Skip to content

Commit

Permalink
Add lavamoat object walker integration
Browse files Browse the repository at this point in the history
  • Loading branch information
@david0xd
david0xd committed Jan 23, 2023
1 parent 4ef77cb commit a24dd82
Show file tree
Hide file tree
Showing 7 changed files with 35 additions and 291 deletions.
8 changes: 4 additions & 4 deletions packages/snaps-execution-environments/nyc.config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
*/
module.exports = {
'check-coverage': true,
branches: 90.71,
lines: 90.83,
functions: 94.44,
statements: 90.83,
branches: 89.81,
lines: 90.37,
functions: 94.31,
statements: 90.37,
};
1 change: 1 addition & 0 deletions packages/snaps-execution-environments/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@
"@babel/core": "^7.20.12",
"@babel/preset-typescript": "^7.18.6",
"@lavamoat/allow-scripts": "^2.0.3",
"@lavamoat/walker": "^0.2.1",
"@metamask/auto-changelog": "^3.1.0",
"@metamask/eslint-config": "^11.0.0",
"@metamask/eslint-config-jest": "^11.0.0",
Expand Down
27 changes: 22 additions & 5 deletions packages/snaps-execution-environments/src/common/endowments/hardenedEndowments.ava.test.ts
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
// eslint-disable-next-line import/no-unassigned-import
import 'ses';
// @ts-expect-error Walker has no types yet.
import Walker from '@lavamoat/walker';
import test from 'ava';
// FinalizationRegistry will fix type errors in tests related to network endowment.
// eslint-disable-next-line import/no-extraneous-dependencies, @typescript-eslint/no-unused-vars
Expand All @@ -11,7 +13,6 @@ import date from './date';
import interval from './interval';
import math from './math';
import network from './network';
import { walkPropertiesAndSearchForReference } from './security-utils';
import timeout from './timeout';

const globalThis = global;
Expand All @@ -23,6 +24,25 @@ lockdown({
stackFiltering: 'verbose',
});

/**
* Object walker test utility function.
*
* @param start - Subject to be tested.
* @param end - Target object.
* @returns True if target object is found, false otherwise.
*/
function walkAndSearch(start: unknown, end: unknown) {
let result = false;
const walker = new Walker(
(val: unknown) => {
return (result = result || val === end);
},
{ maxRecursionLimit: 100, onShouldIgnoreError: () => true },
);
walker.walk(start);
return result;
}

// Retrieve registered endowments
const registeredEndowments = buildCommonEndowments();
// Call factory method for each endowment. It will harden each of them.
Expand Down Expand Up @@ -262,10 +282,7 @@ Object.entries(testSubjects).forEach(([name, { endowments, factory }]) => {
if (factory()) {
test(`endowment ${name} does not leak global this`, (expect) => {
const instance = factory();
const searchResult = walkPropertiesAndSearchForReference(
instance,
globalThis,
);
const searchResult = walkAndSearch(instance, globalThis);

expect.is(searchResult, false);
});
Expand Down
5 changes: 0 additions & 5 deletions packages/snaps-execution-environments/src/common/endowments/security-utils/index.ts
View file

This file was deleted.

182 changes: 0 additions & 182 deletions ...s/snaps-execution-environments/src/common/endowments/security-utils/object-walker.test.ts
View file

This file was deleted.

95 changes: 0 additions & 95 deletions packages/snaps-execution-environments/src/common/endowments/security-utils/object-walker.ts
View file

This file was deleted.

8 changes: 8 additions & 0 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2446,6 +2446,13 @@ __metadata:
languageName: node
linkType: hard

"@lavamoat/walker@npm:^0.2.1":
version: 0.2.1
resolution: "@lavamoat/walker@npm:0.2.1"
checksum: 2849df46d872fbcc116e6e6fee1f70e7a314a5e96fc01a6c3d410c0cf3a0706fb863eb48e6adbe2e0a31b8bfa42039289637b0a40bb459a8c8f9d340168e7753
languageName: node
linkType: hard

"@metamask/abi-utils@npm:^1.1.1":
version: 1.1.1
resolution: "@metamask/abi-utils@npm:1.1.1"
Expand Down Expand Up @@ -2911,6 +2918,7 @@ __metadata:
"@babel/core": ^7.20.12
"@babel/preset-typescript": ^7.18.6
"@lavamoat/allow-scripts": ^2.0.3
"@lavamoat/walker": ^0.2.1
"@metamask/auto-changelog": ^3.1.0
"@metamask/eslint-config": ^11.0.0
"@metamask/eslint-config-jest": ^11.0.0
Expand Down

0 comments on commit a24dd82

Please sign in to comment.