chore(release): 5.3.0 [skip ci] # [5.3.0](https://github.com/node-casbin/expression-eval/compare/v5.2.0...v5.3.0) (2024-11-19) ### Features * fix the logic short-circuit bug ([#8](https://github.com/node-casbin/expression-eval/issues/8)) ([7478389](https://github.com/node-casbin/expression-eval/commit/747838927b1b26ca557a2823621cbb18c4bf51e3))
JavaScript expression parsing and evaluation.
Powered by jsep.
Install:
npm install --save @casbin/expression-eval
Import:
// ES6 import { parse, eval } from '@casbin/expression-eval'; // CommonJS const { parse, eval } = require('@casbin/expression-eval'); // UMD / standalone script const { parse, eval } = window['@casbin/expression-eval'];
import { parse } from '@casbin/expression-eval'; const ast = parse('1 + foo');
The result of the parse is an AST (abstract syntax tree), like:
{ "type": "BinaryExpression", "operator": "+", "left": { "type": "Literal", "value": 1, "raw": "1" }, "right": { "type": "Identifier", "name": "foo" } }
import { parse, eval } from '@casbin/expression-eval'; const ast = parse('a + b / c'); // abstract syntax tree (AST) const value = eval(ast, {a: 2, b: 2, c: 5}); // 2.4
Alternatively, use evalAsync for asynchronous evaluation.
import { compile } from '@casbin/expression-eval'; const fn = compile('foo.bar + 10'); fn({foo: {bar: 'baz'}}); // 'baz10'
Alternatively, use compileAsync for asynchronous compilation.
Although this package does avoid the use of eval(), it cannot guarantee that user-provided expressions, or user-provided inputs to evaluation, will not modify the state or behavior of your application. This library does not attempt to provide a secure sandbox for evaluation. Evaluation of arbitrary user inputs (expressions or values) may lead to unsafe behavior. If your project requires a secure sandbox, consider alternatives such as vm2.
Apache 2.0 License.
