JSON.parse(JSON.stringify(x)) used as a deep clone
Part of Code Quality & Syntax, which counts for 20% of the overall score. When this check fires it deducts 4 points from that category, once per scan, no matter how many places it turns up.
What it detects
This works for plain JSON-safe data but re-serializes and re-parses the entire structure, drops functions/undefined/Dates/Maps/Sets, and is measurably slower than structuredClone or a dedicated clone utility on anything but tiny objects. Low severity: it is a known inefficiency, not a bug.
Why it matters
JSON.parse(JSON.stringify(x)) is a common way to deep-clone an object, and it works correctly for plain JSON-safe data. But it serializes the whole structure to a string and re-parses it, which is measurably slower than a direct clone on anything but tiny objects, and it silently drops functions, undefined values, Dates (they become strings), Maps, Sets, and circular references. This is a low-severity efficiency and correctness smell, not a bug in the common case.
How to fix it
For a plain deep clone, use the built-in structuredClone(x) (available in modern Node and browsers), which is both faster and preserves Dates, Maps, Sets, and circular references. If you specifically need a JSON-safe snapshot (for example before sending over the wire), keep this pattern but say so with a short comment so the next reader knows it is intentional.
The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing
Does your repo trip this check?
Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.
Scan your repo