feat: US-024 - V8 sidecar: use native ESM mode for ESM files (stop converting ESM to CJS)

NathanFlurry · NathanFlurry · commit 5d5f90f9a948 · 2026-03-21T17:30:37.000-07:00
- Detect ESM files (.mjs, import/export syntax) in kernel-runtime.ts and
  route them to V8's native module system (run mode) instead of CJS exec
- Add `esm` option to ExecOptions for explicit ESM mode selection
- Remove transformDynamicImport from async loadFile handler since V8
  handles import() natively via dynamic_import_callback (US-023)
- Apply env/cwd/stdin overrides in run mode (previously exec-only)
- Register HostInitializeImportMetaObjectCallback in Rust sidecar to
  populate import.meta.url for ESM modules
- Use raw (unwrapped) filesystem for module resolution bridge handlers
  so V8's internal module loading bypasses user-level permissions
- Add tests: ESM execution, CJS compatibility, static imports,
  import.meta.url, dynamic import in ESM mode
diff --git a/native/v8-runtime/src/execution.rs b/native/v8-runtime/src/execution.rs
@@ -589,6 +589,40 @@ fn clear_module_state() {
 /// Must be called after isolate creation (not captured in snapshots).
 pub fn enable_dynamic_import(isolate: &mut v8::OwnedIsolate) {
     isolate.set_host_import_module_dynamically_callback(dynamic_import_callback);
+    isolate.set_host_initialize_import_meta_object_callback(import_meta_callback);
+}
+
+/// V8 HostInitializeImportMetaObjectCallback — populates import.meta for ES modules.
+///
+/// Sets import.meta.url to "file://<path>" using the module's resolved path
+/// from MODULE_RESOLVE_STATE.module_names.
+extern "C" fn import_meta_callback(
+    context: v8::Local<v8::Context>,
+    module: v8::Local<v8::Module>,
+    meta: v8::Local<v8::Object>,
+) {
+    // Look up the module's file path from thread-local state
+    let hash = module.get_identity_hash();
+    let url = MODULE_RESOLVE_STATE.with(|cell| {
+        let borrow = cell.borrow();
+        borrow.as_ref().and_then(|state| {
+            state.module_names.get(&hash).map(|path| {
+                if path.starts_with("file://") {
+                    path.clone()
+                } else {
+                    format!("file://{}", path)
+                }
+            })
+        })
+    });
+
+    if let Some(url) = url {
+        // SAFETY: callback is invoked within V8 execution scope
+        let scope = unsafe { &mut v8::CallbackScope::new(context) };
+        let key = v8::String::new(scope, "url").unwrap();
+        let val = v8::String::new(scope, &url).unwrap();
+        meta.create_data_property(scope, key.into(), val.into());
+    }
 }
 
 /// V8 HostImportModuleDynamicallyCallback — called when import() is evaluated.
diff --git a/packages/core/src/shared/api-types.ts b/packages/core/src/shared/api-types.ts
@@ -82,6 +82,8 @@ export interface ExecOptions {
 	timingMitigation?: TimingMitigation;
 	/** Optional streaming hook for console output events */
 	onStdio?: StdioHook;
+	/** Use V8 native ESM module mode instead of CJS script mode */
+	esm?: boolean;
 }
 
 export interface ExecResult extends ExecutionStatus {}
diff --git a/packages/nodejs/src/bridge-handlers.ts b/packages/nodejs/src/bridge-handlers.ts
@@ -1365,10 +1365,10 @@ export function buildModuleLoadingBridgeHandlers(
 			return `const _p = (function(){var module={exports:{}};var exports=module.exports;${code};return module.exports})();\nexport default _p;\n` +
 				`for(const[k,v]of Object.entries(_p)){if(k!=='default'&&/^[A-Za-z_$]/.test(k))globalThis['__esm_'+k]=v;}\n`;
 		}
-		// Regular file — keep ESM source intact for V8 module system
+		// Regular file — keep source intact for V8 module system
+		// V8 handles import() natively via dynamic_import_callback (US-023)
 		const source = await loadFile(p, deps.filesystem);
-		if (source === null) return null;
-		return transformDynamicImport(source);
+		return source;
 	};
 
