Thanks @panzi for rebuilding the test system and removing Gulp as a dev dependency.
The operations object could be exploited to run arbitrary code. Resolves SNYK-JS-JSONLOGICJS-674308, thanks Arel Cordero for reporting.
Major version bump because we're removing the method operation. The NPM advisory 1542 shows that an attacker can supply a JsonLogic rule that will execute arbitrary code in the client of anyone who executes that rule with any data.
Cleaned up JsonLogic's behavior when the data parameter is not an object, especially when it's falsy. Resolves PRs 88 and 89, but more importantly makes the var operator more resilient.