@memberjunction/global 2.74.0 → 2.76.0

package/dist/SafeExpressionEvaluator.d.ts

@@ -0,0 +1,141 @@
+/**
+ * @fileoverview Safe expression evaluator for conditional logic in MemberJunction.
+ *
+ * This module provides a secure way to evaluate boolean expressions against
+ * context objects without allowing arbitrary code execution. It supports
+ * dot notation for nested property access and common comparison operations.
+ *
+ * @module @memberjunction/global
+ * @author MemberJunction.com
+ * @since 2.76.0
+ */
+/**
+ * Result of expression evaluation including success status and diagnostics
+ */
+export interface ExpressionEvaluationResult {
+    success: boolean;
+    value?: boolean;
+    error?: string;
+    diagnostics?: {
+        expression: string;
+        context: Record<string, any>;
+        evaluationTime: number;
+    };
+}
+/**
+ * Safe expression evaluator that prevents arbitrary code execution while
+ * supporting common boolean expressions and property access patterns.
+ *
+ * Supported operations:
+ * - Comparison: ==, ===, !=, !==, <, >, <=, >=
+ * - Logical: &&, ||, !
+ * - Property access: dot notation (e.g., payload.customer.name)
+ * - Array access: bracket notation (e.g., items[0])
+ * - Safe methods: .length, .includes(), .startsWith(), .endsWith()
+ * - Array methods: .some(), .every(), .find(), .filter()
+ * - Type checking: typeof, instanceof (limited to safe types)
+ *
+ * @class SafeExpressionEvaluator
+ *
+ * @example
+ * ```typescript
+ * const evaluator = new SafeExpressionEvaluator();
+ *
+ * // Simple comparison
+ * const result1 = evaluator.evaluate(
+ *   "status == 'active'",
+ *   { status: 'active' }
+ * );
+ *
+ * // Nested property access
+ * const result2 = evaluator.evaluate(
+ *   "payload.customer.tier == 'premium' && payload.order.total > 1000",
+ *   { payload: { customer: { tier: 'premium' }, order: { total: 1500 } } }
+ * );
+ *
+ * // Array methods
+ * const result3 = evaluator.evaluate(
+ *   "items.some(item => item.price > 100)",
+ *   { items: [{ price: 50 }, { price: 150 }] }
+ * );
+ * ```
+ */
+export declare class SafeExpressionEvaluator {
+    /**
+     * Patterns that indicate potentially dangerous code
+     * @private
+     */
+    private static readonly DANGEROUS_PATTERNS;
+    /**
+     * Safe methods that can be called on objects
+     * @private
+     */
+    private static readonly SAFE_METHODS;
+    /**
+     * Evaluates a boolean expression against a context object
+     *
+     * @param {string} expression - The boolean expression to evaluate
+     * @param {Record<string, any>} context - The context object containing variables
+     * @param {boolean} [enableDiagnostics=false] - Whether to include diagnostic information
+     *
+     * @returns {ExpressionEvaluationResult} The evaluation result
+     */
+    evaluate(expression: string, context: Record<string, any>, enableDiagnostics?: boolean): ExpressionEvaluationResult;
+    /**
+     * Validates an expression for safety
+     *
+     * @param {string} expression - The expression to validate
+     *
+     * @returns {string | null} Error message if invalid, null if valid
+     *
+     * @private
+     */
+    private validateExpression;
+    /**
+     * Creates a safe context object with only allowed properties
+     *
+     * @param {Record<string, any>} context - The original context
