A JavaScript sandbox virtual machine that runs on ESTree syntax trees (e.g. esprima, etc). Takes a pedantic approach by implementing the abstract operations from the ECMA-262 spec very literally. Evaluation is done via generators to support stepping through code for debugging and to avoid infinite loops.
It provides a safe sandbox environment for evaluating JavaScript code without allowing any access to the host environment, since all operations are fully emulated. Additional objects can be added to the environment to allow safe evaluation of user-provided scripts in the browser or on the server.
- consider exposing bindings a little more, lazy-initialized binding for arguments objects, etc
- we should probably make a subtype of PropertyMap that stores array indices separately in an array, which would allow delegating a lot more to the underlying VM.
- optimize "ordinary" functions w/
new Function? need thorough analysis
- Evaluate arithmetic
- Bind variables
- with const/let
- with var
- implicitly (sloppy)
- Standard globals
- Basic primitive types and wrappers
- Number
- Math
- String
- Symbol
- Boolean
- BigInt
- Number
- Well-known Object types
- Object
- Function
- Error
- all subtypes
- throwable
- stack traces
- Array
- Arguments
- Iterators
- RegExp
- Reflect
- Map
- Set
- WeakMap / WeakSet
- Proxy
- Date
- Functions
- function calls
- constructor calls
- vanilla declarations
- vanilla expressions
- arrow functions
- generators
- async
- async arrows
- async generators
- Syntax
- object literals
- array literals
- destructuring
- spread
- binary operators
- unary operators
- ++ and -- operators
- template literals
- control structures
- for
- if
- while
- try
- switch
- with
- classes
- class fields
- private fields
- super
- use strict
- optional chaining
-
new.target
- Modules
-
import.meta
-
- Debugger statement
- SPI for host integration
- Test-262 integration