Skip to Content
ConceptsSecurity model

Security model

Configorama treats config surfaces by risk, not just by source. Environment variables and CLI options are user inputs, file and text references read local files, git variables spawn git commands, eval and if evaluate sandboxed expressions, and JavaScript or TypeScript file references execute code.

This distinction matters because not every dynamic feature is code execution. Use eval variables for config-time logic such as comparisons, arithmetic, boolean gates, and ternaries. The expression evaluator is sandboxed and classified as data-flow risk; JS and TS file references, custom variable sources, custom functions, and dotenv mutation are the surfaces safe mode blocks.

configorama inspect config.yml --view audit configorama config.yml --safe --safe-root .

Safe mode is an inspection and resolution policy, not a sandbox for code you already chose to execute. If a config is untrusted, audit it before resolving it.

For commands, read safe inspection. For exact flags, read security policies, eval variables, and error codes.

Last updated on