{"id":23527437,"url":"https://github.com/marcelo-schreiber/run-user-code-saas","last_synced_at":"2025-04-22T14:42:17.057Z","repository":{"id":154825338,"uuid":"584048866","full_name":"marcelo-schreiber/run-user-code-SaaS","owner":"marcelo-schreiber","description":"An API to execute user's code","archived":false,"fork":false,"pushed_at":"2025-01-01T05:23:13.000Z","size":132,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-29T16:03:58.891Z","etag":null,"topics":["docker","javascript","python","ruby","sandbox"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/marcelo-schreiber.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-01-01T04:50:34.000Z","updated_at":"2025-03-21T04:08:15.000Z","dependencies_parsed_at":null,"dependency_job_id":"ec1fc268-53ae-404b-8454-d07b72dccbd5","html_url":"https://github.com/marcelo-schreiber/run-user-code-SaaS","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelo-schreiber%2Frun-user-code-SaaS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelo-schreiber%2Frun-user-code-SaaS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelo-schreiber%2Frun-user-code-SaaS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcelo-schreiber%2Frun-user-code-SaaS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/marcelo-schreiber","download_url":"https://codeload.github.com/marcelo-schreiber/run-user-code-SaaS/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250261002,"owners_count":21401397,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","javascript","python","ruby","sandbox"],"created_at":"2024-12-25T20:14:20.090Z","updated_at":"2025-04-22T14:42:17.028Z","avatar_url":"https://github.com/marcelo-schreiber.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# API For Code Execution\n\n[![MIT License](https://img.shields.io/github/license/marcelo-schreiber/run-user-code-SaaS?style=social?logo=github)](https://github.com/marcelo-schreiber/run-user-code-SaaS/blob/master/LICENSE)\n[![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/marcelo-schreiber/run-user-code-SaaS/test-backend.yml?style=social?logo=github)](https://github.com/marcelo-schreiber/run-user-code-SaaS/actions/workflows/test-backend.yml)\n[README in portuguese](https://github.com/marcelo-schreiber/run-user-code-SaaS/blob/master/README.pt.md)  \n\nThis is an API for running code in different languages, such as Python, Javascript and Ruby. It uses Docker to run the code in a safe environment, avoiding vulnerabilities and security breaches.\n\n## Table of Contents\n\n* [Getting Started](#getting-started)\n  * [Pre requisites](#pre-requisites)\n  * [Installation](#installation)\n  * [Run with docker](#run-with-docker)\n  * [Run in production](#run-in-production)\n* [Testing](#testing)\n* [API Reference](#api-reference)\n  * [Returns python code output](#returns-python-code-output)\n  * [Returns javacript code output](#returns-javacript-code-output)\n  * [Returns ruby code output](#returns-ruby-code-output)\n* [Why Docker? What could go wrong?](#why-docker-what-could-go-wrong)\n* [Inspirations and References](#inspirations-and-references)\n* [Technologies](#technologies)\n* [Feedback](#feedback)\n\n## Getting Started\n\n### Pre requisites\n\nMake sure you have [Docker](https://www.docker.com/) e [Node.js](https://nodejs.org/en/) Installed.\n\n### Installation\n\nIn the project folder, install all dependencies:\n\n```bash\n  npm install\n```\n\nPull the docker images, make sure your docker cli works without sudo:\n\n```bash\n  npm run pull-images\n```\n\nStart the server in development mode, every change in the code will restart the server:\n\n```bash\n  npm run dev\n```\n\n### Run with docker\n\nIn the project folder, install all dependencies:\n\n```bash\n  npm install\n```\n\nPull the docker images, make sure your docker CLI works without sudo:\n\n```bash\n  npm run pull-images\n```\n\nCreate a docker image:\n\n```bash\n  docker build -t code-exec .\n```\n\nRun the docker image:\n\n```bash\n  docker run -p 3000:3000 -v /var/run/docker.sock:/var/run/docker.sock --name code-exec code-exec\n```\n\n### Run in production\n\nFollow the installation steps, then run the following command instead of `npm run dev`:\n\n```bash\n  npm start\n```\n\n## Testing\n\nTo run the tests, run the following command:\n\n```bash\n  npm test\n```\n\nMake sure you have installed all dependencies before running the tests.\n\n## API Reference\n\n### Returns python code output\n\n```http\n  POST /run/python\n```\n\n| Paramter   | Type       | Description                           |\n| :---------- | :--------- | :---------------------------------- |\n| `code` | `string` | **Mandatory**.|\n| `input` | `string` | **Optional**. `stdin` separated by `\\n`|\n\n### Returns javacript code output\n\n```http\n  POST /run/javascript\n```\n\n| Paramter   | Type       | Description                           |\n| :---------- | :--------- | :---------------------------------- |\n| `code` | `string` | **Mandatory**.|\n\n### Returns ruby code output\n\n```http\n  POST /run/ruby\n```\n\n| Paramter   | Type       | Description                           |\n| :---------- | :--------- | :---------------------------------- |\n| `code` | `string` | **Mandatory**.|\n| `input` | `string` | **Optional**. `stdin` separated by `\\n`|\n\n## Why Docker? What could go wrong?\n\nWith the intention of running the user's code safely, it is understood that the user will not be able to have any interaction with the data and files on the server.\nIn this sense, to avoid a vulnerability such as:\n\n```python\nimport os\nos.system('shutdown -f') # shutdown the server\n```\n\nor\n\n```javascript\nwhile (true) {} // infinite loop\n```\n\nor\n\n```ruby\nFile.delete('important_file.txt') # delete a file\n```\n\n**With each user request**, a **container** is created (similar to a virtual machine) which closes at the end of the program execution or after 3 seconds, avoiding infinite loops.\n  \nOther possible vulnerabilities such as file installation or container exits are escaped by limiting RAM memory and processing. Also, It removes privileges, network and disk writes (even within the container).\nIn this way, a large part of the weaknesses are removed, especially in conjunction with a rate limiter (by IP, by Path, etc), load balancer, a queue system such that the server can run more than one container at a time and other security measures.\n\n## Inspirations and References\n\n* [Tim Nolet](https://www.freecodecamp.org/news/running-untrusted-javascript-as-a-saas-is-hard-this-is-how-i-tamed-the-demons-973870f76e1c/) - [@FreeCodeCamp](https://www.freecodecamp.org/)\n* [Codex API](https://github.com/Jaagrav/CodeX-API) - [Jaagrav](https://github.com/Jaagrav)\n\n## Technologies\n\n* [Docker](https://www.docker.com/)\n* [Typescript](https://www.typescriptlang.org/)\n* [Node.js](https://nodejs.org/en/)\n* [Express](https://expressjs.com/)\n* [Vitest](https://vitest.dev/)\n\n## Feedback\n\nIf you have any feedback, please reach out at `marcelorissette15@gmail.com`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcelo-schreiber%2Frun-user-code-saas","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarcelo-schreiber%2Frun-user-code-saas","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcelo-schreiber%2Frun-user-code-saas/lists"}