Below is my code. I don't think there is any problem.
How can I fool codacy? If I can't use obj[key], then what the hell is this thing? There is no way I can avoid [].
handleClick = (e, titleProps) => { const { index } = titleProps const newVal = this.state.activeIndexObj[index]? false: true let activeIndexObj = {...this.state.activeIndexObj} activeIndexObj[index] = newVal // Generic Object Injection Sink (security/detect-object-injection) 22 Answers
You just need to parse index into integer
activeIndexObj[parseInt(index)] = newVal there could be chances hacker may inject function or prototype chaining so that's why this security error comes.
2the question linked on the comment by @luca (Why is it bad pratice calling an array index with a variable?) explains the problem with using a variable to access an array index. It's a security question.
If you allow a non validated input to be used as an array index, your application may crash. Even if you validate the index, it's a matter of time until you refactor the code and the validation be skipped. Hence the recommendation to avoid such code. One recommended solution is to use a Map:
If you don't wanna know about this problem, it is possible to ignore the issue in the codacy UI:
2