babashka

awb99 2026-06-06T03:58:09.326399Z

I would like to use the missionary frp library https://github.com/leonoel/missionaryfrom babaska. Is it possible to create a babashka pod that contains the java library and have it compiled with Graal? There are some clj macros that would need to be interpreted by babaska. But I guess this would work the same way as sci macros. So that is not the issue I think. Thanks!!!

borkdude 2026-06-06T08:41:03.750239Z

What does currently not work about missionary? Perhaps we could fix it in bb? A pod isn't a good architecture for this I think since it's an RPC protocol

awb99 2026-06-06T14:46:33.281799Z

@borkdude: I added https://github.com/clojure-quant/missionary-test/blob/main/bb.edn the output of "bb demo1" is:

----- Error --------------------------------------------------------------------
Type:     java.lang.Exception
Message:  Unable to resolve classname: clojure.lang.IReference
Location: clojure/tools/analyzer/utils.clj:12:3

----- Context ------------------------------------------------------------------
 8:
 9: (ns clojure.tools.analyzer.utils
10:   (:refer-clojure :exclude [record? boolean? update-keys update-vals])
11:   (:require [clojure.tools.analyzer.env :as env])
12:   (:import (clojure.lang IRecord IType IObj
      ^--- Unable to resolve classname: clojure.lang.IReference
13:                          IReference Var)))
14:
15: (defn into!
16:   "Like into, but for transients"
17:   [to from]

----- Stack trace --------------------------------------------------------------
clojure.tools.analyzer.utils              - clojure/tools/analyzer/utils.clj:12:3
clojure.tools.analyzer                    - clojure/tools/analyzer.clj:25:3
clojure.tools.analyzer.jvm                - clojure/tools/analyzer/jvm.clj:12:3
cloroutine.impl.analyze-clj               - cloroutine/impl/analyze_clj.clj:2:3
cloroutine.impl                           - cloroutine/impl.cljc:3:3
cloroutine.core                           - cloroutine/core.cljc:1:21
missionary.core                           - missionary/core.cljc:3:3
bb.demo1                                  - /home/florian/repo/clojure-quant/missionary-test/src/bb/demo1.clj:2:3
user-ce0d92c0-e2b7-406b-9b60-57c616cd25b0 - NO_SOURCE_PATH:6:1
The missionary library is similar to core.async. It has lots of syntax rewriting macros. the missionary/sp is similar to promesa promises, but the promises are stateless and can be cancelled. the missionary/ap is similar to a core async channel; but it can be discrete (specific events) or continuous (can be sampled). electric uses it in clj and cljs.

borkdude 2026-06-06T14:52:42.173549Z

ah ok it uses tools.analyzer. can try to make that compatible with bb

borkdude 2026-06-06T14:53:43.254199Z

I already had an issue for that: https://github.com/babashka/babashka/issues/1441 Feel free to comment there

awb99 2026-06-06T18:17:47.808689Z

@borkdude I think missionary is way more powerful than core.async. Being able to use it in babashka would be cool. I am experimenting in making the missionary ap and sp macros compatible with sci in cljs.

awb99 2026-06-06T18:18:51.006379Z

@borkdude Missionary has a java interop layer also. I would have thought that this is a problem for babashka, since the graal compilation will remove java after it is done, no?

borkdude 2026-06-06T18:19:40.420829Z

java interop works in bb, if I add enough of the classes. the problem you ran into above is one of those problems

leonoel 2026-06-08T06:50:52.019509Z

how well does babashka deal with macroexpand-time class generation ? like e.g. proxy

borkdude 2026-06-08T08:34:17.633259Z

do you mean if you can use proxy in macroexpand or if it generates a class for introspection?

leonoel 2026-06-08T08:40:42.439809Z

I mean the general pattern of generating a class at macroexpansion. I don't need proxy but I'm considering using the same pattern to leverage the VarHandle API. Class generation is required due to lack of support for signature polymorphic methods in the clojure compiler.

