better-eval

🔧 better-eval

🚩 better-eval should not be used with code that could harm your application.

An alternative to eval() in JavaScript that is customizable and safer!

The eval function in JavaScript sucks, and there lacks alternatives that provide the same simplicity that the original eval function had. better-eval solves this problem by adressing the security and spped issues, while delivering the same easy-to-use API.

Why Better-Eval?

• 🕊 Small and Lightweight.
• ⚡ A simple and easy to use API.
• 🛠️ Easily customizable for your needs.
• ✅ Tested and Mantained.

Installation

npm install better-eval

Usage

First, import the package.

const betterEval = require("better-eval");

Then call the function with something you want to be evaluated:

betterEval("1+1"); // returns 2!

And its as simple as that! No variables from your context will be leaked to the function.

Passing Variables

Include any variables as part of an object which you pass in as the second parameter:

const name = "Sam";

betterEval("`Hey ${name}`", { name }); //returns 'Hey Sam'

You can also pass functions as a part of the second parameter, and evaluate them in your code:

const returnName = () => "Bob";

betterEval("`Hey ${returnName()}`", { returnName });

However, for your safety, usage of the Function constructor, eval function and require function are disabled, and will not be added to your variables.

betterEval("`Sum is ${eval('1+1')}`", { eval }); // eval is null!

Configuring the VM

If you want to have more control over the VM that runs your code, you can pass in an vmOptions parameter:

betterEval(
  "1+1", {},
  {
    fileName: "counting",
    lineOffset: 1,
  }
);

A complete list of options can be found here.

License

Better-Eval is MIT-licensed open-source software created by Bharadwaj Duggaraju.