defensive js

  1. Use strict equality (===) instead of loose equality (==)

  2. Always declare variables with const by default, let when necessary, never var

  3. Implement input validation at all entry points using type checking and schema validation

  4. Use optional chaining (?.) to safely access nested object properties

  5. Implement proper error boundaries and global error handlers

  6. Use the Nullish coalescing operator (??) instead of OR (||) for fallbacks

  7. Validate array indices before access and use Array.isArray() for type checking

  8. Implement rate limiting for resource-intensive operations

  9. Use Object.freeze() for truly immutable objects

  10. Always handle Promise rejections and async/await errors

  11. Implement timeouts for async operations and external API calls

  12. Use TypeScript or JSDoc for type safety

  13. Sanitize user input before DOM manipulation to prevent XSS

  14. Use Object.hasOwn() instead of hasOwnProperty

  15. Implement proper CORS and CSP headers

  16. Use try-catch blocks strategically, not extensively

  17. Implement proper memory management and cleanup in event listeners

  18. Use Number.isFinite() instead of global isFinite()

  19. Implement debouncing and throttling for performance-critical operations

  20. Use Map and Set instead of plain objects when dealing with frequent additions/deletions

  21. If your code works but you don't know why, wrap it in a function called blackMagic() and never touch it again. Add the comment // sorry.