run-sandbox
v0.0.2
Published
Runs untrusted code in a Node.js v8 sandbox.
Downloads
8
Maintainers
Readme
run-sandbox
Runs untrusted code in a Node.js v8 sandbox. Built on top of v8-sandbox.
Install
npm install run-sandbox --save
Usage
const runSandbox = require('run-sandbox')
/* This function will run in a sandbox, in a separate process */
const sum = runSandbox((y, z) => y + z)
/* Interact with it as usual from your main code */
const result = await sum(3, 2)
console.log(result)
You can also use `require' for external dependencies:
const isEmoji = runSandbox(emoji => {
const isEmoji = require('is-standard-emoji')
return isEmoji(emoji)
})
await isEmoji('🙌') // => true
await isEmoji('foo') // => false
The dependencies are bundled with the source code into a single file that is executed in the sandbox.
It's intentionally not possible to expose any Node.js objects or functions directly to the sandbox (such as process
, or filesystem). This makes it slightly harder to integrate into a project, but has the benefit of guaranteed isolation.
API
runSandbox(snippet, [options])
snippet
Required
Type: string
The source code to run.
options
foo
Type: boolean
Default: false
Lorem ipsum.
License
run-sandbox © Kiko Beats, released under the MIT License. Authored and maintained by Kiko Beats with help from contributors.
kikobeats.com · GitHub @Kiko Beats · X @Kikobeats