Skip to content
Critiq Docs

Search docs

Search documentation pages and rules

security.reliability

Throw `Error` objects instead of literals

Only throw `Error` instances (or subclasses), not strings, numbers, or plain objects.

#Metadata

Rule ID
ts.security.no-throw-literal
Severity
medium
Confidence
0.9
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
reliability, rules-catalog, security

#Why it matters

Throwing literals loses stack traces and makes error handling inconsistent across callers.

#Remediation

Throw `new Error(...)` or a typed error subclass with a clear message.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.no-throw-literal.rule.yaml.

Back to directoryOpen rule in repository