No-Eval

Sourcery rule id: no-eval

Description

Never use eval()

Match

eval("throw 1")

Explanation

Using eval opens your code up to serious security risks - it executes code with the privileges of the caller, leading to all sorts of possible attacks.

It can also cause performance issues, preventing javascript minifiers and interpreters from making many efficiency gains.