sablejs
vm2
sablejs | vm2 | |
---|---|---|
1 | 14 | |
1,062 | 3,826 | |
0.0% | - | |
3.2 | 4.5 | |
over 1 year ago | about 2 months ago | |
JavaScript | JavaScript | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
sablejs
vm2
- Vm2 discontinued due to unfixable security issues
- VM2 (Puppeteer Dependency) Is Deprecated Due to Critical Security Issues
- NPM package vm2 is no longer secure
-
CVE-2023-29017 / Query Help
Sandbox Escape · Advisory · patriksimek/vm2 · GitHub
- Sandbox Escape in VM2 - designed to run untrusted code in an isolated context on Node.js servers - used by integrated development environments (IDEs) and code editors, function-as-a-service (FaaS) solutions, pen-testing frameworks, security tools, and various JavaScript-related products
- Does reinitializing a new vm cause memory leak when using vm2?
- Is there a way to destroy the vm when using vm2?
-
What is the purpose of 'vm' module?
There are projects like vm2 based on vm, but they seem to be offer best-effort solutions for avoiding frequently discovered vulnerabilities, and cannot guarantee safety in general.
-
[AskJS] How to security test JS playground?
Here is link number 1 - Previous text "vm2"
-
Run untrusted code in sandbox
Something like this? https://github.com/patriksimek/vm2
What are some alternatives?
JS-Interpreter - A sandboxed JavaScript interpreter in JavaScript.
deno - A modern runtime for JavaScript and TypeScript.
webassemblyjs - Toolchain for WebAssembly
TypeScript - TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
learning-sandbox - Centralized spot for learning in public as well as any guides I put together for the Lost Creek Designs blog.
CodeBox - A sandbox coding environment - desktop app, inspired by CodePen and JSFiddle
jk - Configuration as Code with ECMAScript
thislang - A subset of javascript implemented in that subset of javascript. Yes, it can run itself.
sysbox - An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
brs - An interpreter for the BrightScript language that runs on non-Roku platforms.
rfcs - Public change requests/proposals & ideation