Many programmers say it is a bad practice to use the eval() function:
When is JavaScript's eval() not evil?
I’d like to take a moment to address the premise of your question – that eval() is “evil”…
Buggy evaled code can violate security properties just as easily as buggy source code…
There are a number of ways that your security may be compromised…
Is there ever a good reason to use eval()?
Yes – when there is no other way to accomplish the given task with a reasonable level of clarity… This eliminates 99% of cases where eval is used…
Why is eval unsafe in javascript?
The danger of eval only rears its ugly head when you are serving a script written by alice to user bob for bob’s browser to eval…
So why does it exist in the first place?
Because sometimes there is a need. All the same reasons for/against using
evalin JavaScript can likely be shared with the use of reflection in Java, for example.However, I agree with everything you quoted in your question. Many reasons for using it are ill-advised, and best done differently – but sometimes, there is still a need, or it is simply the “best choice” over other available alternatives. (I’d focus on the answers to Is there ever a good reason to use eval()? for additional reasons.)
+1 to your question for good research.