Draft: Initial implementation of ShadowRealm built-in with realm isolation

.cargo/audit.toml

@@ -0,0 +1,5 @@
+[advisories]
+ignore = [
+    "RUSTSEC-2024-0436", # paste is unmaintained
+    "RUSTSEC-2024-0384", # instant is unmaintained
+]

.github/workflows/rust.yml

@@ -86,9 +86,6 @@ jobs:
         with:
           toolchain: stable
 
-      - name: Install Cargo insta
-        run: cargo install --locked cargo-insta
-
       - name: Cache cargo
         uses: actions/cache@v5
         with:
@@ -109,8 +106,6 @@ jobs:
         run: cargo nextest run --profile ci --cargo-profile ci --features annex-b,intl_bundled,experimental,embedded_lz4
       - name: Test docs
         run: cargo test --doc --profile ci --features annex-b,intl_bundled,experimental
-      - name: Test bytecode output
-        run: cargo insta test -p insta-bytecode
 
   miri:
     name: Miri

core/engine/src/builtins/mod.rs

@@ -28,6 +28,7 @@ pub mod proxy;
 pub mod reflect;
 pub mod regexp;
 pub mod set;
+pub mod shadow_realm;
 pub mod string;
 pub mod symbol;
 pub mod typed_array;
@@ -77,6 +78,7 @@ pub(crate) use self::{
     reflect::Reflect,
     regexp::RegExp,
     set::Set,
+    shadow_realm::ShadowRealm,
     string::String,
     symbol::Symbol,
     typed_array::{
@@ -272,8 +274,9 @@ impl Realm {
         Number::init(self);
         Eval::init(self);
         Set::init(self);
-        SetIterator::init(self);
+        ShadowRealm::init(self);
         String::init(self);
+        SetIterator::init(self);
         StringIterator::init(self);
         RegExp::init(self);
         RegExpStringIterator::init(self);
@@ -408,6 +411,7 @@ pub(crate) fn set_default_global_bindings(context: &mut Context) -> JsResult<()>
     global_binding::<Number>(context)?;
     global_binding::<Eval>(context)?;
     global_binding::<Set>(context)?;
+    global_binding::<ShadowRealm>(context)?;
     global_binding::<String>(context)?;
     global_binding::<RegExp>(context)?;
     global_binding::<BuiltinTypedArray>(context)?;

