{"id":15009434,"url":"https://github.com/lhelwerd/expression-parser","last_synced_at":"2025-11-17T03:40:34.396Z","repository":{"id":57427761,"uuid":"105862845","full_name":"lhelwerd/expression-parser","owner":"lhelwerd","description":"Python sandboxed expression parser","archived":false,"fork":false,"pushed_at":"2025-10-11T15:34:00.000Z","size":45,"stargazers_count":29,"open_issues_count":0,"forks_count":8,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-20T18:12:05.253Z","etag":null,"topics":["expression-parser","python-2-7","python-3-10","python-3-11","python-3-12","python-3-14","python-3-8","python-3-9","python3-13"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lhelwerd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-10-05T07:48:14.000Z","updated_at":"2025-10-11T15:41:47.000Z","dependencies_parsed_at":"2022-09-09T05:00:28.176Z","dependency_job_id":null,"html_url":"https://github.com/lhelwerd/expression-parser","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/lhelwerd/expression-parser","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lhelwerd%2Fexpression-parser","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lhelwerd%2Fexpression-parser/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lhelwerd%2Fexpression-parser/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lhelwerd%2Fexpression-parser/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lhelwerd","download_url":"https://codeload.github.com/lhelwerd/expression-parser/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lhelwerd%2Fexpression-parser/sbom","scorecard":{"id":587182,"data":{"date":"2025-08-11","repo":{"name":"github.com/lhelwerd/expression-parser","commit":"8982808176de933ae5accfdfc4515832a0e7b956"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/18 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-20T20:51:43.848Z","repository_id":57427761,"created_at":"2025-08-20T20:51:43.848Z","updated_at":"2025-08-20T20:51:43.848Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":284818574,"owners_count":27068110,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-17T02:00:06.431Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["expression-parser","python-2-7","python-3-10","python-3-11","python-3-12","python-3-14","python-3-8","python-3-9","python3-13"],"created_at":"2024-09-24T19:25:15.247Z","updated_at":"2025-11-17T03:40:34.391Z","avatar_url":"https://github.com/lhelwerd.png","language":"Python","readme":"# Python sandboxed expression parser\n\n[![PyPI](https://img.shields.io/pypi/v/expression-parser.svg)](https://pypi.python.org/pypi/expression-parser)\n[![PyPI Versions](https://img.shields.io/pypi/pyversions/expression-parser.svg)](https://pypi.python.org/pypi/expression-parser/#files)\n[![CI Status](https://github.com/lhelwerd/expression-parser/actions/workflows/ci.yml/badge.svg)](https://github.com/lhelwerd/expression-parser/actions/workflows/ci.yml)\n[![Coverage Status](https://coveralls.io/repos/github/lhelwerd/expression-parser/badge.svg?branch=master)](https://coveralls.io/github/lhelwerd/expression-parser?branch=master)\n\nThis parser calculates the results of a single simple expression,\ndisallowing any complicated functions or control structures, with support for\ncustom variable and function environment contexts.\n\n## Features\n\n- Support for all boolean, binary, unary, and comparative operators as in \n  Python itself, including short-circuiting and chained comparison logic.\n- Support for inline `if..else` expressions.\n- Support for assignments and augmented assignments like `+=`, only if enabled \n  explicitly.\n- All other control structures and multiple expressions are disallowed.\n- Isolation from execution context using a restricted scope.\n- Separate scope for variables and functions to avoid abusing one or the other.\n- Function calls must use direct names (function attributes and lambda \n  functions are rejected) and must not provide starred arguments.\n- Errors from parsing or evaluating the expression are raised as `SyntaxError` \n  with appropriate context parameters to make error display easier (works with \n  default traceback output).\n- A successful parse yields the result of the evaluated expression. Successful\n  assignments of variables are stored in a property `modified_variables`.\n  A separate property `used_variables` provides a set of variable names used in \n  the evaluation of the expression excluding the assignment targets.\n- Supports Python 2.7 and 3.6-3.14 AST syntax trees.\n- Python 3+ conventions are used whenever possible: Specifically, the division \n  operator `/` always returns floats instead of integers, and `True`, `False` \n  and `None` are reserved named constants and cannot be overridden through the \n  variable scope in any version.\n\nNot supported (often by design):\n\n- Functions or lambdas defined within the expression.\n- Control structures and other Python statements (`return`, `pass`, etc.).\n- Comprehensions and generators.\n- Multiple expressions or assignment targets in the same input string.\n- Function calls that have variable positional or keyword (starred) arguments.\n- Literals which are not integers, floats, or the named constants, nor any\n  subscripting or indexing. You can still inject other types of variables using \n  the context, and add specialized functions to interact with them.\n\n## Requirements\n\nThe expression parser has been tested to work on Python 2.7 and 3.8+. This \npackage has no other dependencies and works with only core Python modules.\n\n## Installation\n\nInstall the latest version from PyPI using:\n\n```bash\npip install expression-parser\n```\n\n## Functionality\n\nFirst, import the library:\n\n```python\nimport expression\n```\n\nNext, determine a variable and function scope. If you do not need any custom\nvariables and functions in your environment, you can skip this step. Otherwise,\ncreate two dictionaries, each containing string identifier names as keys and\neither variables or functions as values. For example, to create a scope with\na few mathematical constants and functions:\n\n```python\nimport math\nvariables = {\n    'pi': math.pi,\n    'e': math.e\n}\nfunctions = {\n    'log': math.log,\n    'log10': math.log10,\n    'exp': math.exp,\n    'pow': math.pow,\n    'sqrt': math.sqrt\n}\n```\n\nThen create the parser, either by simply calling it with no additional \narguments, such as `parser = expression.Expression_Parser()`, or by passing the \nscope along to it in dictionaries of values and functions, respectively:\n\n```python\nparser = expression.Expression_Parser(\n    variables=variables,\n    functions=functions,\n    assignment=bool(assignment)\n)\n```\n\nYou can also set a new dictionary for `variables`, and enable or disable \nparsing of assignments in the expression using `assignment`, after construction \nvia the properties of the created object.\n\nNow you can use this parser to evaluate any valid expression:\n\n```python\n\u003e\u003e print(parser.parse('1+2'))\n3\n\u003e\u003e print(parser.parse('pi \u003e 3'))\nTrue\n\u003e\u003e print(parser.parse('int(log(e))'))\n1\n```\n\n## Development\n\n- [GitHub Actions](https://github.com/lhelwerd/expression-parser/actions) is \n  used to run unit tests and report on coverage.\n- [Coveralls](https://coveralls.io/github/lhelwerd/expression-parser) receives \n  coverage reports and tracks them.\n- You can perform local lint checks, tests or coverage during development using \n  `make ruff`, `make pylint`, `make test` or `make coverage`, respectively.\n- We publish releases to [PyPI](https://pypi.python.org/pypi/expression-parser) \n  using `make release` which performs lint and unit test checks.\n\n## License\n\nThe expression parser library is licensed under the Apache 2.0 License.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flhelwerd%2Fexpression-parser","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flhelwerd%2Fexpression-parser","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flhelwerd%2Fexpression-parser/lists"}