doc,vm,test: remove _sandbox_ from vm documentation

The vm documentation uses the word _sandbox_ but has a significant disclaimer about how that should not be interpreted to connote security guarantees. Remove the term "sandbox" from documentation. As a result, some code and tests also need to change. PR-URL: https://github.com/nodejs/node/pull/31057 Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
author: Rich Trott <rtrott@gmail.com> 2019-12-22 06:08:36 +0300
committer: Ruben Bridgewater <ruben@bridgewater.de> 2020-01-03 18:12:13 +0300
commit: 796a9c0f438cf80b7f7c6524c1ce401ae9a4771e (patch)
tree: e2a204552d5177c7971170dc033eae4c6e8c44ba /doc/api
parent: 28a62c30be3b78ee5b535e02727155fa92df3803 (diff)
1 files changed, 88 insertions, 91 deletions
diff --git a/doc/api/vm.md b/doc/api/vm.md
index 7712ea78abc..9e7ca23e44e 100644
--- a/doc/api/vm.md
+++ b/doc/api/vm.md
@@ -6,39 +6,36 @@
 
 <!--name=vm-->
 
-The `vm` module provides APIs for compiling and running code within V8 Virtual
+The `vm` module enables compiling and running code within V8 Virtual
 Machine contexts. **The `vm` module is not a security mechanism. Do
-not use it to run untrusted code**. The term "sandbox" is used throughout these
-docs simply to refer to a separate context, and does not confer any security
-guarantees.
+not use it to run untrusted code**.
 
 JavaScript code can be compiled and run immediately or
 compiled, saved, and run later.
 
-A common use case is to run the code in a sandboxed environment.
-The sandboxed code uses a different V8 Context, meaning that
-it has a different global object than the rest of the code.
+A common use case is to run the code in a different V8 Context. This means
+invoked code has a different global object than the invoking code.
 
-One can provide the context by ["contextifying"][contextified] a sandbox
-object. The sandboxed code treats any property in the sandbox like a
-global variable. Any changes to global variables caused by the sandboxed
-code are reflected in the sandbox object.
+One can provide the context by [_contextifying_][contextified] an
+object. The invoked code treats any property in the context like a
+global variable. Any changes to global variables caused by the invoked
+code are reflected in the context object.
 
 ```js
 const vm = require('vm');
 
 const x = 1;
 
-const sandbox = { x: 2 };
-vm.createContext(sandbox); // Contextify the sandbox.
+const context = { x: 2 };
+vm.createContext(context); // Contextify the object.
 
 const code = 'x += 40; var y = 17;';
-// `x` and `y` are global variables in the sandboxed environment.
-// Initially, x has the value 2 because that is the value of sandbox.x.
-vm.runInContext(code, sandbox);
+// `x` and `y` are global variables in the context.
+// Initially, x has the value 2 because that is the value of context.x.
+vm.runInContext(code, context);
 
-console.log(sandbox.x); // 42
-console.log(sandbox.y); // 17
+console.log(context.x); // 42
+console.log(context.y); // 17
 
 console.log(x); // 1; y is not defined.
 ```
@@ -49,7 +46,7 @@ added: v0.3.1
 -->
 
 Instances of the `vm.Script` class contain precompiled scripts that can be
-executed in specific sandboxes (or "contexts").
+executed in specific contexts.
 
 ### Constructor: new vm.Script(code\[, options\])
 <!-- YAML
@@ -129,7 +126,7 @@ script.runInThisContext();
 const cacheWithX = script.createCachedData();
 ```
 
-### script.runInContext(contextifiedSandbox\[, options\])
+### script.runInContext(contextifiedObject\[, options\])
 <!-- YAML
 added: v0.3.1
 changes:
@@ -138,7 +135,7 @@ changes:
     description: The `breakOnSigint` option is supported now.
 -->
 
-* `contextifiedSandbox` {Object} A [contextified][] object as returned by the
+* `contextifiedObject` {Object} A [contextified][] object as returned by the
   `vm.createContext()` method.
 * `options` {Object}
   * `displayErrors` {boolean} When `true`, if an [`Error`][] occurs
@@ -155,30 +152,30 @@ changes:
 * Returns: {any} the result of the very last statement executed in the script.
 
 Runs the compiled code contained by the `vm.Script` object within the given
-`contextifiedSandbox` and returns the result. Running code does not have access
+`contextifiedObject` and returns the result. Running code does not have access
 to local scope.
 
 The following example compiles code that increments a global variable, sets
 the value of another global variable, then execute the code multiple times.
-The globals are contained in the `sandbox` object.
+The globals are contained in the `context` object.
 
