Code Quality detectors

New function detected

Use of new Function() can be dangerous if used to evaluate dynamic content.

Invoke super appropriately

The incorrect use of super() causes problems.

Numeric truncation error

Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.

Avoid nan in comparison

Checks if nan is used is comparison.

Missing check on method output

Missing checks might cause silent failures that are harder to debug.

Catch and swallow exception

Swallowing exceptions, without rethrowing or logging them, can make it hard to understand why your application is failing.

Use {} instead of new Object()

New Object() has been used for object creation instead of {}.

improper input validation cdk

Improper input validation can enable attacks and lead to unwanted behavior.

Use of Default Credentials CDK

The product relies on default credentials(including passwords and cryptographic keys) for potentially vital functions.

Improper Restriction of Operations within the Bounds of a Memory Buffer

An improper buffer read operation might lead to a BufferOverflowException.

Inefficient polling of AWS resource

Custom polling can be inefficient and prone to error. Consider using AWS waiters instead.

Avoid Undefined As Variable Name

Checks if the undefined is used as variable.

Index of method comparison

indexOf method should not be compared with values greater than zero.

String passed to setInterval or setTimeout

String passed to setInterval or setTimeout can cause the JavaScript engine to evaluate, which can lead to a security risk.

Check failed records when using kinesis

A batch request that doesn't check for failed records can lead to loss of data.

Improper Access Control CDK

The software does not restrict or incorrectly restrict access to a resource from an unauthorized actor.

Missing Authentication for Critical Function CDK

Missing authentication checks can lead to unauthorized access to a resource or performance of an action.

Typeof expression

The typeof operator should only be compared to valid values.

Exposure of Sensitive Information CDK

The product unintentionally grants unauthorized actors access to a resource by placing it in the wrong control sphere.

Insufficient Logging CDK

In the case of a security-critical event, the product fails to either log the event or misses crucial details in the logged information.

Lazy Load Module

Checks for lazy module loading.

Redundant switch statement

Detect switch statements if it has less than three case clauses.