This release adds two new primitives to the core:

• join
  • This allows converting an array to a string, using a specified deliminator.
• replace
  • This allows replacing the contents of a string with a regular-expression based search and a literal replacement value.

Both these primitives have full test-coverage, and seem useful. Beyond the addition of these primitives minor changes were made to resolve warnings/failures detected by an updated release of the golangci-lint tool.

This release mostly features only internal cleanups:

• We've changed to using the fuzz-testing which is available in the golang 1.18 release, rather than using the external go-fuzz utility.
  • This was implemented in #178.
• The linter we test our pull-requests with was updated to use golangci-lint, rather than the previous selection of tools.
  • This was implemented in #179

There were two new featuresadded:

• The implementation of a JSON interface to our objects, for those who embed our library
  • Reported in #173, and implemented in #174.
• Support for chained/nested if and else if statements.
  • Reported in #171, and implemented in #172.

v2.1.17

This release fixes a panic when reflection was used against a JSON object which contained a null value for a key. This was reported in #165, and resolved in #170.

After resolving this panic I was reminded we have the setup for running fuzz-testing so I ran the fuzzer for several hours and resolved the few parser issues it caught. (These new issues were all related to the recently added support for hash-access via the . operator.)

Although fuzzing is always somewhat random (by design!) I've been running it for several hours without any additional problems reported which is a reassuring thing:

2021/05/15 12:20:19 workers: 1, corpus: 1885 (1m49s ago), crashers: 0, restarts: 1/9999, execs: 60544462 (4680/sec), cover: 1898, uptime: 3h35m
2021/05/15 12:20:22 workers: 1, corpus: 1885 (1m52s ago), crashers: 0, restarts: 1/10000, execs: 60560974 (4680/sec), cover: 1898, uptime: 3h35m
2021/05/15 12:20:25 workers: 1, corpus: 1885 (1m55s ago), crashers: 0, restarts: 1/9999, execs: 60577329 (4681/sec), cover: 1898, uptime: 3h35m

v2.1.16

This release concentrates on stability and error-recovery:

• The same instance of the evalfilter object can now be used across goroutines
  • Reported in #166, implemented in #169.
• Any code, be it internal to the evaluator, or external in your built-in functions, which calls panic will now have that reported.
  • This was reported in #167, and resolved in #168.

These changes, combined, should improve our robustness. This release also features a new built-in function panic which can be used to test the recovery, or terminate your scripts with a specific error-value.

v2.1.15

This release contains a small number of changes, as well as the usual internal cleanups and reorganizations.

The following new primitives were added, and documented:

• between
• max
• min

We can now access nested hash-values, which is particularly useful when dealing with JSON objects. This can be achieved either via foo.bar.baz, or via the long-form which was previously supported (foo["bar"]["baz"]).

Finally it is now possible to use the underscore (_) character in identifiers, which is necessary if you're working upon fields with names containing that character.

Our test-coverage remains high (100% for the newly added features), and our reflection support was unified to ensure that the different kinds of input (struct vs. object) are both processed in the same manner. Some of our longer tests were broken down into smaller functions, to remove complexity but there were no real functional changes.

v2.1.14

This release features several new features and improvements, as well as the usual collection of bugfixes, and improvements to our internal codebase.

Once more testing has been a big focus, we now have ~99% test-coverage of our virtual-machine, and significantly improved coverage of other areas in our package.

New features include:

• Support for hash-objects, in addition to the existing datatypes we support.
  • Hashes are defined as you would expect:
    • a = { "Name": "Steve", "Alive": true }
  • Hashes can be indexed, and iterated over
    • printf("%s\n", a["Name"]);
    • foreach key, value in a { printf("Key %s Value %s\n", key, value ); }
  • Example script available at _examples/scripts/hashes.script
• Regular expressions were promoted to first-class objects.
  • Which means when dumping bytecode they are identified as regular-expressions rather than strings.
  • There are no actual changes to functionality though.
• It is no longer a fatal error if a script doesn't end with a return statement.
  • The caller will receive &object.Void{} in that case.
  • If you're running as a filter you can decide what you want that to mean.
• Errors from the parser will now contain more accurate line/column numbers.
  • Several new parser-errors will be identified more cleanly.
    • Only the initial error will be reported by default, because later errors are often bogus.
• We gained support for case/switch statements.
  • These are similar to C-like switch expressions, but we use blocks to avoid any potential bugs with fall-through behaviour.
  • Example script available at _examples/scripts/switch.script

v2.1.13

The major new feature in this release is the ability to create functions inside the scripts that the engine executes. For example it is now possible to write:

