cel 0.4.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e4d35d9012196d61497f40e35c8e9dd9b1a9d7e1e922078a414cd574eacc439a
-  data.tar.gz: f2a0e48bc07e0c0b5eb23c7ea6d709a1b56fff3400b51204d26c3031f11db696
+  metadata.gz: 1bf9b40df18d849d9a964e668c0f1aee0d82f02ccd2de536dcfa73c8d714c718
+  data.tar.gz: 0f348c6b1a4a09362d76db927aec94099fc2ac2b355ddcef963b72fa90549e07
 SHA512:
-  metadata.gz: d39c028b26513ed27749f5bd7c5cfa57281b0433a5b5984418d657fd61441122e4cddae1942cdb7b3e3c9aeb0979d7387ca5d7444cea0afd04477615278acbfa
-  data.tar.gz: 442da2f399685e77bee5f743c693f0ef0fe9b333dfea333f61b17f8419a6bf7752aca14e0c5211ff0a8a526bc36a9a575a9e0cac53190f47e3af0b54097c26de
+  metadata.gz: 936e0ea05567de1932de8a887dee32f3682cbdccc574999772283a98acef7ce47d4ad51446eb35a8bcb5195100dc0a3197ec7fb4a82f8ddc239aab47ba0f40c1
+  data.tar.gz: d346ef64b5f777b1e368f234a43ad69cb2759313134558ef9760e68933e61a2e1f0644b01ad46b85702017955777ceebe31bce28c410ddbbbca49639eeeb1120

data/CHANGELOG.md

@@ -1,5 +1,53 @@
 ## [Unreleased]
 
+## [0.6.0] - 2026-02-28
+
+### Features
+
+#### Network Extension
+
+Support the network extension, as defined [here](https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#IP).
+
+### Improvements
+
+#### support top-level lookup (ex: '.y')
+
+also, make sure than, on lookup, keys under the passed container take priority, except in the case where the lookup is top-level
+ (i.e. '.y').
+
+at the same time, #merge is refactored in order to:
+
+* normalize nested bindings into aggregated keys ({a:{b:1}} => {:"a.b"=> 1}
+* override container-prefixed variables with the local binding
+* deal with conflicts by moving them to top level.
+
+## [0.5.0] - 2025-12-11
+
+### Features
+
+#### Custom extensions
+
+A new `:extensions` kwarg is added to `Cel::Environment.new` which allows adding custom extensions, in a similar manner as what the standard extensions (like `math` or `string`) are done:
+
+```ruby
+module Ext
+  # defines a random function which takes no arguments and returns 42
+end
+
+Cel::Environment.new.evaluate("ext.random()") #=> raises error
+Cel::Environment.new(extensions: { ext: Ext }).evaluate("ext.random()") #=> 42
+```
+
+### Backwards Compatibility
+
+The ractor safety introduced in 0.4.1 has been relaxed in order to allow extensions of core classes by custom extensions, And you'll need to explicitly call `Cel.freeze` before using `cel` inside ractors. This is a direct consequence of how extensions patch `cel` core classes.
+
+ATTENTION: Changes may be introduced in the way core classes are patched by extensions, towards making `cel` ractor-safe by default. If you rely on custom extensions, do follow the migration instructions in subsequent releases.
+
+### Bugfixes
+
+Fixed checker type inference when using nexted expressions (like when using the `bind` extensions to evaluate cel sub-expressions).
