{"id":13165,"library":"expr-parser","title":"JavaScript Expression Parser","description":"expr-parser is a lightweight JavaScript library designed for parsing and evaluating mathematical and object-property expressions from strings. It allows developers to define expressions as strings and then execute them against a given context object, enabling dynamic calculations. The current stable version is 1.0.0, and based on its release history, updates appear infrequent, focusing on stability rather than rapid feature additions. Its core differentiation lies in its minimalist API and straightforward approach to expression evaluation, making it an ideal choice for scenarios requiring basic string-based computation without the overhead or complexity of a full-fledged abstract syntax tree (AST) manipulator or a more expansive templating language. It's particularly suited for environments where controlled, user-defined arithmetic or data access logic is needed.","status":"active","version":"1.0.0","language":"javascript","source_language":"en","source_url":"https://github.com/JuneAndGreen/expr-parser","tags":["javascript","expression","parser"],"install":[{"cmd":"npm install expr-parser","lang":"bash","label":"npm"},{"cmd":"yarn add expr-parser","lang":"bash","label":"yarn"},{"cmd":"pnpm add expr-parser","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"This package is primarily distributed as CommonJS. For ESM environments, a bundler or transpiler is typically required to consume it, which would transform the `require` call into an appropriate `import` statement. Direct `import` syntax will fail in pure Node.js ESM without configuration.","wrong":"import Expression from 'expr-parser';","symbol":"Expression","correct":"const Expression = require('expr-parser');"}],"quickstart":{"code":"const Expression = require('expr-parser');\n\n// Example 1: Basic arithmetic and object property access\nconst exprCalc1 = new Expression('a.value + 12 - (2 * 14 / 4)').parse();\nconsole.log('Result 1:', exprCalc1({\n    a: {\n        value: 3\n    }\n})); \n// Expected Output 1: 8 (3 + 12 - (2 * 14 / 4) = 3 + 12 - 7 = 8)\n\n// Example 2: Using multiple variables and ensuring correct operator precedence\nconst exprCalc2 = new Expression('(user.age + product.price) * discountRate').parse();\nconsole.log('Result 2:', exprCalc2({\n    user: { age: 25 },\n    product: { price: 100 },\n    discountRate: 0.9\n}));\n// Expected Output 2: 112.5 ((25 + 100) * 0.9 = 125 * 0.9 = 112.5)\n","lang":"javascript","description":"Demonstrates parsing and evaluating arithmetic expressions with object property access and multiple variables."},"warnings":[{"fix":"Sanitize or validate all input expressions rigorously, or restrict allowed operators/functions to a safe subset. Never pass untrusted user input directly to `new Expression().parse()` without strict validation.","message":"Evaluating untrusted user-supplied expressions can lead to arbitrary code execution or denial-of-service vulnerabilities. This parser directly executes parsed expressions, which means malicious input could potentially compromise your application.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Ensure that your expressions adhere to the supported syntax for basic arithmetic and property lookups. For more complex logic, consider pre-processing expressions or using a more robust scripting engine.","message":"This parser is designed for simple arithmetic and object property access. It does not support advanced JavaScript features like function calls, array literals, control flow statements (e.g., `if`/`else`), or ternary operators (`? :`) within the expression string itself.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Profile critical sections of your application that use this parser. If performance becomes a bottleneck, consider pre-parsing expressions if they are static or using a more optimized Abstract Syntax Tree (AST)-based solution designed for high-throughput, complex evaluation.","message":"For extremely complex or deeply nested expressions, performance might degrade due to the nature of string parsing and dynamic evaluation. The library is optimized for simplicity rather than high-performance parsing of very long or intricate expressions.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-19T00:00:00.000Z","next_check":"2026-07-18T00:00:00.000Z","problems":[{"fix":"Review the expression string for typos, incorrect operator usage, or unsupported JavaScript syntax. Refer to the library's test cases or documentation for supported expression patterns.","cause":"The input expression string is syntactically incorrect or uses features not supported by the parser (e.g., calling functions or using control flow).","error":"Syntax Error: Unexpected token"},{"fix":"Ensure the context object passed to the evaluated expression contains all necessary variables and properties referenced by the expression at the correct nesting level.","cause":"The context object provided during evaluation (`exprCalc(context)`) does not contain properties or nested objects that the expression attempts to access (e.g., `a.value` when `a` is missing or undefined).","error":"Cannot read property 'value' of undefined"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null,"pypi_latest":null,"cli_name":""}