isolated-function 0.1.5 → 0.1.7

package/README.md

@@ -22,12 +22,15 @@
   - [Auto install dependencies](#auto-install-dependencies)
   - [Execution profiling](#execution-profiling)
   - [Resource limits](#resource-limits)
+  - [Error handling](#error-handling)
 - [API](#api)
   - [isolatedFunction(code, \[options\])](#isolatedfunctioncode-options)
     - [code](#code)
     - [options](#options)
+      - [memory](#memory)
+      - [throwError](#throwerror)
       - [timeout](#timeout)
-      - [timeout](#timeout-1)
+      - [tmpdir](#tmpdir)
   - [=\> (fn(\[...args\]), teardown())](#-fnargs-teardown)
     - [fn](#fn)
     - [teardown](#teardown)
@@ -164,6 +167,34 @@ await fn(100)
 // =>  TimeoutError: Execution timed out
 ```
 
+### Error handling
+
+Any error during **isolated-function** execution will be propagated:
+
+```js
+const [fn, cleanup] = isolatedFunction(() => {
+  throw new TypeError('oh no!')
+})
+
+const result = await fn()
+// TypeError: oh no!
+```
+
+You can also return the error instead of throwing it with `{ throwError: false }`:
+
+```js
+const [fn, cleanup] = isolatedFunction(() => {
+  throw new TypeError('oh no!')
+})
+
+const { isFullfiled, value } = await fn()
+
+if (!isFufilled) {
+  console.error(value)
+  // TypeError: oh no!
+}
+```
+
 ## API
 
 ### isolatedFunction(code, [options])
@@ -177,17 +208,37 @@ The hosted function to run.
 
 #### options
 
+##### memory
+
+Type: `number`<br>
+Default: `Infinity`
+
+Set the function memory limit, in megabytes.
+
+##### throwError
+
+Type: `boolean`<br>
+Default: `false`
+
+When is `true`, it returns the error rather than throw it.
+
+The error will be accessible against `{ value: error, isFufilled: false }` object.
+
+Set the function memory limit, in megabytes.
+
 ##### timeout
 
-Type: `number`
+Type: `number`<br>
+Default: `Infinity`
 
 Timeout after a specified amount of time, in milliseconds.
 
-##### timeout
+##### tmpdir
 
-Type: `number`
+Type: `function`<br>
+Default: `fs.mkdtemp(path.join(require('os').tmpdir(), 'compile-'))`
 
-Set the functino memory limit, in megabytes.
+The temporal folder to use for installing code dependencies.
 
 ### => (fn([...args]), teardown())
 

package/package.json

@@ -2,7 +2,7 @@
   "name": "isolated-function",
   "description": "Runs untrusted code in a Node.js v8 sandbox.",
   "homepage": "https://github.com/Kikobeats/isolated-function",
-  "version": "0.1.5",
+  "version": "0.1.7",
   "main": "src/index.js",
   "exports": {
     ".": "./src/index.js"

package/src/compile/detect-dependencies.js

@@ -0,0 +1,35 @@
+'use strict'
+
+const walk = require('acorn-walk')
+const acorn = require('acorn')
+
+const parseDependency = require('./parse-dependency')
+
+module.exports = code => {
+  const dependencies = new Set()
+
+  // Parse the code into an AST
+  const ast = acorn.parse(code, { ecmaVersion: 2020, sourceType: 'module' })
+
+  // Traverse the AST to find require and import statements
+  walk.simple(ast, {
+    CallExpression (node) {
+      if (
+        node.callee.name === 'require' &&
+        node.arguments.length === 1 &&
+        node.arguments[0].type === 'Literal'
+      ) {
+        const dependency = node.arguments[0].value
+        dependencies.add(parseDependency(dependency))
+      }
+    },
+    ImportDeclaration (node) {
+      const source = node.source.value
+      dependencies.add(parseDependency(source))
+    }
+  })
+
+  return Array.from(dependencies)
+}
+
+module.exports.parseDependency = parseDependency

package/src/compile/index.js

@@ -0,0 +1,60 @@
+'use strict'
+
+const { execSync } = require('child_process')
+const esbuild = require('esbuild')
+const fs = require('fs/promises')
+const $ = require('tinyspawn')
+const path = require('path')
+
+const transformDependencies = require('./transform-dependencies')
+const detectDependencies = require('./detect-dependencies')
+const generateTemplate = require('../template')
+
+const MINIFY = process.env.ISOLATED_FUNCTIONS_MINIFY !== 'false'
+
+const packageManager = (() => {
+  try {
+    execSync('which pnpm').toString().trim()
+    return { init: 'pnpm init', install: 'pnpm install' }
+  } catch {
+    return { init: 'npm init --yes', install: 'npm install' }
+  }
+})()
+
+const tmpdirDefault = () => fs.mkdtemp(path.join(require('os').tmpdir(), 'compile-'))
+
+const getTmp = async (content, tmpdir) => {
+  const cwd = await tmpdir()
+  await fs.mkdir(cwd, { recursive: true })
+
+  const filepath = path.join(cwd, 'index.js')
