Skip to content

Instantly share code, notes, and snippets.

@borkdude

borkdude/repl_session.clj

Last active August 31, 2019 22:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save borkdude/a600082397bb4f81de5173fe8a19e890 to your computer and use it in GitHub Desktop.
Save borkdude/a600082397bb4f81de5173fe8a19e890 to your computer and use it in GitHub Desktop.
Download ZIP
Safe read-eval with edamame and sci
Raw
repl_session.clj
$ clj -Sdeps '{:deps {borkdude/edamame {:mvn/version "0.0.2"} borkdude/sci {:mvn/version "0.0.9"}}}'
Clojure 1.10.1
user=> (require '[sci.core :as sci])
nil
user=> (require '[edamame.core :as edamame])
nil
user=> (def trusted "{:version #=(slurp \"resources/EDAMAME_VERSION\")}")
#'user/trusted
user=> (edamame/parse-string trusted {:dispatch {\# {\= (fn [expr] (sci/eval-string (str expr) {:bindings {'slurp slurp}}))}}})
{:version "0.0.3-SNAPSHOT\n"}
user=> (def dangerous "{:version #=(.delete (clojure.java.io/file \"README.md\"))}")
#'user/dangerous
user=> (edamame/parse-string dangerous {:dispatch {\# {\= (fn [expr] (sci/eval-string (str expr) {:bindings {'slurp slurp}}))}}})
Execution error (ExceptionInfo) at sci.impl.utils/throw-error-with-location (utils.cljc:48).
Could not resolve symbol: .delete [at line 1, column 2]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment