-
-
Notifications
You must be signed in to change notification settings - Fork 133
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use of eval is strongly discouraged #112
Comments
The only way that a security issue could arise is if:
I'm not sure if there is another way to do what that engine does without eval since the purpose of the engine seems to be "evaluate javascript". I'll let @jonschlinkert comment further. |
@robertmassaioli is correct. This is an opt-in feature. I don’t see how anyone would be able to abuse this unless you intentionally let them. |
@autoferrit, I end up using Front-matter. |
Yea, that makes sense. Is there a configuration to be able to hide this? |
I installed gray-matter to use with svelte/sapper, and once I did, I started getting this error message in my console.
The app still seems to work. But is there a way I can silence this? Or is there a way to do the same thing without using eval? As using it definitely can be a security risk.
The text was updated successfully, but these errors were encountered: