Rob Elliot
10/11/2021, 3:44 PM.kts
file that returns an instance of that type, and by setting up their IDE to have the classpath available then they will find out when configuring it whether or not their configuration will compile, and the application can gain compilation validation of its config by evaluating the file.
But that means evaluating code that could theoretically do anything.
I’ve implemented it using JSR-223 & a SecurityManager
to try and prevent unwanted execution here: https://gist.github.com/Mahoney/8979e520b7477c9a9771fe3e1da3472a
but it feels a bit clunky, and the SecurityManager
is deprecated in Java 17 for removal in future Java releases. As I’ve just found out that Kotlin has its own scripting API, I wondered if it could be run in such a way?Vampire
10/11/2021, 4:10 PMilya.chernikov
10/11/2021, 5:26 PMelect
10/28/2021, 3:29 PMRob Elliot
11/03/2021, 6:35 PM