• Stars
    star
    717
  • Rank 63,167 (Top 2 %)
  • Language
    Python
  • License
    ISC License
  • Created over 8 years ago
  • Updated 5 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PyMiniRacer is a V8 bridge in Python.

Minimal, modern embedded V8 for Python.

data/py_mini_racer.png

Features

  • Latest ECMAScript support
  • Web Assembly support
  • Unicode support
  • Thread safe
  • Re-usable contexts

MiniRacer can be easily used by Django or Flask projects to minify assets, run babel or WASM modules.

Examples

MiniRacer is straightforward to use:

>>> from py_mini_racer import MiniRacer
>>> ctx = MiniRacer()
>>> ctx.eval("1+1")
2
>>> ctx.eval("var x = {company: 'Sqreen'}; x.company")
'Sqreen'
>>> print(ctx.eval("'\N{HEAVY BLACK HEART}'"))
❤
>>> ctx.eval("var fun = () => ({ foo: 1 });")

Variables are kept inside of a context:

>>> ctx.eval("x.company")
'Sqreen'

While eval only supports returning primitive data types such as strings, call supports returning composite types such as objects:

>>> ctx.call("fun")
{'foo': 1}

Composite values are serialized using JSON. Use a custom JSON encoder when sending non-JSON encodable parameters:

import json

from datetime import datetime

class CustomEncoder(json.JSONEncoder):

        def default(self, obj):
            if isinstance(obj, datetime):
                return obj.isoformat()

            return json.JSONEncoder.default(self, obj)
>>> ctx.eval("var f = function(args) { return args; }")
>>> ctx.call("f", datetime.now(), encoder=CustomEncoder)
'2017-03-31T16:51:02.474118'

MiniRacer is ES6 capable:

>>> ctx.execute("[1,2,3].includes(5)")
False

V8 heap information can be retrieved:

>>> ctx.heap_stats()
{'total_physical_size': 1613896,
 'used_heap_size': 1512520,
 'total_heap_size': 3997696,
 'total_heap_size_executable': 3145728,
 'heap_size_limit': 1501560832}

A WASM example is available in the tests.

Compatibility

PyMiniRacer is compatible with Python 2 & 3 and based on ctypes.

The binary builds have been tested on x86_64 with:

  • macOS >= 10.13
  • Ubuntu >= 16.04
  • Debian >= 9
  • CentOS >= 7
  • Alpine >= 3.11
  • Windows 10

It should work on any Linux with a libc >= 2.12 and a wheel compatible pip (>= 8.1).

If you're running Alpine Linux, you may need to install required dependencies manually using the following command:

$ apk add libgcc libstdc++

If you have a up-to-date pip and it doesn't use a wheel, you might have an environment for which no wheel is built. Please open an issue.

Installation

We built Python wheels (prebuilt binaries) for macOS 64 bits, Linux 64 bits and Windows 64 bits.

$ pip install py-mini-racer

Build

Warning: building this package from source takes several GB of disk space and takes ~60 minutes.

First check that your current Python executable is version 2.7. This is required by the V8 build system.

$ python --version
Python 2.7.16

You can build the extension with the following command:

$ python helpers/v8_build.py

You can generate a wheel for whatever Python version with the command:

$ python3 helpers/build_package.py wheel dist

It will then build V8, the extension, and generates a wheel for your current Python version. The V8 builds are cached in the py_mini_racer/extension/v8/ directory.

Notes for building on macOS

The legacy Python binary builds (OSX 10.6) need to be downloaded from:
https://www.python.org/downloads/

They will allow to build a wheel compatible with former OSX versions.

Tests

If you want to run the tests, you need to build the extension first, first install pytest:

$ python -m pip install pytest

Then launch:

$ python -m pytest tests

Credits

Built with love by Sqreen.

PyMiniRacer launch was described in this blog post.

PyMiniRacer is inspired by mini_racer, built for the Ruby world by Sam Saffron.

Cookiecutter-pypackage was used as this package skeleton.

More Repositories

1

awesome-nodejs-projects

Curated list of awesome open-source applications made with Node.js
5,418
star
2

CTOSecurityChecklist

The SaaS CTO Security Checklist
JavaScript
728
star
3

vue-authentication-example

This repo aims to answer how to handle authentication in your vue app.
JavaScript
490
star
4

go-agent

Sqreen's Application Security Management for the Go language
Go
206
star
5

twofa

A TouchID-aware 2-factor authenticator for macOS
Swift
147
star
6

DevOpsSecurityChecklist

HTML
82
star
7

DevelopersSecurityBestPractices

CSS
72
star
8

security-page

An open source security page to easily implement on any website 🔥
JavaScript
66
star
9

funAPM

JavaScript
47
star
10

tor-test

Nodejs tool to check if a request comes from Tor
JavaScript
44
star
11

SPAudit

JavaScript
39
star
12

AioContext

Context information storage for asyncio
Python
38
star
13

VueXSSDemo

Example of XSS performed with Vue and few Vue UI libraries
JavaScript
20
star
14

go-dvwa

Go Damn Vulnerable Web App
CSS
20
star
15

rb-security-txt

Tools about security.txt for Ruby
Ruby
18
star
16

sqreen-demo-app

Demo app to understand how sqreen can protect your business
JavaScript
12
star
17

article-serverless-auth-example

JavaScript
9
star
18

VulnerableDemo

Vulnerable demo website
Ruby
4
star
19

python-security-signal-sdk

Sqreen Security Signal SDK for Python
Python
3
star
20

devise_sqreener

Get more information about devise users through sqreen enrich
Ruby
3
star
21

devise_sqreener_tutorial

A tutorial for helping filter potentially malicious users from signing up for your Rails app.
Ruby
2
star
22

sqreen-monitoring-wordpress

Automatically monitor Wordpress with Sqreen PHP agent
PHP
2
star
23

azure-pipelines-golang

Golang container for Azure Pipeline
Dockerfile
2
star
24

go-libsqreen

Go bindings for the Sqreen C/C++ library
Go
2
star
25

ruby-agent

Sqreen agent for Ruby
2
star
26

libsqreen-binaries-public

Temporary repository to host built versions of libsqreen until it is fully open-sourced
C
2
star
27

BusinessLogicAttacksPOC

Prevent business logic attacks using dynamic instrumentation - OWASP AppSec US 2018
Ruby
2
star
28

libinjection-build-python

Build wheel for libinjection in Python
Shell
1
star
29

NextcloudSDK

Add Sqreen SDK in nextcloud
Makefile
1
star
30

nashorn

Nashorn for JDK15+
Java
1
star
31

node-v8-monolith

Node.js fork with scripts for building libv8_monolith.a
JavaScript
1
star
32

node_engine_bench

HTML
1
star
33

WASMBench

JavaScript
1
star
34

JavaStandaloneSDK

Sqreen Java SDK with no Agent dependency
Java
1
star
35

railsblog

A vulnerable rails 4 blog
Ruby
1
star
36

azure-pipelines-container-alpine-python

Python on Alpine Linux for Azure Pipelines
Dockerfile
1
star