Securable Modules

  • Revision slug: CommonJS/Modules/Securable_Modules
  • Revision title: Securable Modules
  • Revision id: 93383
  • Created:
  • Creator: Kris.kowal
  • Is current revision? No
  • Comment page created, 323 words added

Revision Content

This specification addresses how modules should be written in order to be interoperable among a class of module systems that can be both client and server side, secure or insecure, implemented today or supported by future systems with syntax extensions.  These modules are offered privacy of their top scope, facility for importing singleton objects from other modules, and exporting their own API.

  • A module receives a "require" Function.  The "require" function may be called with an absolute or relative module identifier.  It will receive an object containing the exported API of the foreign module.  If there is a dependency cylce, the foreign module may not have finished executing at the time it is required by one of its transitive dependencies; in this case, the object returned by "require" must contain at least the exports that the foreign module has prepared before the call to require that led to the current module's execution.  If the requested module cannot be returned, "require" throws an error.
  • A module receives an "exports" object, synonymous with "this" in the top scope of the module, that it may add its exported API to as it executes.
  • A module receives a "require.env" object that contains objects provided by the module "sandbox" for communication with host environment.
  • A module receives a "require.id" object that is the absolute identifier of the current module.
  • A module is guaranteed that "var" and "function" declarations are not communicated to other modules.

To be interoperable with secure environments, a module must satisfy the following additional constraints:

  • A module must not have any free variables apart from primordials ("Object", "Array", &c), "require", and "exports".
  • A module must not tamper with (assign to, or assign to members of) the transitive primordials, or "require" object.

This specification leaves the following important points of interoperability unspecified:

  • The domain of module identifiers.
  • The contents of the environment, "require.env".
  • Whether a PATH is supported by the module loader.

Revision Source

<p>This specification addresses how modules should be written in order to be interoperable among a class of module systems that can be both client and server side, secure or insecure, implemented today or supported by future systems with syntax extensions.  These modules are offered privacy of their top scope, facility for importing singleton objects from other modules, and exporting their own API.</p>
<ul> <li>A module receives a "require" Function.  The "require" function may be called with an absolute or relative module identifier.  It will receive an object containing the exported API of the foreign module.  If there is a dependency cylce, the foreign module may not have finished executing at the time it is required by one of its transitive dependencies; in this case, the object returned by "require" must contain at least the exports that the foreign module has prepared before the call to require that led to the current module's execution.  If the requested module cannot be returned, "require" throws an error.</li> <li>A module receives an "exports" object, synonymous with "this" in the top scope of the module, that it may add its exported API to as it executes.</li> <li>A module receives a "require.env" object that contains objects provided by the module "sandbox" for communication with host environment.</li> <li>A module receives a "require.id" object that is the absolute identifier of the current module.</li> <li>A module is guaranteed that "var" and "function" declarations are not communicated to other modules.</li>
</ul>
<p>To be interoperable with secure environments, a module must satisfy the following additional constraints:</p>
<ul> <li>A module must not have any free variables apart from primordials ("Object", "Array", &amp;c), "require", and "exports".</li> <li>A module must not tamper with (assign to, or assign to members of) the transitive primordials, or "require" object.</li>
</ul>
<p>This specification leaves the following important points of interoperability unspecified:</p>
<ul> <li>The domain of module identifiers.</li> <li>The contents of the environment, "require.env".</li> <li>Whether a PATH is supported by the module loader.</li>
</ul>
Revert to this revision