Clojurians Log v2

Another thing to note was the some use case seem to demand for eval or read override, like the one above for security purposes

And that there is still the problem of code dependencies to solve when injecting the blob..

For instance yesterday I tried to hookup compliment in unravel and I had to do it server side because I would have to concat and send to many blobs + deps to the repl otherwise

In general many people showed up

Some more concerned about ide integration then streaming repls (there was a question on a better clj-refactor as well)

I assume “security” is related to having a REPL into a production system? or during development also?

No security was for prod, one idea was to blacklist or whitelist forms, another was to have a read-only repl where you can only read but not modify vars

I think production REPLs have quite different concerns from development REPLs

and should probably be built differently to begin with

you can already override read and eval

just not with nREPL

Yep

Is it confusing to have separate unrepl and "tooling" (lsp) protocols?

And when I say confusing, I mean from a UX perspective, not in simple/complex terminology.

For dynamic deps loading, do you remember me rambling about "side loading"?

A 3rd connection (ideally) where control is inverted: the repl asks for resources to the client.

Yes I remember that, one very nice property of the current implementation is that there are no dependency. For dependencies, a repl could ask for a data structure defining coordinates, but then it would need to resolve them. Or it can ask for already resolved jar paths (and actually Cognitect is coming up with a little command line too for doing dep resolution and classpath dump)

@cgrand I do yep, I had the sudden "Oh, derp, that makes total sense" last night whilst thinking about it 🙂

@richiardiandrea my solution would do dep resolution on the client and would not assume a shared file system.

One thing that @dominicm came up with would be to enable unrepl to start connections to other "helper" servers (or repls?). One process, Chrome for instance, then could be dedicated to render data structures nicely, accepting unrepl messages and partially understanding the protocol in order to do stuff

Don't know yet how I feel about this though 😁

It is funny because as soon as I say that Paul Grander started talking about linkerd

The real thing that is needed for PCI compliance is: * Logging inputs (viable with changing the socket repl server) * authentication via arbitrary process: approval via other people for PCI specifically The other stuff was really an expansion. I think it doesn't need to be perfect, it's just to reduce accidental leaks I think.

If unrepl supported the concept of peers so that you can offload tasks on the socket we would not need to pass too many things in the blob

But you open a connection to your peer and it does the job (render a map, refactor a file maybe)

Extensions to unrepl could provide different "render-X" forms which would be evaluated with the form to send data via ws to chrome, or via the connection to emacs as svg, etc

@richiardiandrea could you elaborate on what you mean by peer?

@richiardiandrea so far I always thought of a star topology with the client as the hub and the server as one spike.