npm - @secure-exec/core - Versions diffs - 0.2.1-rc.1 → 0.3.0-rc.1 - Mend

@secure-exec/core 0.2.1-rc.1 → 0.3.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (248) hide show

package/README.md +5 -5
package/dist/binary.d.ts +4 -0
package/dist/binary.js +25 -0
package/dist/bytes.d.ts +2 -0
package/dist/bytes.js +6 -0
package/dist/callbacks.d.ts +41 -0
package/dist/callbacks.js +94 -0
package/dist/cargo.d.ts +2 -0
package/dist/cargo.js +142 -0
package/dist/correlation.d.ts +10 -0
package/dist/correlation.js +49 -0
package/dist/descriptors.d.ts +34 -0
package/dist/descriptors.js +37 -0
package/dist/event-buffer.d.ts +90 -0
package/dist/event-buffer.js +313 -0
package/dist/ext.d.ts +7 -0
package/dist/ext.js +13 -0
package/dist/filesystem.d.ts +41 -0
package/dist/filesystem.js +70 -0
package/dist/frame-payload-codec.d.ts +8 -0
package/dist/frame-payload-codec.js +14 -0
package/dist/frame-rpc.d.ts +38 -0
package/dist/frame-rpc.js +73 -0
package/dist/frame-stream.d.ts +27 -0
package/dist/frame-stream.js +99 -0
package/dist/framing.d.ts +7 -0
package/dist/framing.js +22 -0
package/dist/generated/AcpLimitsConfig.d.ts +4 -0
package/dist/generated/AcpLimitsConfig.js +2 -0
package/dist/generated/CreateVmConfig.d.ts +19 -0
package/dist/generated/FsPermissionRule.d.ts +6 -0
package/dist/generated/FsPermissionRuleSet.d.ts +6 -0
package/dist/generated/FsPermissionRuleSet.js +1 -0
package/dist/generated/FsPermissionScope.d.ts +3 -0
package/dist/generated/FsPermissionScope.js +1 -0
package/dist/generated/HttpLimitsConfig.d.ts +3 -0
package/dist/generated/HttpLimitsConfig.js +2 -0
package/dist/generated/JsModuleResolution.d.ts +1 -0
package/dist/generated/JsModuleResolution.js +2 -0
package/dist/generated/JsRuntimeConfig.d.ts +26 -0
package/dist/generated/JsRuntimeConfig.js +1 -0
package/dist/generated/JsRuntimeLimitsConfig.d.ts +7 -0
package/dist/generated/JsRuntimeLimitsConfig.js +2 -0
package/dist/generated/JsRuntimePlatform.d.ts +1 -0
package/dist/generated/JsRuntimePlatform.js +2 -0
package/dist/generated/MountPluginDescriptor.d.ts +4 -0
package/dist/generated/MountPluginDescriptor.js +2 -0
package/dist/generated/NativeRootFilesystemConfig.d.ts +5 -0
package/dist/generated/NativeRootFilesystemConfig.js +1 -0
package/dist/generated/PatternPermissionRule.d.ts +6 -0
package/dist/generated/PatternPermissionRule.js +1 -0
package/dist/generated/PatternPermissionRuleSet.d.ts +6 -0
package/dist/generated/PatternPermissionRuleSet.js +1 -0
package/dist/generated/PatternPermissionScope.d.ts +3 -0
package/dist/generated/PatternPermissionScope.js +1 -0
package/dist/generated/PermissionMode.d.ts +1 -0
package/dist/generated/PermissionMode.js +2 -0
package/dist/generated/PermissionsPolicy.d.ts +10 -0
package/dist/generated/PermissionsPolicy.js +1 -0
package/dist/generated/PluginLimitsConfig.d.ts +4 -0
package/dist/generated/PluginLimitsConfig.js +2 -0
package/dist/generated/PythonLimitsConfig.d.ts +5 -0
package/dist/generated/PythonLimitsConfig.js +2 -0
package/dist/generated/ResourceLimitsConfig.d.ts +22 -0
package/dist/generated/ResourceLimitsConfig.js +2 -0
package/dist/generated/RootFilesystemConfig.d.ts +9 -0
