
|
+
const limit = globalThis.__runtimeJsonPayloadLimitBytes ?? 4 * 1024 * 1024;
|
|
233
|
+
const errorCode = globalThis.__runtimePayloadLimitErrorCode ?? "ERR_SANDBOX_PAYLOAD_TOO_LARGE";
|
|
234
|
+
if (buffer.length > limit) {
|
|
228
235
|
throw new Error(
|
|
229
|
-
|
|
236
|
+
errorCode + ": v8.deserialize exceeds " + String(limit) + " bytes"
|
|
230
237
|
);
|
|
231
238
|
}
|
|
232
239
|
const text = buffer.toString();
|
|
@@ -243,4 +250,136 @@
|
|
|
243
250
|
}
|
|
244
251
|
__runtimeExposeMutableGlobal("_pendingModules", {});
|
|
245
252
|
__runtimeExposeMutableGlobal("_currentModule", { dirname: __initialCwd });
|
|
253
|
+
globalThis.__runtimeApplyConfig = function(config) {
|
|
254
|
+
if (typeof config.payloadLimitBytes === "number" && Number.isFinite(config.payloadLimitBytes)) {
|
|
255
|
+
globalThis.__runtimeJsonPayloadLimitBytes = Math.max(
|
|
256
|
+
0,
|
|
257
|
+
Math.floor(config.payloadLimitBytes)
|
|
258
|
+
);
|
|
259
|
+
}
|
|
260
|
+
if (typeof config.payloadLimitErrorCode === "string" && config.payloadLimitErrorCode.length > 0) {
|
|
261
|
+
globalThis.__runtimePayloadLimitErrorCode = config.payloadLimitErrorCode;
|
|
262
|
+
}
|
|
263
|
+
if (config.timingMitigation === "freeze") {
|
|
264
|
+
const frozenTimeMs = typeof config.frozenTimeMs === "number" && Number.isFinite(config.frozenTimeMs) ? config.frozenTimeMs : Date.now();
|
|
265
|
+
const frozenDateNow = () => frozenTimeMs;
|
|
266
|
+
try {
|
|
267
|
+
Object.defineProperty(Date, "now", {
|
|
268
|
+
value: frozenDateNow,
|
|
269
|
+
configurable: false,
|
|
270
|
+
writable: false
|
|
271
|
+
});
|
|
272
|
+
} catch {
|
|
273
|
+
Date.now = frozenDateNow;
|
|
274
|
+
}
|
|
275
|
+
const OrigDate = Date;
|
|
276
|
+
const FrozenDate = function Date2(...args) {
|
|
277
|
+
if (new.target) {
|
|
278
|
+
if (args.length === 0) {
|
|
279
|
+
return new OrigDate(frozenTimeMs);
|
|
280
|
+
}
|
|
281
|
+
return new OrigDate(...args);
|
|
282
|
+
}
|
|
283
|
+
return OrigDate();
|
|
284
|
+
};
|
|
285
|
+
Object.defineProperty(FrozenDate, "prototype", {
|
|
286
|
+
value: OrigDate.prototype,
|
|
287
|
+
writable: false,
|
|
288
|
+
configurable: false
|
|
289
|
+
});
|
|
290
|
+
FrozenDate.now = frozenDateNow;
|
|
291
|
+
FrozenDate.parse = OrigDate.parse;
|
|
292
|
+
FrozenDate.UTC = OrigDate.UTC;
|
|
293
|
+
Object.defineProperty(FrozenDate, "now", {
|
|
294
|
+
value: frozenDateNow,
|
|
295
|
+
configurable: false,
|
|
296
|
+
writable: false
|
|
297
|
+
});
|
|
298
|
+
try {
|
|
299
|
+
Object.defineProperty(globalThis, "Date", {
|
|
300
|
+
value: FrozenDate,
|
|
301
|
+
configurable: false,
|
|
302
|
+
writable: false
|
|
303
|
+
});
|
|
304
|
+
} catch {
|
|
305
|
+
globalThis.Date = FrozenDate;
|
|
306
|
+
}
|
|
307
|
+
const frozenPerformanceNow = () => 0;
|
|
308
|
+
const origPerf = globalThis.performance;
|
|
309
|
+
const frozenPerf = /* @__PURE__ */ Object.create(null);
|
|
310
|
+
if (typeof origPerf !== "undefined" && origPerf !== null) {
|
|
311
|
+
const src = origPerf;
|
|
312
|
+
for (const key of Object.getOwnPropertyNames(
|
|
313
|
+
Object.getPrototypeOf(origPerf) ?? origPerf
|
|
314
|
+
)) {
|
|
315
|
+
if (key !== "now") {
|
|
316
|
+
try {
|
|
317
|
+
const val = src[key];
|
|
318
|
+
if (typeof val === "function") {
|
|
319
|
+
frozenPerf[key] = val.bind(origPerf);
|
|
320
|
+
} else {
|
|
321
|
+
frozenPerf[key] = val;
|
|
322
|
+
}
|
|
323
|
+
} catch {
|
|
324
|
+
}
|
|
325
|
+
}
|
|
326
|
+
}
|
|
327
|
+
}
|
|
328
|
+
Object.defineProperty(frozenPerf, "now", {
|
|
329
|
+
value: frozenPerformanceNow,
|
|
330
|
+
configurable: false,
