WIP

Author: devversion

MODULE.bazel

@@ -13,7 +13,7 @@ bazel_dep(name = "aspect_tools_telemetry", version = "0.2.8")
 bazel_dep(name = "bazel_features", version = "1.9.0")
 bazel_dep(name = "bazel_skylib", version = "1.5.0")
 bazel_dep(name = "platforms", version = "0.0.5")
-bazel_dep(name = "rules_nodejs", version = "6.3.0")
+bazel_dep(name = "rules_nodejs", version = "6.4.0")
 
 tel = use_extension("@aspect_tools_telemetry//:extension.bzl", "telemetry")
 use_repo(tel, "aspect_tools_telemetry_report")
@@ -67,6 +67,13 @@ node_dev = use_extension(
     "node",
     dev_dependency = True,
 )
+use_repo(node_dev, "node22_linux_amd64")
+use_repo(node_dev, "node22_darwin_arm64")
+use_repo(node_dev, "node22_darwin_amd64")
+use_repo(node_dev, "node22_linux_arm64")
+use_repo(node_dev, "node22_linux_s390x")
+use_repo(node_dev, "node22_linux_ppc64le")
+use_repo(node_dev, "node22_windows_amd64")
 use_repo(node_dev, "node20_linux_amd64")
 use_repo(node_dev, "node20_darwin_arm64")
 use_repo(node_dev, "node20_darwin_amd64")
@@ -90,6 +97,10 @@ node_dev.toolchain(
     name = "node20",
     node_version = "20.17.0",
 )
+node_dev.toolchain(
+    name = "node22",
+    node_version = "22.15.1",
+)
 
 ############################################
 # npm dependencies used by examples

js/private/node-patches/BUILD.bazel

@@ -4,10 +4,12 @@ write_source_files(
     name = "checked_in_compile",
     files = {
         "fs.cjs": "//js/private/node-patches/src:fs-generated.cjs",
+        "fs_stat.cjs": "//js/private/node-patches/src:fs_stat.cjs",
     },
 )
 
 exports_files([
     "fs.cjs",
+    "fs_stat.cjs",
     "register.cjs",
 ])

js/private/node-patches/fs.cjs

@@ -42,10 +42,11 @@ exports.isSubPath = isSubPath;
 exports.escapeFunction = escapeFunction;
 const path = require("path");
 const util = require("util");
+const fs_stat_cjs_1 = require("./fs_stat.cjs");
 // using require here on purpose so we can override methods with any
 // also even though imports are mutable in typescript the cognitive dissonance is too high because
 // es modules
-const _fs = require('node:fs');
+const fs = require('node:fs');
 const url = require('node:url');
 const HOP_NON_LINK = Symbol.for('HOP NON LINK');
 const HOP_NOT_FOUND = Symbol.for('HOP NOT FOUND');
@@ -65,8 +66,6 @@ function patcher(fs = _fs, roots) {
         }
         return;
     }
-    const origLstat = fs.lstat.bind(fs);
-    const origLstatSync = fs.lstatSync.bind(fs);
     const origReaddir = fs.readdir.bind(fs);
     const origReaddirSync = fs.readdirSync.bind(fs);
     const origReadlink = fs.readlink.bind(fs);
@@ -141,22 +140,21 @@ function patcher(fs = _fs, roots) {
             return stats;
         }
         try {
-            args[0] = unguardedRealPathSync(args[0]);
-            // there are no hops so lets report the stats of the real file;
-            // we can't use origRealPathSync here since that function calls lstat internally
-            // which can result in an infinite loop
-            return origLstatSync(...args);
+            lstatPatcher.originalSyncRequested = true;
+            return fs.lstatSync.apply(fs, args);
         }
-        catch (err) {
-            if (err.code === 'ENOENT') {
-                // broken link so there is nothing more to do
-                return stats;
-            }
-            throw err;
+        finally {
+            lstatPatcher.originalSyncRequested = false;
         }
     };
     // =========================================================================
-    // fs.realpath
+    // fsInternal.lstat (to patch ESM resolve's `realpathSync`!) and
+    //      fs.lstat implementations.
+    //      fs.realpath implementations.
+    // =========================================================================
+    lstatPatcher.patch();
+    // =========================================================================
+    // fs.realpath.native
     // =========================================================================
     fs.realpath = function realpath(...args) {
         // preserve error when calling function without required callback
@@ -196,14 +194,6 @@ function patcher(fs = _fs, roots) {
         };
         origRealpathNative(...args);
     };
-    fs.realpathSync = function realpathSync(...args) {
-        const str = origRealpathSync(...args);
-        const escapedRoot = isEscape(args[0], str);
-        if (escapedRoot) {
-            return guardedRealPathSync(args[0], escapedRoot);
-        }
-        return str;
-    };
     fs.realpathSync.native = function native_realpathSync(...args) {
         const str = origRealpathSyncNative(...args);
         const escapedRoot = isEscape(args[0], str);
@@ -368,7 +358,6 @@ function patcher(fs = _fs, roots) {
     const promisePropertyDescriptor = Object.getOwnPropertyDescriptor(fs, 'promises');
     if (promisePropertyDescriptor) {
         const promises = {};
-        promises.lstat = util.promisify(fs.lstat);
         // NOTE: node core uses the newer realpath function fs.promises.native instead of fs.realPath
         promises.realpath = util.promisify(fs.realpath.native);
         promises.readlink = util.promisify(fs.readlink);
@@ -740,6 +729,7 @@ function stringifyPathLike(p) {
 function resolvePathLike(p) {
     return path.resolve(stringifyPathLike(p));
 }
+exports.resolvePathLike = resolvePathLike;
 function normalizePathLike(p) {
     const s = stringifyPathLike(p);
     // TODO: are URLs always absolute?

