ses - npm Package Compare versions

src/tame-faux-data-properties.js

19

NEWS.md

		User-visible changes in SES:

		# v1.1.0 (2024-01-17)

		- The [iterators-helpers](https://github.com/tc39/proposal-iterator-helpers)
		proposal includes two accessor properties whose purpose is to emulate
		a data property, but without the override mistake problem. The ses-shim
		creates many such properties, but was unprepared for them to already be
		present in the JS platform it starts with. Chrome Canary and Node 22
		both implement the iterators-helper proposal, triggering this bug, preventing
		the ses-shim from initializing. The ses-shim
		[now copes safely](https://github.com/endojs/endo/pull/1969) with an
		enumerated set of such properties, starting with these two properties from
		the iterators-helpers proposal.
		- The ses-shim now permits the new methods from the
		[set-methods](https://github.com/tc39/proposal-set-methods) proposal,
		enabling these methods to be used on platforms where they are implemented,
		which are currently a Chrome Canary and a Node 22.

		# v0.18.8 (2023-09-11)
		@@ -30,3 +47,3 @@

		- Censors the pattern `{...import(specifier)`}.
		- Censors the pattern `{...import(specifier)}`.
		We previously censored `import(specifier)` and expressly allowed
		@@ -33,0 +50,0 @@ `object.import(specifier)`.

18

package.json

		{
		"name": "ses",
		"version": "1.0.1",
		"version": "1.1.0",
		"description": "Hardened JavaScript for Fearless Cooperation",
		@@ -55,5 +55,5 @@ "keywords": [
		"demo": "python3 -m http.server",
		"lint": "yarn lint:types && yarn lint:js",
		"lint": "yarn lint:types && yarn lint:eslint",
		"lint-fix": "eslint --fix .",
		"lint:js": "eslint .",
		"lint:eslint": "eslint .",
		"lint:types": "tsc",
		@@ -66,7 +66,7 @@ "prepare": "yarn run clean && yarn build",
		"dependencies": {
		"@endo/env-options": "^1.0.1"
		"@endo/env-options": "^1.1.0"
		},
		"devDependencies": {
		"@endo/compartment-mapper": "^1.0.1",
		"@endo/static-module-record": "^1.0.1",
		"@endo/compartment-mapper": "^1.1.0",
		"@endo/static-module-record": "^1.0.2",
		"@endo/test262-runner": "^0.1.32",
		@@ -86,3 +86,3 @@ "ava": "^5.3.0",
		"tsd": "^0.28.1",
		"typescript": "~5.2.2"
		"typescript": "~5.3.3"
		},
		@@ -188,5 +188,5 @@ "files": [
		"typeCoverage": {
		"atLeast": 81.13
		"atLeast": 81.17
		},
		"gitHead": "c02aec92c3caa417d6bdf3c4f555f0b2694d9f9e"
		"gitHead": "373f9eebab66c94ed42350473c90fb25e6054f0a"
		}

76

src/enable-property-overrides.js

		@@ -14,3 +14,2 @@ // Adapted from SES/Caja
		getOwnPropertyDescriptors,
		getOwnPropertyNames,
		isObject,
		@@ -92,5 +91,39 @@ objectHasOwnProperty,

		function getter() {
		return value;
		}
		const isDebug = setHas(debugProperties, prop);

		// We use concise method syntax to be `this` sensitive, but still
		// omit a prototype property or [[Construct]] behavior.
		// @ts-expect-error We know there is an accessor descriptor there
		const { get: getter, set: setter } = getOwnPropertyDescriptor(
		{
		get [prop]() {
		return value;
		},
		set [prop](newValue) {
		if (obj === this) {
		throw TypeError(
		`Cannot assign to read only property '${String(
		prop,
		)}' of '${path}'`,
		);
		}
		if (objectHasOwnProperty(this, prop)) {
		this[prop] = newValue;
		} else {
		if (isDebug) {
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.error(TypeError(`Override property ${prop}`));
		}
		defineProperty(this, prop, {
		value: newValue,
		writable: true,
		enumerable: true,
		configurable: true,
		});
		}
		},
		},
		prop,
		);

