Why do people say that javascript eval() is evil but you get no objections against setTimeout and setInterval etc?

Question

if I am not mistaken eval executes valid code in a given string

eval("alert('hey')");

and

setTimeout("alert('hey')",1000);

does just about the same thing, only with a timer. is set timeout just as risky as eval?

Answer 1

I'd say you hear the same objections. setTimeout (with string and not function parameters) is pretty much the same as eval.

If possible,

 setTimeout(function(){ alert ("hey") ; }, 1000);

Answer 2

Because when people say "eval", they mean "eval and any function that is more or less equivalent to eval", but the former is much shorter to say. So the answer to your question is yes, it is as risky.