
SE Radio 570: Stanisław Barzowski on the jsonnet Language
Software Engineering Radio - the podcast for professional software developers
00:00
The Importance of Security in the Supply Chain
The idea is you can think of JSON that program as a mathematical function not only in the implementation detail sense but there are actually no side effects. I wouldn't stress the security aspect here I would say it's mostly about making things understandable because normally config files are not super well tested. It's safer to run arbitraryJSON than run arbitrary Python for example this is the programming language and this is the like arbitrary code execution which may take arbitrary amounts of time so treat payloads as code not as data.
Transcript
Play full episode