 ```js
 const util = require('util');
 const vm = require('vm');
 
-const sandbox = {
+const context = {
   animal: 'cat',
   count: 2
 };
 
 const script = new vm.Script('count += 1; name = "kitty";');
 
-const context = vm.createContext(sandbox);
+vm.createContext(context);
 for (let i = 0; i < 10; ++i) {
   script.runInContext(context);
 }
 
-console.log(util.inspect(sandbox));
+console.log(util.inspect(context));
 
 // { animal: 'cat', count: 12, name: 'kitty' }
 ```
@@ -187,7 +184,7 @@ Using the `timeout` or `breakOnSigint` options will result in new event loops
 and corresponding threads being started, which have a non-zero performance
 overhead.
 
-### script.runInNewContext(\[sandbox\[, options\]\])
+### script.runInNewContext(\[contextObject\[, options\]\])
 <!-- YAML
 added: v0.3.1
 changes:
@@ -199,8 +196,8 @@ changes:
     description: The `breakOnSigint` option is supported now.
 -->
 
-* `sandbox` {Object} An object that will be [contextified][]. If `undefined`, a
-  new object will be created.
+* `contextObject` {Object} An object that will be [contextified][]. If
+  `undefined`, a new object will be created.
 * `options` {Object}
   * `displayErrors` {boolean} When `true`, if an [`Error`][] occurs
     while compiling the `code`, the line of code causing the error is attached
@@ -230,13 +227,13 @@ changes:
       module will throw a `WebAssembly.CompileError`. **Default:** `true`.
 * Returns: {any} the result of the very last statement executed in the script.
 
-First contextifies the given `sandbox`, runs the compiled code contained by
-the `vm.Script` object within the created sandbox, and returns the result.
+First contextifies the given `contextObject`, runs the compiled code contained
+by the `vm.Script` object within the created context, and returns the result.
 Running code does not have access to local scope.
 
 The following example compiles code that sets a global variable, then executes
 the code multiple times in different contexts. The globals are set on and
-contained within each individual `sandbox`.
+contained within each individual `context`.
 
 ```js
 const util = require('util');
@@ -244,12 +241,12 @@ const vm = require('vm');
 
 const script = new vm.Script('globalVar = "set"');
 
-const sandboxes = [{}, {}, {}];
-sandboxes.forEach((sandbox) => {
-  script.runInNewContext(sandbox);
+const contexts = [{}, {}, {}];
+contexts.forEach((context) => {
+  script.runInNewContext(context);
 });
 
-console.log(util.inspect(sandboxes));
+console.log(util.inspect(contexts));
 
 // [{ globalVar: 'set' }, { globalVar: 'set' }, { globalVar: 'set' }]
 ```
@@ -332,7 +329,7 @@ support is planned.
 ```js
 const vm = require('vm');
 
-const contextifiedSandbox = vm.createContext({ secret: 42 });
+const contextifiedObject = vm.createContext({ secret: 42 });
 
 (async () => {
   // Step 1
@@ -340,7 +337,7 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
   // Create a Module by constructing a new `vm.SourceTextModule` object. This
   // parses the provided source text, throwing a `SyntaxError` if anything goes
   // wrong. By default, a Module is created in the top context. But here, we
-  // specify `contextifiedSandbox` as the context this Module belongs to.
+  // specify `contextifiedObject` as the context this Module belongs to.
   //
   // Here, we attempt to obtain the default export from the module "foo", and
   // put it into local binding "secret".
@@ -348,7 +345,7 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
   const bar = new vm.SourceTextModule(`
     import s from 'foo';
     s;
-  `, { context: contextifiedSandbox });
+  `, { context: contextifiedObject });
 
