Are V8 isolates the future of computing?

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • blueboat

    All-in-one, multi-tenant serverless JavaScript runtime.

    > If one writes Go or Rust, there are much better ways to run them than targeting WASM

    wasm has its place, especially for contained workloads that can be wrapped in its strict capability boundaries (think, file-encoding jobs that shouldn't access anything else but said files: https://news.ycombinator.com/item?id=29112713).

    > Containers are still the defacto standard.

    wasmedge [0], atmo [1], krustlet [2], blueboat [3] and numerous other projects are turning up the heat [4]!

    [0] https://github.com/WasmEdge/WasmEdge

    [1] https://github.com/suborbital/atmo

    [2] https://github.com/krustlet/krustlet

    [3] https://github.com/losfair/blueboat

    [4] https://news.ycombinator.com/item?id=30155295

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • spawner

    Discontinued Session backend orchestrator for ambitious browser-based apps. [Moved to: https://github.com/drifting-in-space/plane]

    Is the appeal of isolates in this case the cold start time or the isolation? We're working on some open source infrastructure for running sandboxed (gVisor) containers on the fly from web services[1], and one of the use cases people have is serving Jupyter notebooks which seems like it might resemble your use case?

    [1] https://github.com/drifting-in-space/spawner/

  • SSVM

    WasmEdge is a lightweight, high-performance, and extensible WebAssembly runtime for cloud native, edge, and decentralized applications. It powers serverless apps, embedded functions, microservices, smart contracts, and IoT devices.

    > If one writes Go or Rust, there are much better ways to run them than targeting WASM

    wasm has its place, especially for contained workloads that can be wrapped in its strict capability boundaries (think, file-encoding jobs that shouldn't access anything else but said files: https://news.ycombinator.com/item?id=29112713).

    > Containers are still the defacto standard.

    wasmedge [0], atmo [1], krustlet [2], blueboat [3] and numerous other projects are turning up the heat [4]!

    [0] https://github.com/WasmEdge/WasmEdge

    [1] https://github.com/suborbital/atmo

    [2] https://github.com/krustlet/krustlet

    [3] https://github.com/losfair/blueboat

    [4] https://news.ycombinator.com/item?id=30155295

  • e2core

    Server for sandboxed third-party plugins, powered by WebAssembly

    > If one writes Go or Rust, there are much better ways to run them than targeting WASM

    wasm has its place, especially for contained workloads that can be wrapped in its strict capability boundaries (think, file-encoding jobs that shouldn't access anything else but said files: https://news.ycombinator.com/item?id=29112713).

    > Containers are still the defacto standard.

    wasmedge [0], atmo [1], krustlet [2], blueboat [3] and numerous other projects are turning up the heat [4]!

    [0] https://github.com/WasmEdge/WasmEdge

    [1] https://github.com/suborbital/atmo

    [2] https://github.com/krustlet/krustlet

    [3] https://github.com/losfair/blueboat

    [4] https://news.ycombinator.com/item?id=30155295

  • krustlet

    Kubernetes Rust Kubelet

    > If one writes Go or Rust, there are much better ways to run them than targeting WASM

    wasm has its place, especially for contained workloads that can be wrapped in its strict capability boundaries (think, file-encoding jobs that shouldn't access anything else but said files: https://news.ycombinator.com/item?id=29112713).

    > Containers are still the defacto standard.

    wasmedge [0], atmo [1], krustlet [2], blueboat [3] and numerous other projects are turning up the heat [4]!

    [0] https://github.com/WasmEdge/WasmEdge

    [1] https://github.com/suborbital/atmo

    [2] https://github.com/krustlet/krustlet

    [3] https://github.com/losfair/blueboat

    [4] https://news.ycombinator.com/item?id=30155295

  • gvisor

    Application Kernel for Containers

    Answering the security question specifically: v8 is a runtime and not a security boundary. Escaping it isn't trivial, but it is common [1]. You should still wrap it in a proper security boundary like gVisor [2].

    1. https://www.cvedetails.com/vulnerability-list/vendor_id-1224...

    2. https://gvisor.dev/

  • workers-sdk

    ⛅️ Home to Wrangler, the CLI for Cloudflare Workers®

  • wizer

    The WebAssembly Pre-Initializer

  • wasmtime

    A lightweight WebAssembly runtime that is fast, secure, and standards-compliant

    Actually that's incorrect, there are a nunber of wasm runtimes that don't use v8. Here's links to a couple.

    https://wasmtime.dev/

    https://www.fastly.com/products/edge-compute

  • chromium

    The official GitHub mirror of the Chromium source

    As you scale up with R2, D3, Email Workers etc, is it possible that the _future_ scale of touching very sensitive, "ought-to-be-secure / separate" data / code help reconsider this decision?

    Without process isolation, all it takes is one bad Chromium commit or a incorrectly allow-listed JS/V8 command for this model to fall through regardless of how thorough the defense-in-depth/vetted Workers may be.

    "the public clouds that run arbitrary native code in hardware VMs." -> Isn't it double whammy then that a V8 isolate + HW attack surface in combination could provide an order of magnitude more hackability?

    "Last I heard there were still some lower-powered Android phones where the overhead was too high" -> I believe a Zygote-process fork was made available to Chromium at some point (https://chromium.googlesource.com/chromium/src/+/HEAD/docs/l... ?).

  • IncludeOS

    A minimal, resource efficient unikernel for cloud services

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Easier examples for the WasmEdge Rust SDK to get started with this Wasm runtime quickly.

    5 projects | /r/rust | 5 Dec 2022
  • AssemblyLift v0.2.9: BIG performance boost + new features! 🚀

    2 projects | dev.to | 9 Feb 2021
  • Introducing Spin 3.0

    11 projects | dev.to | 12 Nov 2024
  • The BPF instruction set architecture is now RFC 9669

    1 project | news.ycombinator.com | 5 Nov 2024
  • Ask HN: If you were rewriting Emacs from scratch, what would you do differently?

    7 projects | news.ycombinator.com | 12 Oct 2024

Did you konow that Rust is
the 5th most popular programming language
based on number of metions?