endojs
feat(pola-io): least-authority file, net, cmd access
Description
access to files, net, cmd with attentuation and such. see README for more.
Security Considerations
DRAFT until:
- [ ] in the interest of ZERO dependencies, uses
freeze()rather thanharden(). expected to be compatible with HardenedJS / ses. what hazards does this expose us to?- [x] includes unit tests that the API surface is frozen
- [ ] by default, doesn't enforce downward-only file traversal
Scaling Considerations
n/a/
Documentation Considerations
- [ ]
dyn()part of file API needs more docs
Testing Considerations
- [x] some basic unit tests
- [x] API surface is frozen
- [ ] see CONTRIBUTING for more things to demonstrate by way of tests, if not features
Compatibility Considerations
I think it overlaps with some readPowers stuff in compartment mapper?
migrating from agoric-sdk:
- https://github.com/Agoric/agoric-sdk/pull/11486
Upgrade Considerations
- [ ] not sure what the
exportsshould be- I removed
exportsfrom the standardcreate-package.shoutput.
- I removed
avoid abbreviation in the public names exported by this package, like makeCommand over makeCmd
yes, dictionary words are good.
DRAFT until
This PR looks like it still addresses an important need. What are our expectations for this PR? Since all the changes are only in the new package, I imagine that it would be easy to reconcile with current master?
DRAFT until
This PR looks like it still addresses an important need.
:)
What are our expectations for this PR?
I'd like it to land in due course. I managed to get it into agoric-sdk as part of ymax work:
- https://github.com/Agoric/agoric-sdk/pull/11488
And that's meeting my needs for now. I'd be happy for somebody to carry this forward.
Since all the changes are only in the new package, I imagine that it would be easy to reconcile with current master?
yes.
I suppose the main thing is Object.freeze vs. harden above.