   // Sum the values in the provided array
   function sum(array) {
      local total;
      total = 0;

      foreach val in array {
         total += val;
      }

      return( total );
   }

   printf("Sum of 1-100 is %d\n", sum(1..100));
   return sum(1..100) == 5050;

In this example you can see several new things demonstrated:

• The definition of a new function, complete with a named argument, via the function .. block.
  • Note that functions don't need to be defined before they're used.
• The use of the local keyword. This binds the variable to the local scope.
  • Without that you'd have a new global variable named total.
• The use of the new mutator operation +=.

The addition of functions required many small changes throughout the codebase, and as a result of that our test-coverage was improved significantly to give confidence nothing was broken in the process. (There is still room for additional test-coverage, and that will be worked upon going forward.)

As minor features mutator-operations were added (+=, -=, *= and /=), as demonstrated above, and the keyword for was added as a synonym for while.

A bugfix was made to the way that evalfilter-arrays are exported to Golang values, bounds-checking was added to the runtime virtual machine to guard against panics when executing untrusted bytecode. (Executing user-provided scripts is safe, as a result of the sanity-checks and error-detection in the lexer, parser, and evaluator. It is never expected that you'll process untrusted bytecode - but adding sanity-checks is still a useful thing to do.)

Finally the new built-in function getenv was added, allowing scripts to read the contents of environmental variables.

As a consequence of supporting user-defined functions the output of the bytecode subcommand in the standalone evalfilter binary was altered - The standalone executable also gained support for integrated TAB-completion (for bash).

v2.1.12

This release makes some minor changes and improvements to our library, but nothing hugely significant:

• We support the use of a context.Context to implement timeouts when executing scripts.
  • Reported in #127, implemented in #128.
• The handling of numbers as conditionals was improved; negative numbers are not "true".
  • Reported in #125, implemented in #126.
• Handling of variable-scoping was improved for our foreach iteration support.
  • Reported in #123, implemented in #124.

Finally we've included a simple webassembly demo, which involves compiling our library to WASM and executing it in a browser. Find it beneath _examples/wasm.

v2.1.11

This release contains a number of changes to the scripting-language available to consumers of the library, largely as a result of my use of the evalfilter-library in a simple application for scripting the manipulation of Google Gmail labels.

The language as a whole benefits from increasing usage, as it points out shortcomings that might otherwise not be apparent. In my case this largely revolved around the pain of iterating over arrays manually with a for-loop.

A brief summary of changes in this release:

• Implement the ability to iterate over arrays via the new foreach primitive.
  • Reported in #103, implemented in #105.
• Allow creating arrays of integers via 1..10
  • Reported in #107, implemented in #108
• Allow external functions added to the scripting environment to return "void".
  • This means that no return value will be available to the caller.
  • This fixes #86 and #106 - and was implemented in #109.
• Implemented some new built-in functions:
  • sort() - reported in #104, implemented in #110.
  • reverse() - reported in #104, implemented in #110.
  • split() - reported in #111, implemented in #122.
• Add support for the postfix ++ and -- operations.
  • Reported in #114, implemented in #115.
• Allow iterating over the characters in a string, just like array iteration.
  • Reported in #113, implemented in #117.
• Fixed bug: The optimizer could cause infinite loops when scripts didn't finish with a return statement
  • Reported in #119, fixed in #120.
• Fixed bug: String-indexing was broken for multibyte characters
  • Reported in #118, fixed in #121
• Fixed bug: Our parser was updated to avoid crashing on bogus input.
  • These were discovered as a result of fuzz-testing
    • Sample input which caused crashes included 0+foreach+0(), and !foreach%0().

v2.1.10

Once again this release features on minor improvements to the code structure, layout, and internal organization.

There have been new features in the release though, most notably:

• The introduction of the ternary statement #99:
  • e.g. "field = Subject ? Subject : Title"
• The reorganisation of the examples, beneath _examples/ handled in #102.
  • This now contains a couple of example scripts, as well as the examples showing how the evaluation-engine / scripting language can be embedded in your host application.
• The regular expression support was improved in #98
  • It is now possible to escape characters via \, and only valid flags are accepted
  • (We use /i for ignoring-case, and /m for multi-line matches.)
• Our opcode implementation was improved a little, via #100
• We gained two new built-in functions sprintf and printf, via #101.

v2.1.9

This release concentrated upon making more internal cleanups:

• Shuffling the implementation of our code into different files/places
• Improving test-coverage, rewording comments.

