Skip to content

enclave-vm@2.7.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 09 Jan 02:30
· 34 commits to main since this release
enclave-vm@2.7.0
09f9b53
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

enclave-vm v2.7.0

📦 npm: enclave-vm@2.7.0

Added

  • Introduced a JSON-based tool bridge with configurable modes and payload limits, exposed via the new toolBridge option on EnclaveConfig.
  • Added serialized size estimators (estimateSerializedSize/checkSerializedSize) and enforce them before returning sandbox values when a memory limit is configured.

Changed

  • Enclave construction now normalizes toolBridge settings and requires explicit acknowledgement before enabling insecure direct bridging.

Security

  • Array.prototype.fill is now memory-tracked inside both VM adapters to block sparse-array exhaustion attacks.
  • Return paths reject values whose serialized size would exceed the configured memory limit, preventing Vector 340 serialization amplification.
  • All host-generated errors now go through centralized createSafeError, severing prototype chains and stripping host stack details.
  • String-mode tool bridge validates JSON payloads, enforces payload caps, sanitizes arguments/results, and updates tool-call stats before invoking host handlers.
Assets 2
Loading