+
 ## [0.4.1] - 2025-11-25
 
 ### Improvements

data/README.md

@@ -162,6 +162,35 @@ res = env.evaluate('tuple(1, 2)') #=> Tuple instance
 res.value #=> [1, 2]
 ```
 
+### Custom Extensions
+
+`cel` already supports the [conformance spec extensions packages](https://pkg.go.dev/github.com/google/cel-go/ext#section-readme). However, if you need to add your own, you can do so:
+
+```ruby
+module Ext
+  def __check(funcall, checker:)
+    func = funcall.func
+    args = funcall.args
+
+    case func
+    when :random
+      checker.check_arity(func, args, 0)
+      return TYPES[:int]
+    else
+      checker.unsupported_operation(funcall)
+    end
+  end
+
+  # extensions will always receive the program instance as a kwarg
+  def random(program:)
+    42
+  end
+end
+
+env = Cel::Environment.new(extensions: { ext: Ext})
+env.evaluate("ext.random()") #=> 42
+```
+
 ## Spec Coverage
 
 `cel` is tested against the conformance suite from the [cel-spec repository](https://github.com/google/cel-spec/tree/master/conformance), and supports all features from the language except:
@@ -171,6 +200,7 @@ res.value #=> [1, 2]
 * bindings extensions
 * block extensions
 * encoders extensions
+* network extensions
 * comprehensions V2 API
 * optionals
 
@@ -180,6 +210,14 @@ If this is something you're interested in (helping out), add a mention in the co
 
 All Rubies greater or equal to 2.7, and always latest JRuby and Truffleruby.
 
+`cel` can be used inside ractors, but you need to freeze it first:
+
+```ruby
+# can't be used in ractors
+Cel.freeze
+# can be used in ractors
+```
+
 ## Development
 
 Clone the repo in your local machine, where you have `ruby` installed. Then you can:

data/lib/cel/ast/elements/invoke.rb

@@ -38,10 +38,10 @@ module Cel
         if indexing?
           "#{var}[#{args}]"
         else
-          "#{var}.#{func}#{"(#{args.map(&:to_s).join(", ")})" if args}"
+          "#{var}.#{func}#{"(#{args.join(", ")})" if args}"
         end
       else
-        "#{func}#{"(#{args.map(&:to_s).join(", ")})" if args}"
+        "#{func}#{"(#{args.join(", ")})" if args}"
       end
     end
 

data/lib/cel/ast/elements/list.rb

@@ -51,7 +51,7 @@ module Cel
     end
 
     def to_s
-      "[#{@value.map(&:to_s).join(", ")}]"
+      "[#{@value.map(&:to_s).join(", ")}]" # rubocop:disable Style/MapJoin
     end
 
     private

data/lib/cel/ast/elements/protobuf.rb

@@ -318,7 +318,7 @@ module Cel
       protoclass = var.split(".").last
       protoclass = Google::Protobuf.const_get(protoclass)
 
-      value = if args.nil? && protoclass.constants.include?(func.to_sym)
+      value = if args.nil? && protoclass.const_defined?(func.to_sym)
         protoclass.const_get(func)
       else
         protoclass.__send__(func, *args)
@@ -340,7 +340,7 @@ module Cel
       when :repeated
         case value
         when Google::Protobuf::Map
-          value.to_h { |k, v| [k, convert_from_proto_field_type(field, v)] } # rubocop:disable Style/HashTransformValues
+          value.to_h { |k, v| [k, convert_from_proto_field_type(field, v)] }
         else
           value.map { |v| convert_from_proto_field_type(field, v) }
         end

data/lib/cel/ast/types.rb

@@ -107,7 +107,7 @@ module Cel
         when :duration
           String.new(value.to_s)
         else
-          String.new(String(value.value))
+          String.new(String(value))
         end
       when :bytes
         case type

data/lib/cel/checker.rb

@@ -11,14 +11,14 @@ module Cel
     BOOLABLE_OPERATORS = %w[&& || == != < <= >= >].freeze
 
     CAST_ALLOWED_TYPES = {
-      int: %i[int uint double string timestamp], # TODO: enum
-      uint: %i[int uint double string],
-      string: %i[int uint double bytes bool bytes string timestamp duration],
-      double: %i[double int uint string],
-      bytes: %i[bytes string],
-      bool: %i[bool string],
-      duration: %i[string duration],
-      timestamp: %i[int string timestamp],
+      int: %i[int uint double string timestamp].freeze, # TODO: enum
+      uint: %i[int uint double string].freeze,
+      string: %i[int uint double bytes bool bytes string timestamp duration].freeze,
+      double: %i[double int uint string].freeze,
+      bytes: %i[bytes string].freeze,
+      bool: %i[bool string].freeze,
+      duration: %i[string duration].freeze,
+      timestamp: %i[int string timestamp].freeze,
     }.freeze
 
     attr_reader :environment, :declarations
@@ -26,6 +26,15 @@ module Cel
     def initialize(environment, declarations = environment.declarations)
       @environment = environment
       @declarations = declarations
+      @cast_allowed_types = CAST_ALLOWED_TYPES.dup
+      @environment.extensions.each_value do |ext|
+        next unless ext.const_defined?(:CAST_ALLOWED_TYPES)
+
+        ext.const_get(:CAST_ALLOWED_TYPES).each do |type, allowed_types|
+          @cast_allowed_types[type] ||= []
+          @cast_allowed_types[type] += allowed_types
+        end
+      end
     end
 
     def check(ast)
@@ -66,6 +75,8 @@ module Cel
     end
 
     def check_arity(func, args, arity, op = :===)
+      return arity.zero? if args.nil?
