Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@escolalms/gift-pegjs
Advanced tools
Development of PEG grammar to parse GIFT (quiz question) file format. The goal is to find an intuitive and fun way to create quiz questions.
Initial hacking done using pegjs.org/online. The GIFT.pegjs file goes on the left and the test GIFT goes on the right. Note that nothing is saved in this environment (you must copy-paste back to your own files).
The PEG.js grammar in this repo is used to generate a parser for GIFT. You can see how it works in this online editor.
For simple web applications, copy the pegjs-gift.js
file into your project.
For modern Javascript development, install the library using npm:
npm install gift-pegjs
Importing the NPM library in ES6+ Javascript (recommended):
import { parse } from "gift-pegjs";
const question = "What is the value of pi (to 3 decimal places)? {#3.141..3.142}."
const quiz = parse(question)
Importing the library for simple web applications:
import { parse } from "./pegjs-gift"; // Change path depending on where the file is copied.
const question = "What is the value of pi (to 3 decimal places)? {#3.141..3.142}."
const quiz = parse(question)
Importing the NPM library in CommonJS (for use in Node.js applications):
const parse = require("gift-pegjs");
const question = "What is the value of pi (to 3 decimal places)? {#3.141..3.142}."
const quiz = parse(question)
Using the optional Typescript types:
import { parse, GIFTQuestion } from "gift-pegjs";
const question: string = "What is the value of pi (to 3 decimal places)? {#3.141..3.142}."
const quiz: GIFTQuestion[] = parse(question)
import { parse } from "gift-pegjs";
let sampleQuestion = `
Is this True? {T}
Mahatma Gandhi's birthday is an Indian holiday on {
~15th
~3rd
=2nd
} of October.
Since {
~495 AD
=1066 AD
~1215 AD
~ 43 AD
} the town of Hastings England has been "famous with visitors".
What is the value of pi (to 3 decimal places)? {#3.141..3.142}.
`;
const quizQuestions = parse(sampleQuestion);
console.log(quizQuestions);
There are easily extendible tests using Mocha from sample GIFT/JSON files in ./test/questions/
.
To be able to run the tests, you must set up your environment:
Clone this repo.
Install the node.js dependencies for this project. Inside the root directory of this repo, type:
npm install .
Run the regression tests with the following command:
npm test
Output will look something like this:
$ npm test
> gift-grammar-pegjs@1.0.0 test C:\Users\fuhrm\Documents\GitHub\GIFT-grammar-PEG.js
> mocha tests --recursive
GIFT parser harness:
√ parsing GIFT question: ./tests/questions/description1.gift
√ parsing GIFT question: ./tests/questions/essay1.gift
√ parsing GIFT question: ./tests/questions/giftFormatPhpExamples.gift
√ parsing GIFT question: ./tests/questions/matching1.gift
√ parsing GIFT question: ./tests/questions/mc1.gift
√ parsing GIFT question: ./tests/questions/mc2.gift
√ parsing GIFT question: ./tests/questions/mc3.gift
√ parsing GIFT question: ./tests/questions/mc4.gift
√ parsing GIFT question: ./tests/questions/mc5.gift
√ parsing GIFT question: ./tests/questions/multiLineFeedback1.gift
√ parsing GIFT question: ./tests/questions/numerical1.gift
√ parsing GIFT question: ./tests/questions/options1.gift
√ parsing GIFT question: ./tests/questions/shortAnswer1.gift
√ parsing GIFT question: ./tests/questions/tf1.gift
√ parsing GIFT question: ./tests/questions/tf2.gift
15 passing (225ms)
To create a new test GIFT file, just name it foo.gift
in ./test/questions/
. The JSON file foo.json
should exist (expected output) and can be easily generated from the output at https://pegjs.org/online. Note: any undefined
values from that output must be declared as null
in the JSON file.
General Import Format Technology (GIFT) is described at several places, but it's hard to know what the definitive source is.
This table is not sufficient to understand everything. Please see Moodle's documentation and this reference for many more details.
Symbols | Use |
---|---|
// text | Comment until end of line (optional) |
:: title:: | Question title (optional) |
text | Question text (becomes title if no title specified) |
[ format] | The format of the following bit of text. Options are [html] , [moodle] , [plain] and [markdown] . The default is [moodle] for the question text, other parts of the question default to the format used for the question text. |
{ | Start answer(s) -- without any answers, text is a description of following questions |
{T} or {F} | True or False answer; also {TRUE} and {FALSE} |
{ ... = right ... } | Correct answer for multiple choice, (multiple answer? -- see page comments) or fill-in-the-blank |
{ ... ~ wrong ... } | Incorrect answer for multiple choice or multiple answer |
{ ... = item -> match ... } | Answer for matching questions |
# feedback text | Answer feedback for preceding multiple, fill-in-the-blank, or numeric answers |
#### general feedback | General feedback |
{# | Start numeric answer(s) |
answer: tolerance | Numeric answer accepted within ± tolerance range |
low.. high | Lower and upper range values of accepted numeric answer |
=% n% answer: tolerance | n percent credit for one of multiple numeric ranges within tolerance from answer |
} | End answer(s) |
\ character | Backslash escapes the special meaning of ~ , = , # , { , } , and : |
\n | Places a newline in question text -- blank lines delimit questions |
See these discussions in the Moodle forums:
See this test file from Moodle's code base.
The following UML class diagram is an interpretation of the XML format for Moodle quiz import/export. Note that the XML format is naive, e.g., the QUESTION
tag is overloaded using TYPE=
and as such can't easily be schema-tized. The interpretation below aims to facilitate the understanding of the content and relations. It's a domain model reverse-engineered from a data model.
Check out the railroad diagram for this project's PEG.
node server.js
FAQs
Parser of GIFT question format based on PEG.js
We found that @escolalms/gift-pegjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.