CodeQL queries 1.25
Skip to end of metadata
Go to start of metadata

Name: Use of debugger statement

Description: The 'debugger' statement should not be used in production code.

ID: js/debugger-statement

Kind: problem

Severity: recommendation

Precision: medium

Query: DebuggerStatement.ql
/**
 * @name Use of debugger statement
 * @description The 'debugger' statement should not be used in production code.
 * @kind problem
 * @problem.severity recommendation
 * @id js/debugger-statement
 * @tags efficiency
 *       maintainability
 *       language-features
 *       external/cwe/cwe-489
 * @precision medium
 */

import javascript

from DebuggerStmt ds
select ds, "Do not use 'debugger'."

The debugger statement should only be used during debugging, and should not appear in production code.

Recommendation

Remove all debugger statements.

Example

The following implementation of Quicksort contains a debugger statement which can be removed without affecting the program's functionality.

function qsort(a) {
    if (a.length == 0) return [];
 
    var left = [], right = [], pivot = a[0];
 
    for (var i = 1; i < a.length; i++) {
    	debugger;
        a[i] < pivot ? left.push(a[i]) : right.push(a[i]);
    }
 
    return qsort(left).concat(pivot, qsort(right));
}

References