So the scripting feature will be limited to what you can do with vanilla Lua, and with the redis() command that lets you interact with Redis of course, and a few standard additions that will be registered by Redis in the Lua interpreter (so you know every Redis instance with scripting support contains this features by default), basically:
- Bitops lua library, that is, bitwise operations. Not a part of vanilla Lua.
- A Json library.
As one commenter clarified Lua
os.* will not be available to user’s scripts. While this makes Redis Lua scripts safer, using the single
redis function and allowing loadstring makes me think injection attacks would still be possible.
Original title and link: An update on Redis and Lua (NoSQL databases © myNoSQL)