ad6a466459
Each module now runs in a real Deno Worker with per-module permission sandboxing. The I/O bridge relays Worker postMessage calls through the parent to CoreService gRPC, so modules can access store, files, and processes without direct network/filesystem access. - Worker bootstrap (worker-entry.ts): sets up RPC bridge, dynamically imports module, calls init(core) with typed I/O object - ModuleRegistry rewritten: creates Workers with Deno permission constructor, handles LOADING → RUNNING → STOPPED lifecycle - Structured ModulePermissions (read/write/net/run) replaces flat string array in Go→Deno JSON-RPC - I/O bridge: Worker postMessage → parent dispatchRPC → CoreClient gRPC → response relayed back to Worker - Test module proves end-to-end: Worker calls core.storeSet() → Go verifies value in store 40 unit tests + 3 integration tests (Tier 1 boot + Tier 2 bidir + Tier 3 Worker). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
8 lines
189 B
JSON
8 lines
189 B
JSON
{
|
|
"imports": {
|
|
"@grpc/grpc-js": "npm:@grpc/grpc-js@^1.12",
|
|
"@grpc/proto-loader": "npm:@grpc/proto-loader@^0.7"
|
|
},
|
|
"nodeModulesDir": "none",
|
|
"unstable": ["worker-options"]
|
|
}
|