warning about "Use of eval"

LottieFiles / lottie-player

Lottie viewer/player as an easy to use web component! https://lottiefiles.com/web-player

MIT License

1.56k stars 180 forks source link

warning about "Use of eval" #217

Closed rjwalters closed 1 year ago

rjwalters commented 1 year ago

I see the following warning in my build:

Use of eval in "node_modules/@lottiefiles/lottie-player/dist/lottie-player.esm.js" is strongly discouraged as it poses security risks and may cause issues with minification

Is this something I should be concerned about?

fedyk commented 1 year ago

This eval seems to be a part of airbnb/lottie-web package.

At first glance, it looks like legit usage. I'd appreciate it if someone checked this as well.

samuelOsborne commented 1 year ago

Hi @fedyk @rjwalters Its part of the lottie-web package.

If you dont want expression support and want to get rid of the warning, please use the dotlottie-player (supports .json and .lottie) with the "light" prop. Cheers!