Replace legacy Buffer constructors

#Metadata

Rule ID

ts.security.legacy-buffer-constructor

Severity

medium

Confidence

0.9

Languages

javascript, typescript

Presets

recommended, security, strict

Stability

stable

Applies to

block

Tags

memory, node, rules-catalog, security

#Why it matters

Legacy constructors behave differently across Node versions and are harder to audit for safe allocation.

#Remediation

Prefer Buffer.from for encoded data and Buffer.alloc for zero-filled buffers sized by trusted logic.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.legacy-buffer-constructor.rule.yaml.