+     *
+     * @returns {Record<string, any>} The safe context
+     *
+     * @private
+     */
+    private createSafeContext;
+    /**
+     * Checks if a property name is potentially dangerous
+     *
+     * @param {string} name - The property name
+     *
+     * @returns {boolean} True if dangerous
+     *
+     * @private
+     */
+    private isDangerousPropertyName;
+    /**
+     * Safely clones a value for use in evaluation context
+     *
+     * @param {any} value - The value to clone
+     *
+     * @returns {any} The cloned value
+     *
+     * @private
+     */
+    private cloneValue;
+    /**
+     * Evaluates multiple expressions and returns all results
+     *
+     * @param {Array<{expression: string, name?: string}>} expressions - Array of expressions to evaluate
+     * @param {Record<string, any>} context - The context object
+     *
+     * @returns {Record<string, ExpressionEvaluationResult>} Map of results by name or index
+     */
+    evaluateMultiple(expressions: Array<{
+        expression: string;
+        name?: string;
+    }>, context: Record<string, any>): Record<string, ExpressionEvaluationResult>;
+}
+/**
+ * Default instance for convenience
+ */
+export declare const defaultExpressionEvaluator: SafeExpressionEvaluator;
+//# sourceMappingURL=SafeExpressionEvaluator.d.ts.map

package/dist/SafeExpressionEvaluator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SafeExpressionEvaluator.d.ts","sourceRoot":"","sources":["../src/SafeExpressionEvaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACvC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE;QACV,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC7B,cAAc,EAAE,MAAM,CAAC;KAC1B,CAAC;CACL;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AACH,qBAAa,uBAAuB;IAChC;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CA4BxC;IAEF;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAoBlC;IAEF;;;;;;;;OAQG;IACI,QAAQ,CACX,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC5B,iBAAiB,GAAE,OAAe,GACnC,0BAA0B;IA8D7B;;;;;;;;OAQG;IACH,OAAO,CAAC,kBAAkB;IAgC1B;;;;;;;;OAQG;IACH,OAAO,CAAC,iBAAiB;IAiBzB;;;;;;;;OAQG;IACH,OAAO,CAAC,uBAAuB;IAW/B;;;;;;;;OAQG;IACH,OAAO,CAAC,UAAU;IAqClB;;;;;;;OAOG;IACI,gBAAgB,CACnB,WAAW,EAAE,KAAK,CAAC;QAAC,UAAU,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAC,CAAC,EACvD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAC7B,MAAM,CAAC,MAAM,EAAE,0BAA0B,CAAC;CAUhD;AAED;;GAEG;AACH,eAAO,MAAM,0BAA0B,yBAAgC,CAAC"}

package/dist/SafeExpressionEvaluator.js

@@ -0,0 +1,316 @@
+"use strict";
+/**
+ * @fileoverview Safe expression evaluator for conditional logic in MemberJunction.
+ *
+ * This module provides a secure way to evaluate boolean expressions against
+ * context objects without allowing arbitrary code execution. It supports
+ * dot notation for nested property access and common comparison operations.
+ *
+ * @module @memberjunction/global
+ * @author MemberJunction.com
+ * @since 2.76.0
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultExpressionEvaluator = exports.SafeExpressionEvaluator = void 0;
+/**
+ * Safe expression evaluator that prevents arbitrary code execution while
+ * supporting common boolean expressions and property access patterns.
+ *
+ * Supported operations:
+ * - Comparison: ==, ===, !=, !==, <, >, <=, >=
+ * - Logical: &&, ||, !
