I’ve seen it pointed out a few times that having one’s program run arbitrary, externally-provided code is dangerous.
For example, having a localisation system that stores its text as string-variables in Python-files provides a potential attack-vector. (Even if the strings are never “exec”/“eval”-ed, the file would presumably be imported.)
However, eschewing arbitrary code seems to me to produce an impediment to expansion packs:
If the pack is more than a content update, if it introduces new logic–be it puzzle-mechanics, enemy behaviours, weapon types, or whatever–it would seem to call for the introduction of code that was not present in the base game.
(I suppose that one could require that all expansion logic be built using only core-game classes, but that seems likely to either be rather restrictive, or call for an impressive amount of foresight.)
So, how does one mesh these two concerns?
(It comes to mind now because I’m contemplating the implementation of certain features in my current project. Having them draw from Python-files would be convenient and enable expansions; having them draw from data-files would be safe.)