I've been playing around with turning it into a sandbox for running code in Python (https://runno.dev/articles/sandbox-python/). This would allow you to safely execute AI generated code.
Generally thinking about more ways to run code in sandbox environments, as I think this will become more important as we are generating a lot of "untrusted" code using Gen AI.
Thanks! Yeah I'm very aware of Pyodide and interested in adopting some of their techniques.
A big difference between my approach and their approach is that Runno is generic across programming languages. Pyodide only works for Python (and can only work for Python).
Big interesting development in this space is the announcement of Endor at WASM IO which I'd like to try out: https://endor.dev/
Really impressed by the depth and breadth of this project, well done!
A particularly interesting part is the socket layer inside the browser. Other people solving this problem have previously used a proxy to a server that does the real socket implementation. This means you can't have a "browser-only" solution.
That does have some major caveats of course: some headers will be totally ignored by the browser due to web restrictions, some will be added/overridden (e.g. user agent), and CORS will apply (which will seriously surprise most Linux tools!).
Still, very neat, agreed. Almost certainly the best you can do without having some kind of backend proxy running on either the server or the user's own machine.
There is support in Docker to run wasm-wasi binaries directly (see: https://wasmlabs.dev/articles/docker-without-containers/). The downside compared to OP's approach is that whatever you're running has to have already been compiled to wasm-wasi. The upside would be much faster execution time (no emulation overhead for x86).
I'm working on this problem as well and would be happy to sling you some thoughts and notes. Check my website https://runno.dev and send an email to the address on that website!
Yeah of course! They've got STDIN/STDOUT/STDERR and I've built a Virtual Filesystem. But if you're using WASI binaries locally they don't have that restriction.
[Edit]: I wrote a re-introduction to Runno: The WebComponent for Code over the weekend (https://runno.dev/articles/web-component/)
I've been playing around with turning it into a sandbox for running code in Python (https://runno.dev/articles/sandbox-python/). This would allow you to safely execute AI generated code.
Generally thinking about more ways to run code in sandbox environments, as I think this will become more important as we are generating a lot of "untrusted" code using Gen AI.