Hello team, Does the embedded Lua VM consume resource when it is not executing any Lua hook? Does it cost anything to have this VM without ever using it?

No. No resources are consumed. Why disable it? Enabling the Lua VM increases the surface area of lakeFS which is exposed to attacks. We are not aware of any such attacks, but that does not mean there aren't any. We designed the Lua client to prevent privilege escalation. However this might not suit all environments. For instance, an authenticated lakeFS user who is allowed to run hooks may be able to access web services from the lakeFS instance. In a locked-down environment you might not want this.

Thank you Ariel for the descriptive reaponse. I'm currently evaluating LakeFs to use as the datastore in one of our applications. I don't have much knowledge on Lua VM. I was just curious whether it consumes anything even when it is not executing anything

Simple answer: no. 🙂