		defineProperty(getter, 'originalValue', {
		@@ -103,28 +136,2 @@ value,

		const isDebug = setHas(debugProperties, prop);

		function setter(newValue) {
		if (obj === this) {
		throw TypeError(
		`Cannot assign to read only property '${String(
		prop,
		)}' of '${path}'`,
		);
		}
		if (objectHasOwnProperty(this, prop)) {
		this[prop] = newValue;
		} else {
		if (isDebug) {
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.error(TypeError(`Override property ${prop}`));
		}
		defineProperty(this, prop, {
		value: newValue,
		writable: true,
		enumerable: true,
		configurable: true,
		});
		}
		}

		defineProperty(obj, prop, {
		@@ -154,3 +161,2 @@ get: getter,
		// cannot recokon types of symbolized properties.
		// @ts-ignore
		arrayForEach(ownKeys(descs), prop => enable(path, obj, prop, descs[prop]));
		@@ -160,3 +166,3 @@ }
		function enableProperties(path, obj, plan) {
		for (const prop of getOwnPropertyNames(plan)) {
		for (const prop of ownKeys(plan)) {
		const desc = getOwnPropertyDescriptor(obj, prop);
		@@ -169,6 +175,4 @@ if (!desc \|\| desc.get \|\| desc.set) {

		// Plan has no symbol keys and we use getOwnPropertyNames()
		// so `prop` cannot only be a string, not a symbol. We coerce it in place
		// with `String(..)` anyway just as good hygiene, since these paths are just
		// for diagnostic purposes.
		// In case `prop` is a symbol, we first coerce it with `String`,
		// purely for diagnostic purposes.
		const subPath = `${path}.${String(prop)}`;
		@@ -175,0 +179,0 @@ const subPlan = plan[prop];

13

src/enablements.js

		@@ -0,1 +1,3 @@
		import { toStringTagSymbol } from './commons.js';

		/**
		@@ -77,2 +79,9 @@ * @file Exports {@code enablements}, a recursively defined
		},
		'%IteratorPrototype%': {
		toString: true,
		// https://github.com/tc39/proposal-iterator-helpers
		constructor: true,
		// https://github.com/tc39/proposal-iterator-helpers
		[toStringTagSymbol]: true,
		},
		};
		@@ -156,2 +165,6 @@
		toString: true,
		// https://github.com/tc39/proposal-iterator-helpers
		constructor: true,
		// https://github.com/tc39/proposal-iterator-helpers
		[toStringTagSymbol]: true,
		},
		@@ -158,0 +171,0 @@ };

2

src/error/fatal-assert.js

		@@ -13,3 +13,3 @@ // @ts-check
		// to be found within the start compartment of SwingSet vats. What else?
		if (typeof process === 'object') {
		if (typeof process === 'object' && process) {
		abandon = process.abort \|\| process.exit;
		@@ -16,0 +16,0 @@ }

2

src/error/README.md

		@@ -8,3 +8,3 @@ # Logging Errors
		* Both `assert` and `console` are powerful globals that SES does not implicitly carry into child compartments. When creating a child compartment, add `assert` to the compartment’s globals. Either add `console` too, or add a wrapper that annotates the console with a topic.
		* SES hides annotations and stack traces by default. To reveal them, use a mechanism like `process.on("uncaughtException")` in Node.js to catch the error and log it back to the `console` tamed by `lockdown`.
		* SES hides annotations and stack traces by default. To reveal them, SES uses mechanisms like `process.on("uncaughtException")` in Node.js to catch the error and log it back to the `console` tamed by `lockdown`.
		* In the scope of the Agoric software ecosystem, this architecture will allow us to eventually introduce a more powerful distributed `console` that can meaningfully capture stack traces for a distributed debugger, based on the design of [Causeway](https://github.com/Agoric/agoric-sdk/issues/1318#issuecomment-662127549).
		@@ -11,0 +11,0 @@

123

src/error/tame-console.js

		// @ts-check

		import {
		// Using TypeError minimizes risk of exposing the feral Error constructor
		TypeError,
		@@ -16,32 +17,9 @@ apply,

		const failFast = message => {
		throw TypeError(message);
		};

		const wrapLogger = (logger, thisArg) =>
		freeze((...args) => apply(logger, thisArg, args));

