jasnell
commented
2 years ago This would need to be defined a whole lot more before we can progress. Node.js' vm module is absolutely not a sandbox.
Open XadillaX opened 2 years ago
jasnell
commented
2 years ago This would need to be defined a whole lot more before we can progress. Node.js' vm module is absolutely not a sandbox.
XadillaX
commented
2 years ago For most situation, something like vm is enough. It's a bit safer than eval.
Since Winter is a non-browser runtime spec, I think this ability is necessary.
legendecas
commented
2 years ago This can fall into the coverage of ShadowRealm and its Web integration.
maxshirshin
commented
2 years ago Node's vm is useful in building sandbox-like environments, as Node exposes many sensitive and powerful APIs by default. This is not necessarily the case for the common minimum APIs we're discussing here. So far, looks like we may put things like file or system env access out of the scope, so the first question is: what would be the purpose of such a sandbox?
jasnell
commented
2 years ago Currently, there's not enough common api surface here shared across multiple runtimes to justify adding anything to the common API surface. This could make sense as a separate workstream but doesn't make sense for the minimum common api doc at this time.
I think sandbox related APIs are needed in some SSR situation. Just something like Node.js'
vm.