The when field in ReasonChip tasks lets you control whether a task should run based on a Python expression. It's evaluated securely using only the current variable context and a restricted set of built-in functions.

Internally, when expressions are evaluated using:

result = eval(expr, {"__builtins__": SAFE_BUILTINS}, variables.vobj)
	

This means your pipeline variables are available as Python-safe attributes, along with the following safe built-ins:

• abs
• min
• max
• sum
• round
• pow
• len
• int
• float
• str
• bool
• list
• tuple
• dict
• sorted
• reversed
• enumerate
• range
• all
• any
• repr
• format
• type
• isinstance
• iter
• next
• escape
• unescape

Errors during evaluation raise a safe EvaluationException with helpful debug info.

• Access to your variables (variables.vobj)
• Standard Python logic operators (and, or, not, comparisons)
• Safe attribute, dict, or object traversal
• Safe built-in functions listed above

✅ Example:

when: len(items) > 0 and user.is_active
	

For safety and consistency, the following are not allowed:

• No use of eval, exec, compile
• No imports or external libraries
• No filesystem, network, or system access

Example that will still fail (if you try a disallowed object):

when: open("/etc/passwd")
	

Always keep conditional logic safe and data-driven.

• Keep when logic simple and declarative.
• Use DeclareTask or CodeTask for complex pre-logic.
• Use variables.vobj as your mental model: it's a flattened, attribute-accessible object view of all variables.
• If an expression fails, the pipeline raises EvaluationException and halts unless handled upstream.