Evaluate leiningen's project.clj files
Opened this issue · 1 comments
Cool project but unfortunately I cannot really use it with my lein project files.
You read project.clj files as data, but in general case they contain arbitrary code. For example I might want to "compute" dependency versions using some code:
https://github.com/binaryage/dirac/blob/master/project.clj#L1
Ideally you should run leiningen to evaluate dependencies and parse the results:
lein pprint :dependencies
or in more general case:
lein with-profiles <some-profiles> pprint :dependencies
and let me specify some-profiles as part of badge url.
But I understand that this is kinda edge case and running arbitrary foreign code in the context a web service might be too dangerous.
Yeah, it is a little bit dangerous running arbitrary code. I've thought about using disposable Lambda's or the like for being able to more safely read the projects, but at the moment it's all just in a single process. This is even more of an issue for Boot projects, as they tend to be even more programmatic.