Skip to content

calculist/evalculist

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

evalculist.js

Build Status

evalculist provides a way to evaluate arbitrary javascript expressions in a controlled way, without exposing global variables. It accomplishes this by parsing the expressions such that variables become strings that are passed to variable, accessor, and assignment functions.

foo = bar.baz

becomes

assignment("foo", accessor(variable("bar"), "baz"))

Usage

Using evalculist.new

const localVars = {
  a: { b: 1 },
  c: 2
};
const evaluate = evalculist.new({
  variable: (name) => localVars[name] || Math[name],
  accessor: (object, key) => object[key],
  assignment: (name, value) => (localVars[name] = value)
});
const result = evaluate('pow(a.b + 1, c)');
// result === 4

Using evalculist.newFromContext

const context = {
  a: { b: 1 },
  c: 2,
  pow: Math.pow
};
const evaluate = evalculist.newFromContext(context);
const result = evaluate('pow(a.b + 1, c)');
// result === 4

Known Bugs

  • Object literals do not work if the keys are not enclosed in quotes (e.g. {a:1} does not work, but {"a":1} does).
  • Keywords do not work (e.g. if,for,var, etc.).

License MIT

About

Execute arbitrary javascript expressions safely

Resources

License

Stars

Watchers

Forks

Packages

No packages published