Allow def symbols when using :allow whitelist with sci.core/init

[teodorlu]

Is your feature request related to a problem? Please describe.
I'd like to use an :allow whitelist for sci.core/init, but also allow to def arbitrary symbols.

Describe the solution you'd like
I can whitelist symbols to be used in evaluation:

(let [ctx (sci/init {:allow ['* 'def '+]})]
  (sci/eval-form ctx '(+ 17 25)))
;; => 42

but I'd have manually allow each symbol bound with def:

;; But I cannot know in advance which symbols a user will use in defs
(let [ctx (sci/init {:allow ['* 'def '+ 'do]})]
  (sci/eval-form ctx
                 '(do (def answer (+ 17 25))
                      (* 10 answer))))
;; 1. Unhandled clojure.lang.ExceptionInfo
;;    answer is not allowed!
;;    {:type :sci/error, :line nil, :column nil, :file nil, :phase "analysis"}

With let, arbitrary symbols are allowed:

(let [ctx (sci/init {:allow ['* 'let '+ 'do]})]
  (sci/eval-form ctx
                 '(let [answer (+ 17 25)]
                    (* 10 answer))))
;; => 420

Describe alternatives you've considered

• Allowing anything and validating in advance. Requires to be able to control what code is generated.

Possible solutions
Changing :allow semantics to allow the user to define own symbols. Backwards-incompatible, possibly not desirable.

Add new option to sci.core/init. Example: (sci.core/init {:allow '[def + -] :allow-def-symbols true).

• Question: should defn, def and defmacro be treated with one option, or should they be possible to control individually?
• Question: is the value behind :allow-def-symbols a boolean or a keyword?

My usecase specifically
I'm building a language on top of Sci. I'd like to use the whitelist to be explicit about what subset of Sci I'm using. However, I need to support binding variables.

One option is to rewrite my code to a let. But then I would not have intermediate variables available in ctx after running.

Thanks for a great project!

[borkdude]

Changing :allow semantics to allow the user to define own symbols. Backwards-incompatible, possibly not desirable.

I don't think anyone will have a problem with this and we can update accordingly. Sci vars have :sci.impl/built-in set to true on their metadata, this allows checking if the var was introduced by a user.

Possibly related: #357

[borkdude]

@teodorlu Fixed with 60f0207. Do you need a new Clojars version or are you using git deps?

[teodorlu]

Wow, thanks!

I'm using Clojars, so I'd love to see a new release.

Allow user-defined vars when def is allowed

Would allowing defn or defmacro also cause user-defined vars to be allowed?

[borkdude]

Will be available as 0.1.1-alpha.9 in a few minutes. And yes.

[teodorlu]

I can confirm that I get the desired behavior on 0.1.1-alpha.9. Thanks again!