Does node:sqlite preserve the Deno security sandbox?

[Waldenesque]

I have a question about the new node:sqlite API in Deno. I realize this relates to a whole realm of messy complexity, so maybe I can narrow this down to avoid a tangent into that can of worms.

Let's assume there are no zero-day bugs in SQLite itself.

Let's assume there are no zero-day bugs in the rusqlite driver.

Let's assume there are no zero-day bugs in the JS, TS and Rust code written by Deno developers to implement the node:sqlite API.

Let's assume there are no zero-day bugs in Rust, Tokio, V8, LLVM, denoland and plentiful crates holding all this together.

So long as these assumptions all hold true, and Earth is not struck by an asteroid any time soon...

Is it expected that the Deno permissions model will maintain the same sandboxing effectiveness as before while using node:sqlite? In other words, the Deno dev team is not aware of any obscure debugging APIs or anything else in SQLite that could bypass Deno's usual restrictions to allow arbitrary access to the filesystem, network, environment, spawning subprocesses, FFI invocation, etc. Is this correct?

To be clear, I understand (enough) why Chromium's "doom zone" Rule Of 2 exists, why qmail and Qubes OS deserve more attention, why Theo de Raadt treats the grsecurity and PaX peeps with more respect than Linus AKA "why Google runs all their serverless functions inside gVisor," and why Ubuntu, Debian and Arch restricted unprivileged user namespaces for years. I also understand that Rust offers a fundamental shift in the status quo, but it's not magic pixie dust that makes all bugs suddenly vanish in an effervescent "poof" of unicorn utopia. Hopefully I have vaguely realistic expectations about Deno, thus I'm not asking for any promises of perfection. I don't believe perfection exists. I'm merely asking about your expectations as of the present time.

On a related note, do you plan to support node:sqlite in Deno Deploy?

You might guess that I expect the answer to be "no."

If so, probably somebody else will ask why Cloudflare feels comfortable offering D1, yet Deno does not feel comfortable exposing node:sqlite in Deploy. I'll leave that explanation for someone else to hazard. Suffice it to say: I get it.

Thank you. For the record, I'm super happy you've added node:sqlite to Deno. On a final note, I REALLY REALLY hope you copy the upstream Node API as closely as possible. In the absence of a SQL standard in the browser, the next best option is to duplicate some other existing implementation. I think picking Node's built-in API is the best choice in the long run. Admittedly it's brand new so it hasn't had much usage yet and will likely continue to evolve for a while before stabilizing. Over time however I suspect being BUILT IN to Node will be an overwhelming appeal, and being able to switch between Node and Deno with the same or almost identical code is surely a winner.