js/private/node-patches/fs_stat.cjs

@@ -0,0 +1,125 @@
+"use strict";
+// Patches Node's internal FS bindings, right before they would call into C++.
+// See full context in: https://github.com/aspect-build/rules_js/issues/362.
+// This is to ensure ESM imports don't escape accidentally via `realpathSync`.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FsInternalStatPatcher = void 0;
+/// <reference path="./fs_stat_types.d.cts" />
+const binding_1 = require("internal/test/binding");
+const utils_1 = require("internal/fs/utils");
+const fs_cjs_1 = require("./fs.cjs");
+const internalFs = (0, binding_1.internalBinding)('fs');
+class FsInternalStatPatcher {
+    constructor(escapeFns, guardedReadLink, guardedReadLinkSync, unguardedRealPath, unguardedRealPathSync) {
+        this.escapeFns = escapeFns;
+        this.guardedReadLink = guardedReadLink;
+        this.guardedReadLinkSync = guardedReadLinkSync;
+        this.unguardedRealPath = unguardedRealPath;
+        this.unguardedRealPathSync = unguardedRealPathSync;
+        this._originalFsLstat = internalFs.lstat;
+        this.originalSyncRequested = false;
+    }
+    revert() {
+        internalFs.lstat = this._originalFsLstat;
+    }
+    patch() {
+        const statPatcher = this;
+        internalFs.lstat = function (path, bigint, reqCallback, throwIfNoEntry) {
+            if (this.originalSyncRequested) {
+                return statPatcher._originalFsLstat.call(internalFs, path, bigint, reqCallback, throwIfNoEntry);
+            }
+            if (reqCallback === internalFs.kUsePromises) {
+                return statPatcher._originalFsLstat.call(internalFs, path, bigint, reqCallback, throwIfNoEntry).then((stats) => {
+                    return new Promise((resolve, reject) => {
+                        statPatcher.eeguardStats(path, bigint, stats, throwIfNoEntry, (err, guardedStats) => {
+                            err || !guardedStats ? reject(err) : resolve(guardedStats);
+                        });
+                    });
+                });
+            }
+            else if (reqCallback === undefined) {
+                const stats = statPatcher._originalFsLstat.call(internalFs, path, bigint, undefined, throwIfNoEntry);
+                if (!stats) {
+                    return stats;
+                }
+                return statPatcher.eeguardStatsSync(path, bigint, throwIfNoEntry, stats);
+            }
+            else {
+                // Just re-use the promise path from above.
+                internalFs.lstat(path, bigint, internalFs.kUsePromises, throwIfNoEntry)
+                    .then((stats) => reqCallback.oncomplete(null, stats))
+                    .catch((err) => reqCallback.oncomplete(err));
+            }
+        };
+    }
+    eeguardStats(path, bigint, stats, throwIfNotFound, cb) {
+        const statsObj = (0, utils_1.getStatsFromBinding)(stats);
+        if (!statsObj.isSymbolicLink()) {
+            // the file is not a symbolic link so there is nothing more to do
+            return cb(null, stats);
+        }
+        path = (0, fs_cjs_1.resolvePathLike)(path);
+        if (!this.escapeFns.canEscape(path)) {
+            // the file can not escaped the sandbox so there is nothing more to do
