Loppers
Validate quoted elixir code against a function whitelist
Install / Use
/learn @narrowtux/LoppersREADME
Loppers
A code validator for the Elixir-AST.
It can operate on both white- and blacklists.
Basic example:
quoted = quote do
"hello"
|> String.upcase
|> String.pad_leading(4, "0")
end
whitelist = Loppers.special_forms ++ [
{Kernel, :|>},
{String, :upcase},
{String, :pad_leading}
]
:ok = Loppers.validate(quoted, whitelist: whitelist)
Features
- Ideally used in combination with
Code.string_to_quoted/2to check for nasty things in untrusted code. - Operate against a whitelist, blacklist or a mix of both (blacklist > whitelist)
- Works with
aliasandimportin the code (special handling for that in theLoppers.Walkmodule) - Returns the AST-Fragment (including the line number if your compiler provides it) so you can add squiggly lines to the editor at the right place.
- Whitelist a module with functions with
{Application.Callbacks, :__all__} - Whitelist a module with all child-modules and functions with
{Application.Callbacks, :__submodules_all__}
Installation
The package can be installed by adding loppers to your list of dependencies
in mix.exs:
def deps do
[{:loppers, "~> 0.1.2"}]
end
Related Skills
node-connect
351.4kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
110.7kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
351.4kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
351.4kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
