Improve TypeScript/JS code evaluation security

[Dhaiwat10]

Is your feature request related to a problem? Please describe.
We are currently using eval to run the code. People strongly recommend against using it, though: Why is using the JavaScript eval function a bad idea?

Describe the solution you'd like
@jsjoeio has linked some great resources and proposed an interesting solution here: #39. quickjs-emscripten is the one that interests us the most.

We can adapt this approach for TS, too because what we are ultimately doing is running JS code.

[Rohithgilla12]

@kennethcassel I want to give it a try :D

[kennethcassel]

Go for it @Rohithgilla12!

[Rohithgilla12]

I tried
https://github.com/maple3142/wasm-jseval and quickjs-emscripten but not able to succeed, it would be great if anyone can help where to use what.
Thanks

[Dhaiwat10]

@Rohithgilla12 here: https://github.com/slipHQ/run-wasm/blob/main/src/RunWasmClient.ts#L109

[Rohithgilla12]

@Rohithgilla12 here: https://github.com/slipHQ/run-wasm/blob/main/src/RunWasmClient.ts#L109

Okay should I install the quickjs library using npm?

[Dhaiwat10]

We're using Yarn as our package manager so you should do yarn add <pkg> instead of npm i <pkg>.