-
-
an OS in the browser!
[37 tools called]
browser-os: Hackathon Submission
Inspiration
We wanted to build a full operating system that runs entirely in the browser—no servers, no backend, no infrastructure. The goal: give users a desktop environment with windowing, a filesystem, process management, and apps, all client-side with persistent storage.
Why? We saw developers building complex web apps that needed:
- Isolated environments for each user (SaaS multi-tenancy)
- Persistent workspaces without backend complexity
- Real-time collaboration without WebSocket infrastructure
- Educational sandboxes that reset cleanly
- Client demos that work anywhere, instantly
We asked: what if we could provide a complete OS-in-a-tab? What if every web app could embed a desktop environment? What if users could install apps, create files, and organize workspaces—all in their browser?
That's browser-os: a complete operating system running in a browser tab.
What it does
browser-os is a browser-based operating system with:
Core capabilities
Full desktop environment
- Multi-workspace windowing (4+ workspaces)
- Drag-and-resize windows with z-index management
- Taskbar with app shortcuts and window management
- Desktop background with custom widgets
Virtual filesystem
- Multiple backends: IndexedDB (persistent), Ephemeral (memory), LocalStorage, Server (HTTP)
- Mount points at arbitrary paths
- Full file operations: read, write, delete, mkdir, rmdir, readdir, stat
- Persistent storage across sessions
Process management
- Spawn processes with isolated execution contexts
- Process lifecycle: spawn, run, terminate
- IPC via event channels
- Process monitoring and status tracking
App ecosystem
- App registry with installation/uninstallation
- App manifests with permissions
- App store for discovering and installing apps
- Per-app permission system
Security model
- Permission-based access control
- Syscall-level permissions
- Filesystem path-based access control
- Process isolation
Eye-popping practical examples
Example 1: Zero-Infrastructure Code Playground
The Problem: Building an interactive coding tutorial requires servers, databases, and complex infrastructure. Each user needs isolated environments, persistent storage, and the ability to run code.
The Solution: Embed browser-os and get a full IDE instantly.
import { OS } from '@browser-os/os';
function CodePlayground({ tutorialId }: { tutorialId: string }) {
return (
<div style={{ height: '100vh' }}>
<OS
dbName={`tutorial-${tutorialId}`}
workspaceCount={2}
/>
</div>
);
}
What happens:
- User opens your tutorial page → sees a desktop environment
- Terminal app pre-opens → user types
npm install react - Files persist in IndexedDB → user closes browser, returns later, files are still there
- Editor app opens → user writes code, saves to
/home/user/solution.js - User switches to Workspace 2 → opens documentation in Browser app
- Zero server costs — everything runs client-side
Real-world impact:
- FreeCodeCamp could embed full coding environments in every lesson
- MDN Web Docs could provide interactive code examples
- Bootcamp platforms could give students persistent workspaces
- Portfolio sites could showcase projects with live demos
Cost savings: $0/month vs. $500+/month for server infrastructure
Example 2: Multi-Tenant SaaS Dashboard (Perfect Isolation)
The Problem: Building a SaaS platform where each customer needs isolated data, custom apps, and their own workspace. Traditional approach requires complex backend infrastructure, database sharding, and security layers.
The Solution: Each customer gets their own OS instance.
