act-cli 0.8.1__tar.gz → 0.8.2__tar.gz

{act_cli-0.8.1 → act_cli-0.8.2}/Cargo.lock

@@ -4,7 +4,7 @@ version = 4
 
 [[package]]
 name = "act-build"
-version = "0.8.1"
+version = "0.8.2"
 dependencies = [
  "act-types",
  "anyhow",
@@ -37,7 +37,7 @@ dependencies = [
 
 [[package]]
 name = "act-cli"
-version = "0.8.1"
+version = "0.8.2"
 dependencies = [
  "act-store",
  "act-types",
@@ -45,6 +45,7 @@ dependencies = [
  "axum",
  "base64",
  "bytes",
+ "bytesize",
  "ciborium",
  "cidr",
  "clap",
@@ -384,6 +385,12 @@ version = "1.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33"
 
+[[package]]
+name = "bytesize"
+version = "2.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6bd91ee7b2422bcb158d90ef4d14f75ef67f340943fc4149891dcce8f8b972a3"
+
 [[package]]
 name = "cap-fs-ext"
 version = "3.4.5"

{act_cli-0.8.1 → act_cli-0.8.2}/Cargo.toml

@@ -3,7 +3,7 @@ members = ["act-cli", "crates/act-store"]
 resolver = "3"
 
 [workspace.package]
-version = "0.8.1"
+version = "0.8.2"
 edition = "2024"
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/actcore/act-cli"

{act_cli-0.8.1 → act_cli-0.8.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: act-cli
-Version: 0.8.1
+Version: 0.8.2
 Classifier: Development Status :: 4 - Beta
 Classifier: Environment :: Console
 Classifier: Intended Audience :: Developers

{act_cli-0.8.1 → act_cli-0.8.2}/act-cli/Cargo.toml

@@ -57,6 +57,7 @@ globset = "0.4"
 path-clean = "1"
 owo-colors = { version = "4.3.0", features = ["supports-colors"] }
 act-store = { version = "0.1.0", path = "../crates/act-store" }
+bytesize = "2.3.1"
 
 [dev-dependencies]
 tempfile = "3"

{act_cli-0.8.1 → act_cli-0.8.2}/act-cli/src/main.rs

@@ -55,6 +55,12 @@ struct CommonOpts {
     #[arg(long = "deny-socket")]
     sockets_deny: Vec<String>,
 
+    /// Cap the component's wasm linear memory. Accepts a byte count or a size
+    /// with a unit — binary (`512MiB`) or decimal (`512MB`). Growth past the cap
+    /// fails inside the guest instead of ballooning the host process.
+    #[arg(long = "max-memory", value_parser = parse_max_memory)]
+    max_memory: Option<usize>,
+
     /// Use a named profile from the config file
     #[arg(long)]
     profile: Option<String>,
@@ -318,6 +324,22 @@ fn parse_cli_metadata(
     }
 }
 
+/// Parse a `--max-memory` value via the `bytesize` crate: a byte count or a
+/// size with a unit, decimal (`512MB` = 512·10⁶) or binary (`512MiB` = 512·2²⁰).
+fn parse_max_memory(s: &str) -> Result<usize, String> {
+    let bytes = s
+        .trim()
+        .parse::<bytesize::ByteSize>()
+        .map_err(|e| format!("invalid --max-memory value '{s}': {e}"))?
+        .as_u64();
+    let bytes =
+        usize::try_from(bytes).map_err(|_| format!("--max-memory value too large: '{s}'"))?;
+    if bytes == 0 {
+        return Err(format!("--max-memory must be greater than 0: '{s}'"));
+    }
+    Ok(bytes)
+}
+
 struct ResolvedOpts {
     #[allow(dead_code)]
     config_file: config::ConfigFile,
@@ -325,6 +347,7 @@ struct ResolvedOpts {
     http: config::HttpConfig,
     sockets: config::SocketsConfig,
     metadata: Option<serde_json::Value>,
+    max_memory: Option<usize>,
 }
 
 fn resolve_opts(opts: &CommonOpts) -> Result<ResolvedOpts> {
@@ -360,6 +383,7 @@ fn resolve_opts(opts: &CommonOpts) -> Result<ResolvedOpts> {
         http,
         sockets,
         metadata,
+        max_memory: opts.max_memory,
     })
 }
 
