Quickjs

A typescript package to execute JavaScript and TypeScript code in a webassembly quickjs sandbox

Generate Convert Improve

Install / Use

/learn @sebastianwessel/Quickjs

About this skill

Quality Score

0/100

README

QuickJS - Execute JavaScript and TypeScript in a WebAssembly QuickJS Sandbox

This TypeScript package allows you to safely execute JavaScript AND TypeScript code within a WebAssembly sandbox using the QuickJS engine. Perfect for isolating and running untrusted code securely, it leverages the lightweight and fast QuickJS engine compiled to WebAssembly, providing a robust environment for code execution.

View the full documentation | Find examples in the repository | Online Playground

Features

Security: Run untrusted JavaScript and TypeScript code in a safe, isolated environment.
Basic Node.js modules: Provides basic standard Node.js module support for common use cases.
File System: Can mount a virtual file system.
Custom Node Modules: Custom node modules are mountable.
Fetch Client: Can provide a fetch client to make http(s) calls.
Test-Runner: Includes a test runner and chai based expect.
Performance: Benefit from the lightweight and efficient QuickJS engine.
Versatility: Easily integrate with existing TypeScript projects.
Simplicity: User-friendly API for executing and managing JavaScript and TypeScript code in the sandbox.

Basic Usage

Here's a simple example of how to use the package:

import variant from "@jitl/quickjs-ng-wasmfile-release-sync";
import { type SandboxOptions, loadQuickJs } from "@sebastianwessel/quickjs";

// General setup like loading and init of the QuickJS wasm
// It is a ressource intensive job and should be done only once if possible
const { runSandboxed } = await loadQuickJs(variant);

const options: SandboxOptions = {
  allowFetch: true, // inject fetch and allow the code to fetch data
  allowFs: true, // mount a virtual file system and provide node:fs module
  env: {
    MY_ENV_VAR: "env var value",
  },
};

const code = `
import { join } from 'path'

const fn = async ()=>{
  console.log(join('src','dist')) // logs "src/dist" on host system

  console.log(env.MY_ENV_VAR) // logs "env var value" on host system

  const url = new URL('https://example.com')

  const f = await fetch(url)

  return f.text()
}

export default await fn()
`;

const result = await runSandboxed(
  async ({ evalCode }) => evalCode(code),
  options,
);

console.log(result); // { ok: true, data: '<!doctype html>\n<html>\n[....]</html>\n' }

View the full documentation

Find examples in the repository

Credits

This lib is based on:

Tools used:

License

This project is licensed under the MIT License.

This package is ideal for developers looking to execute JavaScript code securely within a TypeScript application, ensuring both performance and safety with the QuickJS WebAssembly sandbox.

Related Skills

node-connect

335.4k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

82.5k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

Writing Hookify Rules

82.5k

This skill should be used when the user asks to "create a hookify rule", "write a hook rule", "configure hookify", "add a hookify rule", or needs guidance on hookify rule syntax and patterns.

openai-whisper-api

335.4k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).