# TypeORM Unsafe Database Migration

- ID: typeorm-unsafe-migration
- Severity: HIGH
- CWE: CWE-754 (CWE-754)
- Languages: JavaScript, TypeScript
- Frameworks: typeorm

## Description

Unsafe migrations with DROP TABLE/COLUMN operations without backups cause permanent
data loss and application crashes from schema mismatches.

## Detection Message

Migration contains potentially destructive operation: {operation}. Add safety checks and data preservation logic.

## Remediation

Backup data before destructive operations and use multi-phase migrations.

```typescript
export class SafeColumnRemoval implements MigrationInterface {
  public async up(queryRunner: QueryRunner): Promise<void> {
    // Backup before dropping
    await queryRunner.query(`
      CREATE TABLE "user_email_backup" AS
      SELECT id, email FROM "user"
    `);
    await queryRunner.dropColumn('user', 'email');
  }
}
```

Learn more: https://shoulder.dev/learn/typescript/cwe-754/unsafe-migration

## Documentation

[object Object]