is-expression
Advanced tools
Validates a string as a JavaScript expression
npm install is-expression
isExpression(src[, options])Validates a string as a JavaScript expression.
src contains the source.
options can contain any Acorn options (since we use Acorn under-the-hood),
or any of the following:
throw: Throw an error if the string is not an expression. The error can
be an Acorn error, with location information in err.loc and err.pos.
Defaults to false.strict: Use strict mode when trying to parse the string. Defaults to
false. Even if this option is false, if you have provided
options.sourceType === 'module' which imples strict mode under ES2015,
strict mode will be used.lineComment: When true, allows line comments in the expression.
Defaults to false for safety.See the examples below for usage.
var isExpression = require('is-expression')
isExpression('myVar')
//=> true
isExpression('var')
//=> false
isExpression('["an", "array", "\'s"].indexOf("index")')
//=> true
isExpression('var', {throw: true})
// SyntaxError: Unexpected token (1:0)
// at Parser.pp.raise (acorn/dist/acorn.js:940:13)
// at ...
isExpression('public')
//=> true
isExpression('public', {strict: true})
//=> false
isExpression('abc // my comment')
//=> false
isExpression('abc // my comment', {lineComment: true})
//=> true
MIT
Acorn is a small, fast, JavaScript-based JavaScript parser. It can be used to parse JavaScript code into an abstract syntax tree (AST), which can then be analyzed or transformed. Compared to is-expression, Acorn provides more comprehensive parsing capabilities, including support for full JavaScript syntax, but it is more complex to use for simple expression validation.
Esprima is a high-performance, standard-compliant ECMAScript parser written in JavaScript. It parses JavaScript programs and returns an abstract syntax tree (AST). Like Acorn, Esprima offers more extensive parsing features than is-expression, making it suitable for more complex code analysis tasks beyond simple expression validation.
FAQs
Check if a string is a valid JavaScript expression
The npm package is-expression receives a total of 2,711,001 weekly downloads. As such, is-expression popularity was classified as popular.
We found that is-expression demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The remediated findings include organization permission bugs, stale project access after transfers, OIDC replay edge cases, audit logging gaps, and an IDOR in API token deletion.
Research
/Security News
GitHub account BufferZoneCorp published sleeper packages that later added credential theft, GitHub Actions tampering, fake go wrappers, and SSH persistence.
Research
/Security News
Socket found a malicious Intercom PHP package on Packagist using Composer plugin execution to steal credentials and spread across ecosystems.