function CustomerDashboard({ customerId }: { customerId: string }) {
const [kernel, setKernel] = useState<Kernel | null>(null);
useEffect(() => {
const init = async () => {
const k = new Kernel();
await k.init();
// Isolated filesystem per customer
const customerFS = new IndexedDBBackend({
dbName: `customer-${customerId}-fs`
});
await k.getFS().mount('/', customerFS);
// Pre-install customer-specific apps
await installCustomerApps(k.getAppRegistry(), customerId);
// Pre-populate with customer data
await k.getFS().write(
'/home/user/customer-data.json',
new TextEncoder().encode(JSON.stringify(customerData))
);
setKernel(k);
};
init();
}, [customerId]);
return kernel ? <OS kernel={kernel} /> : <Loading />;
}
What happens:
- Customer A logs in → sees their desktop with their files
- Customer B logs in → completely separate environment
- Each customer's data stored in separate IndexedDB databases
- Perfect isolation without complex backend infrastructure
- Customer can install custom apps, create files, organize workspaces
- Zero data leakage between customers
Real-world impact:
- Salesforce could give each client their own OS instance
- Shopify could provide merchant dashboards with custom apps
- Notion could offer workspace isolation for enterprise customers
- Figma could provide team workspaces with perfect data separation
Cost savings: Eliminate need for database sharding, complex security layers, and infrastructure scaling
Example 3: Collaborative Design Studio (Real-Time Multi-User)
The Problem: Building a collaborative design tool where multiple users work simultaneously. Need real-time sync, shared filesystem, but separate windows per user.
The Solution: Shared OS instance with WebSocket sync.
function CollaborativeDesignStudio({ sessionId }: { sessionId: string }) {
const eventBus = useMemo(() => new EventBus(), []);
const [kernel] = useState(() => new Kernel({ eventBus }));
useEffect(() => {
const ws = new WebSocket(`wss://api.example.com/session/${sessionId}`);
// Sync filesystem changes
eventBus.on('fs:write', (event) => {
ws.send(JSON.stringify({
type: 'fs:write',
path: event.payload.path,
data: event.payload.data
}));
});
// Sync window positions
eventBus.on('window:updated', (event) => {
ws.send(JSON.stringify({
type: 'window:updated',
windowId: event.payload.windowId,
updates: event.payload.updates
}));
});
// Receive remote changes
ws.onmessage = (msg) => {
const data = JSON.parse(msg.data);
if (data.type === 'fs:write') {
kernel.getFS().write(data.path, new Uint8Array(data.data));
} else if (data.type === 'window:updated') {
kernel.getWindowManager().updateWindow(data.windowId, data.updates);
}
};
return () => ws.close();
}, [eventBus, kernel, sessionId]);
return <OS kernel={kernel} eventBus={eventBus} />;
}
What happens:
- Designer A opens Figma-like app in Window 1
- Designer B opens color palette app in Window 2
- Both see each other's windows moving in real-time
- Shared filesystem:
/shared/designs/logo.svgupdates instantly for both - Each designer has their own workspace but shares the session
- Real-time collaboration without complex CRDT setup
Real-world impact:
- Figma could provide true OS-level collaboration
- Miro could offer shared whiteboarding with persistent storage
- CodeSandbox could enable real-time code collaboration
- Notion could provide collaborative workspaces with OS features
Technical advantage: Event-driven sync is simpler than CRDTs for many use cases
Example 4: Educational Platform with Auto-Grading Labs
The Problem: Building an educational platform where students need isolated environments for each lab, with automatic grading and reset capabilities. Traditional approach requires Docker containers, VMs, or complex sandboxing.
The Solution: Isolated OS per lab assignment.
