Application REPL Interface - select functions evaluable with nREPL, hide everything else.
Simply use defnremote instead of defn if you wish to expose your function to the remote nREPL user. Default policy is to drop every message received through REPL, except for evaluation of defnremote'd functions.
(defnremote defnremoted-send-message [from to message]
(send-message-impl from to message)
(str "message sent, thanks for using our REPL API!"))(defn normal-hidden-by-default []
(str "any code that is not defnremote'd, try to find me (you can't)"))
-
Add this to your project.clj
[protected-eval "0.1.8"] -
[Default nREPL] Add this to your project.clj
:repl-options {:nrepl-middleware [protected-eval.core/eval-apply-remote-only]}or
[Emacs+CIDER] Add this to your project.clj (allows to inspect classpath + some additional commands, less restrictive)*
:repl-options {:nrepl-middleware [protected-eval.core/eval-apply-remote-only-cider]}
Start with
lein repl :headless. After connecting to this nREPL instance, you will be able to accessdefnremotes only.If you launch an nREPL server with
lein repl(non-headless), you have to useprotected-eval.core/eval-apply-remote-only-non-headlessandprotected-eval.core/eval-apply-remote-only-non-headless-ciderversions of the middleware.You have to require your namespace with remote functions somewhere (if you're using an isolated ns) for your functions to be resolved.
*Emacs+CIDER
eval-apply-remote-only-cidermiddleware description:"Same as eval-apply-remote-only, but works with Emacs CIDER REPL (eval in repl buffer) Less secure. Following nREPL operations are allowed (necessary for minimal CIDER repl connection):
- classpath: return a sequence of File objects of elements on the classpath.
- clone initiates (copies) a new session, nothing is disclosed
- describe transmits a collection of available nREPL operations (lists all of them, disregarding nrepl-protected limitations)
- close closes nREPL connection
- interrupt interrupts nREPL connection"
GNU GPL v3