[Chrome Extension] Uses eval for runtime codegenerations; don't be afraid of it

[Czino]

I found that in the context of Chrome extensions, the CSP is much stricter and does not allow and cannot be further relaxed

EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval'".

    at bakeCollection (bake-collection.ts:116:34)

Therefore this package cannot be used as a dependency if you want to develop Chrome Extensions, it looks like Google Devs are afraid of it. Furthermore, I encountered this error because tseep is used as a sub dependency.

[Morglod]

@Czino will add fallback to it

As a workaround for now it could be sandboxed or unsafe-eval in manifest

[Czino]

While developing it's no problem to lax the security policy but unsafe-eval is not a valid configuration in the manifest

Thank you for your consideration in regards to the fallback.

[Morglod]

@Czino

Just added new version, please check it.

Change is pretty simple (fallback may take more bundle size):

// from
import { EventEmitter } from "tseep";

// to
import { EventEmitter } from "tseep/lib/ee-safe";
import { EventEmitter } from "tseep/lib/fallback"; // auto switch if eval is restricted