+
       return if arity.__send__(op, args.size)
 
       raise CheckError, "`#{func}` invoked with wrong number of arguments (should be #{arity})"
@@ -85,12 +96,12 @@ module Cel
       raise CheckError, "unsupported operation (#{op})"
     end
 
-    private
-
     def merge(declarations)
       Checker.new(@environment, @declarations ? @declarations.merge(declarations) : declarations)
     end
 
+    private
+
     def check_literal(literal)
       case literal
       when List
@@ -228,8 +239,8 @@ module Cel
 
       return check_standard_func(funcall) unless var
 
-      if var.is_a?(Identifier) && Cel::EXTENSIONS.include?(var.to_sym)
-        return Cel::EXTENSIONS[var.to_sym].__check(funcall, checker: self)
+      if var.is_a?(Identifier) && @environment.extensions.include?(var.to_sym)
+        return @environment.extensions[var.to_sym].__check(funcall, checker: self)
       end
 
       var_type ||= infer_variable_type(var)
@@ -321,7 +332,9 @@ module Cel
           var_type.element_type = element_checker.check(predicate)
           var_type
         else
-          return Cel::EXTENSIONS[:strings].__check(funcall, checker: self) if Cel::EXTENSIONS.key?(:strings)
+          if @environment.extensions.key?(:strings)
+            return @environment.extensions[:strings].__check(funcall, checker: self)
+          end
 
           unsupported_operation(funcall)
         end
@@ -335,7 +348,9 @@ module Cel
           # TODO: verify if string can be transformed into a regex
           return TYPES[:bool] if find_match_all_types(%i[string], call(args.first))
         else
-          return Cel::EXTENSIONS[:strings].__check(funcall, checker: self) if Cel::EXTENSIONS.key?(:strings)
+          if @environment.extensions.key?(:strings)
+            return @environment.extensions[:strings].__check(funcall, checker: self)
+          end
 
           unsupported_type(funcall)
         end
@@ -384,6 +399,12 @@ module Cel
       func = funcall.func
       args = funcall.args
 
+      @environment.implicit_extensions.each do |ext|
+        if (typ = ext.__check(funcall, checker: self))
+          return typ
+        end
+      end
+
       # check if protobuf conversion
       if (proto_type = Protobuf.convert_to_proto_type(func.to_s, @environment.package))
         # TODO: fixit
@@ -409,9 +430,9 @@ module Cel
 
         arg = call(args.first)
         return TYPES[:int] if find_match_all_types(%i[string bytes list map], arg)
-      when *CAST_ALLOWED_TYPES.keys
+      when *@cast_allowed_types.keys
         check_arity(func, args, 1)
-        allowed_types = CAST_ALLOWED_TYPES[func]
+        allowed_types = @cast_allowed_types[func]
 
         arg = call(args.first)
 

data/lib/cel/context.rb

@@ -2,22 +2,60 @@
 
 module Cel
   class Context
-    attr_reader :declarations, :bindings
+    attr_reader :bindings
 
-    def initialize(declarations, bindings)
-      @declarations = declarations
+    def initialize(environment, bindings)
+      @environment = environment
       @bindings = bindings.dup
     end
 
+    def declarations
+      @environment.declarations
+    end
+
     def lookup(identifier)
       raise EvaluateError, "no value in context for #{identifier}" unless @bindings
 
+      top_level_key = nil
       id = identifier.to_s
 
       lookup_keys = id.split(".")