function LabEnvironment({ studentId, labId }: { studentId: string, labId: string }) {
const kernelRef = useRef<Kernel>();
const [submitted, setSubmitted] = useState(false);
useEffect(() => {
const initLab = async () => {
const kernel = new Kernel();
await kernel.init();
// Isolated filesystem per lab
const labFS = new IndexedDBBackend({
dbName: `student-${studentId}-lab-${labId}`
});
await kernel.getFS().mount('/', labFS);
// Pre-populate lab files
await kernel.getFS().write(
'/home/user/instructions.md',
new TextEncoder().encode(labInstructions)
);
await kernel.getFS().write(
'/home/user/starter-code.js',
new TextEncoder().encode(starterCode)
);
// Install lab-specific apps
await installLabApps(kernel.getAppRegistry());
kernelRef.current = kernel;
};
initLab();
}, [studentId, labId]);
const submitLab = async () => {
// Read student's solution
const solution = await kernelRef.current!.getFS().read('/home/user/solution.js');
const code = new TextDecoder().decode(solution);
// Auto-grade
const result = await gradeSolution(code, labId);
// Submit results
await submitResults(studentId, labId, result);
setSubmitted(true);
};
const resetLab = async () => {
// Delete filesystem and recreate
indexedDB.deleteDatabase(`student-${studentId}-lab-${labId}`);
window.location.reload();
};
return (
<>
<OS kernel={kernelRef.current} />
<div style={{ position: 'fixed', top: 10, right: 10 }}>
<button onClick={submitLab} disabled={submitted}>
Submit Lab
</button>
<button onClick={resetLab}>Reset Lab</button>
</div>
</>
);
}
What happens:
- Student opens lab → gets fresh OS with starter files
- Completes assignment, saves to
/home/user/solution.js - Clicks "Submit" → solution auto-graded, results shown instantly
- Instructor can reset lab → fresh environment for next attempt
- Perfect isolation between students and labs
- Zero infrastructure needed — all client-side
Real-world impact:
- Coursera could provide coding assignments with instant feedback
- Codecademy could offer interactive lessons with persistent workspaces
- University courses could provide lab environments without IT setup
- Bootcamps could scale to thousands of students without infrastructure
Cost savings: $0/month vs. $10,000+/month for VM infrastructure
Example 5: Instant Client Demo Environment
The Problem: Sales team needs to show prospects a fully functional demo that works anywhere, instantly, with no setup. Traditional demos require complex setup, backend infrastructure, and often fail due to network issues.
The Solution: Pre-configured OS demo that runs entirely in browser.
function ClientDemo({ demoId }: { demoId: string }) {
return (
<div style={{ height: '100vh', width: '100vw' }}>
<OS
dbName={`demo-${demoId}`}
workspaceCount={3}
desktop={
<CustomDesktop
logo={<img src="/client-logo.png" />}
background={<GradientBackground />}
widgets={<DemoWidgets />}
/>
}
/>
</div>
);
}
// Pre-configure demo environment
async function setupDemo(demoId: string) {
const kernel = new Kernel();
await kernel.init();
// Pre-populate with demo data
await kernel.getFS().write(
'/home/user/demo-data.json',
new TextEncoder().encode(JSON.stringify(demoData))
);
// Pre-install demo apps
await installDemoApps(kernel.getAppRegistry());
// Pre-open demo windows
const windowManager = kernel.getWindowManager();
windowManager.createWindow({
title: 'Sales Dashboard',
appId: 'dashboard',
x: 100, y: 100, width: 800, height: 600
});
windowManager.createWindow({
title: 'Analytics',
appId: 'analytics',
x: 950, y: 100, width: 600, height: 400
});
}
What happens:
- Sales rep sends link → prospect opens in browser
- Instantly sees branded desktop with demo apps pre-loaded
- Can interact with full application, create files, explore features
- All data persists in browser — no backend needed
- Zero friction — works on any device, any browser
- Impressive demo that shows full product capabilities
Real-world impact:
- Salesforce could provide instant demos for prospects
- HubSpot could offer interactive product tours
- Shopify could showcase merchant dashboard capabilities
- Any SaaS could provide instant demos without infrastructure
Business impact: Higher conversion rates, faster sales cycles, better customer experience
Example 6: Personal Productivity Workspace (Notion Killer)
The Problem: Users want a flexible productivity workspace but current solutions are limited. What if users could install any app, organize across workspaces, and have everything persist locally?
