Socket
Socket
Sign inDemoInstall

evalexp

Package Overview
Dependencies
2
Maintainers
1
Versions
17
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

    evalexp

Mathematical expression parser and evaluator

Version published
Maintainers
1
Install size
137 kB
Created

Readme

Source

evalexp

Mathematical expression parser and evaluator It accepts string expression. Then it creates parsed object and and evaluate it.

Library is not using eval()

It is parsing string, based on it, creates new expression and evaluating it.

  • It don't have access to global variables.
  • It is not creating global variables
  • It is only using operators and grammars defined by this library.
  • Everything else will throw error

Because parsing is complex, library is creating parsing object and when you need to use different variables with same expression it should be evaluated faster

Motivation

User writes input like this

"3+k6+2*strength"

and it should be evaluated on backend server and should be secure and safe

How to start

import EvalExp from "evalexp";
// or
const { EvalExp } = require("evalexp");

const evalExp = new EvalExp("3k6 + 2strength");
evalExp.parse();
evalExp.evaluate({
    k6: () => 3,
    strength: 2
}); //return number 13

or if you plan to evaluate expression only once

EvalExp.evaluate("3k6+2strength", {
    k6: () => 3,
    strength: 2
}); //return number 13

or from function

import { evaluate } from "evalexp";
//or
const { evaluate } = require("evalexp");

evaluate("3k6+2strength", {
    k6: () => 3,
    strength: 2
});

methods

  • EvalExp.evaluate(expression string, variable declaration) - evaluate expression and return value
  • new EvalExp() - create instance for expression
  • instance.parse() - parse expression
  • instance.evaluate(variable declaration) - evaluate expression and return value. Can be invoked multiple times with different variable declarations

evaluate one expression multiple times with different values

const evalExp = new EvalExp("x+1");
const someInput = [1, 2, 3, 4, 5, 6, 7];
someInput.map(x => evalExp.evaluate({ x })) // [2, 3, 4, 5, 6, 7, 8])

supported grammar

  • minus numbers:
EvalExp.evaluate("-5");
EvalExp.evaluate("-5*3");
  • plus numbers:
EvalExp.evaluate("5");
EvalExp.evaluate("+5");
  • floating numbers :
EvalExp.evaluate("4.345");
  • addition:
EvalExp.evaluate("5+4");
EvalExp.evaluate("+4+34");
EvalExp.evaluate("56.43+32");
  • subtraction:
EvalExp.evaluate("34-21");
EvalExp.evaluate("33-44");
  • exponentiation:
EvalExp.evaluate("3^2"); //9
EvalExp.evaluate("(-3)^2"); //9
  • root extraction:
EvalExp.evaluate("9^0.5"); //3
EvalExp.evaluate("27^(1/3)"); //3
  • modulo:
EvalExp.evaluate("6%2"); //0
EvalExp.evaluate("7%2"); //1
  • multiplication:
EvalExp.evaluate("5*5");
EvalExp.evaluate("-3*8");
  • division:
EvalExp.evaluate("10/2");
  • brackets:
EvalExp.evaluate("5*(3+(5-3)/4)");

multiplication operator can be ignored

EvalExp.evaluate("3(10+45)");
  • variables
EvalExp.evaluate("3*someVariable");

multiplication operator can be ignored

EvalExp.evaluate("3someVariable");
  • functions without arguments - use like variables (without brackets)
EvalExp.evaluate("3*someFunctions");

multiplication operator can be ignored

EvalExp.evaluate("3someFunctions");
  • functions with arguments
EvalExp.evaluate("3*someFunctions(10)");

complex arguments with inner functions are supported

EvalExp.evaluate("2+funcA(2*funcB(3+4, 4))");

About variables and functions

This library does not give access to your global variables. In execute method all possible variables should be declared. If not declared variable is used in expression it will throw error. If you declare function and use it as variable (without bracked) it will be execeuted as zero argument function

variable varA is used in expression and is declated in evaluate function:

import EvalExp from "evalexp";

const evalExp = new EvalExp("10 + (varA + 5) * 2");
evalExp.parse();
evalExp.evaluate({
    varA: 3
});

varA is declared as function and because of it, it will be executed as function in expression

import EvalExp from "evalexp";

const evalExp = new EvalExp("10 + (varA + 5) * 2");
evalExp.parse();
evalExp.evaluate({
    varA() {
        return 5;
    }
});

Support for predefined functions

This library by design does not give any predefined functions. It can be easily extended with any function you want

If condition

EvalExp.evaluate("IF(1, 2, 3)", {
    IF: (condition, isTrue, isFalse) => (condition ? isTrue : isFalse)
});

power

EvalExp.evaluate("POW(2, 2)", {
    POW: (arg1, arg) => Math.pow(arg1, arg)
});

Keywords

FAQs

Last updated on 14 Feb 2021

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

CISA Launches Vulnrichment Project as NVD Backlog Hits 10,000

Security News

CISA Launches Vulnrichment Project as NVD Backlog Hits 10,000

CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.

By Sarah Gooding  -  May 09, 2024
Recent Trends in Malicious Packages Targeting Discord

Research

Recent Trends in Malicious Packages Targeting Discord

The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.

By Socket Research Team  -  May 07, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc