Comment by santadays
17 hours ago
GraalVM supports running javascript in a sandbox with a bunch of convenient options for running untrusted code.
17 hours ago
GraalVM supports running javascript in a sandbox with a bunch of convenient options for running untrusted code.
Oh that looks neat! It appears to have the memory limits I want (engine.MaxIsolateMemory) and a robust CPU limit: sandbox.MaxCPUTime
One catch: the sandboxing feature isn't in the "community edition", so only available under the non-open-source (but still sometimes free, I think?) Oracle GraalVM.