The Solution: Full OS as productivity workspace.
function PersonalWorkspace() {
const [apps, setApps] = useState([]);
const eventBus = useMemo(() => new EventBus(), []);
useEffect(() => {
// User can install any app from app store
eventBus.on('app:installed', (event) => {
setApps(prev => [...prev, event.payload.app]);
showNotification(`Installed ${event.payload.app.name}`);
});
// Auto-save workspace state
eventBus.on('window:updated', debounce(() => {
saveWorkspaceState();
}, 1000));
// Load saved workspace
loadWorkspaceState().then(state => {
restoreWindows(state.windows);
restoreWorkspaces(state.workspaces);
});
}, [eventBus]);
return (
<OS
workspaceCount={6} // More workspaces for organization
desktop={<CustomDesktopWidgets />}
eventBus={eventBus}
/>
);
}
What happens:
- User opens personal workspace → clean desktop
- Installs Notes app, Calendar app, Code Editor, Terminal
- Organizes apps across 6 workspaces (Work, Personal, Projects, etc.)
- Creates files, saves everything — all persists locally
- Can share workspace state as JSON file
- Your own computer running in a browser tab
- Privacy-first — all data stays local
Real-world impact:
- Notion alternative with unlimited flexibility
- Obsidian competitor with OS-level capabilities
- Roam Research alternative with app ecosystem
- Personal knowledge management with unlimited extensibility
User benefit: Complete control, privacy, and flexibility
Example 7: Micro-Frontend Architecture Platform
The Problem: Building a large-scale application with micro-frontends. Need isolation, communication, and shared state management.
The Solution: Each micro-frontend runs as OS app.
function MicroFrontendOS() {
const eventBus = useMemo(() => new EventBus(), []);
const kernelRef = useRef<Kernel>();
useEffect(() => {
const init = async () => {
const kernel = new Kernel({ eventBus });
await kernel.init();
// Register micro-frontends as apps
const microFrontends = [
{ id: 'auth', url: 'https://auth.example.com/app.js' },
{ id: 'dashboard', url: 'https://dashboard.example.com/app.js' },
{ id: 'analytics', url: 'https://analytics.example.com/app.js' },
{ id: 'settings', url: 'https://settings.example.com/app.js' }
];
for (const mf of microFrontends) {
// Load micro-frontend code
const code = await fetch(mf.url).then(r => r.text());
// Install as app
await kernel.getAppRegistry().add({
id: mf.id,
installedAt: Date.now(),
installedBy: 'system',
enabled: true,
manifest: {
id: mf.id,
name: mf.id,
version: '1.0.0',
entrypoint: `/bin/${mf.id}.js`,
permissions: ['fs.*', 'proc.*', 'registry.*']
}
});
// Save code to filesystem
await kernel.getFS().write(
`/bin/${mf.id}.js`,
new TextEncoder().encode(code)
);
// Spawn process
await kernel.getProcessManager().spawn(mf.id);
}
kernelRef.current = kernel;
};
init();
}, [eventBus]);
return <OS kernel={kernelRef.current} eventBus={eventBus} />;
}
What happens:
- Each micro-frontend runs as isolated app/process
- Communication via EventBus (pub/sub)
- Shared filesystem for data exchange
- Can update micro-frontends independently
- True isolation with controlled communication
- Perfect architecture for large-scale applications
Real-world impact:
- Netflix could build their platform with micro-frontends
- Amazon could provide seller dashboard with isolated modules
- Microsoft could build Office 365 with micro-frontend architecture
- Any enterprise app could benefit from this architecture
Technical advantage: Better than iframes, simpler than complex module federation
Example 8: Embedded Terminal with Full Shell Experience
The Problem: Providing a real terminal experience in your web app, with filesystem, process management, and app execution.
