Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
fulcrum-expressions
Advanced tools
This implements the runtime for javascript expressions in Fulcrum.
The current implementation uses coffeescript.
There is a typescript implementation (latest version is likely in fulcrum-components/src/expressions, but there is also a typescript branch on this repo) that is currently being used in fulcrum-components to provide types to the monaco editor used to edit data events, calculations, etc. Eventually, this repo should contain that implementation, and ideally move off the coffeescript implementation once we are confident the typescript implementation works. Right now, we haven't determined the best way to distribute those types from this package. Until then, any type updates that need to be made (new public facing functions or otherwise) will need to be made in the typescript implementation.
Install dependencies
yarn
Build expressions.js and sandbox (expressions-proxy.js and expressions.html)
yarn build
Build debug versions
yarn build:debug
Make changes to docs.js
and event_docs.js
.
yarn build:docs
Builds everything for distribution
yarn build:dist
yarn test
Starts an interactive node terminal with the functions available to call
yarn console
Currently all projects pull the expression.js lib produced by this repo from https://assets.fulcrumapp.com/expv1/expressions.js. Until we are able to move projects over to using the published npm library, we will need to manually deploy by copying the dist/expressions.js file to that S3 bucket for others to see changes.
To deploy to your user's preview environment:
aws sso login (or however you login to the chaos aws account)
yarn deploy
(Remember to update fulcrum's config to point at your S3 bucket's files)
To deploy to production (requires fulcrum production access):
aws sso login (or however you login to the readonly fulcrum aws account)
yarn deploy production
Please be careful while doing this, as there aren't many guardrails in place at the moment. If unsure, ask.
Documentation is handled using jsdoc, with functions documented in the source file here.
Copies the build output and docs to the other repositories (each are optional, but at least one is needed).
You can define the paths to the Fulcrum repos using environment variables in your shell config:
export FULCRUM_ANDROID=/path/to/android/app
export FULCRUM_IOS=/path/to/ios/app
export FULCRUM_WEB=/path/to/web/app
export FULCRUM_DEV_SITE=/path/to/website
Or you can assign them in the yarn command:
FULCRUM_DEV_SITE=$HOME/dev/fulcrumapp.com yarn build:dist && yarn copy
Once you have the environment variables set, you can run:
yarn copy
or
yarn build:dist && yarn copy # clean, build and deploy everything
FAQs
Expression runtime for Fulcrum
We found that fulcrum-expressions demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.