   // Step 2
   //
@@ -377,11 +374,11 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
     if (specifier === 'foo') {
       return new vm.SourceTextModule(`
         // The "secret" variable refers to the global variable we added to
-        // "contextifiedSandbox" when creating the context.
+        // "contextifiedObject" when creating the context.
         export default secret;
       `, { context: referencingModule.context });
 
-      // Using `contextifiedSandbox` instead of `referencingModule.context`
+      // Using `contextifiedObject` instead of `referencingModule.context`
       // here would work as well.
     }
     throw new Error(`Unable to resolve dependency: ${specifier}`);
@@ -597,7 +594,7 @@ allow the module to access information outside the specified `context`. Use
 ```js
 const vm = require('vm');
 
-const contextifiedSandbox = vm.createContext({ secret: 42 });
+const contextifiedObject = vm.createContext({ secret: 42 });
 
 (async () => {
   const module = new vm.SourceTextModule(
@@ -607,7 +604,7 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
         // Note: this object is created in the top context. As such,
         // Object.getPrototypeOf(import.meta.prop) points to the
         // Object.prototype in the top context rather than that in
-        // the sandbox.
+        // the contextified object.
         meta.prop = {};
       }
     });
@@ -620,7 +617,7 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
   // To fix this problem, replace
   //     meta.prop = {};
   // above with
-  //     meta.prop = vm.runInContext('{}', contextifiedSandbox);
+  //     meta.prop = vm.runInContext('{}', contextifiedObject);
 })();
 ```
 
@@ -720,30 +717,30 @@ added: v10.10.0
      source.
   * `produceCachedData` {boolean} Specifies whether to produce new cache data.
     **Default:** `false`.
-  * `parsingContext` {Object} The [contextified][] sandbox in which the said
+  * `parsingContext` {Object} The [contextified][] object in which the said
     function should be compiled in.
   * `contextExtensions` {Object[]} An array containing a collection of context
     extensions (objects wrapping the current scope) to be applied while
     compiling. **Default:** `[]`.
 * Returns: {Function}
 
-Compiles the given code into the provided context/sandbox (if no context is
+Compiles the given code into the provided context (if no context is
 supplied, the current context is used), and returns it wrapped inside a
 function with the given `params`.
 
-## vm.createContext(\[sandbox\[, options\]\])
+## vm.createContext(\[contextObject\[, options\]\])
 <!-- YAML
 added: v0.3.1
 changes:
   - version: v10.0.0
     pr-url: https://github.com/nodejs/node/pull/19398
-    description: The `sandbox` object can no longer be a function.
+    description: The first argument can no longer be a function.
   - version: v10.0.0
     pr-url: https://github.com/nodejs/node/pull/19016
     description: The `codeGeneration` option is supported now.
 -->
 
-* `sandbox` {Object}
+* `contextObject` {Object}
 * `options` {Object}
   * `name` {string} Human-readable name of the newly created context.
     **Default:** `'VM Context i'`, where `i` is an ascending numerical index of
@@ -760,12 +757,12 @@ changes:
       `EvalError`. **Default:** `true`.
     * `wasm` {boolean} If set to false any attempt to compile a WebAssembly
       module will throw a `WebAssembly.CompileError`. **Default:** `true`.
-* Returns: {Object} contextified sandbox.
+* Returns: {Object} contextified object.
 