The documentation has been overhauled:

• The top-level README.md, BYTECODE.md, and the new cmd/evalfilter/README.md files have all been trimmed and reworked for readability.

The library itself gained a new top-level method Execute, which allows the actual return value to be returned from your user-script - rather than just the pass/fail binary result which the Run method implements.

The optimizer was improved to remove more code, in the event that conditionals were provably false, and significant cleanup was made in the implementation of the optimizer to avoid repetition.

These cleanups and tweaks were largely as a result of looking at "the competition", because it seems crazy to avoid looking at similar and related projects. I tracked some brief notes about other solutions in #90.

Finally we've added the built-in functions now() and time() which are useful when working with time-based fields.

v2.1.8

This release adds a new -debug flag to the evalfilter run .. subcommand, to allow tracing bytecode operations as they happen - including a display of the stack-state as every instruction is executing. This was reported in #86, and implemented in #87.

We also gained the ability to work with time.Time values, in the struct/map objects we're executed against, as reported in #88 and implemented in #89

Finally we made a couple of removals of dead/historic code which is not called/visible to users.

v2.1.7

This release adds the new in keyword, which allows you to test whether an array contains a specified value.

You could previously have done this like so:

staff = [ "Alice", "Bob", "Chris", "David", "Edward", "Fiona", "Georgette" ];
i = 0;
while( i < len(staff) ) {
    if ( Name == staff[i] ) {
        print("Message from staff-member " , Name, " ignoring\n" );
        return true;
    }
    i = i + 1
}
return false;

But it is much simpler to use the new method:

staff = [ "Alice", "Bob", "Chris", "David", "Edward", "Fiona", "Georgette" ];

return( Name in Staff );

This was reported in #84, and implemented in #85.

I ran fuzz-testing against the compiler, and evaluator, for a couple of days which resulted in a bunch of small commits to resolve issues which had been identified. These are visible in #79, perhaps the most significant was that I'd failed to prohibit/detect division by zero.

v2.1.6

Shortly after the previous release I noticed a problem with the optimizer, generating broken code in some situations:

• If a jump operation pointed to an opcode which had been optimized away
  • i.e. Replaced by an OpNop opcode
• Then the target of the jump was not updated correctly.
  • Instead it defaulted to 0x0000.
  • Causing an infinite loop

This was reported and fixed via #82.

v2.1.5

This release brings several new fixes to the codebase, as well as new features:

• The built-in functions have moved to the environment package #71
  • This is a more natural place for them to live.
• The optimization code has been simplified #72
  • And improved to avoid making mistakes, #75
• Arrays are now supported as a native type #77
  • Including in the examination of user-supplied maps/interfaces/structures
• The language now has support for while-loops as well as if-statements #80

The use of arrays and while-loops is demonstrated in the updated "on-call example":

• cmd/evalfilter/on-call.script

v2.1.4

This release improves the speed of the virtual machine which implements the bytecode which the user-script is compiled into. It does this by introducing a new step in the operation of our interpreter:

• Parse the user-supplied script, and generate bytecode instructions.
• Optimize the generated bytecode.
• Run the bytecode.
  • Optionally the same instance may be Run() multiple times against new objects/maps.

The optimization was described in this blog post and may be examined via the cmd/evalfilter binary.

The optimizer is enabled by default so you can see the result via the bytecode subcommand:

  $ evalfilter bytecode  input.txt

If you wish you can disable the optimizer:

  $ evalfilter bytecode  -no-optimizer input.txt

Or watch the distinct steps being executed:

  $ evalfilter bytecode  -show-optimizer input.txt

v2.1.3

This release improves our internal codebase, fixing several long-standing linter warnings which have now been resolves. (For example renaming package-constants from being CamelCase.)

We've updated the bytecode generation to optimize the case where an if expression had no else clause, as noted in #58, added regular expressions as a first-class object (almost!) in #56. Other than that the public-facing go-doc documentation was enhanced in #55 and removed references to outdated features/code in our README.md file.

v2.1.2

This release just updates our module import-paths to contain /v2 everywhere. There are no functional changes.

v2.1.1

This release updated our module to explicitly give ourselves a /v2 version.

