-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(pass-style,marshal): ByteArray, a new binary Passable type #1538
base: markm-to-immutable-3
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should try to align copyBytes with the prior art of the Web platform's Blob
.
80cc7f2
to
fca467e
Compare
15cbf4f
to
a6a6ca0
Compare
4bf3d8c
to
ce5f3bf
Compare
ce5f3bf
to
947e166
Compare
e24eced
to
ac041b2
Compare
b25c593
to
fe561d2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I actually like the direction this is going. It's relying on a global to have certain semantics, which we can shim, either in ses or in a separate independent shim. We mainly have to hope the committee would be accepting this or we'll end up with some weird compat issues
371431a
to
177f45f
Compare
5eb079d
to
2043b76
Compare
2043b76
to
4dc9583
Compare
…2399) Closes: #XXXX Refs: #1538 #1331 #2309 #2311 ## Description Introduces the `@endo/immutable-arraybuffer` package, the ponyfill exports of `@endo/immutable-arraybuffer`, and the shim obtained by importing `@endo/immutable-arraybuffer/shim.js`. Alternative to #2309 as suggested by @phoddie at #2309 (comment) We plan to fix #1331 in a stack of PRs starting with this one - This PR implements a ponyfill and shim for an upcoming *Immutable ArrayBuffer* proposal, along the lines suggested by @phoddie at #2309 (comment) + the suggestions on an earlier state of #2311 . This is a pure JavaScript ponyfill/shim, leaving it to #2311 to bring it into Hardened JavaScript. - #2311 imports the #2399 shim, treating the new objects it introduces as if they are new primordials, to be permitted and hardened. - #1538 uses the Hardened JavaScript Immutable ArrayBuffers to define a new `Passable` type, `ByteArray`, corresponding to the [OCapN](https://ocapn.org/) `ByteArray`. - Some future PR extending the various marshal formats to encode and decode the `ByteArray` objects. See the README.md in this PR for more. ### Security Considerations Better support for immutability generally helps security. The imperfections of the shim are a leaky abstraction in all the ways explained in the Caveats section of the README.md. For example, objects that are purely artifacts of the emulation, like the `immutableArrayBufferPrototype`, are easily discoverable, revealing the emulation's mechanisms. As a pure JavaScript polyfill/shim, this `@endo/immutable-arraybuffer` package does not harden the objects it exposes. Thus, by itself it does not provide much security -- like the initial state of JavaScript does not by itself provide much security. Rather, both provide securability, depending on Hardened JavaScript to harden early as needed to provide the security. See #2311 Once hardened early, the abstraction will still be leaky as above, but the immutability of the buffer contents are robustly enforced. ### Scaling Considerations This ponyfill/shim is a zero-copy implementation, meaning that it does no more buffer copying than expected of a native implementation. ### Compatibility and Documentation Considerations This ponyfill/shim implements zero-copy by relying on the platform to provide one of two primitives: `structuredClone` or `ArrayBuffer.prototype.transfer`. Neither exist on Node <= 16. Without either, this ponyfill/shim will fail to initialize. This PR sets the stage for writing an Immutable ArrayBuffer proposal, proposing it to tc39, and including it in our own documentation. ### Testing Considerations Ideally, we should identify the subset of test262 `ArrayBuffer` tests that should be applicable to immutable ArrayBuffers, and duplicate them for that purpose. ### Upgrade Considerations Nothing breaking.
c9c9300
to
19de016
Compare
8d19fd4
to
2570a8a
Compare
19de016
to
5972da3
Compare
2570a8a
to
6e10dcd
Compare
5972da3
to
1e582fb
Compare
// then according to their lengths. | ||
// Thus, if the data of ByteArray X is a prefix of | ||
// the data of ByteArray Y, then X is smaller than Y. | ||
return comparator(left.byteLength, right.byteLength); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change to shortlex order. See https://en.wikipedia.org/wiki/Shortlex_order
Shortlex order would enable encodePassable (aka compactOrdered) to encode buffers with a prefix followed by the unescaped bytes. Avoiding escaping would be great.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this makes ByteArray different than string for ordering?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. For strings, normal lexicographic ordering is overwhelmingly more expected than shortlex. For binaries of different length, I don't think there is any one overwhelming expectation.
FWIW, if I did think we could get away with shortlex for strings too, I would go for it, for the same reason. Needing to insert escapes into bulk data sucks. Attn @gibson042
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW, if I did think we could get away with shortlex for strings too, I would go for it
That would be a breaking change that would have to be opted into at definition of the stores and other components that use the order.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed. That's another reason we cannot get away with it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed, because of this breaking change issue, we haven't even moved forward on #2008
// Thus, if the data of ByteArray X is a prefix of | ||
// the data of ByteArray Y, then X is smaller than Y. | ||
// @ts-expect-error narrowed | ||
return compareRank(left.byteLength, right.byteLength); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If both are byteArrays, then we should delegate the whole thing to compareRank
. Which, btw, we'll be switching to shortlex order.
1e582fb
to
b32ab45
Compare
b32ab45
to
544a213
Compare
1281d0c
to
42075f3
Compare
Staged on #2311
Still very drafty, but a start
Fixes #1331
See plan at ocapn/ocapn#5 (comment)