No-Eval¶
Sourcery rule id: no-eval
¶
Description¶
Never use eval()
Match¶
eval("throw 1")
Explanation¶
Using eval
opens your code up to serious security risks - it executes
code with the privileges of the caller, leading to all sorts of possible attacks.
It can also cause performance issues, preventing javascript minifiers and interpreters from making many efficiency gains.