-If given a `sandbox` object, the `vm.createContext()` method will [prepare
-that sandbox][contextified] so that it can be used in calls to
+If given a `contextObject`, the `vm.createContext()` method will [prepare
+that object][contextified] so that it can be used in calls to
 [`vm.runInContext()`][] or [`script.runInContext()`][]. Inside such scripts,
-the `sandbox` object will be the global object, retaining all of its existing
+the `contextObject` will be the global object, retaining all of its existing
 properties but also having the built-in objects and functions any standard
 [global object][] has. Outside of scripts run by the vm module, global variables
 will remain unchanged.
@@ -776,40 +773,40 @@ const vm = require('vm');
 
 global.globalVar = 3;
 
-const sandbox = { globalVar: 1 };
-vm.createContext(sandbox);
+const context = { globalVar: 1 };
+vm.createContext(context);
 
-vm.runInContext('globalVar *= 2;', sandbox);
+vm.runInContext('globalVar *= 2;', context);
 
-console.log(util.inspect(sandbox)); // { globalVar: 2 }
+console.log(util.inspect(context)); // { globalVar: 2 }
 
 console.log(util.inspect(globalVar)); // 3
 ```
 
-If `sandbox` is omitted (or passed explicitly as `undefined`), a new, empty
-[contextified][] sandbox object will be returned.
+If `contextObject` is omitted (or passed explicitly as `undefined`), a new,
+empty [contextified][] object will be returned.
 
 The `vm.createContext()` method is primarily useful for creating a single
-sandbox that can be used to run multiple scripts. For instance, if emulating a
-web browser, the method can be used to create a single sandbox representing a
-window's global object, then run all `<script>` tags together within the context
-of that sandbox.
+context that can be used to run multiple scripts. For instance, if emulating a
+web browser, the method can be used to create a single context representing a
+window's global object, then run all `<script>` tags together within that
+context.
 
 The provided `name` and `origin` of the context are made visible through the
 Inspector API.
 
-## vm.isContext(sandbox)
+## vm.isContext(object)
 <!-- YAML
 added: v0.11.7
 -->
 
-* `sandbox` {Object}
+* `object` {Object}
 * Returns: {boolean}
 
-Returns `true` if the given `sandbox` object has been [contextified][] using
+Returns `true` if the given `oject` object has been [contextified][] using
 [`vm.createContext()`][].
 
-## vm.runInContext(code, contextifiedSandbox\[, options\])
+## vm.runInContext(code, contextifiedObject\[, options\])
 <!-- YAML
 added: v0.3.1
 changes:
@@ -819,7 +816,7 @@ changes:
 -->
 
 * `code` {string} The JavaScript code to compile and run.
-* `contextifiedSandbox` {Object} The [contextified][] object that will be used
+* `contextifiedObject` {Object} The [contextified][] object that will be used
   as the `global` when the `code` is compiled and run.
 * `options` {Object|string}
   * `filename` {string} Specifies the filename used in stack traces produced
@@ -864,8 +861,8 @@ changes:
 * Returns: {any} the result of the very last statement executed in the script.
 
 The `vm.runInContext()` method compiles `code`, runs it within the context of
-the `contextifiedSandbox`, then returns the result. Running code does not have
-access to the local scope. The `contextifiedSandbox` object *must* have been
+the `contextifiedObject`, then returns the result. Running code does not have
+access to the local scope. The `contextifiedObject` object *must* have been
 previously [contextified][] using the [`vm.createContext()`][] method.
 
 If `options` is a string, then it specifies the filename.
@@ -877,18 +874,18 @@ The following example compiles and executes different scripts using a single
 const util = require('util');
 const vm = require('vm');
 
-const sandbox = { globalVar: 1 };
-vm.createContext(sandbox);
+const contextObject = { globalVar: 1 };
+vm.createContext(contextObject);
 
 for (let i = 0; i < 10; ++i) {
-  vm.runInContext('globalVar *= 2;', sandbox);
+  vm.runInContext('globalVar *= 2;', contextObject);
 }
-console.log(util.inspect(sandbox));
+console.log(util.inspect(contextObject));
 
 // { globalVar: 1024 }
 ```
 
-## vm.runInNewContext(code\[, sandbox\[, options\]\])
+## vm.runInNewContext(code\[, contextObject\[, options\]\])
 <!-- YAML
 added: v0.3.1
 changes:
@@ -901,8 +898,8 @@ changes:
 -->
 
 * `code` {string} The JavaScript code to compile and run.
-* `sandbox` {Object} An object that will be [contextified][]. If `undefined`, a
-  new object will be created.
+* `contextObject` {Object} An object that will be [contextified][]. If
+  `undefined`, a new object will be created.
 * `options` {Object|string}
   * `filename` {string} Specifies the filename used in stack traces produced
     by this script. **Default:** `'evalmachine.<anonymous>'`.
@@ -960,27 +957,27 @@ changes:
       issues with namespaces that contain `then` function exports.
 * Returns: {any} the result of the very last statement executed in the script.
 
