Dynamically validated constraints / assertions -> Audit Log

[fkoehne]

Idea from Prof. Herbert Kuchen (WWU) during Lars' presentation: Maybe we could benefit from runtime assertions regarding the dataflow. These could catch those read/write accesses that static analysis can not find (such as through the API).

After thinking about it: This is not possible through the history logs since read-access not logged. We would need some kind of instrumentation or decorator code to pull this off. Also: It would not be possible to break a build at this point. The tooling would have to be more of an "Audit Log", that silently notes such violations when run in production.

What do you think?