 	return handlers;
diff --git a/packages/nodejs/src/execution-driver.ts b/packages/nodejs/src/execution-driver.ts
@@ -387,7 +387,7 @@ export class NodeExecutionDriver implements RuntimeDriver {
 
 	async exec(code: string, options?: ExecOptions): Promise<ExecResult> {
 		const result = await this.executeInternal({
-			mode: "exec",
+			mode: options?.esm ? "run" : "exec",
 			code,
 			filePath: options?.filePath,
 			env: options?.env,
@@ -461,7 +461,9 @@ export class NodeExecutionDriver implements RuntimeDriver {
 					maxOutputBytes: s.maxOutputBytes,
 				}),
 				...buildModuleLoadingBridgeHandlers({
-					filesystem: s.filesystem,
+					// Module resolution uses the raw (unwrapped) filesystem — bypasses
+					// user-level permissions since it's an internal V8 operation
+					filesystem: this.rawFilesystem ?? s.filesystem,
 					resolutionCache: s.resolutionCache,
 					sandboxToHostPath: (p) => {
 						const rfs = this.rawFilesystem as any;
@@ -796,39 +798,27 @@ function buildPostRestoreScript(
 		parts.push(getIsolateRuntimeSource("applyTimingMitigationOff"));
 	}
 
-	// Apply execution overrides (env, cwd, stdin) for exec mode
-	if (mode === "exec") {
-		if (processConfig.env) {
-			parts.push(`globalThis.__runtimeProcessEnvOverride = ${JSON.stringify(processConfig.env)};`);
-			parts.push(getIsolateRuntimeSource("overrideProcessEnv"));
-		}
-		if (processConfig.cwd) {
-			parts.push(`globalThis.__runtimeProcessCwdOverride = ${JSON.stringify(processConfig.cwd)};`);
-			parts.push(getIsolateRuntimeSource("overrideProcessCwd"));
-		}
-		if (bridgeConfig.stdin !== undefined) {
-			parts.push(`globalThis.__runtimeStdinData = ${JSON.stringify(bridgeConfig.stdin)};`);
-			parts.push(getIsolateRuntimeSource("setStdinData"));
-		}
-		// Set CommonJS globals
-		parts.push(getIsolateRuntimeSource("initCommonjsModuleGlobals"));
-		if (filePath) {
-			const dirname = filePath.includes("/")
-				? filePath.substring(0, filePath.lastIndexOf("/")) || "/"
-				: "/";
-			parts.push(`globalThis.__runtimeCommonJsFileConfig = ${JSON.stringify({ filePath, dirname })};`);
-			parts.push(getIsolateRuntimeSource("setCommonjsFileGlobals"));
-		}
-	} else {
-		// run mode — still need CommonJS module globals
-		parts.push(getIsolateRuntimeSource("initCommonjsModuleGlobals"));
-		if (filePath) {
-			const dirname = filePath.includes("/")
-				? filePath.substring(0, filePath.lastIndexOf("/")) || "/"
-				: "/";
-			parts.push(`globalThis.__runtimeCommonJsFileConfig = ${JSON.stringify({ filePath, dirname })};`);
-			parts.push(getIsolateRuntimeSource("setCommonjsFileGlobals"));
-		}
+	// Apply execution overrides (env, cwd, stdin) for both exec and run modes
+	if (processConfig.env) {
+		parts.push(`globalThis.__runtimeProcessEnvOverride = ${JSON.stringify(processConfig.env)};`);
+		parts.push(getIsolateRuntimeSource("overrideProcessEnv"));
+	}
+	if (processConfig.cwd) {
+		parts.push(`globalThis.__runtimeProcessCwdOverride = ${JSON.stringify(processConfig.cwd)};`);
+		parts.push(getIsolateRuntimeSource("overrideProcessCwd"));
+	}
+	if (bridgeConfig.stdin !== undefined) {
+		parts.push(`globalThis.__runtimeStdinData = ${JSON.stringify(bridgeConfig.stdin)};`);
+		parts.push(getIsolateRuntimeSource("setStdinData"));
+	}
+	// Set CommonJS globals (needed in both modes for require() compatibility)
+	parts.push(getIsolateRuntimeSource("initCommonjsModuleGlobals"));
+	if (filePath) {
+		const dirname = filePath.includes("/")
+			? filePath.substring(0, filePath.lastIndexOf("/")) || "/"
+			: "/";
+		parts.push(`globalThis.__runtimeCommonJsFileConfig = ${JSON.stringify({ filePath, dirname })};`);
+		parts.push(getIsolateRuntimeSource("setCommonjsFileGlobals"));
 	}
 
