Remove leftover `console.trace` calls from production paths

#Metadata

Rule ID

ts.security.debug-statement-in-source

Severity

low

Confidence

0.9

Languages

javascript, typescript

Presets

recommended, security, strict

Stability

stable

Applies to

block

Tags

diagnostics, logging, rules-catalog, security

#Why it matters

`console.trace` dumps a stack trace to stdout/stderr and is almost always leftover developer instrumentation. Stack traces in shipped output disclose internal call structure and inflate logs.

#Remediation

Remove the call or guard it behind an explicit dev-only check (`process.env.NODE_ENV !== 'production'`, `import.meta.env.DEV`, or `__DEV__`).

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.debug-statement-in-source.rule.yaml.