The Solution: Terminal app running in browser-os.
function EmbeddedTerminal() {
const kernelRef = useRef<Kernel>();
useEffect(() => {
const init = async () => {
const kernel = new Kernel();
await kernel.init();
// Install terminal app
await kernel.getAppRegistry().add({
id: 'terminal',
installedAt: Date.now(),
installedBy: 'system',
enabled: true,
manifest: {
id: 'terminal',
name: 'Terminal',
version: '1.0.0',
entrypoint: '/bin/terminal.js',
permissions: ['fs.*', 'proc.*']
}
});
// Create terminal window
const windowManager = kernel.getWindowManager();
windowManager.createWindow({
title: 'Terminal',
appId: 'terminal',
x: 50, y: 50, width: 800, height: 500
});
kernelRef.current = kernel;
};
init();
}, []);
return (
<div style={{ height: '600px', border: '1px solid #ccc' }}>
<OS kernel={kernelRef.current} />
</div>
);
}
What happens:
- User types
ls /home/user→ sees files - Types
cat document.txt→ reads file contents - Types
proc.spawn('editor', ['file.js'])→ opens editor - Types
fs.write('/output.txt', data)→ creates file - Full shell experience with real filesystem and processes
- Perfect for code playgrounds, tutorials, documentation
Real-world impact:
- CodeSandbox could provide better terminal experience
- GitHub Codespaces could embed terminal in docs
- StackBlitz could offer shell access
- Documentation sites could provide interactive terminals
User benefit: Real terminal experience without server infrastructure
How we built it
Architecture overview
Built as a TypeScript/React monorepo with 12 core packages, managed via pnpm workspaces and Turbo.
Monorepo structure:
- apps/: Shell applications (desktop-shell, web-shell, electron-shell, showcase)
- packages/: Core system packages (12 packages)
- system-apps/: Built-in applications (planned)
- examples/: Demonstration applications (planned)
Package dependencies:
core (events, schemas)
├── windowing → workspace, taskbar
├── process → app-registry
├── fs
├── kernel (orchestrates all)
└── os (shell component)
Core system components
1. Kernel (@browser-os/kernel)
Central orchestrator that initializes and coordinates subsystems.
Key responsibilities:
- Initialize filesystem with default structure
- Load system configuration from
/etc/config.json - Initialize app registry
- Register syscall handlers
- Set up default permissions for processes
- Emit
kernel:readyevent when initialization completes
Implementation details:
export class Kernel {
private eventBus: EventBus;
private fs: FileSystem;
private procManager: ProcessManager;
private appRegistry: AppRegistry;
private permissionManager: PermissionManager;
private syscallRouter: SyscallRouter;
constructor(options?: KernelOptions) {
this.eventBus = options?.eventBus ?? new EventBus();
this.fs = new FileSystem({ eventBus: this.eventBus });
this.permissionManager = new PermissionManager();
this.syscallRouter = new SyscallRouter(this.permissionManager);
// ... initialize all subsystems
}
}
Initialization flow:
- Mount root filesystem (IndexedDB) at
/ - Mount ephemeral filesystem at
/tmp - Create default directory structure (
/bin,/etc,/home/user,/var/log, etc.) - Load system configuration (create default if missing)
- Load app registry from
/etc/registry.json - Register syscall handlers (fs, proc, registry)
- Set up default permissions for user processes
- Emit
kernel:readyevent
Permission system:
- Default user permissions include filesystem access (
/home/user/**,/tmp/**) - Syscall allowlist (e.g.,
fs.read,fs.write,proc.spawn) - Per-process security contexts for permission checks
2. Virtual Filesystem (@browser-os/fs)
Multi-backend filesystem with mount point support.
