peopleconnectus / brie Goto Github PK
View Code? Open in Web Editor NEWBusiness Rules Integration Engine
License: MIT License
Business Rules Integration Engine
License: MIT License
We list nested key support for is
, but has
does not properly support traits pointing to nested keys. For instance:
let data = {
ua: {
os: {
name: 'Mac OS',
version: '10.11.6'
}
}
};
let flagsIn = {
"isMac": {
"criteria" : [
{
"has": {
"trait": "ua.os.name",
"comparison": "equals",
"value": "Mac OS"
}
}
]
}
};
The current identification of traits does not allow for nested keys, and fails:
brie:criteria Evaluation data has trait (ua.os.name)? false +0ms
We should add support for nested trait keys, which would allow for more flexibility in data and criteria.
in addition to equals
, above
, below
, please add a validation method for "between", such that
"criteria": [
{
"has": {
"trait": "hasNumberValue",
"comparison": "between",
"start": 1,
"end": 10
}
}
]
},
This would cut improve on the compound criteria that includes an "above" and a "below" with an "all" match.
Travis-CI integration, please.
needs some 2020 coding practices applied.
SEMVER WARNING: Recommended action is a potentially breaking change
Concern | Detail |
---|---|
Low | Regular Expression Denial of Service |
Package | debug |
Dependency of | mocha [dev] |
Path | mocha > debug |
More info | https://nodesecurity.io/advisories/534 |
Concern | Detail |
---|---|
Critical | Command Injection |
Package | growl |
Dependency of | mocha [dev] |
Path | mocha > growl |
More info | https://nodesecurity.io/advisories/146 |
Concern | Detail |
---|---|
Low | Prototype Pollution |
Package | lodash |
Dependency of | lodash |
Path | lodash |
More info | https://nodesecurity.io/advisories/577 |
SEMVER WARNING: Recommended action is a potentially breaking change
Concern | Detail |
---|---|
Low | Regular Expression Denial of Service |
Package | debug |
Dependency of | debug |
Path | debug |
More info | https://nodesecurity.io/advisories/534 |
Concern | Detail |
---|---|
Low | Prototype Pollution |
Package | lodash |
Dependency of | mocha-eslint |
Path | mocha-eslint > eslint > inquirer > lodash |
More info | https://nodesecurity.io/advisories/577 |
Concern | Detail |
---|---|
Low | Prototype Pollution |
Package | lodash |
Dependency of | mocha-eslint |
Path | mocha-eslint > eslint > lodash |
More info | https://nodesecurity.io/advisories/577 |
Concern | Detail |
---|---|
Low | Prototype Pollution |
Package | lodash |
Dependency of | mocha-eslint |
Path | mocha-eslint > eslint > table > lodash |
More info | https://nodesecurity.io/advisories/577 |
Concern | Detail |
---|---|
Low | Regular Expression Denial of Service |
Package | debug |
Dependency of | mocha-eslint |
Path | mocha-eslint > eslint > debug |
More info | https://nodesecurity.io/advisories/534 |
There are several instances of debug using multiple :
to try and prefix debug logs (for instance brie:criteria:has
) further than one level. Unfortunately this does not work, resulting in no logs at all.
https://github.com/visionmedia/debug#conventions
While it would be nice to be able to filter using multiple levels of prefixes, debug doesn't support this usage. We should remove all instances of multi-level prefixing, and replace it with a strategy of using underscores instead: brie:criteria_has
.
SEMVER WARNING: Recommended action is a potentially breaking change
Low | Prototype Polution |
---|---|
Package | minimist |
Dependency of | mocha [dev] |
Path | mocha > mkdirp > minimist |
More info | https://npmjs.com/advisories/1179 |
Fix the build. Travis is failing at NVM install command because node version 8.6.13 is not available. Upgrade to non-specific
lts/*
Given a data object like
{
id: 1234567,
importantDateValue: '12-12-2022'
}
and given a criteria value like
"isNewerThanImportantDate": {
"criteria": [
{
"has": {
"trait": "importantDateValue",
"comparison": "younger",
"value": "12-01-2022"
}
}
]
}
Expected result should be true
since the human-readable dates are different and since the data object date of December 12 is newer than the comparison date of December 1.
Note:
new Date('12-12-2022') ==> Mon Dec 12 2022 00:00:00 GMT-0800 (Pacific Standard Time)
new Date('12-Dec-2022') ==> Mon Dec 12 2022 00:00:00 GMT-0800 (Pacific Standard Time)
new Date('12/12/2022') ==> Mon Dec 12 2022 00:00:00 GMT-0800 (Pacific Standard Time)
new Date('12.12.22') ==> Mon Dec 12 2022 00:00:00 GMT-0800 (Pacific Standard Time)
Date comparison strings could be try'd before comparison. Since younger
and older
are limited to Date access, some pre-validation could be implemented.
Most packages are safe from vulnerabilities, if out-of-date. GitHub have alerted us to a known security vulnerability:
Dependency | Vul. Notes |
---|---|
visionmedia / debug | Known security vulnerability in 2.6.0 |
gotwarlost / istanbul | ^ 0.4.5 |
lodash / lodash | 4.15.0 |
mochajs / mocha | ^ 3.2.0 |
BadgeLabs / mocha-eslint | ^ 3.0.1 |
Pls. update dependencies and correct vulnerabilities.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.