 
       val = @bindings
 
+      if lookup_keys.first.empty?
+        # key starts with ".", i.e. ".y"
+        val = val.dup
+        lookup_keys.shift
+        top_level_key = key = lookup_keys.first
+
+        if val.respond_to?(:key?)
+          val = val.dup
+          val.keys.select { |k| k.start_with?(".#{key}") }.each do |k|
+            val[k.to_s[1..-1].to_sym] = val.delete(k) # rubocop:disable Style/SlicingWithRange
+          end
+          # else do nothing
+        end
+      end
+
+      if (container = @environment.container)
+        # ex move data from "example.com.y" to "y"
+        container_keys = val.keys.select { |k| k.start_with?(container) }
+
+        unless container_keys.empty?
+          val = val.dup
+          container_keys.each do |key|
+            skey = key.to_s.delete_prefix("#{container}.")
+
+            # forego editing if this is a top level lookup and the key being
+            # overwritten would be one
+            next if top_level_key && skey.start_with?(top_level_key)
+
+            val[skey.to_sym] = val.delete(key)
+          end
+        end
+      end
+
       loop do
         fetched = false
         (0...lookup_keys.size).reverse_each do |idx|
@@ -62,8 +100,38 @@ module Cel
       [val, lookup_keys.empty? ? nil : lookup_keys.join(".")]
     end
 
+    NORMALIZE_KEYS = lambda do |k, v|
+      if v.is_a?(Hash) || v.is_a?(Map)
+        v.flat_map do |k2, v2|
+          NORMALIZE_KEYS.call(:"#{k}.#{String(k2)}", v2)
+        end
+      else
+        [k, v]
+      end
+    end
+
     def merge(bindings)
-      Context.new(@declarations, @bindings ? @bindings.merge(bindings) : bindings)
+      bindings = bindings.to_h { |k, v| NORMALIZE_KEYS[k, v] }
+      if (old_bindings = @bindings)
+        if @environment.container
+          old_bindings = old_bindings.dup
+
+          bindings.each_key do |key|
+            container_key = :"#{@environment.container}.#{key}"
+
+            old_bindings.delete(container_key) if old_bindings.key?(container_key)
+          end
+        end
+        conflicts = []
+        bindings = old_bindings.merge(bindings) do |k, old, new|
+          conflicts << [k, old]
+          new
+        end
+        conflicts.each do |k, v|
+          bindings[:".#{k}"] = v
+        end
+      end
+      Context.new(@environment, bindings)
     end
 
     private
@@ -73,7 +141,7 @@ module Cel
     end
 
     def to_cel_primitive(k, v)
-      if @declarations && (type = @declarations[k])
+      if @environment.declarations && (type = @environment.declarations[k])
         type = TYPES[type] if type.is_a?(Symbol)
 
         if type.is_a?(Class) && type < Protobuf.base_class

data/lib/cel/environment.rb

@@ -2,20 +2,23 @@
 
 module Cel
   class Environment
-    attr_reader :declarations, :package
+    attr_reader :declarations, :extensions, :package, :container
 
     def initialize(
       declarations: nil,
       container: nil,
+      extensions: nil,
       disable_check: false,
       **kwargs
     )
       @disable_check = disable_check
       @declarations = declarations
-      @container = container
-      @package = nil
+      @extensions = extensions ? EXTENSIONS.merge(extensions) : EXTENSIONS
+      @package = @container = nil
       @checker = Checker.new(self)
 
+      @container = container if container && !container.empty?
+
       if container && !container.empty?
 
         module_dir = container.split(".")
