sci

a13 2025-07-22T16:52:40.926779Z

Hi. Is it possible to disallow any interop under JVM?

(sci/eval-string "(new String \"foo\")" {:deny '[new]})
works fine, producing clojure.lang.ExceptionInfo: new is not allowed! exception, while
(sci/eval-string "(String. \"foo\")" {:deny '[new]})
just works. SOLVED

✅ 1
borkdude 2025-07-22T17:01:53.843539Z

String is added by default. you can remove it with {:classes {'String nil}} I think

a13 2025-07-22T17:03:29.295479Z

Thanks, it worked! Any other default classes I should be aware of?

a13 2025-07-22T17:18:17.054329Z

Thanks you very much @borkdude!

borkdude 2025-07-22T17:48:20.709949Z

What's the reason for disallowing interop btw?

borkdude 2025-07-22T17:49:09.319269Z

There may be some things that won't work, like assert since it's a macro that expands into Java interop, but perhaps that's not important

a13 2025-07-23T07:51:43.402369Z

I'd like to minimize potentially unsafe code generated by LLM

borkdude 2025-07-23T07:53:29.816949Z

The SCI sandbox should be safe by default, the default classes aren't going to modify your host environment (I think...)

a13 2025-07-23T07:53:53.671719Z

I see, thanks.