Calling the constructor directly can create functions dynamically
const obj = new Function()();
Suffers from security and similar (but far less significant) performance issues as eval().
eval() is a bigger security riskExecuting JavaScript from a string is a security risk.
It's easy for a bad actor to run arbitrary code using eval().
Instead, use the function constructor to create a function that can execute code dynamically.
const obj = new Function("return " + objString + ";")();