1 repository
Security frameworks for isolating untrusted JavaScript code within a Node.js process.
Distinct from Node.js Sandbox Runtimes: Existing candidates focus on browser-based runtimes or API security, not the general host-process protection provided by a Node.js sandbox.
Explore 1 awesome GitHub repository matching security & cryptography · Node.js Sandboxing. Refine with filters or upvote what's useful.
vm2 is a Node.js JavaScript sandbox and runtime virtualizer designed to execute untrusted code. It functions as a secure code evaluator and module isolator that protects the host process by creating an isolated execution environment with restricted access to the Node.js runtime. The system distinguishes itself through a security framework that utilizes object proxying and deep freezing to prevent sandboxed scripts from modifying the host global context or shared objects. It implements strict module access control using allow-lists and path restrictions to govern which built-in or external dep
Protects the host Node.js process from malicious scripts by limiting memory, execution time, and global object access.