On Tue, May 29, 2012 at 9:32 AM, Dominic Tarr <[email protected]> wrote: > eval isn't evil, but it has potential for evil. using eval in for > configuration files is not bad, because you know what they contain, > after all, you are editing them by hand.
If you ever release a package to npm that makes that assumption, then cross fingers and hope that nobody will ever write something from users into the configuration files without validation. To cross fingers is not reliable ;-) -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
