Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Provide option to delete Deno namespace in worker #2717
Add an option to
The condition is propagated (e.g. if a sandboxed worker tries to create another worker, it will always also be sandboxed)
This is achieved by adding a condition to per worker/isolate
(The locations where things are attached/bounded to
Seems reasonable. It’s a little annoying to lay all this pipe for just this one boolean. It makes me wonder if we should future proof this but having an options object of some sort... but I think it’s not much code so probably better to just add the boolean as you did.
I could imagine wanting to do something where you restrict permissions in the child worker - say limit network access...
Yeah sounds reasonable, though I do feel the sandboxing provided by this change is quite similar to the browser environment. Anyways we might experiment with that in another PR.
Also just added a basic integration test.