Sam Gammon
12/27/2022, 10:45 AMSam Gammon
12/27/2022, 10:46 AMValueError
• ✅ TypeError
• ➡️ (All exception types)
• ➡️ Guest VM exception bridge
▪︎ ➡️ URL Specification
• ✅ URL
• ➡️ URLSearchParams
▪︎ 🕛 Abort Controller
▪︎ 🕛 Streams (Core)
▪︎ 🕛 Streams (Web)
▪︎ ➡️ Fetch API Specification
• ➡️ Request
• ➡️ Response
• ➡️ Headers
• 🕛 fetch
▪︎ 🕛 Streaming React
▪︎ 🕛 TypeScript Runtime
◦ ➡️ Runtime
▪︎ ✅ Toolchain
▪︎ ✅ Embedded in image
▪︎ ➡️ esbuild
at runtime
▪︎ 🕛 TypeScript + JSX runtime (tslib
, etc)
▪︎ 🕛 Source execution support for TypeScript: CLI + VM
◦ ➡️ CLI
▪︎ ✅ Hooked into JS VM v3
▪︎ ✅ Intrinsics installed
▪︎ ✅ One-liner install script
▪︎ ✅ x86 macOS
▪︎ ✅ arm64 macOS
▪︎ ✅ x86 linux
▪︎ ✅ Ability to execute code snippets
▪︎ ✅ Ability to execute file scripts
▪︎ ✅ Ability to execute interactively
▪︎ ➡️ Distribution via Brew and apt-get
▪︎ ➡️ Terminal completions (zsh/bash)
▪︎ 🕛 Naked execute (elide
) should drop into an interactive shell, like Node or Deno
• 🕛 Language(s): Python, LLVM, RubySam Gammon
12/30/2022, 8:38 AMSam Gammon
12/30/2022, 8:38 AMSam Gammon
12/30/2022, 8:45 AMnpx run @elide-dev/elide@alpha
Sam Gammon
01/01/2023, 2:49 AMSam Gammon
01/01/2023, 8:46 AMSam Gammon
01/02/2023, 1:53 AMSam Gammon
01/02/2023, 1:53 AMSam Gammon
01/02/2023, 2:03 AMcrc32
and compression
mode
c. seek to beginning of Tree
flatbuffer, load it into memory while decompressing, according to compression
d. the Tree
has the file tree and byte offsets for each file, which we have on hand now
e. we load the data region as a RandomAccessFile
, perhaps written to tmp
f. the Tree
and data region are used to build an in-memory JimFS filesystem, decompressing while we go
g. at runtime, guest requests file via I/O:
i. impl receives request, enforces security policies
ii. allowed requests go to JimFS
iii. JimFS serves it from memory in already-decompressed form
tradeoff decisions proposed:
• Init instead of runtime: load and decompress up-front so that file loading at runtime is instant, it's all already in memory
• Emphasis on fast decompression: LZ4 won't save a ton of space, but it will also minimize impact on startup time to the greatest extent possible
• Non-goal of pre-compressed browser assets: The assets subsystem already pre-compresses assets at build time, so it's a moot issue
• Backed by well-tested code: After boot, JimFS kicks in which is well tested and performant (we don't have to deliver crazy runtime performance)
• Streaming and copy-free: As much as possible, we shouldn't have to copy while initializing the runtime, which Flatbuffers and streaming compression deliver
(for reference, this is the guest FS that will be used to load ESM, NPM, Python modules, etc).Sam Gammon
01/02/2023, 2:03 AMSam Gammon
01/02/2023, 2:04 AMcrc32
and compression
mode
c. seek to beginning of Tree
flatbuffer, load it into memory while decompressing, according to compression
d. the Tree
has the file tree and byte offsets for each file, which we have on hand now
e. verify the Tree
by calculating the crc32
and comparing it
f. we load the data region as a RandomAccessFile
, perhaps written to tmp
g. the Tree
and data region are used to build an in-memory JimFS filesystem, decompressing while we go
i. while each file is decompressed, a checksum is calculated and compared
