-
Notifications
You must be signed in to change notification settings - Fork 65
/
index.js
65 lines (58 loc) · 1.95 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
import 'ses'
lockdown({
// gives a semi-high resolution timer
dateTaming: 'unsafe',
// this is introduces non-determinism, but is otherwise safe
mathTaming: 'unsafe',
// lets code observe call stack, but easier debuggability
errorTaming: 'unsafe',
// shows the full call stack
stackFiltering: 'verbose',
// prevents most common override mistake cases from tripping up users
overrideTaming: 'severe',
// preserves JS locale methods, to avoid confusing users
// prevents aliasing: toLocaleString() to toString(), etc
localeTaming: 'unsafe',
})
import { importLocation } from '@endo/compartment-mapper'
import { pathToFileURL } from 'node:url'
import { importHook } from './import-hook.js'
import { moduleTransforms } from './module-transforms.js'
import { toEndoPolicy } from './policy-converter.js'
import { defaultReadPowers } from './power.js'
export * as constants from './constants.js'
export { generateAndWritePolicy, generatePolicy } from './policy-gen/index.js'
export { loadPolicies } from './policy.js'
export { toEndoPolicy }
/**
* Runs a program in endomoat given a LavaMoat policy
*
* @overload
* @param {string | URL} entrypointPath
* @param {import('lavamoat-core').LavaMoatPolicy} policy
* @param {import('./types.js').RunOptions} [opts]
* @returns {Promise<unknown>}
*/
/**
* Runs a program in endomoat
*
* @param {string | URL} entrypointPath
* @param {import('lavamoat-core').LavaMoatPolicy} policy
* @param {import('./types.js').RunOptions} [opts]
* @returns {Promise<unknown>}
*/
export async function run(entrypointPath, policy, opts = {}) {
const endoPolicy = toEndoPolicy(policy)
const { readPowers = defaultReadPowers } = opts
const url =
entrypointPath instanceof URL
? `${entrypointPath}`
: `${pathToFileURL(entrypointPath)}`
const { namespace } = await importLocation(readPowers, url, {
policy: endoPolicy,
globals: globalThis,
importHook,
moduleTransforms,
})
return namespace
}