		// eslint-disable-next-line no-restricted-globals
		const originalConsole = /** @type {VirtualConsole} */ (
		// eslint-disable-next-line no-nested-ternary
		typeof console !== 'undefined'
		? console
		: typeof print === 'function'
		? // Make a good-enough console for eshost (including only functions that
		// log at a specific level with no special argument interpretation).
		// https://console.spec.whatwg.org/#logging
		(p => freeze({ debug: p, log: p, info: p, warn: p, error: p }))(
		// eslint-disable-next-line no-undef
		wrapLogger(print),
		)
		: undefined
		);

		// Upgrade a log-only console (as in `eshost -h SpiderMonkey`).
		if (originalConsole && originalConsole.log) {
		for (const methodName of ['warn', 'error']) {
		if (!originalConsole[methodName]) {
		defineProperty(originalConsole, methodName, {
		value: wrapLogger(originalConsole.log, originalConsole),
		});
		}
		}
		}

		/**
		@@ -64,5 +42,5 @@ * Wrap console unless suppressed.
		) => {
		if (consoleTaming !== 'safe' && consoleTaming !== 'unsafe') {
		throw TypeError(`unrecognized consoleTaming ${consoleTaming}`);
		}
		consoleTaming === 'safe' \|\|
		consoleTaming === 'unsafe' \|\|
		failFast(`unrecognized consoleTaming ${consoleTaming}`);

		@@ -78,2 +56,30 @@ let loggedErrorHandler;
		}

		// eslint-disable-next-line no-restricted-globals
		const originalConsole = /** @type {VirtualConsole} */ (
		// eslint-disable-next-line no-nested-ternary
		typeof globalThis.console !== 'undefined'
		? globalThis.console
		: typeof globalThis.print === 'function'
		? // Make a good-enough console for eshost (including only functions that
		// log at a specific level with no special argument interpretation).
		// https://console.spec.whatwg.org/#logging
		(p => freeze({ debug: p, log: p, info: p, warn: p, error: p }))(
		// eslint-disable-next-line no-undef
		wrapLogger(globalThis.print),
		)
		: undefined
		);

		// Upgrade a log-only console (as in `eshost -h SpiderMonkey`).
		if (originalConsole && originalConsole.log) {
		for (const methodName of ['warn', 'error']) {
		if (!originalConsole[methodName]) {
		defineProperty(originalConsole, methodName, {
		value: wrapLogger(originalConsole.log, originalConsole),
		});
		}
		}
		}

		const ourConsole = /** @type {VirtualConsole} */ (
		@@ -101,17 +107,32 @@ consoleTaming === 'unsafe'
		// Node.js
		if (errorTrapping !== 'none' && globalThis.process !== undefined) {
		globalThis.process.on('uncaughtException', error => {
		const globalProcess = globalThis.process \|\| undefined;
		if (
		errorTrapping !== 'none' &&
		typeof globalProcess === 'object' &&
		typeof globalProcess.on === 'function'
		) {
		let terminate;
		if (errorTrapping === 'platform' \|\| errorTrapping === 'exit') {
		const { exit } = globalProcess;
		// If there is a function-valued process.on but no function-valued process.exit,
		// fail early without caring whether errorTrapping is "platform" only by default.
		typeof exit === 'function' \|\| failFast('missing process.exit');
		terminate = () => exit(globalProcess.exitCode \|\| -1);
		} else if (errorTrapping === 'abort') {
		terminate = globalProcess.abort;
		typeof terminate === 'function' \|\| failFast('missing process.abort');
		}

		globalProcess.on('uncaughtException', error => {
		// causalConsole is born frozen so not vulnerable to method tampering.
		ourConsole.error(error);
		if (errorTrapping === 'platform' \|\| errorTrapping === 'exit') {
		globalThis.process.exit(globalThis.process.exitCode \|\| -1);
		} else if (errorTrapping === 'abort') {
		globalThis.process.abort();
		if (terminate) {
		terminate();
		}
		});
		}