+ * - Property access: dot notation (e.g., payload.customer.name)
+ * - Array access: bracket notation (e.g., items[0])
+ * - Safe methods: .length, .includes(), .startsWith(), .endsWith()
+ * - Array methods: .some(), .every(), .find(), .filter()
+ * - Type checking: typeof, instanceof (limited to safe types)
+ *
+ * @class SafeExpressionEvaluator
+ *
+ * @example
+ * ```typescript
+ * const evaluator = new SafeExpressionEvaluator();
+ *
+ * // Simple comparison
+ * const result1 = evaluator.evaluate(
+ *   "status == 'active'",
+ *   { status: 'active' }
+ * );
+ *
+ * // Nested property access
+ * const result2 = evaluator.evaluate(
+ *   "payload.customer.tier == 'premium' && payload.order.total > 1000",
+ *   { payload: { customer: { tier: 'premium' }, order: { total: 1500 } } }
+ * );
+ *
+ * // Array methods
+ * const result3 = evaluator.evaluate(
+ *   "items.some(item => item.price > 100)",
+ *   { items: [{ price: 50 }, { price: 150 }] }
+ * );
+ * ```
+ */
+class SafeExpressionEvaluator {
+    /**
+     * Evaluates a boolean expression against a context object
+     *
+     * @param {string} expression - The boolean expression to evaluate
+     * @param {Record<string, any>} context - The context object containing variables
+     * @param {boolean} [enableDiagnostics=false] - Whether to include diagnostic information
+     *
+     * @returns {ExpressionEvaluationResult} The evaluation result
+     */
+    evaluate(expression, context, enableDiagnostics = false) {
+        const startTime = Date.now();
+        try {
+            // Validate expression safety
+            const validationError = this.validateExpression(expression);
+            if (validationError) {
+                return {
+                    success: false,
+                    error: validationError,
+                    diagnostics: enableDiagnostics ? {
+                        expression,
+                        context,
+                        evaluationTime: Date.now() - startTime
+                    } : undefined
+                };
+            }
+            // Prepare safe context
+            const safeContext = this.createSafeContext(context);
+            // Create evaluation function
+            const contextKeys = Object.keys(safeContext);
+            const contextValues = contextKeys.map(key => safeContext[key]);
+            // Build function body with strict mode
+            const functionBody = `
+                "use strict";
+                try {
+                    return Boolean(${expression});
+                } catch (e) {
+                    throw new Error('Expression evaluation failed: ' + e.message);
+                }
+            `;
+            // Create and execute function
+            const evaluator = new Function(...contextKeys, functionBody);
+            const result = evaluator(...contextValues);
+            return {
+                success: true,
+                value: Boolean(result),
+                diagnostics: enableDiagnostics ? {
+                    expression,
+                    context,
+                    evaluationTime: Date.now() - startTime
+                } : undefined
+            };
+        }
+        catch (error) {
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+                diagnostics: enableDiagnostics ? {
+                    expression,
+                    context,
+                    evaluationTime: Date.now() - startTime
+                } : undefined
+            };
+        }
+    }
