Open flyck opened 1 year ago
In node20 there are now some experimental runtime permissions. You can limit the access to file reads/writes for the program as a whole.
Lavamoat is still more fine-grained here, as it allows package-specific rules. Also with the node20 features it will take a while until they are available in AWS to a broader audience.
Lavamoat still doesnt support webpack or esbuild, so I suppose this means I can only run it in the lavamoat runtime, for which I will create an example in a custom lambda runtime.
idea: how to secure nextjs/trpc/create-t3-app with lavamoat?
These are the steps we need to integrate.