-The `vm.runInNewContext()` first contextifies the given `sandbox` object (or
-creates a new `sandbox` if passed as `undefined`), compiles the `code`, runs it
-within the context of the created context, then returns the result. Running code
+The `vm.runInNewContext()` first contextifies the given `contextObject` (or
+creates a new `contextObject` if passed as `undefined`), compiles the `code`,
+runs it within the created context, then returns the result. Running code
 does not have access to the local scope.
 
 If `options` is a string, then it specifies the filename.
 
 The following example compiles and executes code that increments a global
-variable and sets a new one. These globals are contained in the `sandbox`.
+variable and sets a new one. These globals are contained in the `contextObject`.
 
 ```js
 const util = require('util');
 const vm = require('vm');
 
-const sandbox = {
+const contextObject = {
   animal: 'cat',
   count: 2
 };
 
-vm.runInNewContext('count += 1; name = "kitty"', sandbox);
-console.log(util.inspect(sandbox));
+vm.runInNewContext('count += 1; name = "kitty"', contextObject);
+console.log(util.inspect(contextObject));
 
 // { animal: 'cat', count: 3, name: 'kitty' }
 ```
@@ -1111,13 +1108,13 @@ According to the [V8 Embedder's Guide][]:
 > JavaScript applications to run in a single instance of V8. You must explicitly
 > specify the context in which you want any JavaScript code to be run.
 
-When the method `vm.createContext()` is called, the `sandbox` object that is
-passed in (or a newly created object if `sandbox` is `undefined`) is associated
+When the method `vm.createContext()` is called, the `contextObject` argument
+(or a newly-created object if `contextObject` is `undefined`) is associated
 internally with a new instance of a V8 Context. This V8 Context provides the
 `code` run using the `vm` module's methods with an isolated global environment
 within which it can operate. The process of creating the V8 Context and
-associating it with the `sandbox` object is what this document refers to as
-"contextifying" the `sandbox`.
+associating it with the `contextObject` is what this document refers to as
+"contextifying" the object.
 
 ## Timeout limitations when using process.nextTick(), Promises, and queueMicrotask()
 
@@ -1156,11 +1153,11 @@ queues.
 [`Error`]: errors.html#errors_class_error
 [`URL`]: url.html#url_class_url
 [`eval()`]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval
-[`script.runInContext()`]: #vm_script_runincontext_contextifiedsandbox_options
+[`script.runInContext()`]: #vm_script_runincontext_contextifiedobject_options
 [`script.runInThisContext()`]: #vm_script_runinthiscontext_options
 [`url.origin`]: url.html#url_url_origin
-[`vm.createContext()`]: #vm_vm_createcontext_sandbox_options
-[`vm.runInContext()`]: #vm_vm_runincontext_code_contextifiedsandbox_options
+[`vm.createContext()`]: #vm_vm_createcontext_contextobject_options
+[`vm.runInContext()`]: #vm_vm_runincontext_code_contextifiedobject_options
 [`vm.runInThisContext()`]: #vm_vm_runinthiscontext_code_options
 [Cyclic Module Record]: https://tc39.es/ecma262/#sec-cyclic-module-records
 [ECMAScript Module Loader]: esm.html#esm_ecmascript_modules
author	Rich Trott <rtrott@gmail.com>	2019-12-22 06:08:36 +0300
committer	Ruben Bridgewater <ruben@bridgewater.de>	2020-01-03 18:12:13 +0300
commit	796a9c0f438cf80b7f7c6524c1ce401ae9a4771e (patch)
tree	e2a204552d5177c7971170dc033eae4c6e8c44ba /doc/api
parent	28a62c30be3b78ee5b535e02727155fa92df3803 (diff)