+    /**
+     * Validates an expression for safety
+     *
+     * @param {string} expression - The expression to validate
+     *
+     * @returns {string | null} Error message if invalid, null if valid
+     *
+     * @private
+     */
+    validateExpression(expression) {
+        if (!expression || typeof expression !== 'string') {
+            return 'Expression must be a non-empty string';
+        }
+        if (expression.length > 1000) {
+            return 'Expression exceeds maximum length of 1000 characters';
+        }
+        // Check for dangerous patterns
+        for (const pattern of SafeExpressionEvaluator.DANGEROUS_PATTERNS) {
+            if (pattern.test(expression)) {
+                return `Expression contains forbidden construct: ${pattern.source}`;
+            }
+        }
+        // Basic syntax validation - ensure balanced parentheses
+        let parenCount = 0;
+        for (const char of expression) {
+            if (char === '(')
+                parenCount++;
+            if (char === ')')
+                parenCount--;
+            if (parenCount < 0) {
+                return 'Unbalanced parentheses in expression';
+            }
+        }
+        if (parenCount !== 0) {
+            return 'Unbalanced parentheses in expression';
+        }
+        return null;
+    }
+    /**
+     * Creates a safe context object with only allowed properties
+     *
+     * @param {Record<string, any>} context - The original context
+     *
+     * @returns {Record<string, any>} The safe context
+     *
+     * @private
+     */
+    createSafeContext(context) {
+        // Deep clone to prevent modifications to original
+        const safeContext = {};
+        for (const [key, value] of Object.entries(context)) {
+            // Skip dangerous property names
+            if (this.isDangerousPropertyName(key)) {
+                continue;
+            }
+            // Clone value safely
+            safeContext[key] = this.cloneValue(value);
+        }
+        return safeContext;
+    }
+    /**
+     * Checks if a property name is potentially dangerous
+     *
+     * @param {string} name - The property name
+     *
+     * @returns {boolean} True if dangerous
+     *
+     * @private
+     */
+    isDangerousPropertyName(name) {
+        const dangerous = [
+            '__proto__',
+            'constructor',
+            'prototype',
+            'eval',
+            'Function'
+        ];
+        return dangerous.includes(name);
+    }
+    /**
+     * Safely clones a value for use in evaluation context
+     *
+     * @param {any} value - The value to clone
+     *
+     * @returns {any} The cloned value
+     *
+     * @private
+     */
+    cloneValue(value) {
+        if (value === null || value === undefined) {
+            return value;
+        }
+        const type = typeof value;
+        // Primitives are safe
+        if (type === 'string' || type === 'number' || type === 'boolean') {
+            return value;
+        }
+        // Arrays
+        if (Array.isArray(value)) {
+            return value.map(item => this.cloneValue(item));
+        }
+        // Plain objects
+        if (type === 'object' && value.constructor === Object) {
+            const cloned = {};
+            for (const [key, val] of Object.entries(value)) {
+                if (!this.isDangerousPropertyName(key)) {
+                    cloned[key] = this.cloneValue(val);
+                }
+            }
+            return cloned;
