eval (PGH001)

Derived from the pygrep-hooks linter.

Warning: This rule has been removed and its documentation is only available for historical reasons.

Removed

This rule is identical to S307 which should be used instead.

What it does

Checks for uses of the builtin eval() function.

Why is this bad?

The eval() function is insecure as it enables arbitrary code execution.

Example

def foo():
    x = eval(input("Enter a number: "))
    ...

Use instead:

def foo():
    x = input("Enter a number: ")
    ...

References

• Python documentation: eval
• Eval really is dangerous by Ned Batchelder