The generated output of @cloudflare/workers-types has been changed by this PR. If this is intentional, run just generate-types to update the snapshot. Alternatively, you can download the full generated types:

diff -r types/generated-snapshot/latest/index.d.ts bazel-bin/types/definitions/latest/index.d.ts
3731a3732
> type HostNamespace = "pid";
3745a3747
>   hostNamespaces?: string[];
diff -r types/generated-snapshot/latest/index.ts bazel-bin/types/definitions/latest/index.ts
3740a3741
> export type HostNamespace = "pid";
3754a3756
>   hostNamespaces?: string[];

Instead of making this part of the API, and then introducing a compat flag to set the default, I think the compat flag should just directly control the PID namespace behavior.

It seems unlikely that we would want to give people the ability to share other namespaces in the future -- in fact, it sounds like sharing the PID namespace itself may have been a mistake. Users don't really want to know about the host layer, and we don't really want them to know about it. But we accidentally gave them visibility into the PID namespace and turning that off could inadvertently break people. That's exactly the use case for a compat flag, but I don't think we really want to offer this as an API unless we envision good reasons why people would legitimately want it.

(Also side note for anyone else wondering, like I was: the container lives inside a VM. There's only one container per VM. The container boundary is not the security boundary; the VM is. So nothing security-sensitive is exposed here, it's just a matter of abstraction.)

Instead of making this part of the API, and then introducing a compat flag to set the default, I think the compat flag should just directly control the PID namespace behavior.

It seems unlikely that we would want to give people the ability to share other namespaces in the future -- in fact, it sounds like sharing the PID namespace itself may have been a mistake. Users don't really want to know about the host layer, and we don't really want them to know about it. But we accidentally gave them visibility into the PID namespace and turning that off could inadvertently break people. That's exactly the use case for a compat flag, but I don't think we really want to offer this as an API unless we envision good reasons why people would legitimately want it.

Makes sense to me. I'll rework the PR.

The direction is sufficiently different that I think it's worth creating a separate PR. I'll link it here when it's open.