@@ -36,6 +39,10 @@ module Cel
       @parser = Parser.new(package, **kwargs)
     end
 
+    def implicit_extensions
+      @implicit_extensions ||= @extensions.select { |_, ext| ext.implicit? }.values
+    end
+
     def compile(expr)
       ast = @parser.parse(expr)
       @checker.check(ast)
@@ -65,10 +72,12 @@ module Cel
 
     def evaluate(expr, bindings = nil)
       declarations, bindings = process_bindings(bindings)
-      context = Context.new(declarations, bindings)
+      context = Context.new(self, bindings)
       expr = @parser.parse(expr) if expr.is_a?(::String)
       @checker.check(expr) unless @disable_check
-      Program.new(context, self).evaluate(expr)
+      with(declarations: declarations) do
+        Program.new(context, self).evaluate(expr)
+      end
     end
 
     def process_bindings(bindings)
@@ -84,8 +93,10 @@ module Cel
       cbinding_keys.each do |k|
         cbinding = k.to_s.delete_prefix(prefix).to_sym
 
-        bindings[cbinding] = bindings.delete(k)
-        declarations[cbinding] = declarations.delete(k) if declarations.key?(k)
+        unless bindings.key?(cbinding)
+          bindings[cbinding] = bindings.delete(k)
+          declarations[cbinding] = declarations.delete(k) if declarations.key?(k)
+        end
       end
 
       [declarations, bindings]
@@ -93,14 +104,17 @@ module Cel
 
     def with(declarations:, disable_check: @disable_check)
       prev_declarations = @declarations
+      prev_checker = @checker
       prev_disable_check = @disable_check
 
-      @declarations = declarations.merge(declarations)
+      @declarations = prev_declarations ? prev_declarations.merge(declarations) : declarations
+      @checker = prev_checker.merge(@declarations)
       @disable_check = disable_check
 
       yield
     ensure
       @declarations = prev_declarations
+      @checker = prev_checker
       @disable_check = prev_disable_check
     end
 
@@ -116,8 +130,8 @@ module Cel
     end
 
     def evaluate(bindings = nil)
-      declarations, bindings = @environment.process_bindings(bindings)
-      context = Context.new(declarations, bindings)
+      _, bindings = @environment.process_bindings(bindings)
+      context = Context.new(@environment, bindings)
       Program.new(context, @environment).evaluate(@ast)
     end
   end

data/lib/cel/extensions/bind.rb

@@ -5,6 +5,10 @@ module Cel
     module Bind
       module_function
 
+      def implicit?
+        false
+      end
+
       def __check(funcall, checker:)
         func = funcall.func
         args = funcall.args
@@ -19,15 +23,14 @@ module Cel
 
         type = checker.call(type)
 
-        checker.environment.with(declarations: { id => type }) do
+        checker.environment.with(declarations: { id.to_sym => type }) do
           checker.environment.check(expr)
         end
       end
 
       def bind(var, val, expr, program:)
         program.environment.with(declarations: { var.to_sym => val.type }, disable_check: false) do
-          bindings = program.context.bindings.merge({ var.to_sym => val })
-          program.environment.evaluate(expr, bindings)
+          program.with_extra_context({ var.to_sym => val }).evaluate(expr)
         end
       end
     end

data/lib/cel/extensions/encoders.rb

@@ -6,6 +6,10 @@ module Cel
       module Base64
         module_function
 
+        def implicit?
+          false
+        end
+
         def __check(funcall, checker:)
           func = funcall.func
           args = funcall.args

data/lib/cel/extensions/math.rb

@@ -5,6 +5,10 @@ module Cel
     module Math
       module_function
 
+      def implicit?
+        false
+      end
+
       def __check(funcall, checker:)
         func = funcall.func
         args = funcall.args

data/lib/cel/extensions/network.rb

@@ -0,0 +1,220 @@
+# frozen_string_literal: true
+
+require "resolv"
+require "ipaddr"
+
+module Cel
+  module Extensions
+    module Network
+      module_function
+
+      def implicit?
+        false
+      end
+
+      def __check(funcall, checker:)
+        funcall.var
+        func = funcall.func
+        args = funcall.args
+
+        case func
+        when :IP, :CIDR
+          checker.check_arity(func, args, 0)
+          TYPES[:type]
+        end
+      end
+
+      def IP(*) # rubocop:disable Naming/MethodName
+        TYPES[:ip]
+      end
+
+      def CIDR(*) # rubocop:disable Naming/MethodName
+        TYPES[:cidr]
+      end
+
+      module IP
+        module_function
+
+        CAST_ALLOWED_TYPES = {
+          string: %i[ip cidr].freeze,
+        }.freeze
+
+        def implicit?
