@locker/eslint-plugin-unsafe-types/docs/rules/unsafe-implied-eval.md

Detect usage of unsigned unsafe types.

# Disallow the use of `eval()`-like methods (`@locker/unsafe-types/unsafe-implied-eval`)

<!-- end auto-generated rule header -->

Implied eval means passing a string to an API that has the ability to evaluate and run it.

## Rule Details

Find usages of implied eval in a codebase and signal when they are not signed using LWS API.
The rule imposes a specific way to sign. 
Any deviations, such as using computed member properties instead of the `.` notation, will be reported.

There are 2 ways to sign in Aura:

- if this is a component's code use: `A.lockerService.restricted.createScript`
- if this is platform code use: `A.lockerService.trusted.createScript`

Examples of **incorrect** code for this rule:

```js
setTimeout('foo');
setInterval('foo');
```

Examples of **correct** code for this rule:

```js
// Aura
setTimeout($A.lockerService.restricted.createScript('foo'));
setTimeoout($A.lockerService.restricted.createScript('foo'));
setInterval($A.lockerService.restricted.createScript('foo'));
setInterval($A.lockerService.restricted.createScript('foo'));

```

## When Not To Use It

When implied eval is not a concern in the codebase.

## Further Reading

Original no-eval rule [documentation](https://github.com/eslint/eslint/blob/main/docs/src/rules/no-implied-eval.md).
Original no-eval rule [source code](https://github.com/eslint/eslint/blob/main/lib/rules/no-implied-eval.js) and [tests](https://github.com/eslint/eslint/blob/main/tests/lib/rules/no-implied-eval.js).