[JadeNB]

To be fair, precisely because of the Turing completeness, it's not in a journal's interest to run whatever totally bizarre code you throw at them—and they do have to run it if they're going to compile your code, which they have to do in order to screw it up to the house style.

[dmurray]

Why not? Because it might not terminate in a reasonable time? Being Turing-complete doesn't mean being an attack vector: when reasonably sandboxed, the LaTeX code is still confined to producing an output document, not exfiltrating your secret data or holding you to ransom.

[JadeNB]

> Because it might not terminate in a reasonable time?

Yes. The publishers are in business for their readers, not their authors, even though those audiences often overlap. If putting a hardship on their authors will help their readers, even in a notional sense—"because of the restrictions we put on TeX documents, the people we need to hire to deal with TeX only have to have basic skills, and so we are better able to concentrate resources elsewhere in the workflow"—then they will. (I'm not defending this choice, just reporting on it. A recent dealing with IMRN made it horrifyingly clear how little their TeXnical staff understands about the most basic TeX.)

> Being Turing-complete doesn't mean being an attack vector: when reasonably sandboxed, the LaTeX code is still confined to producing an output document, not exfiltrating your secret data or holding you to ransom.

Everything is an attack vector, and Turing complete things are even more so. Plenty of people have thought that they have reasonably sandboxed things and found out later that they hadn't. TeX is an incredibly reliable piece of software, and I'm sure great strides have been made in making it also a secure piece of software, but the security features have received much less battle testing and so should be trusted less.

[porb121]

but they should support tikz, which is the most common package for making diagrams in latex