new Func() in globalize dist folder #943
Description
After installing globalize package, in node_modules/globalize/dist/globalize/message.js, we saw new Func() expression. This causes unsafe-eval issue.
Our app has dependency of relative-time package, relative-time package is internally called globalize which is exporting all modules such as date, currency, message, etc.. Then, we saw globalize/dist/globalize/message.js file contains below code snippet with new Func():
if (typeof messages == 'string') { var f = new Function( 'number, plural, select, pluralFuncs, fmt', 'return ' + compileMsg(this, messages)); return f(this.runtime.number, this.runtime.plural, this.runtime.select, this.runtime.pluralFuncs, this.runtime.fmt); }
We are not using message feature at all, so wondering if you can fix this, otherwise please let us know if there is any workaround for it, thanks.