h. at runtime, guest requests file via I/O:
i. impl receives request, enforces security policies
ii. allowed requests go to JimFS
iii. JimFS serves it from memory in already-decompressed form
tradeoff decisions proposed:
• Init instead of runtime: load and decompress up-front so that file loading at runtime is instant, it's all already in memory
• Emphasis on fast decompression: LZ4 won't save major space, but it will minimize the impact on startup time to the greatest extent possible
• Non-goal of pre-compressed browser assets: The assets subsystem already pre-compresses assets at build time, so it's a moot issue
• Backed by well-tested code: After boot, JimFS kicks in which is well tested and performant (we don't have to deliver crazy runtime performance)
• Streaming and copy-free: As much as possible, we shouldn't have to copy while initializing the runtime, which Flatbuffers and streaming compression deliver
(for reference, this is the guest FS that will be used to load ESM, NPM, Python modules, etc).Sam Gammon
01/10/2023, 1:48 AMSam Gammon
01/12/2023, 4:33 AMSam Gammon
01/12/2023, 4:33 AMSam Gammon
01/12/2023, 7:05 PMSam Gammon
01/12/2023, 7:05 PMSam Gammon
01/12/2023, 7:05 PMSam Gammon
01/15/2023, 10:34 AMv3
repo will be renamed to "elide" (the previous "elide" repo has been archived, it was v1/v2, which are now old)
• github discussions will get activated
• gitter and a button for this slack channel added to README
separately, a test version of the CLI is out which has the error support shown above, plus a bunch of other goodies under testing. release coming soon. you can try it by running the one-line installer:
curl -sSL --tlsv1.2 dl.elide.dev/cli/install.sh | bash -s -
Sam Gammon
01/25/2023, 7:48 PMview-source
to see it working!)
✅ Nearly perfect WebPageTest score
✅ Excellent Core Web Vitals
✅ Builds to a native amd64 binary
✅ Dynamic caching of SSR output
✅ Pre-compressed Brotli and Gzip SSR
✅ Profile-Guided Optimization (PGO) with GraalVM EE
✅ CDN with CloudFlare
✅ Modern image formats (webp, avif)
✅ Favicon that automatically changes based on dark/light mode
✅ Alpine (musl
)-based binary and Docker image, in static mode
Security
✅ CORP, COEP, CSPv3
✅ Very strong CSP
✅ Script and source nonce sharing with JS VM
✅ A+ TLS rating
✅ Full suite of security headers
✅ DNSSEC
Dev
✅ Builds as single optimized amd64 native binary
✅ Alpine-based Docker image (<http://us-docker.pkg.dev/elide-fw/app/site:latest|us-docker.pkg.dev/elide-fw/app/site:latest>
if you want to try it out)
✅ Support for MDX via KotlinJS (very quick builds for site content)
✅ Plug-in support for customized esbuild
(for SSR target)Sam Gammon
01/25/2023, 7:51 PMFROM scratch
image which only contains the application binary, there is no Linux kernel -- so the app's UI, JavaScript, CSS, images, and Kotlin server code are all packaged into one runnable unit.
✅ 0 detectable vulnerabilities in Docker image
✅ Built with Alpine Linux, GraalVM
✅ Completely static binary (FROM scratch
)
✅ Size: 137.3MB (!)Samuel Gammon
04/07/2023, 9:43 AMSamuel Gammon
04/07/2023, 9:44 AMDamien O'Hara
04/14/2023, 2:59 AMSamuel Gammon
04/16/2023, 4:23 AMSamuel Gammon
04/18/2023, 11:09 PMSamuel Gammon
04/18/2023, 11:10 PMSamuel Gammon
04/18/2023, 11:10 PM1.0-v3-alpha3-b7
Samuel Gammon
04/18/2023, 11:10 PMSamuel Gammon
04/18/2023, 11:10 PM