Optional argument is missing a default value.
Severity: WARNING
Message: Argument variable is not required and does not define a default value.
Variable declared in both local and argument scopes.
Severity: ERROR
Message: Variable variable should not be declared in both local and argument scopes.
Variable referenced in local and argument scopes.
Severity: INFO
Message: Variable variable should not be referenced in local and argument scope.
Missing default switch statement.
Severity: WARNING
Message: Not having a Default statement defined for a switch could pose potential issues.
Global variable exists.
Severity: WARNING
Message: Identifier variable is global. Referencing in a CFC or function should be avoided.
Nested cfoutput with cfquery tag.
Severity: ERROR
Message: Nested CFOutput, outer CFOutput has @query.
Tag should have output='false'.
Severity: INFO
Message: <tag name="variable"> should have @output='false'
Use query parameters for variables in sql statements.
Severity: WARNING
Message: Use query parameters for variables in sql statements.
cfquery should use <cfqueryparam>.
Severity: WARNING
Message: <tag> should use <cfqueryparam/> for variable 'variable'.
QueryNew statement should specify data types.
Severity: WARNING
Message: QueryNew statement should specify datatypes.
Variable is not declared with a var statement.
Severity: ERROR
Message: Variable variable is not declared with a var statement.
Avoid use of cfdump tags.
Severity: WARNING
Message: Avoid leaving <cfdump> tags in committed code. Debug information should be omitted from release code
Avoid use of cfexecute tags.
Severity: WARNING
Message: Avoid leaving <cfexecute> tags in committed code. CFexecute can be used as an attack vector and is slow.
Severity: WARNING
Message: Avoid using the isDate built-in function. It is too permissive. Use isValid() instead.
Avoid use of cfabort tags.
Severity: INFO
Message: Avoid leaving <cfabort> tags in committed code.
Avoid use of abort statements.
Severity: INFO
Message: Avoid using abort in production code.
Avoid use of cfinsert tags.
Severity: WARNING
Message: Avoid using <cfinsert> tags. Use cfquery and cfstoredproc instead.
Avoid use of cfmodule tags.
Severity: WARNING
Message: Avoid using <cfmodule> tags.
Avoid use of cfupdate tags.
Severity: WARNING
Message: Avoid using <cfupdate> tags. Use cfquery and cfstoredproc instead.
Avoid use of cfinclude tags.
Severity: WARNING
Message: Avoid using <cfinclude> tags. Use components instead.
Component is missing a hint.
Severity: WARNING
Message: Component variable is missing a hint.
Function is missing a hint.
Severity: INFO
Message: Function variable is missing a hint.
Argument is missing a hint.
Severity: INFO
Message: Argument variable is missing a hint.
Severity: INFO
Message: Argument variable is missing a hint. Use javadoc style annotations on cfscript functions.
Component is missing a type.
Severity: WARNING
Message: Argument variable is missing a type.
Component is of type any.
Severity: WARNING
Message: Argument variable is any. Please change to be a more specific type.
Method is too long.
Severity: WARNING
Message: Function function is variable lines. Should be fewer than 100 lines.
- length = 100
Component is too long.
Severity: WARNING
Message: Component component is variable lines. Should be fewer than 500 lines.
- length = 500
Function is missing a return type.
Severity: WARNING
Message: Function variable is missing a return type.
Function has a return type of any.
Severity: INFO
Message: Function variable return type is any. Please change to be a more specific type.
Function has too many arguments.
Severity: WARNING
Message: Function function has too many arguments. Should be fewer than 10.
- maximum = 10
Too many functions.
Severity: WARNING
Message: Component component has too many functions. Should be fewer than 10.
- maximum = 10
Function is too complex.
Severity: WARNING
Message: Function function is too complex. Consider breaking the function into smaller functions.
- maximum = 10
Severity: ERROR
Message: QueryNew declares column variable multiple times, this is a hard error in some CFML implementations.
Avoid use of writeDump statements.
Severity: INFO
Message: Avoid using the writeDump function in production code.
Avoid use of structNew statements. Use {} instead.
Severity: INFO
Message: Avoid using the structNew function in production code.
Avoid use of isDebugMode statements.
Severity: WARNING
Message: Avoid using the IsDebugMode function in production code.
Severity: WARNING
Message: Avoid using the name variable for a function. It is reserved in some CFML implementations. See https://cfdocs.org/*variable*
Avoid use of arrayNew statements. Use [] instead.
Severity: INFO
Message: Use implict array construction instead (= []).
Complex boolean expression.
Severity: WARNING
Message: Boolean expression is too complex. Consider simplifying or moving to a named method.
Checking boolean expression explicitly.
Severity: INFO
Message: Explicit check of boolean expression is not needed.
Variable has invalid name.
Severity: INFO
Message: Variable variable is not a valid name. Please use camelCase or underscores.
Variable name is all caps.
Severity: INFO
Message: Variable variable should not be upper case.
Variable scope name is all caps.
Severity: INFO
Message: Scope variable should not be upper case.
Variable name is too short.
Severity: INFO
Message: Variable variable should be longer than 3 characters.
Variable name is too long.
