1. 21

    Evaluating your own code can still be very useful. Some examples include: interpreting JSON data

    Nooooooope. No. No. No.

    While I generally agree with this article, I strongly disagree with everything said about eval- which wasn’t much. Code should never be passed around as string-ly typed data. Not to parse JSON, not to evaluate HTML templates, not to handle mathematical expressions, and… if you need to use eval to detect whether or not a feature is available, how can you use that feature in your code later anyway?

    1. 4

      The example is pretty bad..

      But I’m not sure I understand complaining about eval existing in interpreted languages as a feature.

      1. 2

        I got great utility out of eval just today. In 8 lines of python, I wrote a local testing system for aws lambda/gce compute functions/azure function code. The program reads in argv, with each argument being http_route:file_path:handler_func_in_file, slurps in each file, then attaches the handler func to a flask route. This program saves me enormous effort of deploying code to a cloud provider before knowing if some basic functionality works. My productivity increased dramatically because of eval. You can black label anything you want, but you’re just shooting yourself in the foot.

        1. 4

          You don’t need to use eval for that. You can access globals with strings, which is far safer.

          1. 2

            safety has 0 priority for this use case. it’s lube on the machine that spits out the hard fast product, not the hard fast product itself. your abstractions sit on top of a mountain of mis-aligned interfaces that do things far more evil than eval. they are ready for abuse without much trouble. s/eval// doesn’t keep you safe.

            1. 2

              Safety has 0 priority, if and only if, this script is disposable. If I intend to use this more than once, I want to write something that isn’t going to hose my entire environment.

        2. 2

          Agreed. Language-theoretic security and ‘data as code’ is applicable here.

          1. 2

            if you need to use eval to detect whether or not a feature is available, how can you use that feature in your code later anyway?

            By using a fallback to that feature. Though, truth be told, you should probably just be using that fallback anyway in the first place.

            1. 1

              if you need to use eval to detect whether or not a feature is available, how can you use that feature in your code later anyway?

              Two cases that come to mind:

              1. lazy loading of additional modules (JS), you might get code size gains with some features and might want to load the smaller code if possible
              2. for statistical purposes, to know what your users’ browsers support
            1. 2

              https://lobste.rs/s/lavxmk/other_kind_javascript_fatigue

              EDIT: wait, you are posting this again? Why? Instead of repeatedly bumping the same post, maybe write an interesting followup? It has been three months.

              1. 1

                Sorry I’m new here, how do you bump a post?

                1. 1

                  In this case, fwg meant “don’t post the same thing again”. It is possible that you forgot you had posted it already (three months ago)? No harm done, but please be aware and avoid that in future.

                  As fwg suggests, if your goal was to foster discussion, it would have been appropriate to write something else offering a new perspective on the same general subject, and post that, because that would have been material that hadn’t already been on Lobsters.

              1. 1

                Richard Stallman envisioned open source as an environment where people shared their code and other people would improve on it and this would gradually drive progress in the software world in more ways than a closed source environment ever could.

                No, he didn’t. This is intended as a bit of historical context, but it’s incorrect and shitty to characterize rms' free software advocacy this way.

                1. 1

                  Um, which part is incorrect, exactly? Just to get the record straight.

                  1. 1

                    Richard Stallman is for free software, not “open source” software. He recommends people avoid the term. There are other things wrong with the statement but all in all it is a vastly inaccurate oversimplification.