+  await fs.writeFile(filepath, content)
+
+  const cleanup = () => fs.rm(cwd, { recursive: true, force: true })
+  return { filepath, cwd, content, cleanup }
+}
+
+module.exports = async (snippet, tmpdir = tmpdirDefault) => {
+  const compiledTemplate = generateTemplate(snippet)
+  const dependencies = detectDependencies(compiledTemplate)
+  const tmp = await getTmp(transformDependencies(compiledTemplate), tmpdir)
+
+  await $(packageManager.init, { cwd: tmp.cwd })
+  await $(`${packageManager.install} ${dependencies.join(' ')}`, {
+    cwd: tmp.cwd
+  })
+
+  const result = await esbuild.build({
+    entryPoints: [tmp.filepath],
+    bundle: true,
+    minify: MINIFY,
+    write: false,
+    platform: 'node'
+  })
+
+  await tmp.cleanup()
+  return getTmp(result.outputFiles[0].text, tmpdir)
+}
+
+module.exports.detectDependencies = detectDependencies
+module.exports.transformDependencies = transformDependencies

package/src/compile/parse-dependency.js

@@ -0,0 +1,31 @@
+'use strict'
+
+module.exports = dependency => {
+  if (dependency.startsWith('@')) {
+    // Handle scoped packages
+    const slashIndex = dependency.indexOf('/')
+    if (slashIndex !== -1) {
+      const atVersionIndex = dependency.indexOf('@', slashIndex)
+      if (atVersionIndex !== -1) {
+        // Scoped package with version
+        const packageName = dependency.substring(0, atVersionIndex)
+        const version = dependency.substring(atVersionIndex + 1)
+        return `${packageName}@${version}`
+      } else {
+        // Scoped package without explicit version
+        return `${dependency}@latest`
+      }
+    }
+  } else {
+    // Non-scoped packages
+    const atVersionIndex = dependency.indexOf('@')
+    if (atVersionIndex !== -1) {
+      // Non-scoped package with version
+      const packageName = dependency.substring(0, atVersionIndex)
+      const version = dependency.substring(atVersionIndex + 1)
+      return `${packageName}@${version}`
+    }
+  }
+  // Non-scoped package without explicit version
+  return `${dependency}@latest`
+}

package/src/compile/transform-dependencies.js

@@ -0,0 +1,57 @@
+'use strict'
+
+const acorn = require('acorn')
+const walk = require('acorn-walk')
+
+module.exports = code => {
+  const ast = acorn.parse(code, { ecmaVersion: 2020, sourceType: 'module' })
+
+  let newCode = ''
+  let lastIndex = 0
+
+  // Helper function to process and transform nodes
+  const processNode = node => {
+    if (node.type === 'Literal' && node.value.includes('@')) {
+      // Check if it's a scoped module
+      if (node.value.startsWith('@')) {
+        // Handle scoped packages
+        const slashIndex = node.value.indexOf('/')
+        if (slashIndex !== -1) {
+          const atVersionIndex = node.value.indexOf('@', slashIndex)
+          const moduleName =
+            atVersionIndex !== -1 ? node.value.substring(0, atVersionIndex) : node.value
+          // Append code before this node
+          newCode += code.substring(lastIndex, node.start)
+          // Append transformed dependency
+          newCode += `'${moduleName}'`
+        }
+      } else {
+        // Handle non-scoped packages
+        const [moduleName] = node.value.split('@')
+        // Append code before this node
+        newCode += code.substring(lastIndex, node.start)
+        // Append transformed dependency
+        newCode += `'${moduleName}'`
+      }
+      // Update lastIndex to end of current node
+      lastIndex = node.end
+    }
+  }
+
+  // Traverse the AST to find require and import declarations
+  walk.simple(ast, {
+    CallExpression (node) {
+      if (node.callee.name === 'require' && node.arguments.length === 1) {
+        processNode(node.arguments[0])
+      }
+    },
+    ImportDeclaration (node) {
+      processNode(node.source)
+    }
+  })
+
+  // Append remaining code after last modified dependency
+  newCode += code.substring(lastIndex)
+
+  return newCode
+}

package/src/index.js

@@ -20,9 +20,9 @@ const flags = ({ filename, memory }) => {
   return flags.join(' ')
 }
 
-module.exports = (snippet, { timeout = 0, memory, throwError = true } = {}) => {
+module.exports = (snippet, { tmpdir, timeout, memory, throwError = true } = {}) => {
   if (!['function', 'string'].includes(typeof snippet)) throw new TypeError('Expected a function')
-  const compilePromise = compile(snippet)
+  const compilePromise = compile(snippet, tmpdir)
 
   const fn = async (...args) => {
     let duration