Architecture:
- FileSystem class: High-level API, mount management, path resolution
- MountManager: Manages mount points, backend resolution
- PathUtils: Path normalization, joining, absolute/relative resolution
- Backend interface: Abstract interface for storage backends
Backend implementations:
- IndexedDBBackend: Persistent storage using IndexedDB
- Directory markers (
.dirfiles) for directory tracking - Cursor-based
readdir()for listing directories - Async operations with Promise-based API
- Directory markers (
- EphemeralBackend: In-memory Map storage
- Session-only storage
- Fast operations
- Used for
/tmpmount
- LocalStorageBackend: localStorage-based storage
- Limited size (~5-10MB)
- Synchronous operations
- Good for small files
- ServerBackend: HTTP API backend (planned)
- Remote storage
- Network-based operations
Key features:
- Mount system: Mount backends at arbitrary paths
- Path resolution: Automatic path normalization and resolution
- Recursive operations:
mkdirandrmdirsupport recursive operations - Event emission: All operations emit events (
fs:read,fs:write,fs:mount, etc.) - File metadata:
stat()returns file type, size, timestamps, permissions
Implementation example:
// Mount a backend
await fs.mount('/', new IndexedDBBackend({ dbName: 'browser-os-fs' }));
await fs.mount('/tmp', new EphemeralBackend());
// Use filesystem
await fs.write('/home/user/file.txt', new TextEncoder().encode('Hello'));
const data = await fs.read('/home/user/file.txt');
const files = await fs.readdir('/home/user');
3. Process Management (@browser-os/proc)
Process lifecycle management with isolated execution contexts.
Components:
- ProcessManager: Spawns, kills, lists processes
- Process class: Tracks PID, status, CWD, environment, IPC channel
- Executor: Executes app code with injected OS API
Process lifecycle:
- Spawn: Assign PID, create IPC channel, load app code from
/bin/{appId}.js - Execute: Run app code with injected OS API (
pid,cwd,env,syscall(),channel) - Run: Process executes, can make syscalls, send/receive IPC messages
- Terminate: Process stops, resources cleaned up, events emitted
OS API injection:
const osApi: OSAPI = {
pid,
cwd,
env,
syscall: async (name: string, args: Record<string, unknown>) => {
// Syscall goes through kernel with permission checks
return syscallHandler(pid, name, args);
},
channel, // IPC channel for inter-process communication
};
IPC channels:
- Each process gets a dedicated
Channelinstance - Process-scoped event channels (
proc:{pid}) - Targeted messaging between processes
- EventBus-based communication
Error handling:
- Process errors caught and logged
- Process automatically terminated on error
- Error events emitted (
proc:error)
4. Event System (@browser-os/events)
Pub/sub and request/response event system.
Components:
- EventBus: Central event bus with multiple subscription patterns
- Channel: Process-scoped event channels for IPC
Features:
- Direct subscriptions:
on(type, handler)for exact type matching - Pattern matching:
onPattern(pattern, handler)for regex/string patterns - Request/response:
request()andrespond()for async RPC - Timeout handling: Automatic timeout for requests (default 5000ms)
- Error handling: Try/catch in handlers, error events emitted
Event schema:
interface Event {
type: string;
payload: unknown;
source?: string;
target?: string;
timestamp: number;
}
Usage examples:
// Subscribe to events
eventBus.on('window:created', (event) => {
console.log('Window created:', event.payload);
});
// Pattern matching
eventBus.onPattern(/^fs:/, (event) => {
console.log('Filesystem event:', event.type);
});
// Request/response
const result = await eventBus.request('app:get', { appId: 'terminal' });
eventBus.respond('app:get', async (request) => {
return appRegistry.get(request.payload.appId);
});
5. Windowing System (@browser-os/windowing)
Window management with drag, resize, and workspace support.
Components:
- WindowManager: Creates, destroys, focuses, minimizes, maximizes windows
- WindowRegistry: In-memory registry with z-index management
- Window component: React component with drag/resize interactions
Window properties:
- Position (
x,y), size (width,height) - Constraints (
minWidth,minHeight,maxWidth,maxHeight) - State (
normal,minimized,maximized) - Behavior flags (
resizable,movable,closable,minimizable,maximizable) - Z-index management, workspace association, optional app ID
Z-index management:
- Automatic z-index assignment on creation
- Bring-to-front on focus
- WindowRegistry tracks z-index order
- React components update based on z-index
Interactions:
- Drag: Titlebar drag moves window
- Resize: 8-directional resize handles (n, s, e, w, ne, nw, se, sw)
- Titlebar controls: Minimize, maximize/restore, close buttons
- Focus management: Click to focus, bring to front
Event emission:
window:created,window:destroyed,window:focusedwindow:minimized,window:maximized,window:restoredwindow:updatedfor property changes
6. Workspace Management (@browser-os/workspace)
Multi-workspace support with keyboard shortcuts.
