- [ ] bug report -> please search issues before submitting - [x] feature request 

@angular/cli: 1.2.0 node: 8.1.0 os: darwin x64 @angular/animations: 4.2.5 @angular/common: 4.2.5 @angular/compiler: 4.2.5 @angular/core: 4.2.5 @angular/forms: 4.2.5 @angular/http: 4.2.5 @angular/platform-browser: 4.2.5 @angular/platform-browser-dynamic: 4.2.5 @angular/router: 4.2.5 @angular/cli: 1.2.0 @angular/compiler-cli: 4.2.5 @angular/language-service: 4.2.5 

$ ng build $ ./node_modules/.bin/web-ext lint -s dist Validation Summary: errors 0 notices 0 warnings 11 WARNINGS: Code Message Description File Line Column DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security polyfills.bundle.js 286 22 eval. vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security polyfills.bundle.js 850 71 eval. vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security polyfills.bundle.js 2397 11 eval. vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL eval can be harmful. Evaluation of strings as code can lead to security polyfills.bundle.js 2397 43 vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.bundle.js 2576 11 eval. vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL eval can be harmful. Evaluation of strings as code can lead to security vendor.bundle.js 2576 43 vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.bundle.js 36267 73 eval. vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.bundle.js 36273 17 eval. vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.bundle.js 36281 17 eval. vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' UNSAFE_VAR_ASSIGNMENT Unsafe assignment to innerHTML Due to both security and performance concerns, this may not vendor.bundle.js 50833 71 be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation. UNSAFE_VAR_ASSIGNMENT Unsafe assignment to innerHTML Due to both security and performance concerns, this may not vendor.bundle.js 50878 9 be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation. 

$ ng build --prod $ ./node_modules/.bin/web-ext lint -s dist Validation Summary: errors 0 notices 0 warnings 11 WARNINGS: Code Message Description File Line Column DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security polyfills.35d6fc6174fa08d451d6… 1 52746 eval. vulnerabilities and performance issues, even in the most .bundle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL eval can be harmful. Evaluation of strings as code can lead to security polyfills.35d6fc6174fa08d451d6… 1 52776 vulnerabilities and performance issues, even in the most .bundle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security polyfills.35d6fc6174fa08d451d6… 1 55491 eval. vulnerabilities and performance issues, even in the most .bundle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security polyfills.35d6fc6174fa08d451d6… 1 56434 eval. vulnerabilities and performance issues, even in the most .bundle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.7157c5dcd45d72de6187.bu… 1 54515 eval. vulnerabilities and performance issues, even in the most ndle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.7157c5dcd45d72de6187.bu… 1 54590 eval. vulnerabilities and performance issues, even in the most ndle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.7157c5dcd45d72de6187.bu… 1 54778 eval. vulnerabilities and performance issues, even in the most ndle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL The Function constructor is Evaluation of strings as code can lead to security vendor.7157c5dcd45d72de6187.bu… 1 127089 eval. vulnerabilities and performance issues, even in the most ndle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' DANGEROUS_EVAL eval can be harmful. Evaluation of strings as code can lead to security vendor.7157c5dcd45d72de6187.bu… 1 127119 vulnerabilities and performance issues, even in the most ndle.js innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible.' UNSAFE_VAR_ASSIGNMENT Unsafe assignment to innerHTML Due to both security and performance concerns, this may not vendor.7157c5dcd45d72de6187.bu… 1 141593 be set using dynamic values which have not been adequately ndle.js sanitized. This can lead to security issues or fairly serious performance degradation. UNSAFE_VAR_ASSIGNMENT Unsafe assignment to innerHTML Due to both security and performance concerns, this may not vendor.7157c5dcd45d72de6187.bu… 1 142070 be set using dynamic values which have not been adequately ndle.js sanitized. This can lead to security issues or fairly serious performance degradation.