+        }
+        // Dates
+        if (value instanceof Date) {
+            return new Date(value);
+        }
+        // For other types, return a safe representation
+        return String(value);
+    }
+    /**
+     * Evaluates multiple expressions and returns all results
+     *
+     * @param {Array<{expression: string, name?: string}>} expressions - Array of expressions to evaluate
+     * @param {Record<string, any>} context - The context object
+     *
+     * @returns {Record<string, ExpressionEvaluationResult>} Map of results by name or index
+     */
+    evaluateMultiple(expressions, context) {
+        const results = {};
+        expressions.forEach((expr, index) => {
+            const key = expr.name || `expression_${index}`;
+            results[key] = this.evaluate(expr.expression, context);
+        });
+        return results;
+    }
+}
+exports.SafeExpressionEvaluator = SafeExpressionEvaluator;
+/**
+ * Patterns that indicate potentially dangerous code
+ * @private
+ */
+SafeExpressionEvaluator.DANGEROUS_PATTERNS = [
+    /\beval\s*\(/i,
+    /\bnew\s+Function/i,
+    /\bFunction\s*\(/i,
+    /\bimport\s+/i,
+    /\brequire\s*\(/i,
+    /\bprocess\./i,
+    /\bglobal\./i,
+    /\bwindow\./i,
+    /\bdocument\./i,
+    /\b__proto__\b/i,
+    /\bconstructor\b/i,
+    /\bprototype\b/i,
+    /\.\s*constructor/i,
+    /\bthis\b/,
+    /\bawait\b/i,
+    /\basync\b/i,
+    /\bclass\b/i,
+    /\bextends\b/i,
+    /\bthrow\b/i,
+    /\btry\b/i,
+    /\bcatch\b/i,
+    /\bfinally\b/i,
+    /;/, // No semicolons to prevent multiple statements
+    /{/, // No curly braces to prevent code blocks
+    /}/, // No curly braces
+    /`/, // No template literals
+    /\$\{/, // No template expressions
+];
+/**
+ * Safe methods that can be called on objects
+ * @private
+ */
+SafeExpressionEvaluator.SAFE_METHODS = [
+    'length',
+    'includes',
+    'startsWith',
+    'endsWith',
+    'indexOf',
+    'lastIndexOf',
+    'toLowerCase',
+    'toUpperCase',
+    'trim',
+    'trimStart',
+    'trimEnd',
+    'toString',
+    'valueOf',
+    'some',
+    'every',
+    'find',
+    'filter',
+    'map',
+    'reduce'
+];
+/**
+ * Default instance for convenience
+ */
+exports.defaultExpressionEvaluator = new SafeExpressionEvaluator();
+//# sourceMappingURL=SafeExpressionEvaluator.js.map

package/dist/SafeExpressionEvaluator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SafeExpressionEvaluator.js","sourceRoot":"","sources":["../src/SafeExpressionEvaluator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;AAgBH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AACH,MAAa,uBAAuB;IA6DhC;;;;;;;;OAQG;IACI,QAAQ,CACX,UAAkB,EAClB,OAA4B,EAC5B,oBAA6B,KAAK;QAElC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACD,6BAA6B;YAC7B,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YAC5D,IAAI,eAAe,EAAE,CAAC;gBAClB,OAAO;oBACH,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,eAAe;oBACtB,WAAW,EAAE,iBAAiB,CAAC,CAAC,CAAC;wBAC7B,UAAU;wBACV,OAAO;wBACP,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;qBACzC,CAAC,CAAC,CAAC,SAAS;iBAChB,CAAC;YACN,CAAC;YAED,uBAAuB;YACvB,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAEpD,6BAA6B;YAC7B,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC7C,MAAM,aAAa,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;YAE/D,uCAAuC;YACvC,MAAM,YAAY,GAAG;;;qCAGI,UAAU;;;;aAIlC,CAAC;YAEF,8BAA8B;YAC9B,MAAM,SAAS,GAAG,IAAI,QAAQ,CAAC,GAAG,WAAW,EAAE,YAAY,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,aAAa,CAAC,CAAC