Severity: INFO
Message: Variable variable should be shorter than 20 characters.
Variable name contain too many words.
Severity: INFO
Message: Variable variable is too wordy. Try to think of a more concise name.
Variable name looks temporary.
Severity: INFO
Message: Temporary variable variable could be named better.
Variable name has prefix or postfix.
Severity: INFO
Message: Variable has prefix or postfix variable and could be named better.
-
minLength = 3
-
maxLength = 20
-
maxWords = 4
-
ignoreUpperCaseScopes = CGI,URL
-
ignoreAllCapsInScopes = this,variables
-
ignorePrefixPostfixOn = thisTag
-
case = camelCase
Severity: INFO
Message: Argument is missing a name.
Argument has invalid name.
Severity: INFO
Message: Argument variable is not a valid name. Please use camelCase or underscores.
Argument name is all caps.
Severity: INFO
Message: Argument variable should not be upper case.
Argument name is too short.
Severity: INFO
Message: Argument variable should be longer than 3 characters.
Argument name is too long.
Severity: INFO
Message: Argument variable should be shorter than 20 characters.
Argument name contain too many words.
Severity: INFO
Message: Argument variable is too wordy. Try to think of a more concise name.
Argument name looks temporary.
Severity: INFO
Message: Temporary argument variable could be named better.
Argument name has prefix or postfix.
Severity: INFO
Message: Argument has prefix or postfix variable and could be named better.
-
minLength = 3
-
maxLength = 20
-
maxWords = 4
-
case = camelCase
Method has invalid name.
Severity: INFO
Message: Method name function is not a valid name. Please use camelCase or underscores.
Method name is all caps.
Severity: INFO
Message: Method name function should not be upper case.
Method name is too short.
Severity: INFO
Message: Method name function should be longer than 3 characters.
Method name is too long.
Severity: INFO
Message: Method name function should be shorter than 25 characters.
Method name contain too many words.
Severity: INFO
Message: Method name function is too wordy. Try to think of a more concise name.
Method name looks temporary.
Severity: INFO
Message: Method name function could be named better.
Method name has prefix or postfix.
Severity: INFO
Message: Method name function has prefix or postfix and could be named better.
-
minLength = 3
-
maxLength = 25
-
maxWords = 5
-
case = camelCase
Component has invalid name.
Severity: INFO
Message: Component name component is not a valid name. Please use PascalCase and start with a capital letter.
Component name is all caps.
Severity: INFO
Message: Component name component should not be all upper case.
Component name is too short.
Severity: INFO
Message: Component name component should be longer than 3 characters.
Component name is too long.
Severity: INFO
Message: Component name component should be shorter than 15 characters.
Component name contain too many words.
Severity: INFO
Message: Component name component is too wordy. Try to think of a more concise name.
Component name looks temporary.
Severity: INFO
Message: Component name component could be named better.
Component name has prefix or postfix.
Severity: INFO
Message: Component name component has prefix or postfix and could be named better.
-
minLength = 3
-
maxLength = 15
-
maxWords = 3
-
case = PascalCase
CFM File starts with upper case.
Severity: INFO
Message: File filename starts with an upper case letter. Only components (.cfc files) should start with an upper case letter.
Avoid use of creatObject statements.
Severity: INFO
Message: CreateObject found. Use createObject(path_to_component) or even better new path_to_component().
Avoid use of debug attribute.
Severity: WARNING
Message: Avoid leaving debug attribute on tags.
Avoid using showDebugOutput attribute on cfsetting.
Severity: WARNING
Message: Avoid using showDebugOutput attribute on cfsetting.
Unused local variable.
Severity: INFO
Message: Local variable variable is not used in function function. Consider removing it.
Unused method argument.
Severity: INFO
Message: Argument variable is not used in function. Consider removing it.
Using comparison where assignment was probably meant.
Severity: WARNING
Message: CWE-482: Comparing instead of Assigning
Severity: WARNING
Message: Unquoted struct key variable is not case-sensitive. Quoting it is recommended.
Severity: WARNING
Message: Unquoted struct key variable is not case-sensitive. Using array notation is recommended.
Severity: WARNING
Message: Avoid using 'select *' in a query.
Message: Don't use <cfquery> in .cfm files. Database should not be coupled with view.
Severity: INFO
Message: Component variable has a name attribute, but perhaps you meant to use displayName.
Severity: INFO
Message: Literal variable occurs several times in one or more files. Consider giving it a name and not hard coding values.
-
maximum = 3
-
maxWarnings = 5
-
warningScope = global
-
ignoreWords = numeric,text,textnocase,asc,desc,in,out,inout,one,all,bigdecimal,boolean,byte,char,int,long,float,double,short,string,null
Severity: INFO
Message: Literal variable occurs several times in the same file. Consider giving it a name and not hard coding values.
-
maximum = 3
-
maxWarnings = 5
-
warningScope = local
-
ignoreWords = numeric,text,textnocase,asc,desc,in,out,inout,one,all,bigdecimal,boolean,byte,char,int,long,float,double,short,string,null
Warn with package case does not match its use.
Severity: WARNING
Message: The case of the package folder and the object declaration do not match for variable.