+          true
+        end
+
+        def __check(funcall, checker:)
+          funcall.var
+          func = funcall.func
+          args = funcall.args
+
+          case func
+          when :ip, :cidr
+            checker.check_arity(func, args, 1)
+            arg = checker.call(args.first)
+            TYPES[func] if checker.find_match_all_types(%i[string], arg)
+          when :isIP, :isCanonical
+            checker.check_arity(func, args, 1)
+            arg = checker.call(args.first)
+            TYPES[:bool] if checker.find_match_all_types(%i[string], arg)
+          end
+        end
+
+        def __ip(value)
+          Cel::IP.new(value)
+        rescue IPAddr::InvalidAddressError
+          raise EvaluateError, "IP Address '#{value}' parse error during conversion from string"
+        end
+
+        def __cidr(value)
+          Cel::CIDR.new(value)
+        rescue IPAddr::InvalidAddressError
+          raise EvaluateError, "IP Address '#{value}' parse error during conversion from string"
+        end
+
+        def ip(str, program:)
+          value = program.call(str).value
+
+          __ip(value)
+        end
+
+        def cidr(str, program:)
+          value = program.call(str).value
+
+          __cidr(value)
+        end
+
+        def isIP(str, program:) # rubocop:disable Naming/MethodName
+          value = program.call(str).value
+
+          begin
+            __ip(value)
+            Bool.new(true)
+          rescue EvaluateError
+            Bool.new(false)
+          end
+        end
+
+        def isCanonical(str, program:) # rubocop:disable Naming/MethodName
+          value = program.call(str).value
+
+          Bool.new(value == __ip(value).to_s)
+        end
+      end
+    end
+  end
+
+  # https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#IP
+  class IP < Literal
+    IPV4_LL_UC_CIDR = IPAddr.new("169.254.0.0/16")
+    IPV4_LL_MC_CIDR = IPAddr.new("224.0.0.0/24")
+    IPV6_LL_UC_CIDR = IPAddr.new("fe80::/10")
+    IPV6_LL_MC_CIDR = IPAddr.new("ff00::/8")
+
+    def initialize(val)
+      value = IPAddr.new(val)
+
+      if value.ipv6?
+        raise EvaluateError, "IP Address with zone value is not allowed" if value.zone_id
+
+        if Resolv::IPv4::Regex.match?(val.split(":").last)
+          raise EvaluateError, "IPv4-mapped IPv6 address is not allowed"
+        end
+      end
+
+      super(:ip, value)
+    end
+
+    define_cel_method(:==) do |other|
+      case other
+      when IP
+        if @value.ipv4? && other.value.ipv6? && other.value.ipv4_mapped?
+          # convert ipv4 to ipv4-mapped ipv6 addr
+          @value.ipv4_mapped == other.value
+        elsif @value.ipv6? && other.value.ipv4? && @value.ipv4_mapped?
+          # convert ipv4 to ipv4-mapped ipv6 addr
+          @value == other.value.ipv4_mapped
+        else
+          # same family?
+          @value == other.value
+        end
+      else
+        super
+      end
+    end
+
+    define_cel_method(:family) do
+      Number.new(:int, @value.ipv6? ? 6 : 4)
+    end
+
+    define_cel_method(:isUnspecified) do
+      Bool.cast(@value == (@value.ipv6? ? "::" : "0.0.0.0"))
+    end
+
+    define_cel_method(:isLoopback) do
+      Bool.cast(@value.loopback?)
+    end
+
+    define_cel_method(:isGlobalUnicast) do
+      if @value.ipv6?
+        # not a link-local unicast, loopback or multicast address.