		if (
		unhandledRejectionTrapping !== 'none' &&
		globalThis.process !== undefined
		typeof globalProcess === 'object' &&
		typeof globalProcess.on === 'function'
		) {
		@@ -126,5 +147,5 @@ const handleRejection = reason => {
		// Rejection handlers are supported.
		globalThis.process.on('unhandledRejection', h.unhandledRejectionHandler);
		globalThis.process.on('rejectionHandled', h.rejectionHandledHandler);
		globalThis.process.on('exit', h.processTerminationHandler);
		globalProcess.on('unhandledRejection', h.unhandledRejectionHandler);
		globalProcess.on('rejectionHandled', h.rejectionHandledHandler);
		globalProcess.on('exit', h.processTerminationHandler);
		}
		@@ -134,8 +155,9 @@ }
		// Browser
		const globalWindow = globalThis.window \|\| undefined;
		if (
		errorTrapping !== 'none' &&
		globalThis.window !== undefined &&
		globalThis.window.addEventListener !== undefined
		typeof globalWindow === 'object' &&
		typeof globalWindow.addEventListener === 'function'
		) {
		globalThis.window.addEventListener('error', event => {
		globalWindow.addEventListener('error', event => {
		event.preventDefault();
		@@ -145,11 +167,10 @@ // 'platform' and 'report' just log the reason.
		if (errorTrapping === 'exit' \|\| errorTrapping === 'abort') {
		globalThis.window.location.href = `about:blank`;
		globalWindow.location.href = `about:blank`;
		}
		});
		}

		if (
		unhandledRejectionTrapping !== 'none' &&
		globalThis.window !== undefined &&
		globalThis.window.addEventListener !== undefined
		typeof globalWindow === 'object' &&
		typeof globalWindow.addEventListener === 'function'
		) {
		@@ -163,3 +184,3 @@ const handleRejection = reason => {
		// Rejection handlers are supported.
		globalThis.window.addEventListener('unhandledrejection', event => {
		globalWindow.addEventListener('unhandledrejection', event => {
		event.preventDefault();
		@@ -169,3 +190,3 @@ h.unhandledRejectionHandler(event.reason, event.promise);

		globalThis.window.addEventListener('rejectionhandled', event => {
		globalWindow.addEventListener('rejectionhandled', event => {
		event.preventDefault();
		@@ -175,3 +196,3 @@ h.rejectionHandledHandler(event.promise);

		globalThis.window.addEventListener('beforeunload', _event => {
		globalWindow.addEventListener('beforeunload', _event => {
		h.processTerminationHandler();
		@@ -178,0 +199,0 @@ });

53

src/lockdown.js

		@@ -17,3 +17,3 @@ // Copyright (C) 2018 Agoric

		import { makeEnvironmentCaptor } from '@endo/env-options';
		import { getEnvironmentOption as getenv } from '@endo/env-options';
		import {
		@@ -30,2 +30,3 @@ FERAL_FUNCTION,
		getOwnPropertyNames,
		getPrototypeOf,
		} from './commons.js';
		@@ -58,2 +59,3 @@ import { makeHardener } from './make-hardener.js';
		import { tameSymbolConstructor } from './tame-symbol-constructor.js';
		import { tameFauxDataProperties } from './tame-faux-data-properties.js';

		@@ -161,4 +163,2 @@ /** @typedef {import('../types.js').LockdownOptions} LockdownOptions */

		const { getEnvironmentOption: getenv } = makeEnvironmentCaptor(globalThis);

		const {
		@@ -288,2 +288,10 @@ errorTaming = getenv('LOCKDOWN_ERROR_TAMING', 'safe'),

		const hostIntrinsics = { __proto__: null };

		// The Node.js Buffer is a derived class of Uint8Array, and as such is often
		// passed around where a Uint8Array is expected.
		if (typeof globalThis.Buffer === 'function') {
		hostIntrinsics.Buffer = globalThis.Buffer;
		}

		/**
		@@ -309,2 +317,15 @@ * Wrap console unless suppressed.

