# Unhandled Promise Rejection

- ID: javascript-unhandled-promise-rejection
- Severity: HIGH
- CWE: CWE-391 (CWE-391)
- Languages: JavaScript, TypeScript
- Frameworks: nodejs, express, fastify, nextjs, koa, hapi, nestjs

## Description

Detects promises that are created or called without proper rejection handlers.
Unhandled promise rejections can cause application crashes, expose sensitive error
information, and lead to inconsistent application state.

In Node.js, unhandled promise rejections will terminate the process in future versions,
making this a critical reliability and security issue.

## Detection Message

Promise at {location} lacks rejection handler (.catch or try-catch)

## Remediation

Always handle promise rejections using one of these methods:

1. Use .catch() for promise chains
2. Use try-catch with async/await
3. Add global handlers for unhandled rejections

Example safe patterns:
```javascript
// ✅ SAFE - Using .catch()
fetch(url)
  .then(response => response.json())
  .then(data => processData(data))
  .catch(error => {
    logger.error('Fetch failed:', error);
    // Handle error appropriately
  });

// ✅ SAFE - Using async/await with try-catch
async function fetchData() {
  try {
    const response = await fetch(url);
    const data = await response.json();
    return processData(data);
  } catch (error) {
    logger.error('Fetch failed:', error);
    throw error; // Re-throw or handle
  }
}

// ✅ SAFE - Global handler (fallback)
process.on('unhandledRejection', (reason, promise) => {
  logger.error('Unhandled Rejection:', reason);
  // Optionally exit process for safety
  process.exit(1);
});
```

## Documentation

[object Object]

## Related Rules

- **Empty Error Handling** [LOW]: 
- **Empty Exception Handler** [MEDIUM]: