What's wrong with this JavaScript Array reverse mutates?
What's wrong with this JavaScript Array reverse mutates in place. The JavaScript code reverses an array and passes it on. In JavaScript reverse mutates the original and corrupts the source.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #...
Why does this JavaScript new Date parse wrong?
Why does this JavaScript new Date parse wrong across timezones. The JavaScript code passes a date string without timezone. In JavaScript the parser interprets it as local and shifts hours for users.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #j...
What's wrong with this JavaScript spread shallow copy?
What's wrong with this JavaScript spread shallow copy in state update. The JavaScript code uses spread to clone state. In JavaScript nested objects are still shared and mutations leak.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #javascr...
Why does this JavaScript eval in JSON parse?
Why does this JavaScript eval in JSON parse allowing code execution. The JavaScript code uses eval or Function to parse JSON. In JavaScript this executes any code in the string.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #javascriptapi #javascrip...
Why does this JavaScript replace only change the first match?
Why does this JavaScript replace only change the first match in a sanitizer. The JavaScript code uses replace without the global flag. In JavaScript only the first occurrence is replaced and the rest remain.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #...
What's wrong with this JavaScript worker ack?
What's wrong with this JavaScript worker ack in a queue. The JavaScript code acknowledges the message before the database commit, so failures lose data permanently. In JavaScript pipelines this creates silent gaps.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascrip...
What's wrong with this JavaScript URL fetch?
What's wrong with this JavaScript URL fetch in production. The JavaScript code fetches a user supplied URL without validation, enabling SSRF to internal services. In JavaScript backends this exposes secrets.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliabi...
Why does this JavaScript filter return wrong type?
Why does this JavaScript filter return wrong type in a search. The JavaScript code uses filter and assumes results match the predicate. In JavaScript sparse arrays or holes can produce unexpected length.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptrelia...
Why does this JavaScript addEventListener stacking?
Why does this JavaScript addEventListener stacking without remove. The JavaScript code adds a listener on each render. In JavaScript listeners accumulate and fire multiple times.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #javascriptapi #j...
Why does this JavaScript reduce crash on empty array?
Why does this JavaScript reduce crash on empty array in aggregation. The JavaScript code calls reduce without an initial value. In JavaScript when the array is empty it throws. In JavaScript dashboards empty states break the app.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascrip...
What's wrong with this JavaScript Object freeze shallow?
What's wrong with this JavaScript Object freeze shallow in config. The JavaScript code freezes the top level object. In JavaScript nested objects stay mutable and can still be modified.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #java...
Why does this JavaScript money math drift?
Why does this JavaScript money math drift in billing. The JavaScript code uses floats for currency and rounds at the end, which creates silent cents errors. In JavaScript finance systems this causes reconciliation mismatches.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #j...
What's wrong with this JavaScript regex?
What's wrong with this JavaScript regex in validation. The JavaScript pattern has catastrophic backtracking, so a single input can hang a worker. In JavaScript APIs this becomes a denial of service.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #javascr...
Why does this JavaScript Symbol not equal itself?
Why does this JavaScript Symbol not equal itself in a cache. The JavaScript code uses Symbol as a unique key. In JavaScript Symbol creates new identity every call so the same key never matches.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #jav...
Why does this JavaScript innerHTML XSS?
Why does this JavaScript innerHTML XSS from user content. The JavaScript code assigns user input to innerHTML. In JavaScript this executes any script in the string.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #javascriptapi #javascriptengineering #java...
What's wrong with this JavaScript error in for await?
What's wrong with this JavaScript error in for await not propagating. The JavaScript code iterates an async iterable with for await. In JavaScript errors can leave the loop without handling.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #ja...
What's wrong with this JavaScript JSON stringify omitting fields?
What's wrong with this JavaScript JSON stringify omitting fields in API payload. The JavaScript code stringifies an object with undefined values. In JavaScript JSON.stringify drops undefined and the API gets wrong schema.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javas...
Why does this JavaScript timeout loop run forever?
Why does this JavaScript timeout loop run forever after a clock change. The JavaScript code uses Date.now for elapsed time, so clock adjustments can stall the loop. In JavaScript services this turns short waits into long stalls.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptper...
What's wrong with this JavaScript JSON parse?
What's wrong with this JavaScript JSON parse in an API handler. The JavaScript code checks a parsed object with a truthy test and rejects valid empty payloads. In JavaScript services this drops legitimate requests.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascrip...
Why does this JavaScript scheduler drift?
Why does this JavaScript scheduler drift in reporting. The JavaScript code mutates a Date object and reuses it, so every window shifts forward. In JavaScript jobs this breaks hourly aggregation.
#whatswrongwiththisjavascriptcode #javascriptbug #javascriptproductionbug #javascriptdebugging #javascriptbackend #javascriptcodereview #javascriptsecurity #javascriptperformance #javascriptreliability #javascript...