@@ -388,6 +412,7 @@ async fn prepare_component(
     let fs = resolved.fs;
     let http = resolved.http;
     let sockets = resolved.sockets;
+    let max_memory = resolved.max_memory;
 
     let mut preopens = runtime::fs_policy::derive_preopens(&fs);
     let mount_root = info.std.capabilities.fs_mount_root().unwrap_or("/");
@@ -410,7 +435,7 @@ async fn prepare_component(
     let wasm = runtime::load_component(&engine, &component_path)?;
     let linker = runtime::create_linker(&engine)?;
     let (instance, session_provider, store) = runtime::instantiate_component(
-        &engine, &wasm, &linker, &preopens, &http, &fs, &sockets, &info,
+        &engine, &wasm, &linker, &preopens, &http, &fs, &sockets, &info, max_memory,
     )
     .await?;
     let has_sessions = session_provider.is_some();
@@ -969,6 +994,22 @@ mod tests {
         assert_eq!(result, Some(serde_json::json!({"key": "value"})));
     }
 
+    #[test]
+    fn parse_max_memory_units_and_bytes() {
+        assert_eq!(parse_max_memory("268435456").unwrap(), 256 << 20); // bare = bytes
+        assert_eq!(parse_max_memory("256MiB").unwrap(), 256 << 20); // binary
+        assert_eq!(parse_max_memory("1GiB").unwrap(), 1 << 30);
+        assert_eq!(parse_max_memory("512KiB").unwrap(), 512 << 10);
+        assert_eq!(parse_max_memory("256MB").unwrap(), 256_000_000); // decimal
+    }
+
+    #[test]
+    fn parse_max_memory_rejects_garbage_and_zero() {
+        assert!(parse_max_memory("12xyz").is_err());
+        assert!(parse_max_memory("").is_err());
+        assert!(parse_max_memory("0").is_err());
+    }
+
     #[test]
     fn parse_cli_metadata_from_file() {
         let mut file = NamedTempFile::new().unwrap();

{act_cli-0.8.1 → act_cli-0.8.2}/act-cli/src/runtime/mod.rs

@@ -5,7 +5,9 @@ use std::pin::Pin;
 use std::task::{Context, Poll};
 use tokio::sync::{mpsc, oneshot};
 use wasmtime::component::{Component, Linker, ResourceTable, Source, StreamConsumer, StreamResult};
-use wasmtime::{AsContextMut, Config, Engine, Store, StoreContextMut};
+use wasmtime::{
+    AsContextMut, Config, Engine, Store, StoreContextMut, StoreLimits, StoreLimitsBuilder,
+};
 use wasmtime_wasi::{WasiCtx, WasiCtxBuilder, WasiCtxView, WasiView};
 use wasmtime_wasi_http::WasiHttpCtx;
 use wasmtime_wasi_http::p3::WasiHttpCtxView;
@@ -36,6 +38,9 @@ pub struct HostState {
     fs_matcher: crate::runtime::fs_matcher::FsMatcher,
     fs_mode: crate::config::PolicyMode,
     fd_paths: crate::runtime::fs_policy::FdPathMap,
+    /// Caps the component's wasm linear memory growth (via `store.limiter`).
+    /// Default `StoreLimits` is unlimited.
+    limits: StoreLimits,
 }
 
 impl HostState {
@@ -153,6 +158,7 @@ pub async fn create_store(
     fs: &crate::config::FsConfig,
     sockets: &crate::config::SocketsConfig,
     info: &ComponentInfo,
+    max_memory: Option<usize>,
 ) -> Result<Store<HostState>> {
     // Intersect user policy with the component's declared capabilities.
     let effective_fs = crate::runtime::effective::effective_fs(fs, &info.std.capabilities).config;
@@ -208,8 +214,17 @@ pub async fn create_store(
             preopens: preopen_pairs,
             by_rep: Default::default(),
         },
+        limits: match max_memory {
+            Some(bytes) => StoreLimitsBuilder::new().memory_size(bytes).build(),
+            None => StoreLimits::default(),
+        },
     };
-    Ok(Store::new(engine, state))
+    let mut store = Store::new(engine, state);
+    // Enforce the linear-memory cap: when the guest grows memory past the limit,
+    // `memory.grow` fails (the guest typically traps OOM) instead of letting the
+    // host process balloon. No-op when `max_memory` is None (default limits).
+    store.limiter(|state| &mut state.limits);
+    Ok(store)
 }
 
 // ── Component info from custom section ──
@@ -346,12 +361,13 @@ pub async fn instantiate_component(
     fs: &crate::config::FsConfig,
     sockets: &crate::config::SocketsConfig,
     info: &ComponentInfo,
+    max_memory: Option<usize>,
 ) -> Result<(
     ActWorld,
     Option<sessions::SessionProvider>,
     Store<HostState>,
 )> {
-    let mut store = create_store(engine, preopens, http, fs, sockets, info).await?;
+    let mut store = create_store(engine, preopens, http, fs, sockets, info, max_memory).await?;
 
     // Manual instantiation flow (replicates ActWorld::instantiate_async)
     // so we keep access to the raw `Instance` for session-provider lookup.