Critiq Docs
Get started
security.resilience

Missing request timeout or retry protection

External calls should define timeout, cancellation, or retry behavior before they enter security-sensitive flows.

#Metadata

Rule ID
ts.security.missing-request-timeout-or-retry
Severity
medium
Confidence
0.8
Languages
javascript, typescript
Presets
security, strict
Stability
stable
Applies to
block
Tags
crq-sec-030, resilience, rules-catalog, security

#Why it matters

Authentication and dependency calls that have neither timeout nor retry protection fail unpredictably under network stress.

#Remediation

Add explicit timeout or cancellation support, wrap the call in retry handling, or do both when the dependency is critical.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.missing-request-timeout-or-retry.rule.yaml.

Back to registryOpen rule in repository