Prevent executing JS bindings when running in a Node env

packages/string-templates/src/helpers/javascript.js

@@ -39,13 +39,23 @@ const atob = base64 => {
 
 // Evaluates JS code against a certain context
 module.exports.processJS = (handlebars, context) => {
+  // Do not evaluate JS in a node environment
+  if (typeof window === "undefined") {
+    return "JS bindings are not executed in a Node environment"
+  }
+
   try {
     // Wrap JS in a function and immediately invoke it.
     // This is required to allow the final `return` statement to be valid.
     const js = `function run(){${atob(handlebars)}};run();`
 
     // Our $ context function gets a value from context
-    const sandboxContext = { $: path => getContextValue(path, context) }
+    const sandboxContext = {
+      $: path => getContextValue(path, context),
+      alert: undefined,
+      setInterval: undefined,
+      setTimeout: undefined,
+    }
 
     // Create a sandbox with out context and run the JS
     vm.createContext(sandboxContext)