Open grossvogel opened 6 years ago
In my opinion this safe mode should not be opt-in, but rather the default if it gets added. Then for trusted config files where I explicitly know that they need to "run" their code and I explicitly trust their contents, I'd like to specify --trusted
to enable full evaluation.
@grossvogel @NobbZ I'm all for it.
I'd suggest to call the CLI option --eval-config-file
, so that it's really clear what happens when you use it.
What were you trying to do?
Run credo with a
.config.exs
file containing executable Elixir code, without having that code run on my machine. (The context is a kind of linter-as-a-service that runs on GitHub PRs and therefore operates on code from semi-untrusted sources.)Expected outcome
Credo reads the configuration without executing the code.
Actual outcome
The code was executed.
Proposal
The config loading functions in
Credo.ConfigFile
already have asafe
parameter, andExsLoader
appears to support loading the file without usingCode.eval_string
, but I don't see a way for a credo user to activate that code path.I propose either:
safe
parameter totrue
when using a custom config file orsafe
mode whether loading configs from the directory tree or from a specified pathI'm happy to work on this, but I wanted to post a proposal to get some guidance on which (if any) of the options above would be preferred.