js tooling to help prevent attacks from evil dependencies.
webpack plugin for creating bundles protected by the LavaMoat kernel.
kumavis
/ read-only-membrane.js
Last active
November 19, 2019 06:30
read-only handler for es-membrane
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict" | |
| const { Membrane } = require('es-membrane') | |
| // create raw object to be protected by membrane | |
| const rawObj = { secure: true } | |
| // create membrane to manage interaction | |
| const membrane = new Membrane() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const provider = polyfillJsonRpcBatchAsBatchTx(inpageProvider) | |
| function polyfillJsonRpcBatchAsBatchTx (oldProvider) { | |
| const newProvider = { sendAsync } | |
| return newProvider | |
| function sendAsync (req, cb) { | |
| if (Array.isArray(req)) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| _then = Promise.prototype.then | |
| // [Function: then] | |
| Promise.prototype.then = function(){ console.log('then!'); return _then.apply(this, arguments); } | |
| // [Function (anonymous)] | |
| p = new Promise(resolve => resolve()) | |
| // Promise { undefined } |
kumavis
/ gist:cfec971e3224252f038a8ae575925b3e
Last active
December 5, 2019 14:08
more javascript hijinks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > x = 'hello' | |
| 'hello' | |
| > x.toString = () => 'ayy' | |
| [Function] | |
| > x.valueOf = () => 'yoo' | |
| [Function] | |
| > x | |
| 'hello' | |
| > x+'' | |
| 'hello' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const { makeStringTransform } = require('browserify-transform-tools') | |
| module.exports = makeStringTransform('lavamoat-browserify-workarounds', { excludeExtension: ['.json'] }, (content, _, cb) => { | |
| const result = content | |
| // fix html comments | |
| .split('-->').join('-- >') | |
| // fix direct eval | |
| .split(' eval(').join(' (eval)(') | |
| .split('\neval(').join('\n(eval)(') |
kumavis
/ createModuleInspector.js
Created
August 19, 2020 02:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const { builtinModules: builtinPackages } = require('module') | |
| // [email protected] | |
| const { createModuleInspector } = require('lavamoat-core') | |
| const inspector = createModuleInspector({ | |
| // used to see if this imports builtins | |
| isBuiltin: (name) => builtinPackages.includes(name), | |
| // adds some notes on ses compat, etc | |
| includeDebugInfo: true, | |
| }) |
kumavis
/ gist:83a8c21b03998e0d2173c2a5478b7835
Created
August 25, 2020 09:03
comparison of guybedford's Secure Modular Runtimes proposal to LavaMoat
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| hi guybedford/ | |
| i really enjoyed your blog post https://guybedford.com/secure-modular-runtimes.html | |
| here's some quick notes comparing your proposal and lavamoat in its current form (https://github.com/lavamoat/lavamoat) | |
| these differences represent lavamoat currently, and can easily be changed with input from smart folks like yourself | |
| ### basic runtime structure | |
| [exactly] "this runtime can fully restrict high-level capability access from packages for third-party code running in the same process" | |
| [exactly] "That this runtime can support an onramp from the existing JavaScript ecosystems, which is crucial for adoption. " |
kumavis
/ gist:e02d67bf463bd2b387d45b080c463872
Created
September 3, 2020 02:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.redfin.com/OR/Portland/6109-SW-Thomas-St-97221/home/173018992?utm_source=android_share&utm_medium=share&utm_nooverride=1&utm_content=link | |
| https://www.redfin.com/OR/Portland/3246-SW-Cascade-Ter-97205/home/26369492?utm_source=android_share&utm_medium=share&utm_nooverride=1&utm_content=link |
kumavis
/ gist:ab0e6ab555362c5e479d6311c4540bbd
Created
November 30, 2020 09:36
go-ethreum mainnet fast sync performance on digital ocean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| syncing geth on digital ocean | |
| - name: eth2-mainnet-00 | |
| - sync time: (failed to sync, bound by disk perf) | |
| - region: fra1 | |
| - type: s-8vcpu-16gb | |
| - primaryDb: attached volume | |
| - ancientDb: attached volume | |
| - price vps: $0.119/hr | |
| - price volume: $0.052/hr 350gb |