Components:
- WorkspaceManager: Creates workspaces, switches active workspace, moves windows
- Workspace component: React component rendering workspace content
- WorkspaceOverview: Modal overview of all workspaces
Features:
- Default workspaces: 4 workspaces created by default (configurable)
- Workspace switching:
switchWorkspace(workspaceId)orswitchWorkspaceByIndex(index) - Keyboard shortcuts: Ctrl+1-4 to switch workspaces
- Window assignment: Windows belong to workspaces, filtered by active workspace
- Workspace overview: Modal showing all workspaces with window thumbnails
Implementation:
const workspaceManager = new WorkspaceManager({
eventBus,
windowManager,
initialWorkspaceCount: 4,
});
// Switch workspace
workspaceManager.switchWorkspace(workspaceId);
// Move window to workspace
workspaceManager.moveWindowToWorkspace(windowId, workspaceId);
7. App Registry (@browser-os/app-registry)
App installation and management system.
Components:
- AppRegistry: Manages installed apps, loads/saves registry
- Installer: Handles app installation (planned)
App manifest schema:
interface AppManifest {
id: string;
name: string;
version: string;
description?: string;
entrypoint: string; // Path to JS file in /bin/
permissions: string[]; // Required syscalls
icon?: string; // Path to icon
showInTaskbar: boolean; // Whether app appears in taskbar
}
Registry entry:
interface AppRegistryEntry {
id: string;
installedAt: number;
installedBy: string; // User ID
enabled: boolean;
manifest: AppManifest;
}
Operations:
list(): Get all appsget(id): Get app by IDisInstalled(id): Check if app is installedgetEnabled(): Get enabled apps onlyadd(entry): Add app to registryremove(id): Remove app from registryload(): Load registry from/etc/registry.jsonsave(): Save registry to/etc/registry.json
Persistence:
- Registry stored in
/etc/registry.json - Loaded on kernel initialization
- Saved after modifications
- Event emission on load/save
8. Schemas (@browser-os/schemas)
Zod-based type definitions for runtime validation.
Schemas:
- App schemas:
AppManifestSchema,AppRegistryEntrySchema - Window schemas:
WindowSchema,WindowStateSchema - Process schemas:
ProcessSchema,ProcessStatusSchema - Filesystem schemas:
FileMetadataSchema,MountPointSchema - Event schemas:
EventSchema - Permission schemas:
PermissionSchema - Syscall schemas:
SyscallRequestSchema,SyscallResponseSchema - Config schemas:
SystemConfigSchema - Workspace schemas:
WorkspaceSchema
Benefits:
- Runtime validation catches errors early
- Type inference provides TypeScript types
- Shared types across packages
- Schema-based serialization/deserialization
Technical stack
- Language: TypeScript 5.3.0
- UI Framework: React 18.2.0
- Build System: Turbo 2.0.0, pnpm 10.19.0
- Testing: Vitest 1.0.0
- Validation: Zod
- Storage: IndexedDB, LocalStorage, In-Memory
Implementation highlights
Syscall system
Unix-like syscall interface with permission checks:
// Apps request syscalls through the kernel
const data = await osApi.syscall('fs.read', { path: '/home/user/file.txt' });
const processes = await osApi.syscall('proc.list', {});
const apps = await osApi.syscall('registry.list', { enabled: true });
Syscall flow:
- App calls
osApi.syscall(name, args) - ProcessManager forwards to kernel's syscall handler
- SyscallRouter validates request and checks permissions
- SecurityContext checks if process can perform syscall
- Handler executes syscall
- Response returned to app
Syscall handlers:
- FS syscalls:
fs.read,fs.write,fs.delete,fs.mkdir,fs.rmdir,fs.readdir,fs.stat,fs.exists - Proc syscalls:
proc.spawn,proc.kill,proc.list,proc.get - Registry syscalls:
