Unlike other bots, it can execute more than one version of Lua: everything from 3.2 to 5.3 and even LuaJIT.
The command format is as follows:
<version> is, for instance,
luajit . You can leave it blank, and then the default (5.3) is used.
Besides Lua, there are a few other sandboxes, like
bc, and even
%list for a complete list.
<code> can as well begin with a pastebin link, in which case the code is pulled from the pastebin, and concatenated with the rest of the input, making it possible to provide long input for the bot. Currently, the list of pastebins you can use is restricted (for security reasons), however you can poke the author to allow new ones. Keep in mind that the bot doesn't do SSL (HTTPS).
If you double the
% sign, i. e.
%%<version> <code> , the output will be redirected to yalb's own pastebin ring, thus making it possible to also have long output without spamming the channel.
Another command is
%?<version> <title> , which looks up a title (like
6.4.1) in the manual.
Last but not least, there are 3 special commands:
%helpprints a slightly helpful message.
%listprints a list of sandboxes.
%cleanupreverts the filesystem to its original state.
There is a function called
pp which does pretty-printing. It takes zero or more values as arguments, and returns a string. It doesn't perform a deep inspection of tables, but displays identical tables/functions/userdata accordingly.
The sandbox pretty-prints whatever has been returned from the code.
Execution time is capped at 3 seconds, memory is limited to roughly 500 MiB.
You are allowed to read files in a few specific locations like
/usr/include/. There's also a (non-chrooted) unix-like environment available through os.execute. You can manipulate the filesystem inside the current directory, but the amount of data you can place there is limited.
Yes, it does take PMs.
Source: The backend is a ptrace mess available [here] (Previous version was using [this]). The front-end is a 100-line Lua script which was hacked together in 15 minutes.