		// The untamed Node.js console cannot itself be hardened as it has mutable
		// internal properties, but some of these properties expose internal versions
		// of classes from node's "primordials" concept.
		// eslint-disable-next-line no-underscore-dangle
		if (typeof (/** @type {any} */ (consoleRecord.console)._times) === 'object') {
		// SafeMap is a derived Map class used internally by Node
		// There doesn't seem to be a cleaner way to reach it.
		hostIntrinsics.SafeMap = getPrototypeOf(
		// eslint-disable-next-line no-underscore-dangle
		/** @type {any} */ (consoleRecord.console)._times,
		);
		}

		// @ts-ignore assert is absent on globalThis type def.
		@@ -324,2 +345,4 @@ if (errorTaming === 'unsafe' && globalThis.assert === assert) {

		tameFauxDataProperties(intrinsics);

		/**
		@@ -398,16 +421,24 @@ * 2. WHITELIST to standardize the environment.
		// must be the operation that modifies the intrinsics.
		tamedHarden(intrinsics);
		const toHarden = {
		intrinsics,
		hostIntrinsics,
		globals: {
		// Harden evaluators
		Function: globalThis.Function,
		eval: globalThis.eval,
		// @ts-ignore Compartment does exist on globalThis
		Compartment: globalThis.Compartment,

		// Harden evaluators
		tamedHarden(globalThis.Function);
		tamedHarden(globalThis.eval);
		// @ts-ignore Compartment does exist on globalThis
		tamedHarden(globalThis.Compartment);
		// Harden Symbol
		Symbol: globalThis.Symbol,
		},
		};

		// Harden Symbol and properties for initialGlobalPropertyNames in the host realm
		tamedHarden(globalThis.Symbol);
		for (const prop of getOwnPropertyNames(initialGlobalPropertyNames)) {
		tamedHarden(globalThis[prop]);
		toHarden.globals[prop] = globalThis[prop];
		}

		tamedHarden(toHarden);

		return tamedHarden;
		@@ -414,0 +445,0 @@ };

20

src/module-instance.js

		@@ -35,3 +35,3 @@ import { assert } from './error/assert.js';
		) => {
		const { exportsProxy, proxiedExports, activate } = getDeferredExports(
		const { exportsProxy, exportsTarget, activate } = getDeferredExports(
		compartment,
		@@ -55,3 +55,3 @@ weakmapGet(compartmentPrivateFields, compartment),
		arrayForEach(staticModuleRecord.exports, name => {
		let value = proxiedExports[name];
		let value = exportsTarget[name];
		const updaters = [];
		@@ -68,3 +68,3 @@

		defineProperty(proxiedExports, name, {
		defineProperty(exportsTarget, name, {
		get,
		@@ -81,5 +81,5 @@ set,
		});
		// This is enough to support import * from cjs - the '*' field doesn't need to be in exports nor proxiedExports because import will only ever access it via notifiers
		// This is enough to support import * from cjs - the '*' field doesn't need to be in exports nor exportsTarget because import will only ever access it via notifiers
		notifiers['*'] = update => {
		update(proxiedExports);
		update(exportsTarget);
		};
		@@ -104,3 +104,3 @@ }
		staticModuleRecord.execute(
		proxiedExports,
		exportsTarget,
		compartment,
		@@ -151,3 +151,3 @@ resolvedImports,

		const { exportsProxy, proxiedExports, activate } = getDeferredExports(
		const { exportsProxy, exportsTarget, activate } = getDeferredExports(
		compartment,
		@@ -351,3 +351,3 @@ compartmentFields,
		const notifyStar = update => {
		update(proxiedExports);
		update(exportsTarget);
		};
		@@ -445,6 +445,6 @@ notifiers['*'] = notifyStar;
		arrayForEach(arraySort(keys(exportsProps)), k =>
		defineProperty(proxiedExports, k, exportsProps[k]),
		defineProperty(exportsTarget, k, exportsProps[k]),
		);

		freeze(proxiedExports);
		freeze(exportsTarget);
		activate();
		@@ -451,0 +451,0 @@ }

