[Linting Rule] Problematic Eval

This document was generated from 'src/documentation/wiki-linter.ts' on 2026-04-03, 10:07:23 UTC presenting an overview of flowR's linter (v2.10.2). Please do not edit this file/wiki page directly.

Problematic eval ^[overview]

This rule is a best-effort rule.

Detects uses of eval-like functions whose inputs are not statically constant. Prints the computed input-sources for the eval and flags usages that depend on non-constant/trusted inputs.
This linting rule is implemented in src/linter/rules/problematic-eval.ts.

Configuration

Linting rules can be configured by passing a configuration object to the linter query as shown in the example below. The problematic-eval rule accepts the following configuration options:

• considerAsEval
  All calls that should be considered to be valid eval entry points, this will be interpreted as a Regex!

Examples

function(x) {
	eval(x)
}

The linting query can be used to run this rule on the above example:

[ { "type": "linter",   "rules": [ { "name": "problematic-eval",     "config": {} } ] } ]

Results (prettified and summarized):

Query: linter (1 ms)
   ╰ Problematic eval (problematic-eval):
       ╰ certain:
           ╰ Use of eval-like function at 3.2-8; inputs: 5 (type: [param], trace: pure)
       ╰ Metadata: searchTimeMs: 0, processTimeMs: 1
All queries together required ≈1 ms (1ms accuracy, total 1 ms)

Show Detailed Results as Json

The analysis required 1.2 ms (including parsing and normalization and the query) within the generation environment.

In general, the JSON contains the Ids of the nodes in question as they are present in the normalized AST or the dataflow graph of flowR. Please consult the Interface wiki page for more information on how to get those.

{
  "linter": {
    "results": {
      "problematic-eval": {
        "results": [
          {
            "involvedId": 7,
            "certainty": "certain",
            "loc": [
              3,
              2,
              3,
              8
            ],
            "sources": [
              {
                "id": 5,
                "type": [
                  "param"
                ],
                "trace": "pure"
              }
            ]
          }
        ],
        ".meta": {
          "searchTimeMs": 0,
          "processTimeMs": 1
        }
      }
    },
    ".meta": {
      "timing": 1
    }
  },
  ".meta": {
    "timing": 1
  }
}

Additional Examples

These examples are synthesized from the test cases in: test/functionality/linter/lint-problematic-eval.test.ts

Test Case: const-eval

Given the following input:

eval(parse(text="x"))

We expect the linter to report the following:

* no lints

See here for the test-case implementation.

Test Case: unknown eval

Given the following input:

eval(parse(text=x))

We expect the linter to report the following:

			certainty: LintingResultCertainty.Uncertain,
loc:       SourceRange.from(1, 1, 1, 19),
sources:   [{ id: 5, trace: InputTraceType.Known, type: [InputType.Unknown, InputType.DerivedConstant] }]

See here for the test-case implementation.