NOTE: This wasn't sufficient to allow pinning to the v2x.x release by users, so v2.1.2 was made shortly afterward to update our usage of internal paths.

v2.1.0

This release focuses upon improving our correctness, and making our engine faster.

• We eat the cost of running reflection only once each time we run in #44
  • By parsing all structure/object/map fields the first time one is accessed.
• We added go vet to our testing-pipeline in #49.
  • Which lead to some minor fixes.
• Profiling also lead to the use of a static cache for all regular-expression objects in #51
  • Along with the removal of some dead-code.
• We added test 100% coverage of our built-in functions in #52
• We documented our bytecode, and we improved our go-doc documention.

v2.0.0

This release features a breaking API change, which has forced us to bump the major-version.

This release features a major rework or our internals:

• Previously we parsed the source given to us into an AST.
• We then walked the AST, evaluating as we went.

Now we do something different:

• We parse the source given to us into an AST.
• We then walk the AST, to generate a series of bytecode operations.
• Finally when the script is run we execute the bytecode operations in a simple virtual machine.

This new approach has some additional overhead when we're performing our setup, but if the script is reused even one time then that overhead pays off; because running the virtual machine is super-fast compared to walking the AST tree.

All the tests and examples have been updated, but to update you just need to call the Prepare() method, after New() and before Run().

v1.5.2

This release is aimed at making our benchmark results a little faster, as noted in #32, by short-circuiting if we can the || and && operators.

In short we can skip evaluating b in the following case if a is false:

a && b

Similarly if a is true we can skip b:

a || b

v1.5.1

This release improves the parser to change the precedence of && and ||. This was identified in #31, and resolved in #33

v1.5.0

This release was issued in error, before merging a pull-request rather than after. Rather than reuse the release ID, or delete it, I'll leave it in-place.

v1.4.0

This release updates our utility command, cmd/evalfilter such that it can now dump the AST generated by parsing a program. This is useful when looking for syntax-errors, or investigating problems identified by fuzz-testing.

Otherwise I've added three new mathematical operators:

• % - Modulus
• √ - Square root
• ** - Power

These work as you'd expect if ( √9 == 3 ) { print("Mathematics is fun\n"); }

The final update in this release is the addition of a GetVariable method which mirrors the SetVariable already present. Using this new function you can run a script and retrieve any variables which the script has created/updated. This can be useful for passing state in both directions between a host-application and a user-written script.

v1.3.0

This release is a minor update to v1.2.0, making minor changes to the documentation and adding three new built-in functions which scripts may call:

• lower(field|string)
  • Return a lower-case version of the given string, or object/structure value.
• type(field|object)
  • Return the type of a given field from the given object-structure, or the given object.
• upper(field|string)
  • Return a lower-case version of the given string, or object/structure value.

These are useful for user-scripts.

v1.2.0

This release adds the new built-in function match which allows a regular expression to be tested against a string, or field.

You can make a regular expression case-insensitive via the (?i) prefix:

if ( match( Name, "(?i)^steve$" ) ) {
    print( "Steve is present\n");
} else {
   print( "Steve is not present.\n");
}

Note that the string/field passed to this function will be split by any present newline-characters, and each piece matched separately. This allows "^" and "$" to work in a natural fashion.

v1.1.0

This is a minor update which improves the use of functions in conditional-tests. This means that the following works as you would expect:

if ( Function() ) { print("OK\n"); }

Where Function() is a user-implemented function, added by a host application. Specifically the test passes if the function returns a non-empty string, a non-zero number, or a boolean true-result.

There have been several fixes to the parser to avoid infinite loops when parsing malformed input:

• Unterminated string-literals are handled correctly.
• return statements without a trailing semi-colon are reported correctly.

These issues were identified via the use of fuzz-testing, and using a fuzz-tester against the code is now documented in FUZZING.md.

release-1.0.0

This is the first stable release, having recently had most of the internals replaced and overhauled I'm happy to commit to keepign the user-facing API stable:

• This mostly means the evalfilter package.
• But also includes the object-package which is used in the implementation of user-added golang functions.

The code is stable under load, and has been running in production reacting to thousands of incoming Slack messages, so while there might be issues the system as a whole does what I need it to do:

• Dynamically choose which events are worthy of special-action.
• Via the use of simple human-readable & editable scripts, rather than golang code.