 	// Apply custom global exposure policy
diff --git a/packages/nodejs/src/kernel-runtime.ts b/packages/nodejs/src/kernel-runtime.ts
@@ -22,6 +22,7 @@ import type {
 import { NodeExecutionDriver } from './execution-driver.js';
 import { createNodeDriver } from './driver.js';
 import type { BindingTree } from './bindings.js';
+import { isESM } from '@secure-exec/core/internal/shared/esm-utils';
 import {
   allowAllChildProcess,
   allowAllFs,
@@ -484,12 +485,16 @@ class NodeRuntimeDriver implements RuntimeDriver {
       });
       this._activeDrivers.set(ctx.pid, executionDriver);
 
+      // Detect ESM files and use V8 native module system
+      const useEsm = isESM(code, filePath);
+
       // Execute with stdout/stderr capture and stdin data
       const result = await executionDriver.exec(code, {
         filePath,
         env: ctx.env,
         cwd: ctx.cwd,
         stdin: stdinData,
+        esm: useEsm,
         onStdio: (event) => {
           const data = new TextEncoder().encode(event.message + '\n');
           if (event.channel === 'stdout') {
diff --git a/packages/secure-exec/tests/kernel/bridge-gap-behavior.test.ts b/packages/secure-exec/tests/kernel/bridge-gap-behavior.test.ts
@@ -12,11 +12,11 @@ import type { Kernel } from '../../../core/src/kernel/index.ts';
 import { InMemoryFileSystem } from '../../../browser/src/os-filesystem.ts';
 import { createNodeRuntime } from '../../../nodejs/src/kernel-runtime.ts';
 
-async function createNodeKernel(): Promise<{ kernel: Kernel; dispose: () => Promise<void> }> {
+async function createNodeKernel(): Promise<{ kernel: Kernel; vfs: InMemoryFileSystem; dispose: () => Promise<void> }> {
   const vfs = new InMemoryFileSystem();
   const kernel = createKernel({ filesystem: vfs });
   await kernel.mount(createNodeRuntime());
-  return { kernel, dispose: () => kernel.dispose() };
+  return { kernel, vfs, dispose: () => kernel.dispose() };
 }
 
