@enclave-vm/runtime
Advanced tools
Standalone runtime worker for EnclaveJS - deployable execution environment
Standalone runtime worker for EnclaveJS - deployable execution environment
The @enclave-vm/runtime package provides a standalone, deployable runtime worker for EnclaveJS. It can run as a standalone process, in a container, or as a serverless function, providing secure code execution with the EnclaveJS streaming protocol.
npm install @enclave-vm/runtime
# or
yarn add @enclave-vm/runtime
# or
pnpm add @enclave-vm/runtime
# Start runtime server
npx enclave-runtime --port 3000
# With configuration file
npx enclave-runtime --config runtime.config.json
# With environment variables
ENCLAVE_PORT=3000 ENCLAVE_SECURITY_LEVEL=strict npx enclave-runtime
import { createRuntime } from '@enclave-vm/runtime';
const runtime = await createRuntime({
port: 3000,
securityLevel: 'strict',
timeout: 30000,
maxToolCalls: 100,
tools: {
'data:fetch': async (args) => {
return await fetchData(args.url);
},
},
});
await runtime.start();
console.log('Runtime listening on port 3000');
// Graceful shutdown
process.on('SIGTERM', () => runtime.stop());
Create runtime.config.json:
{
"port": 3000,
"host": "0.0.0.0",
"securityLevel": "strict",
"timeout": 30000,
"maxToolCalls": 100,
"maxIterations": 10000,
"cors": {
"origin": ["https://app.example.com"],
"credentials": true
},
"auth": {
"type": "bearer",
"tokens": ["token1", "token2"]
},
"tls": {
"cert": "/path/to/cert.pem",
"key": "/path/to/key.pem"
}
}
| Variable | Description | Default |
|---|---|---|
ENCLAVE_PORT | Server port | 3000 |
ENCLAVE_HOST | Server host | 0.0.0.0 |
ENCLAVE_SECURITY_LEVEL | Security level | standard |
ENCLAVE_TIMEOUT | Execution timeout (ms) | 30000 |
ENCLAVE_MAX_TOOL_CALLS | Max tool calls | 100 |
ENCLAVE_AUTH_TOKEN | Auth token (comma-separated for multiple) | - |
FROM node:22-slim
WORKDIR /app
RUN npm install @enclave-vm/runtime
EXPOSE 3000
CMD ["npx", "enclave-runtime"]
Build and run:
docker build -t enclave-runtime .
docker run -p 3000:3000 enclave-runtime
Connect to ws://localhost:3000/ws:
const ws = new WebSocket('ws://localhost:3000/ws');
ws.onopen = () => {
// Start session
ws.send(
JSON.stringify({
type: 'start',
code: `
const user = await callTool('getUser', { id: 1 });
return user;
`,
}),
);
};
ws.onmessage = (event) => {
const message = JSON.parse(event.data);
switch (message.type) {
case 'tool_call':
console.log('Tool called:', message.name);
// Handle tool call and send result
ws.send(
JSON.stringify({
type: 'tool_result',
id: message.id,
data: {
/* result */
},
}),
);
break;
case 'result':
console.log('Execution result:', message.value);
break;
case 'error':
console.error('Error:', message.error);
break;
}
};
POST /execute
Content-Type: application/json
{
"code": "return 1 + 1",
"timeout": 5000
}
Response:
{
"success": true,
"value": 2,
"stats": {
"duration": 15,
"toolCallCount": 0
}
}
GET /health
Response:
{
"status": "healthy",
"uptime": 3600,
"activeSessions": 5
}
Register tool handlers programmatically:
import { createRuntime } from '@enclave-vm/runtime';
const runtime = await createRuntime({
tools: {
// Simple handler
'math:add': async ({ a, b }) => a + b,
// Handler with validation
'users:get': {
handler: async ({ id }) => {
return await db.users.findById(id);
},
schema: {
id: { type: 'number', required: true },
},
},
// Async generator for streaming
'data:stream': async function* ({ items }) {
for (const item of items) {
yield await processItem(item);
}
},
},
});
import { createLambdaHandler } from '@enclave-vm/runtime/lambda';
export const handler = createLambdaHandler({
securityLevel: 'strict',
timeout: 10000,
tools: {
// Tool handlers
},
});
import { createEdgeHandler } from '@enclave-vm/runtime/edge';
export default createEdgeHandler({
securityLevel: 'strict',
tools: {
// Tool handlers
},
});
export const config = { runtime: 'edge' };
import { createRuntime } from '@enclave-vm/runtime';
const runtime = await createRuntime({
metrics: {
enabled: true,
endpoint: '/metrics', // Prometheus format
},
logging: {
level: 'info',
format: 'json',
},
});
// Access metrics
runtime.on('execution:complete', (stats) => {
console.log(`Execution completed in ${stats.duration}ms`);
});
runtime.on('execution:error', (error) => {
console.error('Execution failed:', error);
});
| Package | Description |
|---|---|
| @enclave-vm/core | Core execution engine |
| @enclave-vm/types | Type definitions and Zod schemas |
| @enclave-vm/stream | Streaming protocol implementation |
| @enclave-vm/broker | Tool broker and session management |
| @enclave-vm/client | Browser/Node.js client SDK |
Apache-2.0
FAQs
Standalone runtime worker for EnclaveJS - deployable execution environment
The npm package @enclave-vm/runtime receives a total of 32 weekly downloads. As such, @enclave-vm/runtime popularity was classified as not popular.
We found that @enclave-vm/runtime demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 11.5 now recognizes npm staged publish approvals in release metadata, preventing those releases from being mistaken for lower-trust package publishes.
Security News
Federal audit finds NIST lacked a plan to clear the NVD backlog, wasted funds on duplicate work, and delayed use of CISA data.
Research
/Security News
A mini Shai-Hulud campaign compromised Red Hat Cloud Services npm packages to steal developer and CI/CD secrets during installation.