lint.CFLint.0.11.1.source-code.cflint.definition.xml Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of CFLint Show documentation
Show all versions of CFLint Show documentation
A static code analysis tool for ColdFusion (in the spirit of FindBugs and Lint). With CFLint, you are able to analyze your ColdFusion code base for code violations.
WARNING
Argument ${variable} is not required and does not define a default value.
ERROR
Variable ${variable} should not be declared in both var and argument scopes.
INFO
Variable ${variable} should not be referenced in local and argument scope.
WARNING
Not having a Default statement defined for a switch could pose potential issues.
WARNING
Identifier ${variable} is global, referencing in a CFC or function should be avoided.
ERROR
Nested CFOutput, outer CFOutput has @query.
INFO
<${tag} name="${variable}"> should have @output='false'
WARNING
setSql() statement should use .addParam() instead of #'s for security.
WARNING
<${tag} name="${variable}"> should use <cfqueryparam/> for security reasons.
WARNING
QueryNew statement should specify datatypes.
ERROR
Variable ${variable} is not declared with a var statement.
Avoid Leaving <${tagName}> tags in committed code. Debug information should be omitted from release code
WARNING
Avoid Leaving <${tagName}> tags in committed code. CFexecute can be use as an attack vector and is slow.
WARNING
Avoid Leaving <${tagName}> tags in committed code. Did you accidently leave a cfabort in the code?
WARNING
WARNING
Avoid using abort in production code.
Avoid using <${tagName}> tags. Use cfquery and cfstoredproc instead.
WARNING
Avoid using <${tagName}> tags.
WARNING
Avoid using <${tagName}> tags. Use cfquery and cfstoredproc instead.
WARNING
Avoid using <${tagName}> tags. Use components instead.
WARNING
WARNING
INFO
Argument ${variable} is missing a hint.
INFO
Argument ${variable} is missing a hint. Use javadoc style annotations on cfscript functions.
INFO
ARGUMENT ${variable} is missing a type.
WARNING
Argument ${variable} is any. Please change to be the correct type.
INFO
WARNING
WARNING
WARNING
INFO
WARNING
WARNING
Function ${functionName} is too complex. Consider breaking the function into smaller functions.
WARNING
Avoid using the ${functionName} function in production code.
INFO
Avoid using the ${functionName} function. Use implicit structure construction instead (= {}).
INFO
Avoid using the ${functionName} function in production code.
WARNING
Use implict array construction instead (= []).
INFO
WARNING
Explicit check of boolean expession is not needed.
INFO
WARNING
WARNING
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
WARNING
Avoid leaving debug attribute on tags.
WARNING
Avoid using showDebugOutput attribute on cfsetting.
INFO
INFO
Argument ${variable} is not used in function, consider removing it.
WARNING
CWE-482: Comparing instead of Assigning
WARNING
Unquoted struct key ${variable} is not case-sensitive. Quoting it is recommended.