+            return cb(null, stats);
+        }
+        return this.guardedReadLink(path, (str) => {
+            if (str != path) {
+                // there are one or more hops within the guards so there is nothing more to do
+                return cb(null, stats);
+            }
+            // there are no hops so lets report the stats of the real file;
+            // we can't use origRealPath here since that function calls lstat internally
+            // which can result in an infinite loop
+            return this.unguardedRealPath(path, (err, str) => {
+                if (err) {
+                    if (err.code === 'ENOENT') {
+                        // broken link so there is nothing more to do
+                        return cb(null, stats);
+                    }
+                    return cb(err);
+                }
+                // Forward request to original callback.
+                const req2 = new internalFs.FSReqCallback(bigint);
+                req2.oncomplete = (err, realStats) => cb(err, realStats);
+                return this._originalFsLstat.call(internalFs, str, bigint, req2, throwIfNotFound);
+            });
+        });
+    }
+    eeguardStatsSync(path, bigint, throwIfNoEntry, stats) {
+        // No stats available.
+        if (!stats) {
+            return stats;
+        }
+        const statsObj = (0, utils_1.getStatsFromBinding)(stats);
+        if (!statsObj.isSymbolicLink()) {
+            // the file is not a symbolic link so there is nothing more to do
+            return stats;
+        }
+        path = (0, fs_cjs_1.resolvePathLike)(path);
+        if (!this.escapeFns.canEscape(path)) {
+            // the file can not escaped the sandbox so there is nothing more to do
+            return stats;
+        }
+        const guardedReadLink = this.guardedReadLinkSync(path);
+        if (guardedReadLink != path) {
+            // there are one or more hops within the guards so there is nothing more to do
+            return stats;
+        }
+        try {
+            path = this.unguardedRealPathSync(path);
+            // there are no hops so lets report the stats of the real file;
+            // we can't use origRealPathSync here since that function calls lstat internally
+            // which can result in an infinite loop
+            return this._originalFsLstat.call(internalFs, path, bigint, undefined, throwIfNoEntry);
+        }
+        catch (err) {
+            if (err.code === 'ENOENT') {
+                // broken link so there is nothing more to do
+                return stats;
+            }
+            throw err;
+        }
+    }
+}
+exports.FsInternalStatPatcher = FsInternalStatPatcher;

js/private/node-patches/register.cjs

@@ -35,15 +35,14 @@ if (
     JS_BINARY__PATCH_NODE_FS != '0' &&
     JS_BINARY__FS_PATCH_ROOTS
 ) {
-    const fs = require('node:fs')
     const module = require('node:module')
     const roots = JS_BINARY__FS_PATCH_ROOTS.split(':')
     if (JS_BINARY__LOG_DEBUG) {
         console.error(
             `DEBUG: ${JS_BINARY__LOG_PREFIX}: node fs patches will be applied with roots: ${roots}`
         )
     }
-    patchfs(fs, roots)
+    patchfs(roots)
 
