jello
jello copied to clipboard
Safety against third-parties.
Hey kelly, greetings. I just stumbled upon this project when looking for alternatives for JQ.
Is it safe to allow untrusted third parties to send Jello scripts for querying data in our environment? I saw that you can do imports. Can you import (and use) any python module? Would there a way of whitelisting allowed modules? Thanks!