core/engine/src/builtins/shadow_realm/mod.rs

@@ -0,0 +1,149 @@
+//! Boa's implementation of ECMAScript's global `ShadowRealm` object.
+//!
+//! The `ShadowRealm` object is a distinct global environment that can execute
+//! JavaScript code in a new, isolated realm.
+//!
+//! More information:
+//!  - [ECMAScript reference][spec]
+//!
+//! [spec]: https://tc39.es/proposal-shadowrealm/
+
+#[cfg(test)]
+mod tests;
+
+use crate::{
+    builtins::{BuiltInBuilder, BuiltInConstructor, BuiltInObject, IntrinsicObject},
+    context::intrinsics::{Intrinsics, StandardConstructor, StandardConstructors},
+    error::JsNativeError,
+    js_string,
+    object::{JsData, JsObject, internal_methods::get_prototype_from_constructor},
+    realm::Realm,
+    string::StaticJsStrings,
+    Context, JsArgs, JsResult, JsString, JsValue,
+};
+use boa_gc::{Finalize, Trace};
+
+/// The `ShadowRealm` built-in object.
+#[derive(Debug, Trace, Finalize)]
+pub struct ShadowRealm {
+    inner: Realm,
+}
+
+impl JsData for ShadowRealm {}
+
+impl IntrinsicObject for ShadowRealm {
+    fn init(realm: &Realm) {
+        BuiltInBuilder::from_standard_constructor::<Self>(realm)
+            .method(Self::evaluate, js_string!("evaluate"), 1)
+            .method(Self::import_value, js_string!("importValue"), 2)
+            .build();
+    }
+
+    fn get(intrinsics: &Intrinsics) -> JsObject {
+        Self::STANDARD_CONSTRUCTOR(intrinsics.constructors()).constructor()
+    }
+}
+
+impl BuiltInObject for ShadowRealm {
+    const NAME: JsString = StaticJsStrings::SHADOW_REALM;
+}
+
+impl BuiltInConstructor for ShadowRealm {
+    const CONSTRUCTOR_ARGUMENTS: usize = 0;
+    const PROTOTYPE_STORAGE_SLOTS: usize = 2;
+    const CONSTRUCTOR_STORAGE_SLOTS: usize = 0;
+
+    const STANDARD_CONSTRUCTOR: fn(&StandardConstructors) -> &StandardConstructor =
+        StandardConstructors::shadow_realm;
+
+    fn constructor(
+        new_target: &JsValue,
+        _args: &[JsValue],
+        context: &mut Context,
+    ) -> JsResult<JsValue> {
+        // 1. If NewTarget is undefined, throw a TypeError exception.
+        if new_target.is_undefined() {
+            return Err(JsNativeError::typ()
+                .with_message("ShadowRealm constructor: NewTarget is undefined")
+                .into());
+        }
+
+        // 2. Let realmRec be ? CreateRealm().
+        let realm = context.create_realm()?;
+
+        // 3. Let shadowRealm be ? OrdinaryCreateFromConstructor(newTarget, "%ShadowRealm.prototype%", « [[ShadowRealm]] »).
+        // 4. Set shadowRealm.[[ShadowRealm]] to realmRec.
+        let prototype = get_prototype_from_constructor(new_target, StandardConstructors::shadow_realm, context)?;
+        let shadow_realm = JsObject::from_proto_and_data(prototype, ShadowRealm { inner: realm });
+
+        // 5. Return shadowRealm.
+        Ok(shadow_realm.into())
+    }
+}
+
+impl ShadowRealm {
+    /// `ShadowRealm.prototype.evaluate ( sourceText )`
+    pub(crate) fn evaluate(this: &JsValue, args: &[JsValue], context: &mut Context) -> JsResult<JsValue> {
+        // 1. Let shadowRealm be the this value.
+        // 2. Perform ? ValidateShadowRealm(shadowRealm).
+        let shadow_realm_obj = this
+            .as_object()
+            .ok_or_else(|| {
+                JsNativeError::typ()
+                    .with_message("ShadowRealm.prototype.evaluate: this is not a ShadowRealm object")
+            })?;
+
+        let shadow_realm = shadow_realm_obj.downcast_ref::<Self>().ok_or_else(|| {
+            JsNativeError::typ()
+                .with_message("ShadowRealm.prototype.evaluate: this is not a ShadowRealm object")
+        })?;
+
+        // 3. If Type(sourceText) is not String, throw a TypeError exception.
+        let source_text = args.get_or_undefined(0);
+        if !source_text.is_string() {
+            return Err(JsNativeError::typ()
+                .with_message("ShadowRealm.prototype.evaluate: sourceText is not a string")
+                .into());
+        }
+
+        // 4. Let realmRec be shadowRealm.[[ShadowRealm]].
+        let realm = shadow_realm.inner.clone();
+
+        // 5. Return ? PerformShadowRealmEval(sourceText, realmRec).
+
+        // Switch realm
+        let old_realm = context.enter_realm(realm);
+
+        // Perform eval (indirect)
+        let result =
+            crate::builtins::eval::Eval::perform_eval(source_text, false, None, false, context);
+
+        // Restore realm
+        context.enter_realm(old_realm);
+
+        let result = result?;
+
+        // 6. Return ? GetWrappedValue(realm, result).
+        // TODO: Implement GetWrappedValue (Callable Masking)
+        // For now, just return the result if it's not a function.
+        if result.is_callable() {
+            return Err(JsNativeError::typ()
+                .with_message("ShadowRealm: Callable masking (function wrapping) not yet implemented")
+                .into());
+        }
+
+        Ok(result)
+    }
+
+    /// `ShadowRealm.prototype.importValue ( specifier, name )`
+    pub(crate) fn import_value(
+        _this: &JsValue,
+        _args: &[JsValue],
+        _context: &mut Context,
+    ) -> JsResult<JsValue> {
+        // TODO: Implementation of importValue
+        Err(JsNativeError::typ()
+            .with_message("ShadowRealm.prototype.importValue: not yet implemented")
+            .into())
+    }
+}

