Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Determine Syntax, allowable data types, and allowable operations #686

Open
3 tasks
Tracked by #313
christophertubbs opened this issue Jul 31, 2024 · 0 comments
Open
3 tasks
Tracked by #313

Determine Syntax, allowable data types, and allowable operations #686

christophertubbs opened this issue Jul 31, 2024 · 0 comments

Comments

@christophertubbs
Copy link
Contributor

christophertubbs commented Jul 31, 2024
edited
Loading

Syntax, data types, and operations need to be determined for expressions.

The first stab at syntax was:

{
    "key": "{{expression }}"
}

This indicates that expressions will be found in strings matching the regex (?<=")\s*\{\{\s*(?<expression>.+)\s*\}\}\s*(?="), or any string value starting with any amount of whitespace, encountering "{{" without space between, any amount of whitespace, any characters up to any amount of whitespace followed by "}}", any amount of whitespace until the end of the string, all on one line. The characters that are followed by whitespace prior to "}}" will be a group named 'expression'. For the match of " {{ 28 }}", the value "28" may be reference by the name "expression". There might need to be a check to ensure that there are no \n characters within the expression named group.

The key requirements for syntax are:

  • The "expression" group is easy to separate from the indicator for an expression string
  • The expression string itself needs to be json serializable and deserializable (meaning no unquoted strings)
  • The string itself must use strictly uncommon delimiters such as "{{...}}" or "$(...)". There must be a near-zero risk of confusion between an expression and a real value

Environment variables are questionable. They may become very handy, though they may reveal a security risk as it might allow for the querying of sensitive variables such as passwords

Data types are mostly obvious:

  • Booleans
  • Strings
  • Floats
  • Ints

What is not obvious, but needed are datetimes and timedeltas. What is not obvious, either, are how to represent them. Any early stab at indicating a timedelta was via timedelta(hours=1). It looks reasonable, but also looks like a function call and this should in no way be able to invoke code as it may reveal a vital security flaw. Something like any pattern matching the iso-8601 standard for durations (PT1H for example) might work to indicate a duration. The regex for that might be r"\s*(?<=P)(?P<days>\d+D)?(T(?P<hours>\d+H)?(?P<minutes>\d+M)?(?P<seconds>\d+S)?)?". We can only support days, minutes, and seconds for a duration/timedelta. We also need to be able to indicate that what looks like a duration isn't one. Something like casting like STRING PT1H might be enough to indicate that everything following STRING is a string and not to be interpreted as anything else.

Operations should be fairly straight forward unless a use case for something else is determined. We probably only need to handle addition, subtraction, multiplication, division, and possibly modulus.

The door should be left over for nested expressions, but is too large for the given scope.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@christophertubbs