expression-eval
Advanced tools
The expression-eval npm package is a simple expression evaluator that can parse and evaluate mathematical expressions. It is useful for evaluating expressions dynamically at runtime, making it a handy tool for applications that require dynamic calculations or formula evaluations.
Basic Arithmetic Evaluation
This feature allows you to evaluate basic arithmetic expressions. The code sample demonstrates how to parse and evaluate a simple arithmetic expression.
const { Parser } = require('expression-eval');
const parser = new Parser();
const expr = parser.parse('2 + 3 * (4 - 1)');
const result = expr.evaluate();
console.log(result); // Output: 11Variable Support
This feature allows you to include variables in your expressions. The code sample shows how to parse an expression with variables and evaluate it by providing the variable values.
const { Parser } = require('expression-eval');
const parser = new Parser();
const expr = parser.parse('a * b + c');
const variables = { a: 2, b: 3, c: 4 };
const result = expr.evaluate(variables);
console.log(result); // Output: 10Function Support
This feature allows you to use functions within your expressions. The code sample demonstrates how to parse and evaluate an expression that includes the square root function.
const { Parser } = require('expression-eval');
const parser = new Parser();
const expr = parser.parse('sqrt(a^2 + b^2)');
const variables = { a: 3, b: 4 };
const result = expr.evaluate(variables);
console.log(result); // Output: 5Custom Functions
This feature allows you to define and use custom functions in your expressions. The code sample shows how to parse and evaluate an expression with a custom function.
const { Parser } = require('expression-eval');
const parser = new Parser();
const expr = parser.parse('customFunc(a, b)');
const variables = { a: 2, b: 3, customFunc: (a, b) => a + b };
const result = expr.evaluate(variables);
console.log(result); // Output: 5Math.js is an extensive math library for JavaScript and Node.js. It features a flexible expression parser, which can evaluate expressions, perform symbolic computation, and more. Compared to expression-eval, math.js offers a broader range of mathematical functions and capabilities, including support for matrices, units, and complex numbers.
JSEP (JavaScript Expression Parser) is a JavaScript library for parsing JavaScript expressions. It generates an abstract syntax tree (AST) from an expression string, which can then be evaluated or manipulated. While jsep focuses on parsing expressions, it does not include an evaluation engine, making it more suitable for use cases where you need to parse and then manually evaluate or transform expressions.
Expr-eval is another JavaScript expression parser and evaluator. It is similar to expression-eval in terms of functionality, allowing you to parse and evaluate mathematical expressions with support for variables and functions. Expr-eval is known for its simplicity and ease of use, making it a good alternative to expression-eval for basic expression evaluation needs.
JavaScript expression parsing and evaluation.
Powered by jsep.
npm install --save expression-eval
const expr = require('expression-eval');
const ast = expr.parse('1 + foo');
The result of the parse is an AST (abstract syntax tree), like:
{
"type": "BinaryExpression",
"operator": "+",
"left": {
"type": "Literal",
"value": 1,
"raw": "1"
},
"right": {
"type": "Identifier",
"name": "foo"
}
}
const expr = require('expression-eval');
const ast = expr.parse('a + b / c'); // abstract syntax tree (AST)
const value = expr.eval(ast, {a: 2, b: 2, c: 5}); // 2.4
const expr = require('expression-eval');
const fn = expr.compile('foo.bar + 10');
fn({foo: {bar: 'baz'}}); // 'baz10'
Although this package does avoid the use of eval(), it cannot guarantee that user-provided expressions, or user-provided inputs to evaluation, will not modify the state or behavior of your application. Always use caution when combining user input and dynamic evaluation, and avoid it where possible.
For example:
const ast = expr.parse('foo[bar](baz)()');
expr.eval(ast, {
foo: String,
bar: 'constructor',
baz: 'console.log("im in ur logs");'
});
// Prints: "im in ur logs"
The kinds of expressions that can expose vulnerabilities can be more subtle than this, and are sometimes possible even in cases where users only provide primitive values as inputs to pre-defined expressions.
MIT License.
FAQs
JavaScript expression parsing and evaluation.
The npm package expression-eval receives a total of 209,842 weekly downloads. As such, expression-eval popularity was classified as popular.
We found that expression-eval demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.