Nango's Evolution in Running Untrusted Customer Code: From Sandboxes to AWS Lambda
Nango, an API integration platform, has transitioned its approach to executing untrusted customer code from in-process sandboxes to distributed runners to AWS Lambda to improve security and resource isolation. The company processes over 150 million functions monthly across different workload types (on-demand calls, long-running jobs, and webhooks) while maintaining strict isolation requirements. This architectural evolution reflects the ongoing challenge of balancing security, cost, and performance when executing untrusted code at scale.
Nango is a code-first platform that allows customers to write and deploy integration code for APIs like Salesforce, Google Calendar, and Slack. The company processes more than 150 million customer functions monthly while managing three distinct workload types: fast on-demand calls, long-running background syncs, and unpredictable webhook spikes. Initially, Nango ran customer code in vm2, a Node.js in-process sandbox, but abandoned this approach after the maintainer archived the project due to critical sandbox-escape vulnerabilities. The company then shifted to a distributed runner model where each customer's code runs in isolated services with no direct database access, communicating through an SDK layer. By late 2025, this runner model faced resource fairness issues where heavy jobs could starve other functions, prompting a migration to AWS Lambda for improved isolation and observability.
What's missing
The article does not discuss the security implications or customer impact of the vm2 vulnerabilities, nor does it address how competitors handle similar challenges in executing untrusted code. Additionally, there is no mention of the cost implications of the migration to AWS Lambda compared to previous infrastructure choices.
How coverage differed
The Hacker News source presents this as a technical case study from Nango's engineering perspective, focusing on architectural decisions and tradeoffs. This framing emphasizes the company's problem-solving approach rather than external criticism or market positioning.
What different sources said
- Hacker NewsCenter
How we run untrusted customer code at scale
Related
Tesla Seeks Permission to Deploy Up to 5,000 Robotaxis in Las Vegas
Tesla has filed an application with Nevada regulators to operate a fleet of up to 5,000 autonomous vehicles across Las Vegas, Clark County, and surrounding areas. The proposal represents one of Tesla's largest robotaxi deployment requests and follows successful pilot programs in Texas cities like Austin. The decision could significantly expand autonomous vehicle services in a major metropolitan area while testing Tesla's camera-based self-driving technology at scale.
Apple Unveils AI-Powered Siri Updates at WWDC with Enhanced Personal Context Features
Apple announced significant AI-powered updates to Siri at its WWDC keynote, enabling the assistant to access personal context across native apps and understand on-screen content. The updates represent a major evolution of the voice assistant after years of development, with Apple emphasizing on-device processing and privacy through its Private Cloud Compute technology. The improvements address long-standing user frustrations with smartphone management while raising questions about data privacy and the practical limitations of AI integration.
Anthropic Releases Mythos AI Model to Public with Safety Restrictions
Anthropic has launched a public version of its Mythos AI model with built-in safeguards preventing use in high-risk areas like cybersecurity. The model, called Claude Fable 5, represents Anthropic's most powerful publicly available AI system and follows an April preview that demonstrated the model's ability to identify thousands of software vulnerabilities. The release reflects the competitive pressure between major AI companies to expand capabilities while managing safety concerns.