;YAE3C,OAAO;gBACH,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC;gBACtB,WAAW,EAAE,iBAAiB,CAAC,CAAC,CAAC;oBAC7B,UAAU;oBACV,OAAO;oBACP,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;iBACzC,CAAC,CAAC,CAAC,SAAS;aAChB,CAAC;QAEN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO;gBACH,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC7D,WAAW,EAAE,iBAAiB,CAAC,CAAC,CAAC;oBAC7B,UAAU;oBACV,OAAO;oBACP,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;iBACzC,CAAC,CAAC,CAAC,SAAS;aAChB,CAAC;QACN,CAAC;IACL,CAAC;IAED;;;;;;;;OAQG;IACK,kBAAkB,CAAC,UAAkB;QACzC,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAChD,OAAO,uCAAuC,CAAC;QACnD,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,GAAG,IAAI,EAAE,CAAC;YAC3B,OAAO,sDAAsD,CAAC;QAClE,CAAC;QAED,+BAA+B;QAC/B,KAAK,MAAM,OAAO,IAAI,uBAAuB,CAAC,kBAAkB,EAAE,CAAC;YAC/D,IAAI,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC3B,OAAO,4CAA4C,OAAO,CAAC,MAAM,EAAE,CAAC;YACxE,CAAC;QACL,CAAC;QAED,wDAAwD;QACxD,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;YAC5B,IAAI,IAAI,KAAK,GAAG;gBAAE,UAAU,EAAE,CAAC;YAC/B,IAAI,IAAI,KAAK,GAAG;gBAAE,UAAU,EAAE,CAAC;YAC/B,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;gBACjB,OAAO,sCAAsC,CAAC;YAClD,CAAC;QACL,CAAC;QACD,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;YACnB,OAAO,sCAAsC,CAAC;QAClD,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;;;;;;OAQG;IACK,iBAAiB,CAAC,OAA4B;QAClD,kDAAkD;QAClD,MAAM,WAAW,GAAwB,EAAE,CAAC;QAE5C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACjD,gCAAgC;YAChC,IAAI,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpC,SAAS;YACb,CAAC;YAED,qBAAqB;YACrB,WAAW,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,WAAW,CAAC;IACvB,CAAC;IAED;;;;;;;;OAQG;IACK,uBAAuB,CAAC,IAAY;QACxC,MAAM,SAAS,GAAG;YACd,WAAW;YACX,aAAa;YACb,WAAW;YACX,MAAM;YACN,UAAU;SACb,CAAC;QACF,OAAO,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAED;;;;;;;;OAQG;IACK,UAAU,CAAC,KAAU;QACzB,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,MAAM,IAAI,GAAG,OAAO,KAAK,CAAC;QAE1B,sBAAsB;QACtB,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/D,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,SAAS;QACT,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QACpD,CAAC;QAED,gBAAgB;QAChB,IAAI,IAAI,KAAK,QAAQ,IAAI,KAAK,CAAC,WAAW,KAAK,MAAM,EAAE,CAAC;YACpD,MAAM,MAAM,GAAwB,EAAE,CAAC;YACvC,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC7C,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,EAAE,CAAC;oBACrC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBACvC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;QAED,QAAQ;QACR,IAAI,KAAK,YAAY,IAAI,EAAE,CAAC;YACxB,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC;QAED,gDAAgD;QAChD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IAED;;;;;;;OAOG;IACI,gBAAgB,CACnB,WAAuD,EACvD,OAA4B;QAE5B,MAAM,OAAO,GAA+C,EAAE,CAAC;QAE/D,WAAW,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAChC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,cAAc,KAAK,EAAE,CAAC;YAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACnB,CAAC;;AAjSL,0DAkSC;AAjSG;;;GAGG;AACqB,0CAAkB,GAAG;IACzC,cAAc;IACd,mBAAmB;IACnB,kBAAkB;IAClB,cAAc;IACd,iBAAiB;IACjB,cAAc;IACd,aAAa;IACb,aAAa;IACb,eAAe;IACf,gBAAgB;IAChB,kBAAkB;IAClB,gBAAgB;IAChB,mBAAmB;IACnB,UAAU;IACV,YAAY;IACZ,YAAY;IACZ,YAAY;IACZ,cAAc;IACd,YAAY;IACZ,UAAU;IACV,YAAY;IACZ,cAAc;IACd,GAAG,EAAE,+CAA+C;IACpD,GAAG,EAAE,yCAAyC;IAC9C,GAAG,EAAE,kBAAkB;IACvB,GAAG,EAAE,uBAAuB;IAC5B,MAAM,EAAE,0BAA0B;CACrC,CAAC;AAEF;;;GAGG;AACqB,oCAAY,GAAG;IACnC,QAAQ;IACR,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,aAAa;IACb,aAAa;IACb,aAAa;IACb,MAAM;IACN,WAAW;IACX,SAAS;IACT,UAAU;IACV,SAAS;IACT,MAAM;IACN,OAAO;IACP,MAAM;IACN,QAAQ;IACR,KAAK;IACL,QAAQ;CACX,CAAC;AAyON;;GAEG;AACU,QAAA,0BAA0B,GAAG,IAAI,uBAAuB,EAAE,CAAC"}

