Skip to content

ses@2.2.0

Choose a tag to compare

View all tags
@kriskowal kriskowal released this 12 Jun 04:42
· 9 commits to master since this release
ses@2.2.0
a9d2341
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Minor Changes

  • #3285 889be5e Thanks @erights! - Permit both initial powerful Temporal and safe shared Temporal

  • #2422 fe6be07 Thanks @kriskowal! - Add support for host module exits in bundled compartments.

    ses exports a new StrictModuleDescriptor type that consists only of the
    NamespaceModuleDescriptor and SourceModuleDescriptor shapes mutually
    supported by SES and XS.

    compartment-mapper lets arbitrary module descriptors pass through
    importHook when no policy is in effect for that edge (the
    policy-enforcement runtime was previously limited to virtual module sources).
    It also implicitly treats any module specifier with a URL-scheme prefix
    (like node:fs) as an exit module when bundling, removing the need for an
    additional bundler flag in the common case.

    import-bundle threads the importHook option through to the underlying
    compartment so that bundled applications can route exits to host-provided
    implementations at import time.
    Host-provided modules must be hardened and pure to avoid being a
    side-channel or man-in-the-middle attack surface between guests.

Assets 2
Loading