SES: Hardened JavaScript for Secure Execution

SES (Secure EcmaScript) is a JavaScript shim providing a hardened environment for robust security and fearless cooperation. It implements Hardened JavaScript, a subset of JavaScript proposed to ECMA TC39, designed to prevent prototype pollution and other common vulnerabilities. The current stable version, 2.0.0, focuses on plugging side-channel attacks and refining security guarantees. SES operates by 'locking down' the global environment, freezing intrinsic objects, and providing the `Compartment` constructor for creating isolated execution contexts. Each `Compartment` has its own global object and module system but shares hardened, immutable primordials with other compartments. This approach ensures that mutually suspicious code can interact safely via object-capability (ocap) principles, where powers are explicitly granted. The package maintains an active release cadence, with frequent updates across the broader `@endo` ecosystem. Key differentiators include its comprehensive protection against tampering with built-in objects, enforcement of strict mode, and its utility in sandboxing third-party code for applications like blockchain smart contracts and browser extensions, notably used by Agoric and MetaMask.