package/dist/index.d.ts

@@ -8,6 +8,7 @@ export * from './ClassUtils';
 export * from './util/PatternUtils';
 export * from './ValidationTypes';
 export * from './JSONValidator';
+export * from './SafeExpressionEvaluator';
 export * from './Global';
 export * from './RegisterClass';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAChE,cAAc,aAAa,CAAA;AAC3B,cAAc,QAAQ,CAAA;AACtB,cAAc,eAAe,CAAA;AAC7B,cAAc,iBAAiB,CAAA;AAC/B,cAAc,YAAY,CAAA;AAC1B,cAAc,cAAc,CAAA;AAC5B,cAAc,qBAAqB,CAAC;AACpC,cAAc,mBAAmB,CAAA;AACjC,cAAc,iBAAiB,CAAA;AAG/B,cAAc,UAAU,CAAA;AACxB,cAAc,iBAAiB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAChE,cAAc,aAAa,CAAA;AAC3B,cAAc,QAAQ,CAAA;AACtB,cAAc,eAAe,CAAA;AAC7B,cAAc,iBAAiB,CAAA;AAC/B,cAAc,YAAY,CAAA;AAC1B,cAAc,cAAc,CAAA;AAC5B,cAAc,qBAAqB,CAAC;AACpC,cAAc,mBAAmB,CAAA;AACjC,cAAc,iBAAiB,CAAA;AAC/B,cAAc,2BAA2B,CAAA;AAGzC,cAAc,UAAU,CAAA;AACxB,cAAc,iBAAiB,CAAA"}

package/dist/index.js

@@ -28,6 +28,7 @@ __exportStar(require("./ClassUtils"), exports);
 __exportStar(require("./util/PatternUtils"), exports);
 __exportStar(require("./ValidationTypes"), exports);
 __exportStar(require("./JSONValidator"), exports);
+__exportStar(require("./SafeExpressionEvaluator"), exports);
 // Export the main classes
 __exportStar(require("./Global"), exports);
 __exportStar(require("./RegisterClass"), exports);

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,iCAAiC;AACjC,+CAAgE;AAAvD,4GAAA,YAAY,OAAA;AAAE,iHAAA,iBAAiB,OAAA;AACxC,8CAA2B;AAC3B,yCAAsB;AACtB,gDAA6B;AAC7B,kDAA+B;AAC/B,6CAA0B;AAC1B,+CAA4B;AAC5B,sDAAoC;AACpC,oDAAiC;AACjC,kDAA+B;AAE/B,0BAA0B;AAC1B,2CAAwB;AACxB,kDAA+B"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,iCAAiC;AACjC,+CAAgE;AAAvD,4GAAA,YAAY,OAAA;AAAE,iHAAA,iBAAiB,OAAA;AACxC,8CAA2B;AAC3B,yCAAsB;AACtB,gDAA6B;AAC7B,kDAA+B;AAC/B,6CAA0B;AAC1B,+CAA4B;AAC5B,sDAAoC;AACpC,oDAAiC;AACjC,kDAA+B;AAC/B,4DAAyC;AAEzC,0BAA0B;AAC1B,2CAAwB;AACxB,kDAA+B"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@memberjunction/global",
-  "version": "2.74.0",
+  "version": "2.76.0",
   "description": "MemberJunction: Global Object - Needed for ALL other MJ components",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/readme.md

@@ -650,6 +650,165 @@ const html = ConvertMarkdownStringToHtmlList('Unordered', '- Item 1\n- Item 2\n-
 // Returns: <ul><li>Item 1</li><li>Item 2</li><li>Item 3</li></ul>
 ```
 
+### Safe Expression Evaluator
+
+Secure boolean expression evaluation for conditional logic without allowing arbitrary code execution:
+
+```typescript
+import { SafeExpressionEvaluator } from '@memberjunction/global';
+
+// Create evaluator instance
+const evaluator = new SafeExpressionEvaluator();
+
+// Simple comparisons
+const result1 = evaluator.evaluate(
+  "status == 'active' && score > 80",
+  { status: 'active', score: 95 }
+);
+console.log(result1.success); // true
+console.log(result1.value);   // true
+
+// Nested property access with dot notation
+const result2 = evaluator.evaluate(
+  "user.role == 'admin' && user.permissions.includes('write')",
+  { 
+    user: { 
+      role: 'admin', 
+      permissions: ['read', 'write', 'delete'] 
+    } 
+  }
+);
+console.log(result2.value); // true
+
+// Array methods and complex conditions
+const result3 = evaluator.evaluate(
+  "items.some(item => item.price > 100) && items.length >= 2",