56

src/module-proxy.js

		@@ -28,2 +28,3 @@ // Compartments need a mechanism to link a module from one compartment
		reflectPreventExtensions,
		toStringTagSymbol,
		weakmapSet,
		@@ -55,3 +56,11 @@ } from './commons.js';
		let active = false;
		const proxiedExports = create(null);
		const exportsTarget = create(null, {
		// Make this appear like an ESM module namespace object.
		[toStringTagSymbol]: {
		value: 'Module',
		writable: false,
		enumerable: false,
		configurable: false,
		},
		});
		return freeze({
		@@ -61,4 +70,4 @@ activate() {
		},
		proxiedExports,
		exportsProxy: new Proxy(proxiedExports, {
		exportsTarget,
		exportsProxy: new Proxy(exportsTarget, {
		get(_target, name, receiver) {
		@@ -72,3 +81,3 @@ if (!active) {
		}
		return reflectGet(proxiedExports, name, receiver);
		return reflectGet(exportsTarget, name, receiver);
		},
		@@ -88,3 +97,3 @@ set(_target, name, _value) {
		}
		return reflectHas(proxiedExports, name);
		return reflectHas(exportsTarget, name);
		},
		@@ -102,3 +111,3 @@ deleteProperty(_target, name) {
		}
		return ownKeys(proxiedExports);
		return ownKeys(exportsTarget);
		},
		@@ -113,3 +122,3 @@ getOwnPropertyDescriptor(_target, name) {
		}
		return reflectGetOwnPropertyDescriptor(proxiedExports, name);
		return reflectGetOwnPropertyDescriptor(exportsTarget, name);
		},
		@@ -122,3 +131,3 @@ preventExtensions(_target) {
		}
		return reflectPreventExtensions(proxiedExports);
		return reflectPreventExtensions(exportsTarget);
		},
		@@ -131,3 +140,3 @@ isExtensible() {
		}
		return reflectIsExtensible(proxiedExports);
		return reflectIsExtensible(exportsTarget);
		},
		@@ -159,7 +168,26 @@ getPrototypeOf(_target) {

		// `getDeferredExports` memoizes the creation of a deferred module exports
		// namespace proxy for any abritrary full specifier in a compartment.
		// It also records the compartment and specifier affiliated with that module
		// exports namespace proxy so it can be used as an alias into another
		// compartment when threaded through a compartment's `moduleMap` argument.
		/**
		* @typedef {object} DeferredExports
		* @property {Record<string, any>} exportsTarget - The object to which a
		* module's exports will be added.
		* @property {Record<string, any>} exportsProxy - A proxy over the `exportsTarget`,
		* used to expose its "exports" to other compartments.
		* @property {() => void} activate - Activate the `exportsProxy` such that it can
		* be used as a module namespace object.
		*/

		/**
		* Memoizes the creation of a deferred module exports namespace proxy for any
		* arbitrary full specifier in a compartment. It also records the compartment
		* and specifier affiliated with that module exports namespace proxy so it
		* can be used as an alias into another compartment when threaded through
		* a compartment's `moduleMap` argument.
		*
		* @param {*} compartment - The compartment to retrieve deferred exports from.
		* @param {*} compartmentPrivateFields - The private fields of the compartment.
		* @param {*} moduleAliases - The module aliases of the compartment.
		* @param {string} specifier - The module specifier to retrieve deferred exports for.
		* @returns {DeferredExports} - The deferred exports for the module specifier of
		* the compartment.
		*/
		export const getDeferredExports = (
		@@ -166,0 +194,0 @@ compartment,

44

src/permits-intrinsics.js

		@@ -77,3 +77,14 @@ // Copyright (C) 2011 Google Inc.
		) {
		// These primitives are allowed allowed for permits.
		let groupStarted = false;
		const inConsoleGroup = (level, ...args) => {
		if (!groupStarted) {
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.groupCollapsed('Removing unpermitted intrinsics');
		groupStarted = true;
		}
		// eslint-disable-next-line @endo/no-polymorphic-call
		return console[level](...args);
		};

