erights
commented
2 years ago Partially addressed by https://github.com/endojs/endo/pull/1299
Open mhofman opened 2 years ago
erights
commented
2 years ago Partially addressed by https://github.com/endojs/endo/pull/1299
tgrecojs
commented
5 months ago @kriskowal is this something that still needs attention? if so, then i'd be happy to take it on.
I did a quick investigation and I've found several tests inside of @endo/compartment-mapper that import ses directly.
Below are 2 of such test files.
In the event that this work is still desired then i'll end with the following questions:
import 'ses' for import '@endo/init' directly within each test that contains the ses import (such as the ones above)?@endo/ses-ava would be preferred over @endo/init? If one is required over the other, then additional input as to why it should be used, or why it shouldn't be used would be greatly appreciated 🙂
It looks like some endo tests like the
marshalpackage are using@endo/lockdowndirectly bypassing the@endo/initvetted shims, in particular the node-async_hooks patch. This caused @erights to believe the async_hooks symbols workaround were sometimes not added toPromise.prototype(if debugger opened after lockdown), and a confusing attempt at working around the symptoms in #1297.Furthermore, we discovered the async_hooks patch is currently running before the SES-shim/lockdown even has a chance to be executed and capture what it can of the initial environment, placing it in a even more sensitive position than trusted shims (which already have too much power since the evaluators are not tamed by the time they execute).
Given the tight coupling of the async-hooks patch with the SES-shim, I'm wondering if a better place for it wouldn't have been in the
lockdownpackage itself.Something along the lines of in
packages/lockdown/src/pre-node.js: