logoalt Hacker News

pikuseruyesterday at 9:22 PM2 repliesview on HN

The thing that caught my eye immediately was the sandboxing. I have no idea why Node and npm don’t have sandboxing by default. It would greatly help with some of these worms and supply chain attacks.


Replies

ptxyesterday at 11:16 PM

The "VM-isolated sandbox" is apparently not referring to the JavaScript VM but to a hypervisor, according to the text a bit further down on the page. I wouldn't expect that to be particularly fast or efficient, especially not if you're already running in a VM and have to use nested virtualization (if it's even available).

show 1 reply
_shantaramyesterday at 11:31 PM

Deno has that! Come join us :P no affiliation, just a happy user.