undefined | Better HN

0 pointsLunaSea6y ago0 comments

Sure but logic doesn't exist in a vacuum so in most cases you are going to import / export your input data or your results to the filesystem or through the network.

I actually suggested a more granular, per-module approach to this during the Node Forward and IO.js debacle years ago: https://github.com/node-forward/discussions/issues/14

At the time it was deemed to difficult to implement in Node.js after the fact, which makes sense of course. But I'm disappointed that Deno didn't go for a more bolder, more secure approach. The current system seems pretty pointless.

0 comments

kevinkassimo6y ago

It is actually more interesting about the definition of “per module”, because technically every single file is its very own module from the view of V8, and is reinforced in Deno since we are trying to be web compatible, so there is not even a package.json-like construct for you to identify the “root” of any library, more so as there is no more index.js magical resolution

snek6y ago

I'm really sad that I lost my gist on this, but I was working on a system in Node.js for defining the capabilities of modules in an es module graph (as you suggest) where there might not be defined package boundaries. The implementation complexity (required changes to upstream V8) resulted in us going with node policies as they are today.

I don't remember the exact API, but basically an es module graph is a directed graph (e.g. edges have a direction), and because there is only one entrypoint in node, we can therefore create a hierarchy of modules. From this point on, you basically start at the root with X permissions, and from there each module can reduce the permissions of modules they import (or they can reduce their own permissions, but they can't raise them after that obviously).

mahmoudimus6y ago

This looks interesting. How did you lose the gist? You just can't find it on https://gist.github.com/?

z3t46y ago

Could force all side effects to be called from the main module.

ZitchDog6y ago

Since modules are loaded from URLs, it would be per TLD.

kevinkassimo6y ago

Then how about a site like unpkg.com? The definition even becomes much more blurry as redirections and other possible protocols are involved.

j / k navigate · click thread line to collapse

0 pointsLunaSea6y ago0 comments

Sure but logic doesn't exist in a vacuum so in most cases you are going to import / export your input data or your results to the filesystem or through the network.

I actually suggested a more granular, per-module approach to this during the Node Forward and IO.js debacle years ago: https://github.com/node-forward/discussions/issues/14

0 comments

kevinkassimo6y ago

snek6y ago

mahmoudimus6y ago

This looks interesting. How did you lose the gist? You just can't find it on https://gist.github.com/?

z3t46y ago

Could force all side effects to be called from the main module.

ZitchDog6y ago

Since modules are loaded from URLs, it would be per TLD.

kevinkassimo6y ago

Then how about a site like unpkg.com? The definition even becomes much more blurry as redirections and other possible protocols are involved.

j / k navigate · click thread line to collapse