{"id":13483891,"url":"https://github.com/endojs/endo","last_synced_at":"2026-04-16T02:01:00.912Z","repository":{"id":37048538,"uuid":"220080707","full_name":"endojs/endo","owner":"endojs","description":"Endo is a distributed secure JavaScript sandbox, based on SES","archived":false,"fork":false,"pushed_at":"2026-04-11T01:25:33.000Z","size":70417,"stargazers_count":1000,"open_issues_count":587,"forks_count":86,"subscribers_count":27,"default_branch":"master","last_synced_at":"2026-04-11T03:23:24.780Z","etag":null,"topics":["capabilities","captp","hardened","javascript","multi-tenant","ocaps","powerbox","prototype-pollution","sandbox","security","supply-chain"],"latest_commit_sha":null,"homepage":"https://endojs.org/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/endojs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2019-11-06T20:09:57.000Z","updated_at":"2026-04-09T22:30:19.000Z","dependencies_parsed_at":"2022-07-11T16:31:48.995Z","dependency_job_id":"7dc87357-df80-421c-92a5-06844a8c0286","html_url":"https://github.com/endojs/endo","commit_stats":{"total_commits":5174,"total_committers":66,"mean_commits":78.39393939393939,"dds":0.741012756088133,"last_synced_commit":"a923f4e864b2975b46f7c20bcc7c702ac0d5287d"},"previous_names":["agoric/ses-shim"],"tags_count":1940,"template":false,"template_full_name":null,"purl":"pkg:github/endojs/endo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/endojs%2Fendo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/endojs%2Fendo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/endojs%2Fendo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/endojs%2Fendo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/endojs","download_url":"https://codeload.github.com/endojs/endo/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/endojs%2Fendo/sbom","scorecard":{"id":9345,"data":{"date":"2025-08-11","repo":{"name":"github.com/endojs/endo","commit":"ab70fd63544502f524e207db302006bb4790450c"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.2,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/browser-test.yml:1","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/depcheck.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/typedoc-gh-pages.yml:12","Info: topLevel 'actions' permission set to 'read': .github/workflows/typedoc-gh-pages.yml:13","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/browser-test.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/browser-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/browser-test.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/browser-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/browser-test.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/browser-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:266: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:272: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:312: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:321: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:339: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:365: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depcheck.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/depcheck.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depcheck.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/depcheck.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typedoc-gh-pages.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/typedoc-gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typedoc-gh-pages.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/typedoc-gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typedoc-gh-pages.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/typedoc-gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typedoc-gh-pages.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/endojs/endo/typedoc-gh-pages.yml/master?enable=pin","Info:   0 out of  27 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: JavaScriptPropertyBasedTesting integration found: packages/marshal/test/encodePassable.test.js:5","Info: JavaScriptPropertyBasedTesting integration found: packages/marshal/test/rankOrder.test.js:5","Info: JavaScriptPropertyBasedTesting integration found: packages/patterns/test/copySet.test.js:3","Info: JavaScriptPropertyBasedTesting integration found: packages/marshal/test/encodePassable.test.js:5","Info: JavaScriptPropertyBasedTesting integration found: packages/marshal/test/rankOrder.test.js:5","Info: JavaScriptPropertyBasedTesting integration found: packages/patterns/test/copySet.test.js:3"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":0,"reason":"19 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-6xwr-q98w-rvg7","Warn: Project is vulnerable to: GHSA-6fx8-h7jm-663j","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-6jg8-7333-554w","Warn: Project is vulnerable to: GHSA-whpx-q3rq-w8jc","Warn: Project is vulnerable to: GHSA-h9w6-f932-gq62","Warn: Project is vulnerable to: GHSA-9c4h-3f7h-322r","Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T14:13:06.864Z","repository_id":37048538,"created_at":"2025-08-14T14:13:06.864Z","updated_at":"2025-08-14T14:13:06.864Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31816594,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T18:05:02.291Z","status":"ssl_error","status_checked_at":"2026-04-14T18:05:01.765Z","response_time":153,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["capabilities","captp","hardened","javascript","multi-tenant","ocaps","powerbox","prototype-pollution","sandbox","security","supply-chain"],"created_at":"2024-07-31T17:01:16.542Z","updated_at":"2026-04-16T02:01:00.895Z","avatar_url":"https://github.com/endojs.png","language":"JavaScript","readme":"# Endo\n\n[![contributing][contributing-svg]][contributing-url]\n[![license][license-image]][license-url]\n[![CI status](https://github.com/endojs/endo/actions/workflows/ci.yml/badge.svg)](https://github.com/endojs/endo/actions/workflows/ci.yml)\n[![Mutable.ai Auto Wiki](https://img.shields.io/badge/Auto_Wiki-Mutable.ai-blue)](https://wiki.mutable.ai/endojs/endo)\n\nEndo is a framework for powerful JavaScript plugin systems and supply chain\nattack resistance.