chore: reorg project by NathanFlurry · Pull Request #27 · rivet-dev/secure-exec

NathanFlurry · 2026-03-21T20:19:00Z

feat: US-001 - Make kernel types the canonical source of truth
chore: update PRD and progress for US-001 completion
feat: US-002 - Move bridge source files from core to nodejs package
chore: update PRD and progress for US-002 completion
feat: US-003 - Move ESM compiler, module resolver, and package bundler from core to nodejs
chore: update PRD and progress for US-003 completion
feat: US-004 - Move bridge build scripts and heavy deps to nodejs devDeps
chore: update PRD and progress for US-004 completion
feat: US-005 - Move kernel source into @secure-exec/core
feat: US-006 - Add tsc build step to @secure-exec/core
feat: US-007 - Merge runtime-node and os-node into secure-exec-nodejs
feat: US-008 - Merge runtime-wasmvm into publishable secure-exec-wasmvm
feat: US-009 - Merge runtime-python into secure-exec-python
feat: US-010 - Merge os-browser into secure-exec-browser
feat: US-011 - Remove old public API facades and types
feat: US-012 - Rename @secure-exec/node to @secure-exec/nodejs and update re-exports
feat: US-013 - Update all docs, examples, and README for new API
feat: US-014 - Move crates/v8-runtime to native/v8-runtime
feat: US-015 - Move wasmvm/ to native/wasmvm/
feat: US-016 - Update all path references for native/ restructure
feat: US-017 - Delete merged packages and update workspace config
feat: US-018 - Update turbo, CI, contracts, and architecture docs for final state
feat: US-019 - Custom bindings core plumbing
feat: US-020 - Sandbox-side SecureExec.bindings injection
feat: US-021 - Custom bindings tests
feat: US-022 - Bridge gap fixes for CLI tool testing
feat: US-023 - Mock LLM server and Pi headless tests
feat: US-024 - Pi interactive tests (PTY mode)
feat: US-025 - OpenCode headless tests (binary spawn)
feat: US-026 - OpenCode interactive tests (PTY mode)
feat: US-027 - Claude Code headless tests (binary spawn)
feat: US-028 - Claude Code interactive tests (PTY mode)
feat: US-028 - Claude Code interactive tests (PTY mode)
refactor: flatten package directory names

@deprecated

Re-export VirtualFileSystem, VirtualStat, VirtualDirEntry, Permissions, PermissionCheck, FsAccessRequest, and related types from @secure-exec/kernel through @secure-exec/core. Core's own duplicate definitions annotated with @deprecated JSDoc. All internal imports updated to use kernel types. - Add @secure-exec/kernel as dependency of core, node, browser, secure-exec - Add "connect" op to kernel NetworkAccessRequest for parity with core - Update all VFS implementations (InMemoryFileSystem, NodeFileSystem, ModuleAccessFileSystem, OpfsFileSystem, kernel VFS adapters) to satisfy kernel VFS interface (realpath, pread, full VirtualStat fields) - Update wrapFileSystem and createFsStub with realpath/pread pass-through

@deprecated

Move bridge polyfill source files (fs, process, child-process, network, module, os, polyfills, active-handles) from @secure-exec/core to @secure-exec/node. Move bridge-contract.ts (canonical bridge type definitions and global key constants) to @secure-exec/node. A @deprecated copy of bridge-contract.ts remains in core for backward compatibility during the phased migration (will be removed in US-005). - Bridge files now import bridge-contract from local ./bridge-contract.js - Bridge files import global-exposure from @secure-exec/core/internal/shared - Node package files import bridge-contract locally instead of from core - Test imports updated to reference new bridge file locations - Fixed pre-existing stale esm-compiler.ts reference in bridge policy test - Added buffer, text-encoding-utf-8, whatwg-url as node devDependencies - Removed build:bridge from core (source moved, US-004 will add to node)

…r from core to nodejs

…Deps Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>