package/dist/generated/RootFilesystemConfig.js +1 -0
package/dist/generated/RootFilesystemEntry.d.ts +13 -0
package/dist/generated/RootFilesystemEntry.js +1 -0
package/dist/generated/RootFilesystemEntryEncoding.d.ts +1 -0
package/dist/generated/RootFilesystemEntryEncoding.js +2 -0
package/dist/generated/RootFilesystemEntryKind.d.ts +1 -0
package/dist/generated/RootFilesystemEntryKind.js +2 -0
package/dist/generated/RootFilesystemLowerDescriptor.d.ts +7 -0
package/dist/generated/RootFilesystemLowerDescriptor.js +1 -0
package/dist/generated/RootFilesystemMode.d.ts +1 -0
package/dist/generated/RootFilesystemMode.js +2 -0
package/dist/generated/ToolLimitsConfig.d.ts +10 -0
package/dist/generated/ToolLimitsConfig.js +2 -0
package/dist/generated/VmDnsConfig.d.ts +6 -0
package/dist/generated/VmDnsConfig.js +2 -0
package/dist/generated/VmLimitsConfig.d.ts +18 -0
package/dist/generated/VmLimitsConfig.js +1 -0
package/dist/generated/VmListenPolicyConfig.d.ts +5 -0
package/dist/generated/VmListenPolicyConfig.js +2 -0
package/dist/generated/WasmLimitsConfig.d.ts +5 -0
package/dist/generated/WasmLimitsConfig.js +2 -0
package/dist/generated-protocol.d.ts +1037 -0
package/dist/generated-protocol.js +2887 -0
package/dist/index.d.ts +24 -62
package/dist/index.js +24 -53
package/dist/json.d.ts +2 -0
package/dist/json.js +20 -0
package/dist/kernel-proxy.d.ts +149 -0
package/dist/kernel-proxy.js +1733 -0
package/dist/native-client.d.ts +41 -0
package/dist/native-client.js +124 -0
package/dist/node-runtime.d.ts +443 -0
package/dist/node-runtime.js +569 -0
package/dist/numbers.d.ts +1 -0
package/dist/numbers.js +8 -0
package/dist/ownership.d.ts +18 -0
package/dist/ownership.js +77 -0
package/dist/permissions.d.ts +29 -0
package/dist/permissions.js +68 -0
package/dist/process.d.ts +35 -0
package/dist/process.js +125 -0
package/dist/protocol-client.d.ts +46 -0
package/dist/protocol-client.js +180 -0
package/dist/protocol-frames.d.ts +68 -0
package/dist/protocol-frames.js +139 -0
package/dist/protocol-maps.d.ts +28 -0
package/dist/protocol-maps.js +217 -0
package/dist/protocol-schema.d.ts +10 -0
package/dist/protocol-schema.js +11 -0
package/dist/request-payloads.d.ts +137 -0
package/dist/request-payloads.js +210 -0
package/dist/response-payloads.d.ts +107 -0
package/dist/response-payloads.js +161 -0
package/dist/sidecar-client.d.ts +242 -0
package/dist/sidecar-client.js +797 -0
package/dist/state.d.ts +40 -0
package/dist/state.js +44 -0
package/dist/test-runtime.d.ts +526 -0
package/dist/test-runtime.js +2119 -0
package/dist/vm-config.d.ts +31 -0
package/dist/vm-config.js +1 -0
package/fixtures/alpine-defaults.json +520 -0
package/fixtures/base-filesystem.json +528 -0
package/package.json +193 -115
package/LICENSE +0 -191
package/dist/bridge-setup.d.ts +0 -6
package/dist/bridge-setup.js +0 -9
package/dist/esm-compiler.d.ts +0 -18
package/dist/esm-compiler.js +0 -72
package/dist/fs-helpers.d.ts +0 -23
package/dist/fs-helpers.js +0 -41
package/dist/generated/isolate-runtime.d.ts +0 -19
package/dist/generated/isolate-runtime.js +0 -21
package/dist/generated/polyfills.d.ts +0 -82
