Critiq Docs
Get started
security.privacy

Avoid leaking sensitive or diagnostic state

Logs, stdout or stderr, and direct response sinks should not expose sensitive fields or internal diagnostic detail.

#Metadata

Rule ID
ts.security.information-leakage
Severity
high
Confidence
0.9
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
diagnostics, logging, privacy, rules-catalog, security

#Why it matters

Stack traces, request metadata, auth or session objects, and environment state are often leaked through "temporary" debugging output that later reaches production paths.

#Remediation

Replace the payload with a fixed summary, redact sensitive fields, and strip stack, env, request, or cookie data from production output.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.information-leakage.rule.yaml.

Back to registryOpen rule in repository