+        Bool.cast(!@value.loopback? && !IPV6_LL_UC_CIDR.include?(@value) && !IPV6_LL_MC_CIDR.include?(@value))
+      else
+        # not zero or 255.255.255.255
+        Bool.cast(@value != "255.255.255.255" && @value != "0.0.0.0")
+      end
+    end
+
+    define_cel_method(:isLinkLocalMulticast) do
+      Bool.cast(@value.ipv6? ? IPV6_LL_MC_CIDR.include?(@value) : IPV4_LL_MC_CIDR.include?(@value))
+    end
+
+    define_cel_method(:isLinkLocalUnicast) do
+      Bool.cast(@value.ipv6? ? IPV6_LL_UC_CIDR.include?(@value) : IPV4_LL_UC_CIDR.include?(@value))
+    end
+  end
+
+  class CIDR < Literal
+    def initialize(val)
+      value = IPAddr.new(val)
+
+      if value.ipv6?
+        raise EvaluateError, "IP Address with zone value is not allowed" if value.zone_id
+
+        val, = val.split("/", 2)
+        if Resolv::IPv4::Regex.match?(val.split(":").last)
+          raise EvaluateError, "IPv4-mapped IPv6 address is not allowed"
+        end
+      end
+
+      super(:cidr, value)
+    end
+
+    define_cel_method(:containsIP) do |other|
+      Bool.cast(@value.include?(other.value))
+    end
+
+    define_cel_method(:containsCIDR) do |other|
+      Bool.cast(@value.include?(other.value))
+    end
+
+    define_cel_method(:ip) do
+      IP.new(@value.to_s)
+    end
+
+    define_cel_method(:masked) do
+      self
+    end
+
+    define_cel_method(:prefixLength) do
+      Number.new(:int, @value.prefix)
+    end
+
+    def to_str
+      @value.cidr
+    end
+  end
+
+  TYPES[:ip] = Type.new(:ip)
+  TYPES[:cidr] = Type.new(:cidr)
+end

data/lib/cel/extensions/string.rb

@@ -5,6 +5,10 @@ module Cel
     module String
       module_function
 
+      def implicit?
+        false
+      end
+
       def __check(funcall, checker:)
         var = funcall.var
         func = funcall.func

data/lib/cel/extensions.rb

@@ -4,6 +4,7 @@ require_relative "extensions/math"
 require_relative "extensions/string"
 require_relative "extensions/bind"
 require_relative "extensions/encoders"
+require_relative "extensions/network"
 
 module Cel
   EXTENSIONS = {
@@ -11,5 +12,7 @@ module Cel
     strings: Extensions::String,
     base64: Extensions::Encoders::Base64,
     cel: Extensions::Bind,
+    net: Extensions::Network,
+    ip: Extensions::Network::IP,
   }.freeze
 end

data/lib/cel/parser.rb

@@ -995,7 +995,7 @@ module_eval(<<'.,.,', 'parser.ry', 58)
 
 module_eval(<<'.,.,', 'parser.ry', 62)
   def _reduce_36(val, _values, result)
-     result = val[1]
+     result = ".#{val[1]}"
     result
   end
 .,.,

data/lib/cel/program.rb

@@ -57,8 +57,8 @@ module Cel
     def evaluate_identifier(identifier)
       id_sym = identifier.to_sym
 
-      if Cel::EXTENSIONS.key?(id_sym)
-        Cel::EXTENSIONS[id_sym]
+      if @environment.extensions.key?(id_sym)
+        @environment.extensions[id_sym]
       elsif Cel::PRIMITIVE_TYPES.include?(id_sym)
         TYPES[identifier.to_sym]
       else
@@ -208,10 +208,14 @@ module Cel
             return evaluate_invoke(invoke, proto_type)
           end
 
-          # try stuff like a.b.c
-          return evaluate_identifier(invoke.to_s) if args.nil?
-
-          evaluate_identifier(var)
+          if @environment.extensions.key?(var.to_sym)
+            var = @environment.extensions[var.to_sym]
+          elsif args.nil?
+            # try stuff like a.b.c
+            return evaluate_identifier(invoke.to_s)
+          else
+            evaluate_identifier(var)
+          end
 
         when Invoke
           if args.nil?
