eval5
Advanced tools
Readme
中文 | English
基于 TypeScript 编写的 JavaScript 解释器,支持完整 ES5 语法
支持浏览器、node.js、小程序等 JavaScript 运行环境
eval Function的 JavaScript 运行环境:如 微信小程序 demo we-script taro-scriptES5
npm install --save eval5
import { Interpreter } from "eval5";
const interpreter = new Interpreter(window, {
timeout: 1000,
});
let result;
try {
result = interpreter.evaluate("1+1");
console.log(result);
interpreter.evaluate("var a=100");
interpreter.evaluate("var b=200");
result = interpreter.evaluate("a+b");
console.log(result);
} catch (e) {
console.log(e);
}
interface Options {
// 默认为:0,不限制
timeout?: number;
// 根作用域,只读
rootContext?: {} | null;
globalContextInFunction?: any;
}
示例
import { Interpreter } from "eval5";
const ctx = {};
const interpreter = new Interpreter(ctx, {
rootContext: window,
timeout: 1000,
});
interpreter.evaluate(`
a = 100;
console.log(a); // 100
`);
window.a;//undefined
version
当前版本
global
默认值: {}
设置默认的全局作用域
Interpreter.global = window;
const interpreter = new Interpreter();
interpreter.evaluate('alert("hello eval5")');
globalContextInFunction
默认值: undefined
eval5 不支持 use strict 严格模式, 在非严格下的函数中this默认指向的是全局作用域,但在eval5中是undefined, 可通过globalContextInFunction来设置默认指向。
import { Interpreter } from "Interpreter";
const ctx = {};
const interpreter = new Interpreter(ctx);
interpreter.evaluate(`
this; // ctx
function func(){
return this; // undefined
}
func();
`);
import { Interpreter } from "Interpreter";
Interpreter.globalContextInFunction = window;
const ctx = {};
const interpreter = new Interpreter({});
interpreter.evaluate(`
this; // ctx
function func(){
return this; // window
}
func();
`);
原因,示例代码:
注意: alert异常
import { Interpreter } from "Interpreter";
Interpreter.globalContextInFunction = {};
const ctx = {alert: alert};
const interpreter = new Interpreter(ctx);
interpreter.evaluate(`
// throw Illegal invocation
alert('Hello eval5'); // 同 alert.call({}, 'Hello eval5')
`);
constructor(context = Interpreter.global, options?: Options )
构造函数
evaluate(code: string): any
执行给定的字符串代码,并返回最后一个表达式的值
import { Interpreter } from "Interpreter";
const interpreter = new Interpreter(window);
const result = interpreter.evaluate(`
var a = 100;
var b = 200;
a+b;
`);
console.log(result); // 300
appendCode(code: string): any
evaluate的别名
getExecutionTime(): number
获取上一次调用evaluate的执行时长
setExecTimeout(timeout: number = 0): void
设置执行时长
getOptions(): Readonly<Options>
获取解释器参数
执行给定的字符串代码,并返回最后一个表达式的值
注: 该函数每次执行都会创建一个新的解释器
import { evaluate } from "eval5";
evaluate(
`
var a = 100;
var b = 100;
console.log(a+b);
`,
{ console: console }
); // 200
evaluate(`
a;
`); // a is not defined
该函数会将Interpreter.global Interpreter.globalContextInFunction当作默认值并创建新的解释器
import { Function } from "eval5";
const func = new Function("a", "b", "return a+b;");
console.log(func(100, 200)); // 300
查看 vm
MIT
FAQs
A JavaScript interpreter written in JavaScript
The npm package eval5 receives a total of 744 weekly downloads. As such, eval5 popularity was classified as not popular.
We found that eval5 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.