|
|
331
|
+
writable: false
|
|
332
|
+
});
|
|
333
|
+
Object.freeze(frozenPerf);
|
|
334
|
+
try {
|
|
335
|
+
Object.defineProperty(globalThis, "performance", {
|
|
336
|
+
value: frozenPerf,
|
|
337
|
+
configurable: false,
|
|
338
|
+
writable: false
|
|
339
|
+
});
|
|
340
|
+
} catch {
|
|
341
|
+
globalThis.performance = frozenPerf;
|
|
342
|
+
}
|
|
343
|
+
const OrigSAB = globalThis.SharedArrayBuffer;
|
|
344
|
+
if (typeof OrigSAB === "function") {
|
|
345
|
+
try {
|
|
346
|
+
const proto = OrigSAB.prototype;
|
|
347
|
+
if (proto) {
|
|
348
|
+
for (const key of [
|
|
349
|
+
"byteLength",
|
|
350
|
+
"slice",
|
|
351
|
+
"grow",
|
|
352
|
+
"maxByteLength",
|
|
353
|
+
"growable"
|
|
354
|
+
]) {
|
|
355
|
+
try {
|
|
356
|
+
Object.defineProperty(proto, key, {
|
|
357
|
+
get() {
|
|
358
|
+
throw new TypeError(
|
|
359
|
+
"SharedArrayBuffer is not available in sandbox"
|
|
360
|
+
);
|
|
361
|
+
},
|
|
362
|
+
configurable: false
|
|
363
|
+
});
|
|
364
|
+
} catch {
|
|
365
|
+
}
|
|
366
|
+
}
|
|
367
|
+
}
|
|
368
|
+
} catch {
|
|
369
|
+
}
|
|
370
|
+
}
|
|
371
|
+
try {
|
|
372
|
+
Object.defineProperty(globalThis, "SharedArrayBuffer", {
|
|
373
|
+
value: void 0,
|
|
374
|
+
configurable: false,
|
|
375
|
+
writable: false,
|
|
376
|
+
enumerable: false
|
|
377
|
+
});
|
|
378
|
+
} catch {
|
|
379
|
+
Reflect.deleteProperty(globalThis, "SharedArrayBuffer");
|
|
380
|
+
setGlobalValue("SharedArrayBuffer", void 0);
|
|
381
|
+
}
|
|
382
|
+
}
|
|
383
|
+
delete globalThis.__runtimeApplyConfig;
|
|
384
|
+
};
|
|
246
385
|
})();
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/inject/eval-script-result.ts
|
|
3
|
+
// ../core/isolate-runtime/src/inject/eval-script-result.ts
|
|
4
4
|
var __runtimeIndirectEval = globalThis.eval;
|
|
5
5
|
globalThis.__scriptResult__ = __runtimeIndirectEval(
|
|
6
6
|
String(globalThis.__runtimeExecCode)
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/common/global-exposure.ts
|
|
3
|
+
// ../core/isolate-runtime/src/common/global-exposure.ts
|
|
4
4
|
function defineRuntimeGlobalBinding(name, value, mutable) {
|
|
5
5
|
Object.defineProperty(globalThis, name, {
|
|
6
6
|
value,
|
|
@@ -31,6 +31,6 @@
|
|
|
31
31
|
}
|
|
32
32
|
}
|
|
33
33
|
|
|
34
|
-
// isolate-runtime/src/inject/global-exposure-helpers.ts
|
|
34
|
+
// ../core/isolate-runtime/src/inject/global-exposure-helpers.ts
|
|
35
35
|
ensureRuntimeExposureHelpers();
|
|
36
36
|
})();
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/common/global-exposure.ts
|
|
3
|
+
// ../core/isolate-runtime/src/common/global-exposure.ts
|
|
4
4
|
function defineRuntimeGlobalBinding(name, value, mutable) {
|
|
5
5
|
Object.defineProperty(globalThis, name, {
|
|
6
6
|
value,
|
|
@@ -21,7 +21,7 @@
|
|
|
21
21
|
return createRuntimeGlobalExposer(true);
|
|
22
22
|
}
|
|
23
23
|
|
|
24
|
-
// isolate-runtime/src/inject/init-commonjs-module-globals.ts
|
|
24
|
+
// ../core/isolate-runtime/src/inject/init-commonjs-module-globals.ts
|
|
25
25
|
var __runtimeExposeMutableGlobal = getRuntimeExposeMutableGlobal();
|
|
26
26
|
__runtimeExposeMutableGlobal("module", { exports: {} });
|
|
27
27
|
__runtimeExposeMutableGlobal("exports", globalThis.module.exports);
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
(() => {
|
|
3
|
-
// isolate-runtime/src/inject/override-process-env.ts
|
|
3
|
+
// ../core/isolate-runtime/src/inject/override-process-env.ts
|
|
4
4
|
var __envPatch = globalThis.__runtimeProcessEnvOverride;
|
|
5
5
|
if (__envPatch && typeof __envPatch === "object") {
|
|
6
6
|
Object.assign(process.env, __envPatch);
|