Whitelist System.Linq.Expression assembly 🙌

[bub-bl]

I don't think this assembly could pose any security problems.

[Metapyziks]

System.Linq.Expressions feels pretty risky to whitelist, what did you want to do with it?

[bub-bl]

@Metapyziks Few usages exemples:

• Im creating a UI lib with dynamic css generation (like tailwind), and if possible, give the possibility to generate dynamic property value from an expression
• You want to create a "Coding Game", you can validate expression and get result with this assembly

[Metapyziks]

Sadly we can't just whitelist the whole System.Linq.Expressions assembly because there are plenty of members that would let people get around the whitelist for other types. For example Expression.Call would let you call an arbitrary method by name.

The best you could hope for is us allowing specific members that we're certain are safe, but there's a lot of surface area there so it'll take a long time and isn't super high priority.

[bub-bl]

Sure, this is not a priority, but that can be good to find a way to add this kind of functionality. Maybe with a "Wrapper" like the TypeLibrary for Reflexion