Expand description
Zero-JavaScript Validation for WASM-First Applications (PROBAR-SPEC-012).
Validates that WASM applications contain NO user-generated JavaScript, CSS, or HTML. Zero-JavaScript Validation for WASM-First Applications (PROBAR-SPEC-012)
Validates that WASM applications contain NO user-generated JavaScript, CSS, or HTML. All web assets must be programmatically generated via probar-js-gen or typed builders.
§Toyota Way Application:
- Poka-Yoke: Type system prevents user-injected code at compile time
- Jidoka: Validation stops the line if unauthorized code detected
- Andon: Clear error messages identify exactly what violated zero-JS policy
§Critical Defect Vectors Addressed:
- User-created JavaScript files
- Inline
<script>tags not from WASM - External CSS files not generated by builders
- HTML files without WASM generation markers
§References:
- whisper.apr CLAUDE.md: “ABSOLUTE ZERO JAVASCRIPT”
- DO-178C Section 6.3: Configuration management
- OWASP: Third-party JavaScript injection prevention
Structs§
- Dangerous
Pattern Violation - Dangerous pattern violation
- Inline
Script Violation - Inline script violation details
- Zero
JsConfig - Zero-JS validator configuration
- Zero
JsValidation Result - Zero-JS validation result
- Zero
JsValidator - Zero-JavaScript validator for WASM-first applications
Enums§
- Zero
JsError - Error type for zero-JS validation
Constants§
- DANGEROUS_
JS_ PATTERNS - Dangerous patterns in JavaScript that should NEVER appear
- FORBIDDEN_
DIRECTORIES - Forbidden directory names that indicate non-WASM tooling
- FORBIDDEN_
EXTENSIONS - Forbidden file patterns for zero-JS WASM applications
- FORBIDDEN_
FILES - Forbidden files that indicate JavaScript tooling