Skip to content
/ ignite Public

Bun-first local execution framework for JavaScript/TypeScript microservices with Docker-based isolation

dev-dami.github.io/ignite/

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dev-dami/ignite

BranchesTags

Repository files navigation

Ignite

Ignite

Secure sandbox for executing AI-generated code, untrusted scripts, and JS/TS microservices

Release License Build Bun Docker

InstallQuick StartGetting StartedWalkthroughAPI Reference

rainbow

Overview

Ignite runs JavaScript/TypeScript code in secure, isolated Docker containers with network blocking, filesystem restrictions, and security auditing. Built for AI agents that generate code, student submissions, plugin systems, or any scenario where you need to run untrusted code safely.

┌──────────────┐     ┌──────────────┐     ┌──────────────┐
│  Untrusted   │ ──► │   Ignite     │ ──► │   Sandboxed  │
│    Code      │     │   Sandbox    │     │  Execution   │
└──────────────┘     └──────────────┘     └──────────────┘

Use cases:

  • AI Agents - Safely execute LLM-generated code
  • Code Playgrounds - Run student/user submissions
  • Plugin Systems - Isolate third-party extensions
  • CI/CD - Security checks before deployment

rainbow

Stats

Metric Value
Runtimes Bun (default), Node, Deno, QuickJS
Base Images Alpine (minimal)
Platforms Linux x64/ARM64, macOS x64/ARM64
Dependencies Docker only

Note: Bun is the default runtime. Other runtimes are supported but increase the security attack surface; use them only when required and review service code and dependencies carefully.

rainbow

Install

# One-liner (Mac & Linux)
curl -fsSL https://raw.githubusercontent.com/dev-dami/ignite/master/install.sh | bash

# Or download from releases
# https://github.com/dev-dami/ignite/releases
Build from source 
git clone https://github.com/dev-dami/ignite.git && cd ignite
bun install && bun run build
bun run scripts/build-binaries.ts

rainbow

Quick Start

# Create a service
ignite init hello-world
cd hello-world

# Run it
ignite run .

rainbow

Commands

Command Description
ignite init <name> Create new service
ignite run <path> Execute in Docker
ignite run <path> --audit Execute with security audit
ignite preflight <path> Safety checks
ignite serve HTTP API server
ignite report <path> Execution report

rainbow

Security Audit

Run untrusted code safely with --audit mode:

ignite run ./my-service --audit

Enforces:

  • Zero network access
  • Read-only filesystem (except /tmp)
  • Dropped Linux capabilities
  • No privilege escalation

Reports violations:

SECURITY AUDIT

  Network
    ✗ connect: api.openai.com (blocked)

  Filesystem
    ✗ write: /app/malicious.txt (blocked)

✗ Security Status: 2 VIOLATION(S) BLOCKED

Perfect for AI agent sandboxing, student code execution, or CI security checks.

rainbow

Documentation

Doc Description
Getting Started 5-minute beginner guide
Walkthrough Complete tutorial
API Reference CLI & HTTP API docs
Architecture System design
Preflight Safety analysis

rainbow

License

MIT © dev-dami

About

Bun-first local execution framework for JavaScript/TypeScript microservices with Docker-based isolation

dev-dami.github.io/ignite/

Topics

javascript docker cli security security-audit microservices typescript runtime sandbox sandboxing code-execution ai-agents untrusted-code code-sandbox secure-sandbox llm

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 12

v0.7.2 Latest
Jan 26, 2026
+ 11 releases

Packages

No packages published

Languages