package/dist/generated/polyfills.js +0 -82
package/dist/isolate-runtime/apply-custom-global-policy.js +0 -53
package/dist/isolate-runtime/apply-timing-mitigation-freeze.js +0 -130
package/dist/isolate-runtime/apply-timing-mitigation-off.js +0 -14
package/dist/isolate-runtime/bridge-attach.js +0 -29
package/dist/isolate-runtime/bridge-initial-globals.js +0 -385
package/dist/isolate-runtime/eval-script-result.js +0 -8
package/dist/isolate-runtime/global-exposure-helpers.js +0 -36
package/dist/isolate-runtime/init-commonjs-module-globals.js +0 -28
package/dist/isolate-runtime/override-process-cwd.js +0 -8
package/dist/isolate-runtime/override-process-env.js +0 -8
package/dist/isolate-runtime/require-setup.js +0 -4153
package/dist/isolate-runtime/set-commonjs-file-globals.js +0 -36
package/dist/isolate-runtime/set-stdin-data.js +0 -10
package/dist/isolate-runtime/setup-dynamic-import.js +0 -123
package/dist/isolate-runtime/setup-fs-facade.js +0 -87
package/dist/kernel/command-registry.d.ts +0 -44
package/dist/kernel/command-registry.js +0 -114
package/dist/kernel/device-backend.d.ts +0 -14
package/dist/kernel/device-backend.js +0 -251
package/dist/kernel/device-layer.d.ts +0 -12
package/dist/kernel/device-layer.js +0 -271
package/dist/kernel/dns-cache.d.ts +0 -29
package/dist/kernel/dns-cache.js +0 -52
package/dist/kernel/fd-table.d.ts +0 -84
package/dist/kernel/fd-table.js +0 -278
package/dist/kernel/file-lock.d.ts +0 -34
package/dist/kernel/file-lock.js +0 -122
package/dist/kernel/host-adapter.d.ts +0 -50
package/dist/kernel/host-adapter.js +0 -8
package/dist/kernel/index.d.ts +0 -36
package/dist/kernel/index.js +0 -34
package/dist/kernel/kernel.d.ts +0 -9
package/dist/kernel/kernel.js +0 -1415
package/dist/kernel/mount-table.d.ts +0 -75
package/dist/kernel/mount-table.js +0 -353
package/dist/kernel/permissions.d.ts +0 -36
package/dist/kernel/permissions.js +0 -150
package/dist/kernel/pipe-manager.d.ts +0 -64
package/dist/kernel/pipe-manager.js +0 -267
package/dist/kernel/proc-backend.d.ts +0 -30
package/dist/kernel/proc-backend.js +0 -428
package/dist/kernel/proc-layer.d.ts +0 -11
package/dist/kernel/proc-layer.js +0 -507
package/dist/kernel/process-table.d.ts +0 -126
package/dist/kernel/process-table.js +0 -651
package/dist/kernel/pty.d.ts +0 -109
package/dist/kernel/pty.js +0 -552
package/dist/kernel/socket-table.d.ts +0 -312
package/dist/kernel/socket-table.js +0 -1188
package/dist/kernel/timer-table.d.ts +0 -54
package/dist/kernel/timer-table.js +0 -108
package/dist/kernel/types.d.ts +0 -541
package/dist/kernel/types.js +0 -98
package/dist/kernel/user.d.ts +0 -29
package/dist/kernel/user.js +0 -35
package/dist/kernel/vfs.d.ts +0 -82
package/dist/kernel/vfs.js +0 -25
package/dist/kernel/wait.d.ts +0 -45
package/dist/kernel/wait.js +0 -112
package/dist/kernel/wstatus.d.ts +0 -21
package/dist/kernel/wstatus.js +0 -33
package/dist/module-resolver.d.ts +0 -29
package/dist/module-resolver.js +0 -314
package/dist/package-bundler.d.ts +0 -41
package/dist/package-bundler.js +0 -497
package/dist/runtime-driver.d.ts +0 -66
package/dist/shared/api-types.d.ts +0 -83
package/dist/shared/bridge-contract.d.ts +0 -772
