When trying to (privately) submit the extension, the general tests fail with 3 warnings of the following kind:
The Function constructor is eval.
eval can be harmful.
For every warning, the following details are given:
Evaluation of strings as code can lead to security vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using 'eval' and the 'Function' constructor when at all possible.'
Because of these issues found by the validation process, the submission of the extension could be rejected
because this makes the extension non-compliant with the CSP
This problem is caused by webpack using several eval's and/or function constructors during the bundling process.
This is a well known problem within the webpack community.
Several, if not all, solutions from the above mentioned issue, as well as other issues/threads, have been tried and implemented, but none so far have resulted in the absolute absence of eval's and/or function constructors within the webpack output and therefore a successful CSP validation.
When trying to (privately) submit the extension, the general tests fail with 3 warnings of the following kind:
The Function constructor is eval.eval can be harmful.For every warning, the following details are given:
Evaluation of strings as code can lead to security vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using 'eval' and the 'Function' constructor when at all possible.'Because of these issues found by the validation process, the submission of the extension could be rejected because this makes the extension non-compliant with the CSP
This problem is caused by webpack using several eval's and/or function constructors during the bundling process.
This is a well known problem within the webpack community. Several, if not all, solutions from the above mentioned issue, as well as other issues/threads, have been tried and implemented, but none so far have resulted in the absolute absence of eval's and/or function constructors within the webpack output and therefore a successful CSP validation.