% of total cost
}Safety Guarantees
。新收录的资料对此有专业解读
What I’ve learned is that the common mistake is treating isolation as binary. It’s easy to assume that if you use Docker, you are isolated. The reality is that standard Docker gives you namespace isolation, which is just visibility walls on a shared kernel. Whether that is sufficient depends entirely on what you are protecting against.
By default we’ll log as much information as possible in the prototype. We can later put this behind debugging flags. Every time a command is run we should see: the call path, and the final payload sent to GHCi.