Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
SES: Cannot register `lockdown` in new VM context
See original GitHub issueTrying to lock down a new context by creating an isolatedRequire function:
function isolatedRequire(specifier) {
const sandbox = createContext({ require, console });
/**
* Lock down the component context and then import the module.
*/
const sesRequire = `
require('ses');
lockdown();
require(${JSON.stringify(specifier)});
`;
return runInNewContext(sesRequire, sandbox)
}
But it throws:
evalmachine.<anonymous>:3
lockdown();
^
ReferenceError: lockdown is not defined
at evalmachine.<anonymous>:3:5
at Script.runInContext (node:vm:139:12)
at Script.runInNewContext (node:vm:144:17)
at runInNewContext (node:vm:298:38)
It works if we require('ses') and then pass in the lockdown function for the initial context, but that locks down the parent context and kind of invalidates the scoping principle here.
Why won’t the lockdown identifier register in a new VM context?
Issue Analytics
- State:
- Created 2 years ago
- Comments:7 (5 by maintainers)
Top Results From Across the Web
VMware vCenter Server 7.0 Update 3f Release Notes
As a result, I/O filter storage providers remains registered with the vCenter even though the ESXi host is not in the inventory.
Read more >Draft proposal for SES (Secure EcmaScript) - GitHub
Identity discontinuity. Two realms, made by same origin iframes or vm contexts, can be put in contact. Once in contact, they can mix...
Read more >Coronavirus (COVID-19): SME policy responses - OECD
Chapter 2 discusses the background to SME impact and policy responses, ... the expected liquidity shortage of SMEs due to the pandemic and...
Read more >Falling living standards during the COVID-19 crisis - Science
In most of cases, we cannot reject equality in the share of high and low SES households affected. However, the impact of an...
Read more >dpm error codes - macellerialucio.it
But we create a new server and want to install DPM 2016. ... 2019 · DPM cannot browse the contents of the virtual...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Node’s
vmmodule is pretty barebones. Afaik it doesn’t contain any node provided APIs such asrequire, only v8 intrinsics. I highly recommend you don’t try to build your own isolation mechanism based on it. You may have better luck withvm2orisolated-vm.SES will not on its own load external modules and evaluate them in isolated Compartments. For that you need other parts of Endo. You may instead be interested in LavaMoat which uses SES/Endo under the hood, and helps you isolate your package dependencies according to policies you define.
What I’m saying is that I don’t believe you’re loading the ses shim inside the context you created. You’re loading it in the parent realm.