		// These primitives are allowed for permits.
		const primitives = ['undefined', 'boolean', 'number', 'string', 'symbol'];
		@@ -283,7 +294,3 @@
		if (subPermit !== false) {
		// This call to `console.warn` is intentional. It is not a vestige of
		// a debugging attempt. See the comment at top of file for an
		// explanation.
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.warn(`Removing ${subPath}`);
		inConsoleGroup('warn', `Removing ${subPath}`);
		}
		@@ -297,4 +304,6 @@ try {
		if (obj.prototype === undefined) {
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.warn(`Tolerating undeletable ${subPath} === undefined`);
		inConsoleGroup(
		'warn',
		`Tolerating undeletable ${subPath} === undefined`,
		);
		// eslint-disable-next-line no-continue
		@@ -304,7 +313,5 @@ continue;
		}
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.error(`failed to delete ${subPath}`, err);
		inConsoleGroup('error', `failed to delete ${subPath}`, err);
		} else {
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.error(`deleting ${subPath} threw`, err);
		inConsoleGroup('error', `deleting ${subPath} threw`, err);
		}
		@@ -317,5 +324,12 @@ throw err;

		// Start path with 'intrinsics' to clarify that properties are not
		// removed from the global object by the whitelisting operation.
		visitProperties('intrinsics', intrinsics, permitted);
		try {
		// Start path with 'intrinsics' to clarify that properties are not
		// removed from the global object by the whitelisting operation.
		visitProperties('intrinsics', intrinsics, permitted);
		} finally {
		if (groupStarted) {
		// eslint-disable-next-line @endo/no-polymorphic-call
		console.groupEnd();
		}
		}
		}

14

src/permits.js

		@@ -1124,2 +1124,16 @@ /* eslint-disable no-restricted-globals */
		'@@toStringTag': 'string',
		// See https://github.com/tc39/proposal-set-methods
		intersection: fn,
		// See https://github.com/tc39/proposal-set-methods
		union: fn,
		// See https://github.com/tc39/proposal-set-methods
		difference: fn,
		// See https://github.com/tc39/proposal-set-methods
		symmetricDifference: fn,
		// See https://github.com/tc39/proposal-set-methods
		isSubsetOf: fn,
		// See https://github.com/tc39/proposal-set-methods
		isSupersetOf: fn,
		// See https://github.com/tc39/proposal-set-methods
		isDisjointFrom: fn,
		},
		@@ -1126,0 +1140,0 @@

10

src/tame-domains.js

		@@ -20,8 +20,6 @@ // @ts-check
		// Protect against the hazard presented by Node.js domains.
		if (typeof globalThis.process === 'object' && globalThis.process !== null) {
		const globalProcess = globalThis.process \|\| undefined;
		if (typeof globalProcess === 'object') {
		// Check whether domains were initialized.
		const domainDescriptor = getOwnPropertyDescriptor(
		globalThis.process,
		'domain',
		);
		const domainDescriptor = getOwnPropertyDescriptor(globalProcess, 'domain');
		if (domainDescriptor !== undefined && domainDescriptor.get !== undefined) {
		@@ -41,3 +39,3 @@ // The domain descriptor on Node.js initially has value: null, which
		// We have no better recourse because Node.js uses defineProperty too.
		defineProperty(globalThis.process, 'domain', {
		defineProperty(globalProcess, 'domain', {
		value: null,
		@@ -44,0 +42,0 @@ configurable: false,

2

types.d.ts

		@@ -65,3 +65,3 @@ /**
		execute(
		proxiedExports: Record<string, any>,
		exportsTarget: Record<string, any>,
		compartment: Compartment,
		@@ -68,0 +68,0 @@ resolvedImports: Record<string, string>,

dist/lockdown.cjs

Sorry, the diff of this file is not supported yet

dist/lockdown.mjs

Sorry, the diff of this file is not supported yet

dist/lockdown.umd.js

Sorry, the diff of this file is too big to display

dist/lockdown.umd.min.js

Sorry, the diff of this file is too big to display

dist/ses.cjs

Sorry, the diff of this file is not supported yet

dist/ses.mjs

Sorry, the diff of this file is not supported yet

dist/ses.umd.js

Sorry, the diff of this file is too big to display

dist/ses.umd.min.js

Sorry, the diff of this file is too big to display

ses - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Dependency changes