🔧 better-eval
🚩 better-eval should not be used with code that could harm your application.
An alternative to eval()
in JavaScript that is customizable and safer!
The eval function in JavaScript sucks, and there lacks alternatives that provide the same simplicity that the original eval function had. better-eval solves this problem by adressing the security and spped issues, while delivering the same easy-to-use API.
Why Better-Eval?
- 🕊 Small and Lightweight.
- ⚡ A simple and easy to use API.
- 🛠️ Easily customizable for your needs.
- ✅ Tested and Mantained.
Installation
npm install better-eval
Usage
First, import the package.
const betterEval = require("better-eval");
Then call the function with something you want to be evaluated:
betterEval("1+1");
And its as simple as that! No variables from your context will be leaked to the function.
Passing Variables
Include any variables as part of an object which you pass in as the second parameter:
const name = "Sam";
betterEval("`Hey ${name}`", { name });
You can also pass functions as a part of the second parameter, and evaluate them in your code:
const returnName = () => "Bob";
betterEval("`Hey ${returnName()}`", { returnName });
However, for your safety, usage of the Function
constructor, eval
function and require
function are disabled, and will not be added to your variables.
betterEval("`Sum is ${eval('1+1')}`", { eval });
Configuring the VM
If you want to have more control over the VM that runs your code, you can pass in an vmOptions
parameter:
betterEval(
"1+1", {},
{
fileName: "counting",
lineOffset: 1,
}
);
A complete list of options can be found here.
License
Better-Eval is MIT-licensed open-source software created by Bharadwaj Duggaraju.