alert(...) as well as confirm(...) and prompt(...) can be useful for debugging during development, but in production mode this kind of pop-up could expose sensitive information to attackers, and should never be displayed.

Noncompliant Code Example

if(unexpectedCondition) {
  alert("Unexpected Condition");
}

See