 /** Collect all output from a PTY-backed process spawned via openShell. */
@@ -140,3 +140,104 @@ describe('bridge gap: setRawMode via PTY', () => {
     expect(output).toContain('not a TTY');
   }, 15_000);
 });
+
+// ---------------------------------------------------------------------------
+// Native ESM mode (V8 module system)
+// ---------------------------------------------------------------------------
+
+describe('native ESM execution via V8 module system', () => {
+  let ctx: { kernel: Kernel; vfs: InMemoryFileSystem; dispose: () => Promise<void> };
+
+  afterEach(async () => {
+    await ctx?.dispose();
+  });
+
+  it('ESM module with import/export runs correctly via kernel.spawn()', async () => {
+    ctx = await createNodeKernel();
+    // Write an ESM file to VFS
+    await ctx.vfs.writeFile('/app/main.mjs', `
+      const msg = 'ESM_OK';
+      console.log(msg);
+    `);
+
+    const stdout: string[] = [];
+    const proc = ctx.kernel.spawn('node', ['/app/main.mjs'], {
+      onStdout: (data) => stdout.push(new TextDecoder().decode(data)),
+    });
+    const exitCode = await proc.wait();
+
+    expect(exitCode).toBe(0);
+    expect(stdout.join('')).toContain('ESM_OK');
+  }, 15_000);
+
+  it('CJS module with require() still runs correctly via kernel.spawn()', async () => {
+    ctx = await createNodeKernel();
+    // CJS code — no import/export syntax, uses require
+    const stdout: string[] = [];
+    const proc = ctx.kernel.spawn('node', ['-e', "const os = require('os'); console.log('CJS_OK:' + os.platform())"], {
+      onStdout: (data) => stdout.push(new TextDecoder().decode(data)),
+    });
+    const exitCode = await proc.wait();
+
+    expect(exitCode).toBe(0);
+    expect(stdout.join('')).toContain('CJS_OK:');
+  }, 15_000);
+
+  it('ESM file with static import resolves via V8 module_resolve_callback', async () => {
+    ctx = await createNodeKernel();
+    // Write two ESM files — main imports from helper
+    await ctx.vfs.writeFile('/app/helper.mjs', `
+      export const greeting = 'HELLO_FROM_ESM';
+    `);
+    await ctx.vfs.writeFile('/app/main.mjs', `
+      import { greeting } from './helper.mjs';
+      console.log(greeting);
+    `);
+
+    const stdout: string[] = [];
+    const proc = ctx.kernel.spawn('node', ['/app/main.mjs'], {
+      onStdout: (data) => stdout.push(new TextDecoder().decode(data)),
+    });
+    const exitCode = await proc.wait();
+
+    expect(exitCode).toBe(0);
+    expect(stdout.join('')).toContain('HELLO_FROM_ESM');
+  }, 15_000);
+
+  it('import.meta.url is populated for ESM modules', async () => {
+    ctx = await createNodeKernel();
+    await ctx.vfs.writeFile('/app/meta.mjs', `
+      console.log('META_URL:' + import.meta.url);
+    `);
+
+    const stdout: string[] = [];
+    const proc = ctx.kernel.spawn('node', ['/app/meta.mjs'], {
+      onStdout: (data) => stdout.push(new TextDecoder().decode(data)),
+    });
+    const exitCode = await proc.wait();
+
+    expect(exitCode).toBe(0);
+    const output = stdout.join('');
+    expect(output).toContain('META_URL:file:///app/meta.mjs');
+  }, 15_000);
+
+  it('dynamic import() works in ESM via V8 native callback', async () => {
+    ctx = await createNodeKernel();
+    await ctx.vfs.writeFile('/app/dynamic-dep.mjs', `
+      export const value = 'DYNAMIC_IMPORT_OK';
+    `);
+    await ctx.vfs.writeFile('/app/dynamic-main.mjs', `
+      const mod = await import('./dynamic-dep.mjs');
+      console.log(mod.value);
+    `);
+
+    const stdout: string[] = [];
+    const proc = ctx.kernel.spawn('node', ['/app/dynamic-main.mjs'], {
+      onStdout: (data) => stdout.push(new TextDecoder().decode(data)),
+    });
+    const exitCode = await proc.wait();
+
+    expect(exitCode).toBe(0);
+    expect(stdout.join('')).toContain('DYNAMIC_IMPORT_OK');
+  }, 15_000);
+});

Original file line number	Diff line number	Diff line change
`@@ -82,6 +82,8 @@ export interface ExecOptions {`
`82`	`82`	`timingMitigation?: TimingMitigation;`
`83`	`83`	`/** Optional streaming hook for console output events */`
`84`	`84`	`onStdio?: StdioHook;`
	`85`	`+ /** Use V8 native ESM module mode instead of CJS script mode */`
	`86`	`+ esm?: boolean;`
`85`	`87`	`}`
`86`	`88`
`87`	`89`	`export interface ExecResult extends ExecutionStatus {}`