+  { 
+    items: [
+      { name: 'Item 1', price: 50 },
+      { name: 'Item 2', price: 150 }
+    ] 
+  }
+);
+console.log(result3.value); // true
+
+// Error handling for invalid expressions
+const result4 = evaluator.evaluate(
+  "eval('malicious code')", // Dangerous patterns are blocked
+  { data: 'test' }
+);
+console.log(result4.success); // false
+console.log(result4.error);   // "Expression contains forbidden construct: /\beval\s*\(/i"
+
+// With diagnostics enabled
+const result5 = evaluator.evaluate(
+  "payload.status == 'complete'",
+  { payload: { status: 'complete' } },
+  true // Enable diagnostics
+);
+console.log(result5.diagnostics);
+// {
+//   expression: "payload.status == 'complete'",
+//   context: { payload: { status: 'complete' } },
+//   evaluationTime: 2
+// }
+```
+
+#### Supported Operations
+
+**Comparison Operators:**
+- `==`, `===`, `!=`, `!==`
+- `<`, `>`, `<=`, `>=`
+
+**Logical Operators:**
+- `&&`, `||`, `!`
+
+**Property Access:**
+- Dot notation: `object.property.nested`
+- Array access: `array[0]`, `array[index]`
+
+**Safe Methods:**
+- String: `.length`, `.includes()`, `.startsWith()`, `.endsWith()`, `.toLowerCase()`, `.toUpperCase()`, `.trim()`
+- Array: `.length`, `.includes()`, `.some()`, `.every()`, `.find()`, `.filter()`, `.map()`
+- Type checking: `typeof`, limited `instanceof`
+
+**Type Coercion:**
+- `Boolean(value)`
+- String concatenation with `+`
+
+#### Security Features
+
+The evaluator blocks dangerous patterns including:
+- `eval()`, `Function()`, `new Function()`
+- `require()`, `import` statements
+- Access to `global`, `window`, `document`, `process`
+- Template literals and string interpolation
+- Code blocks with `{}` and `;`
+- `this` keyword usage
+- `constructor`, `prototype`, `__proto__` access
+
+#### Use Cases
+
+1. **Workflow Conditions:**
+```typescript
+// Evaluate workflow paths
+const canProceed = evaluator.evaluate(
+  "order.status == 'approved' && order.total < budget",
+  { order: { status: 'approved', total: 500 }, budget: 1000 }
+).value;
+```
+
+2. **Feature Flags:**
+```typescript
+// Check feature availability
+const featureEnabled = evaluator.evaluate(
+  "user.tier == 'premium' || user.roles.includes('beta')",
+  { user: { tier: 'standard', roles: ['beta', 'tester'] } }
+).value;
+```
+
+3. **Validation Rules:**
+```typescript
+// Dynamic validation
+const isValid = evaluator.evaluate(
+  "form.password.length >= 8 && form.password != form.username",
+  { form: { username: 'john', password: 'secretpass123' } }
+).value;
+```
+
+4. **Agent Decision Logic:**
+```typescript
+// AI agent path selection
+const shouldDelegate = evaluator.evaluate(
+  "confidence < 0.7 || taskComplexity > 8",
+  { confidence: 0.6, taskComplexity: 5 }
+).value;
+```
+
+#### Batch Evaluation
+
+Evaluate multiple expressions at once:
+
+```typescript
+const results = evaluator.evaluateMultiple([
+  { expression: "status == 'active'", name: 'isActive' },
+  { expression: "score > threshold", name: 'passedThreshold' },
+  { expression: "tags.includes('priority')", name: 'isPriority' }
+], {
+  status: 'active',
+  score: 85,
+  threshold: 80,
+  tags: ['urgent', 'priority']
+});
+
+// Results:
+// {
+//   isActive: { success: true, value: true },
+//   passedThreshold: { success: true, value: true },
+//   isPriority: { success: true, value: true }
+// }
+```
+
 ### Pattern Matching Utilities
 
 Convert string patterns to RegExp objects with support for simple wildcards and full regex syntax: