It is taught in every computer science class and written in many books that programmers should not use GoTo. There is even an xkcd comic about it. My question is have we reached a point where the same thing can be said about Eval?
Where GoTo is not conductive for program flow and readability, Eval is the same for debugging, and program execution, and design.
Should using Eval have the same stigma as GoTo, and same consequences as in the xkcd comic?
May be eval hasn't reached the levels of criticism that GoTo reached, but certainly its deprecated!
It's only a matter of time before someone publishes a "Eval considered Evil" article!
Eval has some fairly serious security concerns; if there's any chance untrusted or user-supplied input can end up in an eval, it's vulnerable.
Jslint will warn about usage of eval() in js code run through it.
If anything, it should carry more stigma.
GoTo often creates code that's difficult to maintain. Eval often creates code with security vulnerabilities - that's worse.
"Exploits of a Mom" indirectly covers eval - malicious code is run by the system due to lack of proper checking.