kat
3a50868e12
well the problem with arbitrary selection is that... you need to do lots of matching, which is confusing too when you need to encode nesting. so what if just.. node cli.js index_test.js? this isn't concerned with reporters or execution, this happens at the cli level and it solely affects which modules are imported instead of just all_tests.js. alternatively, we could do suites instead of files. this is probably better huh because you don't need to type out all those file paths, and it doesn't punish large files (because a test file corresponds to a source code file) so we'd just import all_tests.js, then just filter out suites whose name doesn't match <input>, before calling `run` on it. deleting and filtering out suites should probably be methods on the registrar i suspect the impl will be tiny excl argument parser nonsense, so imo squash this into the commit that added registrars add a comment describing the use-case as “just run the tests i'm editing to save time”, rather than as skipping, then briefly mention why general purpose skipping is still a tentative future feature
Hakurei is a tool for running sandboxed desktop applications as dedicated subordinate users on the Linux kernel. It implements the application container of planterette (WIP), a self-contained Android-like package manager with modern security features.
Interaction with hakurei happens entirely through structures described by package hst. No native API is available due to internal details of uid isolation.
Notable Packages
Package container is general purpose container tooling. It is used by the hakurei shim process running as the target subordinate user to set up the application container. It has a single dependency, libseccomp, to create BPF programs for the system call filter.
Package internal/pkg provides infrastructure for hermetic builds. This replaces the legacy nix-based testing framework and serves as the build system of Rosa OS, currently developed under package internal/rosa.
Dependencies
container depends on:
- libseccomp to generate BPF programs.
cmd/hakurei depends on:
- acl to export sockets to subordinate users.
- wayland to set up security-context-v1.
- xcb to grant and revoke subordinate users access to the X server.
cmd/sharefs depends on:
- fuse to implement the filesystem.
New dependencies will generally not be added. Patches adding new dependencies are very likely to be rejected.
NixOS Module (deprecated)
The NixOS module is in maintenance mode and will be removed once planterette is feature-complete. Full module documentation can be found here.