cruft is a JavaScript runtime written from scratch in Rust — derived under Pin-Art discipline against ECMA-262 + WHATWG, conformance-measured against all of test262, and secure by capability-passing.
A JavaScript runtime written from scratch in Rust — derived under Pin-Art discipline directly from ECMA-262 + WHATWG, not forked from an existing engine.
Measured continuously against the full TC39 test262 corpus by the native cruft test262 sweep harness — 0 silent drops over the whole suite.
Targets the Node.js package ecosystem: node:* modules plus canonical cruft:* surfaces, with npm install built in (cruft install).
No ambient authority — closed import graphs make whole classes of supply-chain attacks architecturally impossible, not merely audited.
# the install one-liner (downloads the prebuilt binary, verifies sha256) curl -fsSL https://cruft.sh/install | sh # or via npm — the cruft runtime as a package npm i -g @cruftless/cruft # run a file cruft index.js
Every build is swept against the full TC39 test262 corpus by the
native cruft test262 sweep harness — one process per test, a total verdict
classifier, zero silent drops. The number above is over the whole suite, against the
true denominator. The Node binary is the differential oracle.