@agoric/xsnap
Advanced tools
Snapshotting VM worker based on Moddable's XS Javascript engine
Xsnap is a utility for taking resumable snapshots of a running JavaScript worker, using Moddable’s XS JavaScript engine.
Xsnap provides a Node.js API for controlling Xsnap workers.
const worker = await xsnap();
await worker.evaluate(`
// Incrementer, running on XS.
function handleCommand(message) {
const number = parseInt(new TextDecoder().decode(message), 10);
return new TextEncoder().encode(`${number + 1}`).buffer;
}
`);
await fs.writeFile('bootstrap.xss', worker.makeSnapshotStream());
await worker.close();
Some time later, possibly on a different computer…
const decoder = new TextDecoder();
const worker = await xsnap({
snapshotStream: fs.createFileStream('bootstrap.xss'),
});
const response = await worker.issueCommand('1');
console.log(decoder.decode(response)); // 2
await worker.close();
The parent and child communicate using "commands".
issueCommand function to send a request
and receive as response from the Node.js parent.handleCommand function to respond
to commands from the Node.js parent.
handleCommand may be asynchronous after a fashion: it
may return an object and, before the promise queue becomes empty,
set the result property of this object to an ArrayBuffer.
See the evaluate and report test for an example.issueCommand method to send a
request and receive a response from the XS child.handleCommand function to
respond to commands from the XS child.
With xsnap comes an xsrepl command line tool.
Use yarn global add @agoric/xsnap to add xsrepl to your path.
During development, run yarn repl.
The REPL supports special commands load and save for snapshots, and quit
to quit.
Load and save don't take arguments; just type the file name on the next prompt.
$ xsrepl
xs> globalThis.x = 42;
xs> x
42
xs> save
file> temp.xss
xs> quit
$ xsrepl
xs> load
file> temp.xss
xs> x
42
xs> quit
FAQs
Snapshotting VM worker based on Moddable's XS Javascript engine
We found that @agoric/xsnap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.