package/dist/shared/bridge-contract.js +0 -169
package/dist/shared/console-formatter.d.ts +0 -22
package/dist/shared/console-formatter.js +0 -161
package/dist/shared/constants.d.ts +0 -3
package/dist/shared/constants.js +0 -3
package/dist/shared/errors.d.ts +0 -16
package/dist/shared/errors.js +0 -21
package/dist/shared/esm-utils.d.ts +0 -28
package/dist/shared/esm-utils.js +0 -97
package/dist/shared/global-exposure.d.ts +0 -38
package/dist/shared/global-exposure.js +0 -876
package/dist/shared/in-memory-fs.d.ts +0 -16
package/dist/shared/in-memory-fs.js +0 -115
package/dist/shared/permissions.d.ts +0 -36
package/dist/shared/permissions.js +0 -314
package/dist/shared/require-setup.d.ts +0 -6
package/dist/shared/require-setup.js +0 -9
package/dist/test/block-store-conformance.d.ts +0 -34
package/dist/test/block-store-conformance.js +0 -251
package/dist/test/metadata-store-conformance.d.ts +0 -37
package/dist/test/metadata-store-conformance.js +0 -646
package/dist/test/vfs-conformance.d.ts +0 -65
package/dist/test/vfs-conformance.js +0 -842
package/dist/types.d.ts +0 -98
package/dist/types.js +0 -6
package/dist/vfs/chunked-vfs.d.ts +0 -66
package/dist/vfs/chunked-vfs.js +0 -1290
package/dist/vfs/host-block-store.d.ts +0 -19
package/dist/vfs/host-block-store.js +0 -97
package/dist/vfs/memory-block-store.d.ts +0 -16
package/dist/vfs/memory-block-store.js +0 -45
package/dist/vfs/memory-metadata.d.ts +0 -75
package/dist/vfs/memory-metadata.js +0 -528
package/dist/vfs/sqlite-metadata.d.ts +0 -91
package/dist/vfs/sqlite-metadata.js +0 -582
package/dist/vfs/types.d.ts +0 -210
package/dist/vfs/types.js +0 -8
/package/dist/{runtime-driver.js → generated/CreateVmConfig.js} +0 -0
/package/dist/{shared/api-types.js → generated/FsPermissionRule.js} +0 -0

package/dist/kernel/timer-table.d.ts DELETED Viewed

@@ -1,54 +0,0 @@
-/**
- * Kernel timer table with per-process ownership and budget enforcement.
- *
- * Tracks active timers (setTimeout/setInterval) per-process. Actual
- * scheduling is delegated to the host via callbacks — the kernel only
- * manages ownership, limits, and cleanup.
- */
-export interface KernelTimer {
-    readonly id: number;
-    readonly pid: number;
-    readonly delayMs: number;
-    readonly repeat: boolean;
-    /** Host-side handle returned by the scheduling function (for cancellation). */
-    hostHandle: ReturnType<typeof setTimeout> | number | undefined;
-    /** User callback to invoke when the timer fires. */
-    callback: () => void;
-    /** True once the timer has been cleared. */
-    cleared: boolean;
-}
-export interface TimerTableOptions {
-    /** Default per-process timer limit. 0 = unlimited. */
-    defaultMaxTimers?: number;
-}
-export declare class TimerTable {
-    private timers;
-    private nextTimerId;
-    private defaultMaxTimers;
-    /** Per-process limit overrides. */
-    private processLimits;
-    constructor(options?: TimerTableOptions);
-    /**
-     * Create a timer owned by `pid`.
-     * Returns the kernel timer ID. The caller must schedule the actual
-     * timeout on the host and set `timer.hostHandle`.
