Author here! I didn't even know that existed. Thanks for the link!
That looks like it has the same problem as Deno's solution, in that its too coarse for my taste. I want to explicitly give permission to a library, not to the process as a whole. (Since I don't want some errant library deep in my dependency tree to nuke my production databases.)
I love the definitions of scope though - that looks like exactly the sort of thing that I want here.
> I want to explicitly give permission to a library, not to the process as a whole. (Since I don't want some errant library deep in my dependency tree to nuke my production databases.)
Doesn't Java have a SecurityManager feature that can do this? Perhaps we need a JS equivalent.
The trouble with security manager is it’s only as good as it’s widespread support.
If it worked, and was widely used, for example, nobody would have had to worry about the possibility of their logging library downloading code from an LDAP server and executing it.
SecurityManager was a bad idea. It might be useful to prevent accidental bound trespassing. But it turned out too flaky to serve as a security foundation. Basically nobody uses it for security.
That looks like it has the same problem as Deno's solution, in that its too coarse for my taste. I want to explicitly give permission to a library, not to the process as a whole. (Since I don't want some errant library deep in my dependency tree to nuke my production databases.)
I love the definitions of scope though - that looks like exactly the sort of thing that I want here.