\nEndo includes tools for _confinement_, _communication_, and _concurrency_.\nThese include a shim for [Hardened JavaScript][SES], an [ECMA TC-39\nstandards track proposal][SES Proposal] to make JavaScript a safer and more\nsuitable platform for plugin systems.\n\n[Agoric][] and [MetaMask][] rely on Hardened JavaScript and the [SES shim][SES]\nas part of systems that sandbox third-party plugins or smart contracts and\nmitigate supply chain attacks for production web applications, web extensions,\nand build systems.\n\n[![Agoric Logo](https://github.com/endojs/endo/raw/master/packages/ses/docs/agoric-x100.png)][Agoric]\n[![MetaMask Logo](https://github.com/endojs/endo/raw/master/packages/ses/docs/metamask-x100.png)][MetaMask]\n\n[Agoric]: https://agoric.com/\n[MetaMask]: https://metamask.io/\n\nEndo protects program integrity both in-process and in distributed systems.\nHardened JavaScript protects local integrity, defending an application against\n[supply chain attacks][]: hacks that enter through upgrades to third-party\ndependencies.\nEndo does this by encouraging the [Principle of Least Authority](#§pola).\n\nSince most JavaScript libraries receive powerful capabilities from global\nobjects like `fetch` or modules like `net`, [LavaMoat][] generates reviewable\npolicies that determine what capabilities will be distributed to third party\ndependencies according to evident need, and enforces those policies at runtime\nwith Endo.\n\nFor distributed systems, Endo stretches object oriented programming over\nnetworks using asynchronous message passing to remote objects with the\n[Handled Promise][] API and a [Capability Transfer Protocol][CapTP].\n\nBetween remote objects and Hardened JavaScript compartments, Endo makes\ndistributed programs easy to program, and easy to reason about integrity.\nCapTP frees the programmer from needing to create bespoke communication\nprotocols over message ports or byte streams.\n\nEndo combines these components to demonstrate their use for a confined plugin\nsystem in the [Endo Pet-name Dæmon](packages/daemon) and its\n[CLI](packages/cli).\n\nPlease join the conversation on our [Mailing List][SES Strategy Group] and\n[Matrix][Endo Matrix].\nReach out if you would like an ivitation to our **meetings**:\n\n- We record a weekly [Endo Sync video call][Endo Sync] .\n- We recorded a weekly [SES video call][SES Strategy Recordings] with the\n  Hardened JavaScript engineering community.\n- We now meet weekly with [ECMA TC-39 ECMAScript Technical Committee TG-3\n  Security Working Group][TG3].\n\n## Ruminations on the Name\n\n* In Greek, \"endo-\" means \"internal\" or \"within\".\n  This is fitting because Endo runs Node _within_ a safe sandbox.\n  This is fitting in turn because Endo is built on the legacy of Google Caja.\n  In Spanish, \"caja\" means \"box\" and is related to the Latin word \"capsum\" and\n  English \"capsule\", as in \"encapsulate\".\n* Endo is an anagram of Node and Deno.\n  That is to say, we are not Done yet.\n* The `endo` command, like the `sudo` command, is a \"do\" command.\n  However, instead of escalating privilege, it attenuates privilege.\n* Endo lets applications endow packages with limited powerful objects and\n  modules.  As they say, you can't spell \"endow\" without \"endo\"!\n* So, \"E.N.Do\" forms the acronym \"Encapsulated Node Do\".\n\nSo, just as \"soo-doo\" (super user do) and \"soo-doh\" (like \"pseudo\") are valid\npronunciations of `sudo`, \"en-doh\" and \"en-doo\" are both valid pronunciations of\n`endo`.\n\n\u003ca name=\"§pola\"\u003e\u003c/a\u003e\n### Principle of Least Authority\n\nThe Principle of Least Authority [(Wikipedia)][PoLA] states that a software\ncomponent should only have access to data and resources that enable it to do\nits legitimate work.\n\n**PoLA explained in 3 minutes:**\n_Opening Statement on SOSP 50th Anniversary Panel_, Mark Miller:\n\n[![Video presentation explaining PoLA in 3 minutes](https://img.youtube.com/vi/br9DwtjqmVI/0.jpg)](https://www.youtube.com/watch?v=br9DwtjqmVI)\n\n**PoLA explained in 15 minutes:**\n_Navigating the Attack Surface to achieve a multiplicative reduction in risk_,\nMark Miller:\n\n[![Video presentation explaining PoLA in 15 minutes](https://img.youtube.com/vi/wW9-KuezPp8/0.jpg)](https://www.youtube.com/watch?v=wW9-KuezPp8\u0026t=664s)\n\n### Bug Disclosure\n\nPlease help us practice coordinated security bug disclosure, by using the\ninstructions in our [security guide](./packages/ses/SECURITY.md) to report\nsecurity-sensitive bugs privately.\n\nFor non-security bugs, please use the [regular Issues\npage](https://github.com/Agoric/SES-shim/issues).\n\n### License\n\nEndo and its components are [Apache 2.0 licensed][license-url].\n\n[CapTP]: packages/captp/README.md#agoriccaptp\n[Endo Matrix]: https://matrix.to/#/#endojs:matrix.org\n[Endo Sync]: https://www.youtube.com/watch?v=tM5NyB7xxYM\u0026list=PLzDw4TTug5O0eUj81Vnkp-mFuI4O0rBnc\n[Handled Promise]: packages/eventual-send/README.md\n[LavaMoat]: https://github.com/LavaMoat/LavaMoat\n[PoLA]: https://en.wikipedia.org/wiki/Principle_of_least_privilege\n[SES Proposal]: https://github.com/tc39/proposal-ses\n[SES Strategy Group]: https://groups.google.com/g/ses-strategy\n[SES Strategy Recordings]: https://www.youtube.com/playlist?list=PLzDw4TTug5O1jzKodRDp3qec8zl88oxGd\n[SES]: packages/ses/README.md\n[contributing-svg]: https://img.shields.io/badge/PRs-welcome-brightgreen.svg\n[contributing-url]: ./CONTRIBUTING.md\n[license-image]: https://img.shields.io/badge/License-Apache%202.0-blue.svg\n[license-url]: ./LICENSE\n[supply chain attacks]: https://en.wikipedia.org/wiki/Supply_chain_attack\n[TG3]: https://github.com/tc39/tg3\n","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fendojs%2Fendo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fendojs%2Fendo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fendojs%2Fendo/lists"}