-     */
-    createTimer(pid: number, delayMs: number, repeat: boolean, callback: () => void): number;
-    /** Get a timer by ID. Returns null if not found. */
-    get(timerId: number): KernelTimer | null;
-    /** Clear (cancel) a timer. The caller should also cancel the host-side handle. */
-    clearTimer(timerId: number, pid?: number): void;
-    /** Set per-process timer limit. */
-    setLimit(pid: number, maxTimers: number): void;
-    /** Get the active timer count for a process. */
-    countForProcess(pid: number): number;
-    /** Get all active timers for a process. */
-    getActiveTimers(pid: number): KernelTimer[];
-    /** Clear all timers owned by a process. Called on process exit. */
-    clearAllForProcess(pid: number): void;
-    /** Dispose all timers. Called on kernel shutdown. */
-    disposeAll(): void;
-    /** Number of active timers across all processes. */
-    get size(): number;
-    private getLimit;
-}

package/dist/kernel/timer-table.js DELETED Viewed

@@ -1,108 +0,0 @@
-/**
- * Kernel timer table with per-process ownership and budget enforcement.
- *
- * Tracks active timers (setTimeout/setInterval) per-process. Actual
- * scheduling is delegated to the host via callbacks — the kernel only
- * manages ownership, limits, and cleanup.
- */
-import { KernelError } from "./types.js";
-export class TimerTable {
-    timers = new Map();
-    nextTimerId = 1;
-    defaultMaxTimers;
-    /** Per-process limit overrides. */
-    processLimits = new Map();
-    constructor(options) {
-        this.defaultMaxTimers = options?.defaultMaxTimers ?? 0;
-    }
-    /**
-     * Create a timer owned by `pid`.
-     * Returns the kernel timer ID. The caller must schedule the actual
-     * timeout on the host and set `timer.hostHandle`.
-     */
-    createTimer(pid, delayMs, repeat, callback) {
-        // Enforce per-process limit
-        const limit = this.getLimit(pid);
-        if (limit > 0) {
-            const count = this.countForProcess(pid);
-            if (count >= limit) {
-                throw new KernelError("EAGAIN", "timer limit exceeded");
-            }
-        }
-        const id = this.nextTimerId++;
-        const timer = {
-            id,
-            pid,
-            delayMs,
-            repeat,
-            hostHandle: undefined,
-            callback,
-            cleared: false,
-        };
-        this.timers.set(id, timer);
-        return id;
-    }
-    /** Get a timer by ID. Returns null if not found. */
-    get(timerId) {
-        return this.timers.get(timerId) ?? null;
-    }
-    /** Clear (cancel) a timer. The caller should also cancel the host-side handle. */
-    clearTimer(timerId, pid) {
-        const timer = this.timers.get(timerId);
-        if (!timer)
-            return; // Clearing a non-existent timer is a no-op (matches POSIX)
-        // Cross-process isolation: if pid is provided, only the owning process can clear
-        if (pid !== undefined && timer.pid !== pid) {
-            throw new KernelError("EACCES", `timer ${timerId} not owned by pid ${pid}`);
-        }
-        timer.cleared = true;
-        this.timers.delete(timerId);
-    }
-    /** Set per-process timer limit. */
-    setLimit(pid, maxTimers) {
-        this.processLimits.set(pid, maxTimers);
-    }
-    /** Get the active timer count for a process. */
-    countForProcess(pid) {
-        let count = 0;
-        for (const timer of this.timers.values()) {
-            if (timer.pid === pid)
-                count++;
-        }
-        return count;
-    }
-    /** Get all active timers for a process. */
-    getActiveTimers(pid) {
-        const result = [];
-        for (const timer of this.timers.values()) {
-            if (timer.pid === pid)
-                result.push(timer);
-        }
-        return result;
-    }
-    /** Clear all timers owned by a process. Called on process exit. */
-    clearAllForProcess(pid) {
-        for (const [id, timer] of this.timers) {
-            if (timer.pid === pid) {
-                timer.cleared = true;
-                this.timers.delete(id);
-            }
-        }
-        this.processLimits.delete(pid);
-    }
-    /** Dispose all timers. Called on kernel shutdown. */
-    disposeAll() {
-        for (const timer of this.timers.values()) {
-            timer.cleared = true;
-        }
-        this.timers.clear();
-        this.processLimits.clear();
-    }
-    /** Number of active timers across all processes. */
-    get size() {
-        return this.timers.size;
-    }
-    getLimit(pid) {
-        return this.processLimits.get(pid) ?? this.defaultMaxTimers;
-    }
-}