UNPKG

lavamoat

Version:

`lavamoat` is a NodeJS runtime where modules are defined in [SES][SesGithub] Compartments. It aims to reduce the risk of malicious code in the app dependency graph, known as "software supply chain attacks".

github.com/LavaMoat/lavamoat

LavaMoat/lavamoat

58 lines (48 loc) 1.58 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#!/usr/bin/env node /* eslint-disable no-eval */ const path = require('node:path') const fs = require('node:fs') const yargs = require('yargs') const yargsFlags = require('./yargsFlags') const { runLava } = require('./index') const defaults = require('./defaults') runLava(parseArgs()).catch((err) => { // explicity log stack to workaround https://github.com/endojs/endo/issues/944 console.error(err.stack || err) process.exit(1) }) function parseArgs() { const argsParser = yargs .usage( '$0', 'lavamoat-run-command [flags for lavamoat] -- command [args for the command]', (yarn) => yargsFlags(yarn, defaults) ) .help() const parsedArgs = argsParser.parse() const commandName = parsedArgs._[0] const binEntry = path.resolve( process.cwd(), './node_modules/.bin/', commandName ) if (!fs.existsSync(binEntry)) { console.error(`Error: '${commandName}' is not one of the locally installed commands. Missing: '${binEntry}' Possible reasons for this error: - node_modules not installed - trying to run a globally installed script or command, which is not supported and not recommended`) process.exit(4) } parsedArgs.entryPath = path.resolve( process.cwd(), 'node_modules/.bin/', fs.readlinkSync(binEntry) ) // patch process.argv so it matches the normal pattern // e.g. [runtime path, entrypoint, ...args] // we'll use the LavaMoat path as the runtime // so we just remove the node path process.argv = [process.argv[0], ...parsedArgs._] return parsedArgs }