-
Notifications
You must be signed in to change notification settings - Fork 65
/
index.js
92 lines (82 loc) · 2.71 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
import 'ses'
lockdown({
// gives a semi-high resolution timer
dateTaming: 'unsafe',
// this is introduces non-determinism, but is otherwise safe
mathTaming: 'unsafe',
// lets code observe call stack, but easier debuggability
errorTaming: 'unsafe',
// shows the full call stack
stackFiltering: 'verbose',
// prevents most common override mistake cases from tripping up users
overrideTaming: 'severe',
// preserves JS locale methods, to avoid confusing users
// prevents aliasing: toLocaleString() to toString(), etc
localeTaming: 'unsafe',
})
import { importLocation } from '@endo/compartment-mapper'
import { pathToFileURL } from 'node:url'
import { importHook } from './import-hook.js'
import { moduleTransforms } from './module-transforms.js'
import { toEndoPolicy } from './policy-converter.js'
import { generatePolicy } from './policy-gen/index.js'
import { isPolicy } from './policy.js'
import { makeReadPowers } from './power.js'
export * as constants from './constants.js'
export { generateAndWritePolicy, generatePolicy } from './policy-gen/index.js'
export { loadPolicies } from './policy.js'
export { toEndoPolicy }
/**
* Runs Endomoat with provided policy
*
* @overload
* @param {string | URL} entryFile
* @param {import('lavamoat-core').LavaMoatPolicy} policy
* @param {import('./types.js').RunOptions} [opts]
* @returns {Promise<unknown>}
*/
/**
* Runs Endomoat with an auto-generated policy, optionally writing to disk
*
* @overload
* @param {string | URL} entryFile
* @param {import('./types.js').GenerateAndRunOptions} [opts]
* @returns {Promise<unknown>}
*/
/**
* Runs a program in Endomoat
*
* @param {string | URL} entrypointPath
* @param {import('lavamoat-core').LavaMoatPolicy
* | import('./types.js').GenerateAndRunOptions} [policyOrOpts]
* @param {import('./types.js').RunOptions} [opts]
* @returns {Promise<unknown>}
*/
export async function run(entrypointPath, policyOrOpts = {}, opts = {}) {
await Promise.resolve()
/** @type {import('lavamoat-core').LavaMoatPolicy} */
let policy
/** @type {import('./types.js').RunOptions} */
let runOpts
if (isPolicy(policyOrOpts)) {
policy = policyOrOpts
runOpts = opts
} else {
const generateOpts = policyOrOpts
runOpts = { readPowers: generateOpts.readPowers }
policy = await generatePolicy(entrypointPath, generateOpts)
}
const endoPolicy = toEndoPolicy(policy)
const readPowers = makeReadPowers(runOpts.readPowers)
const url =
entrypointPath instanceof URL
? `${entrypointPath}`
: `${pathToFileURL(entrypointPath)}`
const { namespace } = await importLocation(readPowers, url, {
policy: endoPolicy,
globals: globalThis,
importHook,
moduleTransforms,
})
return namespace
}