From d2636aad68caf94ab14175d331bd73372c93d5fd Mon Sep 17 00:00:00 2001
From: Chris Smowton <smowton@github.com>
Date: Fri, 6 Feb 2026 11:24:30 +0000
Subject: [PATCH 1/2] JS: Add missing rule to security-and-quality query list

Has header block

```
 * @id js/unhandled-error-in-stream-pipeline
 * @name Unhandled error in stream pipeline
 * @description Calling `pipe()` on a stream without error handling will drop errors coming from the input stream
 * @kind problem
 * @problem.severity warning
 * @precision high
 * @tags quality
 *       reliability
 *       error-handling
 *       frameworks/nodejs
```

... which would get selected by the security-and-quality selectors if we were using them. Any reason to exclude?
---
 .../ql/src/codeql-suites/javascript-security-and-quality.qls     | 1 +
 1 file changed, 1 insertion(+)

diff --git a/javascript/ql/src/codeql-suites/javascript-security-and-quality.qls b/javascript/ql/src/codeql-suites/javascript-security-and-quality.qls
index 10097f6eaad0..07073d4f9f50 100644
--- a/javascript/ql/src/codeql-suites/javascript-security-and-quality.qls
+++ b/javascript/ql/src/codeql-suites/javascript-security-and-quality.qls
@@ -102,6 +102,7 @@
       - js/react/unused-or-undefined-state-property
       - js/react/direct-state-mutation
       - js/react/inconsistent-state-update
+      - js/unhandled-error-in-stream-pipeline
       - js/diagnostics/extraction-errors
       - js/diagnostics/successfully-extracted-files
       - js/summary/lines-of-code

From 463db799bae04605f503df016e25876ba21c6e3e Mon Sep 17 00:00:00 2001
From: Chris Smowton <smowton@github.com>
Date: Fri, 6 Feb 2026 03:52:14 -0800
Subject: [PATCH 2/2] Update test expectations

---
 .../query-suite/javascript-security-and-quality.qls.expected     | 1 +
 1 file changed, 1 insertion(+)

diff --git a/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected b/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
index f87cd2bf505a..00a99f4f339a 100644
--- a/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
+++ b/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
@@ -80,6 +80,7 @@ ql/javascript/ql/src/NodeJS/InvalidExport.ql
 ql/javascript/ql/src/NodeJS/MissingExports.ql
 ql/javascript/ql/src/Performance/PolynomialReDoS.ql
 ql/javascript/ql/src/Performance/ReDoS.ql
+ql/javascript/ql/src/Quality/UnhandledErrorInStreamPipeline.ql
 ql/javascript/ql/src/React/DirectStateMutation.ql
 ql/javascript/ql/src/React/InconsistentStateUpdate.ql
 ql/javascript/ql/src/React/UnsupportedStateUpdateInLifecycleMethod.ql