Skip to content

enclave-vm@2.5.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 07 Jan 20:55
· 41 commits to main since this release
enclave-vm@2.5.0
3928642
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

enclave-vm v2.5.0

📦 npm: enclave-vm@2.5.0

Added

  • Serialized worker protocol now carries a securityLevel flag so worker-pool executions mirror the AST guard preset in use.
  • Worker sandbox utilities now derive security-level-specific global maps and the Enclave validator pulls its base allow list from getAgentScriptGlobals before appending custom globals.

Changed

  • serializeError now tolerates string throws from transformed loop guards before sanitizing stack traces.

Security

  • Sandbox creation now exposes only the globals permitted for the selected security level, removing constructors like console, Promise, or RegExp under stricter tiers for defense-in-depth.
  • Double-VM bootstrap instantiates safe objects using inner-context intrinsics, makes the injected __host_vm_module__ removable, and nulls vm.createContext/vm.Script before user code executes.
Assets 2
Loading