Will Hausman

I also have some thoughts on restructuring the internal implementation of OpaPolicy to make it depend on abstractions instead of Wasmtime specifics, but I'm presently more interested in the outer...

> Regarding serialization: what would be a real-world use case to not use STJ? For Web APIs, I understand the use cases. But deserializing for from/to OPA wasm is very...

> Which calls specifically accept an object? (eval and setdata take strings in the current api surface) I was trying to expose both as possibilities. eval(object) takes an object and...

> Regarding runtime: I did change the runtime once (Wasmer to Wasmtime) and I had to change my object model for a couple of major Wasmtime changes. Those were super-breaking...

> Also, as a kind of note we should never use Policy without prefixing it with Opa - otherwise authZ in ASP.NET gets really hard do understand re: what comes...

> So mixing the "metal" layer with a "convenience" layer. The current method signatures play along the lines of the JS API. And I want to keep it simple at...

> Regarding DI/policy provider: I have a very old prototype in the spikes folder - AspNetAuthZwithOpa (actually that was the initial reason to build this whole library, but never got...

> I have cooked up an unfinished draft of how a Factory could work: https://github.com/christophwille/dotnet-opa-wasm/tree/master/spikes/HigherLevelApisSpike - start at Program.cs plus the comments in the IFactory... file. > > The idea...

As an aside, I think the ability to load a module from an opa bundle, not just the wasm, is important because bundles have a data.json file which we should...

That was not obvious to me from the sample code. So, that means we are talking about doing the same thing. Having a thing that supplies instances of policies to...