You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

simple-evaluate

Package Overview
Dependencies
Maintainers
1
Versions
16
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

simple-evaluate

[![NPM version][npm-image]][npm-url] [![build status][travis-image]][travis-url] [![Test coverage][coveralls-image]][coveralls-url] [![npm download][download-image]][download-url]

1.4.6
latest
Source
npmnpm
Version published
Weekly downloads
650
0.15%
Maintainers
1
Weekly downloads
 
Created
Source

Simple Evaluate

NPM version build status Test coverage npm download

A safe parse for simple js expression.

Usage

import evaluate from 'simple-evaluate';
evaluate(null, '12 + 1 > 14');
evaluate({ a }, 'a + 1 > 14');

Support operation include

  • Math operator + - * / %
  • ternary expression a ? b : c
  • Comparison > < >= <= == != === !==
  • Logical && || !
  • Negation

You can run those expression, for example:

evaluate({}, '!a > 0');
evaluate({}, 'a > 0 || a < -12 || 12 + 2*(4 + 4) < 12');
evaluate({ a: 1 }, '-a * 2');

context find

$. stand for the root value all context, value path only support '.', and not support function call.

since 1.2.0, $. is optional. That mean $.a.b is equal to a.b

string and boolean

String and boolean support, string start with ' | ", just the same as javascript expression.

Boolean use two key words, true | false.

template string

You can use template string, just like the javascript syntax, for example.

evaluate({ a: 22 }, "`I am ${ a >= 18 ? 'adult' : 'child' }`").should.equal('I am adult');

Operation no support

  • Funcion call

So, you can not run those expression

evaluation({}, 'a(1) > 0');

FAQs

Package last updated on 24 Sep 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

AI + a16z Podcast: Vibe Coding, Security Risks, and the Path to Progress

Application Security

/

Security News

AI + a16z Podcast: Vibe Coding, Security Risks, and the Path to Progress

Socket CEO Feross Aboukhadijeh and a16z partner Joel de la Garza discuss vibe coding, AI-driven software development, and how the rise of LLMs, despite their risks, still points toward a more secure and innovative future.

By Sarah Gooding  -  Jul 25, 2025