registry.list,registry.get,registry.isInstalled
Permission model
Per-process security contexts with:
- Allowed syscalls: List of syscalls process can call
- Filesystem access: Path patterns process can access (e.g.,
/home/user/**) - Process isolation: Each process has separate security context
Security context:
class SecurityContext {
canSyscall(syscall: string): boolean {
return this.permission.allowedSyscalls.includes(syscall);
}
canAccessPath(path: string, operation: 'read' | 'write'): boolean {
return this.permission.fsAccess.some(pattern =>
matchPattern(path, pattern)
);
}
}
Event-driven architecture
System-wide communication via events:
- Window operations:
window:created,window:destroyed,window:focused,window:updated - Filesystem operations:
fs:read,fs:write,fs:delete,fs:mount,fs:unmount - Process lifecycle:
proc:spawned,proc:terminated,proc:error - App registry:
registry:loaded,registry:saved,app:installed - Kernel:
kernel:ready
Benefits:
- Loose coupling between components
- Easy to add new features by listening to events
- Debuggable event flow
- Extensible architecture
Mount system
Flexible filesystem with multiple backends:
- Root filesystem: IndexedDB backend mounted at
/ - Temporary filesystem: Ephemeral backend mounted at
/tmp - Custom mounts: Mount backends at arbitrary paths
Mount configuration:
// Mount IndexedDB backend
const backend = new IndexedDBBackend({ dbName: 'browser-os-fs' });
await backend.init();
await fs.mount('/', backend);
// Mount ephemeral backend
const tmpBackend = new EphemeralBackend();
await fs.mount('/tmp', tmpBackend);
Path resolution:
- Automatic mount point resolution
- Relative paths resolved to absolute
- Path normalization (removes
..,., duplicate slashes)
Development workflow
Commands:
pnpm install: Install all dependenciespnpm build: Build all packages (Turbo handles dependencies)pnpm dev: Start dev servers for all packagespnpm test: Run tests across all packages (Vitest)pnpm lint: Lint all packagespnpm clean: Clean build artifacts
Package structure: Each package follows standard structure:
src/: Source codepackage.json: Package metadata and dependenciestsconfig.json: TypeScript configurationREADME.md: Package documentation- Tests alongside source files (
*.test.ts)
Testing:
- Vitest for unit tests
- Test files:
*.test.ts - Test setup:
test-setup.tsin some packages - Coverage:
coverage/directory
Key design decisions
- Monorepo architecture: All packages in one repo for easier development and refactoring
- Event-driven design: Loose coupling via events enables extensibility
- Permission-based security: Fine-grained control without true sandboxing
- Abstract backend interface: Swappable storage backends
- Zod schemas: Runtime validation with TypeScript types
- React + imperative APIs: React for UI, imperative APIs for core logic
- Syscall interface: Unix-like syscall interface for familiarity
- Process isolation: Each app runs as separate process with isolated permissions
These examples show browser-os as a practical platform for building complex web applications with OS-like capabilities, all running client-side with persistent storage and zero backend infrastructure. Each example solves a real problem that developers face today, demonstrating immediate practical value.
Built With
- browser-apis
- es6+
- event-driven-architecture
- indexeddb
- javascript
- monorepo
- monorepo-architecture
- next
- node.js
- pnpm
- react
- react-dom
- turbo
- typescript
- typescript-compiler
- vite
- vitest
- web
- web-apis
- webassembly
- webworkers
- yjs
- zod
Log in or sign up for Devpost to join the conversation.