A linter that disallows any code that uses eval in any form seems like a good st... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		IneffablePigeon 6 days ago \| parent \| context \| favorite \| on: Supply-chain attack using invisible code hits GitH... A linter that disallows any code that uses eval in any form seems like a good start to me.

		help

sigseg1v 6 days ago [–]

What about for languages that allow pretty much anything in identifiers or variables. JS for example. Or bash. Don't need eval to do anything crazy there.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact