static-eval
Advanced tools
Comparing version 0.1.1 to 0.2.0
@@ -0,1 +1,3 @@ | ||
var unparse = require('escodegen').generate; | ||
module.exports = function (ast, vars) { | ||
@@ -100,2 +102,5 @@ if (!vars) vars = {}; | ||
} | ||
else if (node.type === 'FunctionExpression') { | ||
return Function('return ' + unparse(node))(); | ||
} | ||
else return FAIL; | ||
@@ -102,0 +107,0 @@ })(ast); |
{ | ||
"name": "static-eval", | ||
"version": "0.1.1", | ||
"version": "0.2.0", | ||
"description": "evaluate statically-analyzable expressions", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
9547
162
1