package/src/compile.js

@@ -1,141 +0,0 @@
-'use strict'
-
-const { execSync } = require('child_process')
-const walk = require('acorn-walk')
-const esbuild = require('esbuild')
-const fs = require('fs/promises')
-const { tmpdir } = require('os')
-const acorn = require('acorn')
-const $ = require('tinyspawn')
-const path = require('path')
-
-const generateTemplate = require('./template')
-
-const MINIFY = process.env.ISOLATED_FUNCTIONS_MINIFY !== 'false'
-
-const packageManager = (() => {
-  try {
-    execSync('which pnpm').toString().trim()
-    return { init: 'pnpm init', install: 'pnpm install' }
-  } catch {
-    return { init: 'npm init --yes', install: 'npm install' }
-  }
-})()
-
-// Function to detect require and import statements using acorn
-const detectDependencies = code => {
-  const dependencies = new Set()
-
-  // Parse the code into an AST
-  const ast = acorn.parse(code, { ecmaVersion: 2020, sourceType: 'module' })
-
-  // Traverse the AST to find require and import statements
-  walk.simple(ast, {
-    CallExpression (node) {
-      if (
-        node.callee.name === 'require' &&
-        node.arguments.length === 1 &&
-        node.arguments[0].type === 'Literal'
-      ) {
-        const dependency = node.arguments[0].value
-        // Check if the dependency string contains '@' symbol for versioning
-        if (dependency.includes('@')) {
-          // Split by '@' to separate module name and version
-          const parts = dependency.split('@')
-          // Handle edge case where module name might also contain '@' (scoped packages)
-          const moduleName = parts.length > 2 ? `${parts[0]}@${parts[1]}` : parts[0]
-          const version = parts[parts.length - 1]
-          dependencies.add(`${moduleName}@${version}`)
-        } else {
-          dependencies.add(`${dependency}@latest`)
-        }
-      }
-    },
-    ImportDeclaration (node) {
-      const source = node.source.value
-      if (source.includes('@')) {
-        const parts = source.split('@')
-        const moduleName = parts.length > 2 ? `${parts[0]}@${parts[1]}` : parts[0]
-        const version = parts[parts.length - 1]
-        dependencies.add(`${moduleName}@${version}`)
-      } else {
-        dependencies.add(`${source}@latest`)
-      }
-    }
-  })
-
-  return Array.from(dependencies)
-}
-
-const transformDependencies = code => {
-  const ast = acorn.parse(code, { ecmaVersion: 2020, sourceType: 'module' })
-
-  let newCode = ''
-  let lastIndex = 0
-
-  // Helper function to process and transform nodes
-  const processNode = node => {
-    if (node.type === 'Literal' && node.value.includes('@')) {
-      // Extract module name without version
-      const [moduleName] = node.value.split('@')
-      // Append code before this node
-      newCode += code.substring(lastIndex, node.start)
-      // Append transformed dependency
-      newCode += `'${moduleName}'`
-      // Update lastIndex to end of current node
-      lastIndex = node.end
-    }
-  }
-
-  // Traverse the AST to find require and import declarations
-  walk.simple(ast, {
-    CallExpression (node) {
-      if (node.callee.name === 'require' && node.arguments.length === 1) {
-        processNode(node.arguments[0])
-      }
-    },
-    ImportDeclaration (node) {
-      processNode(node.source)
-    }
-  })
-
-  // Append remaining code after last modified dependency
-  newCode += code.substring(lastIndex)
-
-  return newCode
-}
-
-const getTmp = async content => {
-  const cwd = await fs.mkdtemp(path.join(tmpdir(), 'compile-'))
-  await fs.mkdir(cwd, { recursive: true })
-
-  const filepath = path.join(cwd, 'index.js')
-  await fs.writeFile(filepath, content)
-
-  const cleanup = () => fs.rm(cwd, { recursive: true, force: true })
-  return { filepath, cwd, content, cleanup }
-}
-
-module.exports = async snippet => {
-  const compiledTemplate = generateTemplate(snippet)
-  const dependencies = detectDependencies(compiledTemplate)
-  const tmp = await getTmp(transformDependencies(compiledTemplate))
-
-  await $(packageManager.init, { cwd: tmp.cwd })
-  await $(`${packageManager.install} ${dependencies.join(' ')}`, {
-    cwd: tmp.cwd
-  })
-
-  const result = await esbuild.build({
-    entryPoints: [tmp.filepath],
-    bundle: true,
-    minify: MINIFY,
-    write: false,
-    platform: 'node'
-  })
-
-  await tmp.cleanup()
-  return getTmp(result.outputFiles[0].text)
-}
-
-module.exports.detectDependencies = detectDependencies