mirror of
https://github.com/TangentFoxy/lua-sandbox.git
synced 2025-07-28 02:52:22 +00:00
50bfa4abca
This change drops support for "protecting" raw Lua functions. There are two main reasons for this change: * More modern versions of PUC Rio Lua don't have `setfenv`. It is possible to get around this by using the debug library, but that library is not available in all environments. * Solutions based on `load` (which only allow string inputs) are objectively better since they give the user more control. For instance, you can deactivate support for binary code selectively. As a result, we are using the `load`-based sandbox in all versions of Lua that supports it, using `setfenv`-based sandboxing only when nothing else is available (PUC Rio 5.1). We are also explicitly raising an error if `options.mode` is passed but we are using `setfenv`. This is to prevent users from believing they are protected against binary code, when in fact they are not.