core/engine/src/builtins/shadow_realm/tests.rs

@@ -0,0 +1,21 @@
+use crate::{run_test_actions, TestAction};
+
+#[test]
+fn constructor() {
+    run_test_actions([
+        TestAction::assert("new ShadowRealm() instanceof ShadowRealm"),
+        TestAction::assert("typeof ShadowRealm.prototype.evaluate === 'function'"),
+        TestAction::assert("typeof ShadowRealm.prototype.importValue === 'function'"),
+    ]);
+}
+
+#[test]
+fn evaluate_isolation() {
+    run_test_actions([
+        TestAction::run("const realm = new ShadowRealm();"),
+        TestAction::run("realm.evaluate('globalThis.x = 42;');"),
+        TestAction::assert("globalThis.x === undefined"),
+        TestAction::assert("realm.evaluate('globalThis.x') === 42"),
+        TestAction::assert("realm.evaluate('globalThis.x = 100;'); realm.evaluate('globalThis.x') === 100"),
+    ]);
+}

core/engine/src/context/intrinsics.rs

@@ -148,6 +148,7 @@ pub struct StandardConstructors {
     aggregate_error: StandardConstructor,
     map: StandardConstructor,
     set: StandardConstructor,
+    shadow_realm: StandardConstructor,
     typed_array: StandardConstructor,
     typed_int8_array: StandardConstructor,
     typed_uint8_array: StandardConstructor,
@@ -243,6 +244,7 @@ impl Default for StandardConstructors {
             aggregate_error: StandardConstructor::default(),
             map: StandardConstructor::default(),
             set: StandardConstructor::default(),
+            shadow_realm: StandardConstructor::default(),
             typed_array: StandardConstructor::default(),
             typed_int8_array: StandardConstructor::default(),
             typed_uint8_array: StandardConstructor::default(),
@@ -591,6 +593,18 @@ impl StandardConstructors {
         &self.set
     }
 
+    /// Returns the `ShadowRealm` constructor.
+    ///
+    /// More information:
+    ///  - [ECMAScript reference][spec]
+    ///
+    /// [spec]: https://tc39.es/proposal-shadowrealm/#sec-shadowrealm-constructor
+    #[inline]
+    #[must_use]
+    pub const fn shadow_realm(&self) -> &StandardConstructor {
+        &self.shadow_realm
+    }
+
     /// Returns the `TypedArray` constructor.
     ///
     /// More information:

core/engine/src/module/loader/mod.rs

@@ -1,3 +1,4 @@
+use cow_utils::CowUtils;
 use std::any::Any;
 use std::cell::RefCell;
 use std::path::{Component, Path, PathBuf};
@@ -60,11 +61,10 @@ pub fn resolve_module_specifier(
 
     let specifier = specifier.to_std_string_escaped();
 
-    // On Windows, also replace `/` with `\`. JavaScript imports use `/` as path separator.
     #[cfg(target_family = "windows")]
-    let specifier = specifier.replace('/', "\\");
+    let specifier = specifier.cow_replace('/', "\\");
 
-    let short_path = Path::new(&specifier);
+    let short_path = Path::new(&*specifier);
 
     // In ECMAScript, a path is considered relative if it starts with
     // `./` or `../`. In Rust it's any path that start with `/`.
@@ -79,7 +79,7 @@ pub fn resolve_module_specifier(
             ));
         }
     } else {
-        base_path.join(&specifier)
+        base_path.join(&*specifier)
     };
 
     if long_path.is_relative() && base.is_some() {

core/runtime/Cargo.toml

@@ -21,6 +21,7 @@ futures-lite.workspace = true
 http = { workspace = true, optional = true }
 reqwest = { workspace = true, optional = true }
 rustc-hash = { workspace = true, features = ["std"] }
+comfy-table.workspace = true
 serde_json = { workspace = true, optional = true }
 url = { workspace = true, optional = true }