Use of eval is strongly discouraged.

[metr-o]

cosmos-signer seems to use a library cosmjs-types (and other imported library's in this repo) which are using protobufjs which is importing a library quire using eval instead of importing it normally.

deficonnect-monorepo/packages/cosmos-signer/package.json

Line 51 in e097228

"cosmjs-types": "^0.5.0"

Is another issue directly opened on the mentioned packages repo.
protobufjs/protobuf.js#1754

While the implementation of eval from protobufjs may not be too problematic security wise it's causing a warning on build time by rollup which could obfuscate another eval call that is introduced by another library (that could be a threat) when a user has also imported your package.

https://rollupjs.org/guide/en/#avoiding-eval

[AntiMoron]

support me, protobufjs/protobuf.js#1941