Legacy runtime reference

This page describes the environment, features, and security of the legacy runtime version. This information is provided as a reference for developers who may still need it while upgrading to the latest runtime version.

Sandboxing

The legacy runtime was designed to sandbox apps to control app execution. There are two main parts to this: user interface security and the app runtime.

App runtime

The legacy runtime sandboxes the apps from the environment in which they execute. By running apps in isolated environments, the platform limits what apps can do. For example:

• Apps cannot accidentally leak customer data across sites.
• Apps cannot interfere with or modify other running apps.

To understand how this works in detail, see the diagram and notes on the Forge app sandbox below:

• App bundle: The app bundle is the packaged app code.
• App isolate: App isolates are instantiated per request. Isolates provide per-request isolation within a single app. The app isolate is a v8 JavaScript isolate.
• Node runtime: Forge apps run in AWS as lambdas. AWS Lambda provides per-app isolation.
• Forge AWS account: The Forge platform runs lambdas using multiple AWS accounts to distribute the load. All of these accounts are separate from the other Atlassian services. Using dedicated accounts to run apps enables Forge to minimize privileges. This means that if an app escapes its sandbox due to a vulnerability, then running it in a less privileged account limits what it can do.

Javascript environment

When a Forge app is invoked, the legacy runtime executes the code within the app sandbox. This environment differs from a traditional Node.js environment.

You'll need to write your functions in a subset of Node.js. Some globals are not exposed, for example:

• process (except for process.env)
• queueMicrotask

This means that some NPM packages that depend on these may not function correctly. The following Node.js built-in modules are not supported:

• async_hooks
• child_process
• cluster
• constants
• dgram
• dns
• domain
• http2
• module
• net
• perf_hooks
• readline
• repl
• sys
• tls
• trace_events
• tty
• v8
• vm
• worker_threads

Snapshots and snapshot context

Snapshot is the mechanism of evaluating your function's global scope at each deployment of the app, rather than at every invocation. Forge apps use snapshots by default, as this improves the response time for your app. You can disable snapshots, but this means your app needs to be fully evaluated on each invocation. For this reason, you should consider leaving snapshots enabled.

The following image highlights a sample snapshot context. Note that the invocation method is not run at this point in time.

The snapshots flag is available under the runtime object with a default value of true.

1
2
app:
  runtime:
    snapshots: true # Boolean

Limitations

Environment variables

Environment variables are not available in the snapshot context.

Example

1
2
const myVariable = process.env.MY_VARIABLE;

export const run = () => {
  console.log(myVariable) // Value is undefined
};

Randomness

Random values created at snapshot time are not random on each function invocation.

Example

1
2
const snapshotContextRandom = Math.random();

export const run = () => {
  console.log(snapshotContextRandom); // Same value per invocation
};

Buffers

We discourage using Buffers in the snapshot context. Warnings will be presented at deploy time if this is detected.

1
2
const snapshotContextBuffer = new Buffer(); // May result in unpredictable behavior

export const run = () => {
  // ...
};

Standard globals

Process

The global process object is a partial implementation of the Node JS process.

Object signature

1
2
process

Fields