     // Sync the esm modules to use the now patched fs cjs module.
     // See: https://nodejs.org/api/esm.html#builtin-modules

js/private/node-patches/src/BUILD.bazel

@@ -4,18 +4,24 @@ typescript_bin.tsc(
     name = "compile",
     srcs = [
         "fs.cts",
+        "fs_stat.cts",
+        "fs_stat_types.d.cts",
         "tsconfig.json",
         "//:node_modules/@types/node",
     ],
     outs = [
         "fs.cjs",
+        "fs_stat.cjs",
     ],
     args = [
         "-p",
         "tsconfig.json",
     ],
     chdir = package_name(),
-    visibility = ["//js/private/test/node-patches:__pkg__"],
+    visibility = [
+        "//js/private/node-patches:__pkg__",
+        "//js/private/test/node-patches:__pkg__",
+    ],
 )
 
 genrule(

js/private/node-patches/src/fs.cts

@@ -20,6 +20,7 @@ import type * as FsType from 'fs'
 import type * as UrlType from 'url'
 import * as path from 'path'
 import * as util from 'util'
+import { FsInternalStatPatcher } from './fs_stat.cjs'
 
 // windows cant find the right types
 type Dir = any
@@ -28,16 +29,23 @@ type Dirent = any
 // using require here on purpose so we can override methods with any
 // also even though imports are mutable in typescript the cognitive dissonance is too high because
 // es modules
-const _fs = require('node:fs') as typeof FsType
+const fs = require('node:fs') as any
 const url = require('node:url') as typeof UrlType
 
 const HOP_NON_LINK = Symbol.for('HOP NON LINK')
 const HOP_NOT_FOUND = Symbol.for('HOP NOT FOUND')
 
 type HopResults = string | typeof HOP_NON_LINK | typeof HOP_NOT_FOUND
 
-export function patcher(fs: any = _fs, roots: string[]) {
-    fs = fs || _fs
+/**
+ * Function that patches the `fs` module to not escape the given roots.
+ * @returns a function to undo the patches.
+ */
+export function patcher(roots: string[]): void {
+    if (fs._unpatched) {
+        throw new Error('FS is already patched.')
+    }
+
     // Make the original version of the library available for when access to the
     // unguarded file system is necessary, such as the esbuild plugin that
     // protects against sandbox escaping that occurs through module resolution
@@ -77,6 +85,19 @@ export function patcher(fs: any = _fs, roots: string[]) {
 
     const { canEscape, isEscape } = escapeFunction(roots)
 
+    // =========================================================================
+    // fsInternal.lstat (to patch ESM resolve's `realpathSync`!)
+    // =========================================================================
+    const lstatEsmPatcher = new FsInternalStatPatcher(
+        { canEscape, isEscape },
+        guardedReadLink,
+        guardedReadLinkSync,
+        unguardedRealPath,
+        unguardedRealPathSync
+    )
+
+    lstatEsmPatcher.patch()
+
     // =========================================================================
     // fs.lstat
     // =========================================================================
@@ -436,7 +457,6 @@ export function patcher(fs: any = _fs, roots: string[]) {
     )
     if (promisePropertyDescriptor) {
         const promises: any = {}
-        promises.lstat = util.promisify(fs.lstat)
         // NOTE: node core uses the newer realpath function fs.promises.native instead of fs.realPath
         promises.realpath = util.promisify(fs.realpath.native)
         promises.readlink = util.promisify(fs.readlink)
@@ -819,6 +839,24 @@ export function patcher(fs: any = _fs, roots: string[]) {
             }
         }
     }
+
+    return () => {
+        fs.realpath.native = origRealpathNative
+        fs.readlink = origReadlink
+        fs.readlinkSync = origReadlinkSync
+        fs.readdir = origReaddir
+        fs.readdirSync = origReaddirSync
+        fs.opendir = origReaddir
+
+        fs.promises.realpath = util.promisify(fs.realpath.native)
+        fs.promises.readlink = util.promisify(fs.readlink)
+        fs.promises.readdir = util.promisify(fs.readdir)
+        fs.promises.opendir = util.promisify(fs.opendir)
+
+        lstatEsmPatcher.revert()
+
+        fs._unpatched = undefined
+    }
 }
 
 // =========================================================================
@@ -840,7 +878,7 @@ function stringifyPathLike(p: PathLike): string {
     }
 }
 
-function resolvePathLike(p: PathLike): string {
+export function resolvePathLike(p: PathLike): string {
     return path.resolve(stringifyPathLike(p))
 }