@bonniernews/wichita
Advanced tools
Run your es6 modules in a sandbox with the experimental vm.SourceTextModule.
The following node options are required to run this module
--experimental-vm-modules --no-warnings
If running tests with mocha you can preceed the mocha call with NODE_OPTIONS, e.g.:
NODE_OPTIONS="--experimental-vm-modules --no-warnings" mocha -R dot
Wichita takes one required argument:
sourcePath: required script path, relative from calling fileoptions: optional vm context options, passed to vm.createContextand returns an api:
path: absolute path to filecaller: absolute path to calling filerun(sandbox): run es6 module
sandbox: required object that will be contextified and used as global contextexports(sandbox): expose module export functions
sandbox: required objectexecute(sandbox, fn): execute function
sandbox: required objectfn: function that returns module as argument, fn(es6module)Run script:
const source = Script("./resources/main");
await source.run({
setTimeout() {},
console,
window: {},
})
Exports:
const source = Script("./resources/lib/module");
const {default: defaultExport, justReturn} = await source.exports({
setTimeout() {},
console,
window: {},
}
defaultExport(1);
justReturn(2);
Execute:
const source = Script("./resources/lib/module");
await source.execute({
setTimeout() {},
console,
window: {},
}, (module) => {
module.default(1);
module.justReturn(2);
})
"use strict";
const Script = require("@bonniernews/wichita");
const assert = require("assert");
describe("script", () => {
it("executes scripts in passed context", async () => {
const source = Script("./resources/main");
const context = {
window: {
root: true,
},
};
await source.run(context);
assert.ok(context.window.broker);
assert.ok(context.window.setByModule);
assert.equal(context.window.count, 1);
assert.ok(context.window.setByQueue);
});
it("and again", async () => {
const source = Script("./resources/main");
const context = {
window: {
root: true,
count: 2,
},
};
await source.run(context);
assert.ok(context.window.broker);
assert.ok(context.window.setByModule);
assert.equal(context.window.count, 3);
assert.ok(context.window.setByQueue);
});
it("get module exports", async () => {
const source = Script("./resources/lib/module");
const context = {
window: {
root: true,
},
console,
};
const {justReturn} = await source.exports(context);
assert.equal(justReturn(1), 1);
});
it("execute module function", async () => {
const source = Script("./resources/lib/module");
const context = {
window: {
root: true,
},
console,
};
let called;
await source.execute(context, (module) => {
called = true;
assert.equal(module.justReturn(1), 1);
});
assert.ok(called);
});
});
FAQs
Run your es6 modules with imports/exports in a vm sandbox
The npm package @bonniernews/wichita receives a total of 75 weekly downloads. As such, @bonniernews/wichita popularity was classified as not popular.
We found that @bonniernews/wichita demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.