CodeQL documentation

Yield in non-generator function

ID: js/yield-outside-generator
Kind: problem
Security severity: 
Severity: error
Precision: very-high
Tags:
   - maintainability
   - language-features
   - external/cwe/cwe-758
Query suites:
   - javascript-security-and-quality.qls

Click to see the query in the CodeQL repository

Previous versions of SpiderMonkey permitted the use of yield expressions in functions not marked as generators. This is no longer supported, and is not compliant with ECMAScript 2015.

Recommendation

Mark the enclosing function as a generator by replacing function with function*.

Example

The following example uses yield to produce a sequence of indices, but the function idMaker is not marked as a generator:

function idMaker(){
    var index = 0;
    while(true)
        yield index++;
}

This is easily fixed by adding an asterisk to the function keyword:

function* idMaker(){
    var index = 0;
    while(true)
        yield index++;
}

References

  • Mozilla Developer Network: function*.

  • Mozilla Developer Network: yield.

  • Common Weakness Enumeration: CWE-758.

  • © GitHub, Inc.
  • Terms
  • Privacy