2026-06-06T15:01:49.400349Z

would a library to parse arbitrary bash to edn be helpful? I’m working on one on the way for LLM permissions, just want to know if there’s prior art or babashka is already working on one, or would sharing it be helpful (say we want to just “run any bash command” directly in babashka)

borkdude 2026-06-06T15:02:29.906609Z

recently @whilo posted one in this channel

2026-06-06T15:02:39.617939Z

Yeah I was gonna say, have you seen https://github.com/replikativ/muschel

2026-06-06T15:23:14.710139Z

Thanks!

whilo 2026-06-06T18:01:34.170759Z

@danieltanfh95 happy to consider improvements, lmk what you need.

2026-06-29T05:33:09.367139Z

I tried a hand in exploring trans…piling? one-liner shell commands into effects https://github.com/danieltanfh95/shell-classify so i could export shell commands as edn in https://github.com/danieltanfh95/shell-shape Seems to work great for “statically” checking if a command is “legal” or not before running it but scalability is not ideal since you need a plugin per language (trying to use tree sitter in similar fashion as ast-grep to reduce much of the pain) Might be interesting to see if you want to implement something similar when you need a pre-check

whilo 2026-06-29T05:39:01.611479Z

It is a bit tricky because Bash supports quote/unquote dynamically, so without interpreting it you might not know whether a nested shell command is safe. Having said that if you reject it completely you can probably statically verify a reasonable subset of bash.

maxweber 2026-06-29T05:43:01.805739Z

Yesterday, discovered these two new compute primitives. Maybe interesting for just having a real bash: https://docs.aws.amazon.com/lambda/latest/dg/microvms-how-it-works.html https://sprites.dev/

whilo 2026-06-29T05:48:14.450269Z

Right, I think this makes sense in quite a few cases, but I still think having a good enough bash equivalent is probably fine for 80% of use cases and fully gets rid of the maintenance burden.

2026-06-29T05:48:54.127769Z

@whilo yep, this only serves as a first line of defense of known problematic effects, though we can check the code of the quoted code (I assume the entire one liner is a “quoted” code)

2026-06-29T05:50:10.925339Z

LLM quirky behavior like “save this dangerous command to this file and run it via quote later” is assumed to be blocked on the first run when the LLM tries to save such code in the repo

2026-06-08T06:50:02.393449Z

@whilo im building a comparison library of command vs a biscuit/datalog permission system (you think of it as a replacement for auto-mode in claude code for example). in the process of doing this, I am “converting” bash commands into some edn structure to run the permission on. I was looking for libraries to do this. I like how muschel handles : , through if i understand this correctly it won’t work if the flags are shuffled?

whilo 2026-06-08T06:55:25.440369Z

@danieltanfh95 Interesting, my plan is to look into ReBAC and https://github.com/theronic/eacl/ for permissions based on Datahike. I could extend the permission system to optionally quotient out argument orders. I am also happy to discuss a permission system more generally first.

👀 1
whilo 2026-06-08T07:11:06.082779Z

{:kind :argv-flags
 :head    ["rm"]                          ; positional prefix (ordered, like :argv-vec)
 :any-of  #{"-r" "-R" "--recursive"}      ; ≥1 must appear in tail
 :all-of  #{"-f"}                         ; all must appear
 :none-of #{"--dry-run"}}                 ; none may appear

whilo 2026-06-08T07:12:22.365769Z

Would be possible.

whilo 2026-06-08T07:13:02.548689Z

{:kind :argv-flags
 :head ["rm"]
 :any-of #{"-r" "-R"}
 :positional [#"^/" :**]}   ; first positional must start with /

👍 1
2026-06-08T10:51:33.043089Z

How did you plan to handle heredocs and cross-dialect actions (say rm is banned but python is allowed, what if os.remove in python?

whilo 2026-06-08T19:36:36.654479Z

I address this here: https://github.com/replikativ/muschel/pull/9/changes, basically you cannot allow commands like Python that are Turing-complete and non-sandboxed themselves. I am adding explicit support for OS sandboxes like gvisor and bubblewrap now, although muschel is arguably leaner and more flexible. If you need Python there is no way to sandbox it without an OS container. Sci and interpreters written in Clojure on the other hand can be fine. You could use a Python AST parser and pattern match this to allow a safe subset if this is what you need, but then the LLM agent might be surprised about what works and doesn't (nonetheless you can track its missteps and improve the coverage/prompt ofc.)

👀 1