From e3a6204f2d0468d81321786bdcb50205c0895434 Mon Sep 17 00:00:00 2001
From: Alex Yang <himself65@outlook.com>
Date: Fri, 21 Jul 2023 00:04:26 +0800
Subject: [PATCH] fix: lockdown (#3336)

---
 apps/core/.webpack/config.ts                |  7 ++---
 apps/core/src/bootstrap/register-plugins.ts | 29 ++++++++++++++-------
 2 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/apps/core/.webpack/config.ts b/apps/core/.webpack/config.ts
index db2a00d46d..f400430f64 100644
--- a/apps/core/.webpack/config.ts
+++ b/apps/core/.webpack/config.ts
@@ -106,8 +106,8 @@ export const createConfiguration: (
     devtool:
       buildFlags.mode === 'production'
         ? buildFlags.distribution === 'desktop'
-          ? 'inline-source-map'
-          : 'hidden-nosources-source-map'
+          ? 'inline-cheap-source-map'
+          : 'source-map'
         : 'eval-cheap-module-source-map',
 
     resolve: {
@@ -199,7 +199,7 @@ export const createConfiguration: (
               type: 'asset/resource',
             },
             {
-              test: /\.(ttf|eot|woff|woff2)$/i,
+              test: /\.(ttf|eot|woff|woff2)$/,
               type: 'asset/resource',
             },
             {
@@ -262,6 +262,7 @@ export const createConfiguration: (
       new VanillaExtractPlugin(),
       new webpack.DefinePlugin({
         'process.env': JSON.stringify({}),
+        'process.env.COVERAGE': JSON.stringify(!!buildFlags.coverage),
         'process.env.NODE_ENV': JSON.stringify(buildFlags.mode),
         runtimeConfig: JSON.stringify(runtimeConfig),
       }),
diff --git a/apps/core/src/bootstrap/register-plugins.ts b/apps/core/src/bootstrap/register-plugins.ts
index 117d922186..521959a678 100644
--- a/apps/core/src/bootstrap/register-plugins.ts
+++ b/apps/core/src/bootstrap/register-plugins.ts
@@ -27,6 +27,17 @@ import * as ReactJSXRuntime from 'react/jsx-runtime';
 import * as ReactDom from 'react-dom';
 import * as ReactDomClient from 'react-dom/client';
 
+if (!process.env.COVERAGE) {
+  lockdown({
+    evalTaming: 'unsafeEval',
+    overrideTaming: 'severe',
+    consoleTaming: 'unsafe',
+    errorTaming: 'unsafe',
+    errorTrapping: 'platform',
+    unhandledRejectionTrapping: 'report',
+  });
+}
+
 const PluginProvider = ({ children }: PropsWithChildren) =>
   React.createElement(
     Provider,
@@ -36,11 +47,9 @@ const PluginProvider = ({ children }: PropsWithChildren) =>
     children
   );
 
-console.log('JotaiUtils', JotaiUtils);
-
 const customRequire = (id: string) => {
   if (id === '@toeverything/plugin-infra/manager') {
-    return harden(Manager);
+    return Manager;
   }
   if (id === 'react') {
     return React;
@@ -55,22 +64,22 @@ const customRequire = (id: string) => {
     return ReactDomClient;
   }
   if (id === '@blocksuite/icons') {
-    return harden(Icons);
+    return Icons;
   }
   if (id === '@affine/component') {
-    return harden(AFFiNEComponent);
+    return AFFiNEComponent;
   }
   if (id === '@blocksuite/blocks/std') {
-    return harden(BlockSuiteBlocksStd);
+    return BlockSuiteBlocksStd;
   }
   if (id === '@blocksuite/global/utils') {
-    return harden(BlockSuiteGlobalUtils);
+    return BlockSuiteGlobalUtils;
   }
   if (id === 'jotai') {
-    return harden(Jotai);
+    return Jotai;
   }
   if (id === 'jotai/utils') {
-    return harden(JotaiUtils);
+    return JotaiUtils;
   }
   if (id === '../plugin.js') {
     return entryCompartment.evaluate('exports');
@@ -80,7 +89,7 @@ const customRequire = (id: string) => {
 
 const createGlobalThis = () => {
   return {
-    process: harden({
+    process: Object.freeze({
       env: {
         NODE_ENV: process.env.NODE_ENV,
       },