@@ -265,7 +269,7 @@ module Cel
         raise EvaluateError, "#{invoke} is not supported" unless var.class.method_defined?(func, false)
 
         # eliminate protobuf API from the lookup
-        raise NoMatchingOverloadError.new(var, func) if Protobuf.base_class.instance_methods.include?(func)
+        raise NoMatchingOverloadError.new(var, func) if Protobuf.base_class.method_defined?(func)
 
         # If e evaluates to a message and f is not declared in this message, the
         # runtime error no_such_field is raised.
@@ -274,16 +278,18 @@ module Cel
         var.cel_send(func, *args)
       when Literal
         # eliminate ruby API from the lookup
-        raise NoMatchingOverloadError.new(var, func) if Literal.instance_methods.include?(func)
+        raise NoMatchingOverloadError.new(var, func) if Literal.method_defined?(func)
 
         # If e evaluates to a message and f is not declared in this message, the
         # runtime error no_such_field is raised.
         raise NoSuchFieldError.new(var, func) unless var.respond_to?(func)
 
+        args ?
+        var.cel_send(func, *Array(args).map(&method(:call))) :
         var.cel_send(func)
       when Protobuf.base_class
         # eliminate protobuf API from the lookup
-        raise NoMatchingOverloadError.new(var, func) if Protobuf.base_class.instance_methods.include?(func)
+        raise NoMatchingOverloadError.new(var, func) if Protobuf.base_class.method_defined?(func)
 
         # If e evaluates to a message and f is not declared in this message, the
         # runtime error no_such_field is raised.
@@ -344,6 +350,12 @@ module Cel
       func = funcall.func
       args = funcall.args
 
+      unless Module.respond_to?(func)
+        @environment.implicit_extensions.each do |ext|
+          return ext.__send__(func, *args, program: self) if ext.respond_to?(func)
+        end
+      end
+
       case func
       when :type
         operand = args.first

data/lib/cel/version.rb

@@ -2,6 +2,6 @@
 
 module Cel
   module Ruby
-    VERSION = "0.4.1"
+    VERSION = "0.6.0"
   end
 end

data/lib/cel.rb

@@ -22,8 +22,7 @@ end
 
 begin
   require_relative "cel/ast/elements/protobuf"
-rescue LoadError => e
-  puts e
+rescue LoadError
   module Cel
     class << self
       # returns a struct class containing the attributes that one would
@@ -114,26 +113,27 @@ rescue LoadError => e
     module Protobuf
       module_function
 
-      BASE_CLASS = Class.new(Object)
+      class BaseClass < Object
+      end
 
       def base_class
         Struct
       end
 
       def enum_class
-        BASE_CLASS
+        BaseClass
       end
 
       def map_class
-        BASE_CLASS
+        BaseClass
       end
 
       def timestamp_class
-        BASE_CLASS
+        BaseClass
       end
 
       def duration_class
-        BASE_CLASS
+        BaseClass
       end
 
       def convert_to_proto(message_type, values)
@@ -255,16 +255,19 @@ module Cel
     end.join("::")
   end
 
-  # freeze constants to make cel ractor-friendly
-  Number.freeze
-  Bool.freeze
-  Null.freeze
-  String.freeze
-  Bytes.freeze
-  List.freeze
-  Map.freeze
-  Timestamp.freeze
-  Duration.freeze
-  Type.freeze
-  TYPES.each_value(&:freeze).freeze
+  def freeze
+    # freeze constants to make cel ractor-friendly
+    Number.freeze
+    Bool.freeze
+    Null.freeze
+    String.freeze
+    Bytes.freeze
+    List.freeze
+    Map.freeze
+    Timestamp.freeze
+    Duration.freeze
+    Type.freeze
+    TYPES.each_value(&:freeze).freeze
+    super
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cel
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Tiago Cardoso
@@ -109,6 +109,7 @@ files:
 - lib/cel/extensions/bind.rb
 - lib/cel/extensions/encoders.rb
 - lib/cel/extensions/math.rb
+- lib/cel/extensions/network.rb
 - lib/cel/extensions/string.rb
 - lib/cel/macro.rb
 - lib/cel/parser.rb