test before you ship

Get the bug.
Fix before deploy.

getdebug analyzes your repo for bugs and security vulnerabilities, generates a validated patch, and opens the PR. You review, you merge — nothing lands on main without you.

Start a 7-day trial See it in action

01 · find

acme/api · user-query.ts:42

HIGH

SQL injection

User input flows unsanitized into a raw SQL query via string concatenation. Use parameterised queries instead.

41  async function findUser(id: string) {
42    const sql = "SELECT * FROM users WHERE id = " + id;
43    return db.execute(sql);

OWASP A03 · CWE-89

02 · fix

getdebug/fix-3f2a · proposed

Parameterised query

  findUser(id: string) {
-  const sql = "SELECT * FROM users WHERE id = " + id;
-  return db.execute(sql);
+  return db.execute(
+    "SELECT * FROM users WHERE id = $1", [id],
+  );
  }

parsetypechecktests

03 · merge

github.com/acme/api · #1247

getdebug: fix SQL injection in user-query.ts

All checks passed
getdebug fix validated · parse + tsc + tests
Reviewed by you

getdebug/fix-3f2a→main

Every fix lands on a getdebug/fix-<id> branch. You review. You merge.

three plans · start free

Run every security test your code needs before you ship.

Get started See pricing

Get the bug.Fix before deploy.

Run every security test your code needs before you ship.

Get the bug.
Fix before deploy.