feature request for `require.pure(id)` or `pkg.pure:true`

Feature request.

Most third part module we are using are pure function things. If we can control that (when we require them even install them), then maybe most security problems could under control easily?

“pure module require” means:

1. no i/o, like fs, net native module.
2. no context pollute, like viciously rewritting to standard lib and native module exports.
3. other things, like Buffer.allocUnsafe, child_process API.
4. pkg.scripts field actions will have no chance to attack the computer.
5. pure module can only require pure module.

soft additional design objective:

1. maybe we need “pureAsync”, different with “pure(Sync)”, to give a way auto force run in “Worker”-like thing, to protect “while ( true ) ;” (and bind to cpu different with main app context). not very important, because it’s almost no benefit for author, and easy to be found by the most careless user (no different with a lib has no user just because it’s too slow).
2. maybe we need consider “import” solution together, like “import mod from ‘x’ assert { pure: ‘sync’ }”.