alt Hacker NewsThis project looks very cool - I've been trying to build something similar in a few different ways (https://github.com/simonw/denobox is my most recent attempt) but this is way ahead of where I've got, especially given its support for shell scripting.
I'm sad about this bit though:
> Python code is MIT. The WASM binary is proprietary—you can use it with this package but can't extract or redistribute it separately.
Replies
I posted this elsewhere in the thread, and don't want to spam it everywhere (or take away from Amla!), but you might be interested in eryx [1] - the Python bindings [2] get you a similar Python-in-Python sandbox based on a WASI build of CPython (props to the componentize-py [3] people)!
[1]: https://github.com/sd2k/eryx/
Simon - would love if you could take a look at Localsandbox (https://github.com/coplane/localsandbox) - it was partly inspired by your Pyodide post!
https://github.com/bytecodealliance/ComponentizeJS is a Bytecode Alliance project which can run JS in a SpiderMonkey-based runtime as a Wasm component
Thanks Simon! Denobox looks very cool: Deno's permissions model is a natural fit for this.
On the licensing: totally fair point. Our intention is to open source the WASM too. The binary is closed for now only because we need to clean up the source code before releasing it as open-source. The Python SDK and capability layer are MIT. We wanted to ship something usable now rather than wait. Since the wasm binary runs in wasmtime within an open source harness, it is possible to audit everything going in and out of the wasm blob for security.
Genuinely open to feedback on this. If the split license is a blocker for your use cases, that's useful signal for us.