search

oven-sh / bun

Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one
https://bun.sh
Other
73.22k stars 2.69k forks source link

Implementation of shadowrealms for isolated processes and secure user code execution. #10412

Closed Autumnlight02 closed 5 months ago

Autumnlight02 commented 5 months ago

What is the problem this feature would solve?

This would allow us to archieve a better implementation of node:vm At the moment node:vm still has its fair shares of memory vunerability issues etc. Libraries so far have not been able to solve this issue. image

Currently in TC 39 there is a proposal on Stage 2.7. I would wish for an early Implementation in Bun so that we can safely execute user scripts. Perhaps even go so far to add additional supports of feature activations like network, fs etc. The proposal is here: https://github.com/tc39/proposal-shadowrealm

What is the feature you are proposing to solve the problem?

early implementation of https://github.com/tc39/proposal-shadowrealm.

What alternatives have you considered?

https://www.npmjs.com/package/isolated-vm#frequently-asked-question

Jarred-Sumner commented 5 months ago

Duplicate of https://github.com/oven-sh/bun/issues/10413