CFLint Scan
CFLint is a linter for CFML and you can find more information at its GitHub repository. This extension integrates CFLint into your builds.
Content
Installation
Installation can be done using Visual Studio MarketPlace.
*Java must be installed on the maching at this time
Source Code
Source code can be found on GitHub.
What The Build Step Does
This build step is running cfLint against your code with using the CFLint. The result is reported as a section on the build summary page.
Usage
Add the task to your build configuration:
On-Premise
Azure DevOps yml task
- task: cflint@1
inputs:
workingFolder: '' #starting folder to start scanning
cflintJarDownloadUrl: 'https://github.com/cflint/CFLint/releases/download/CFLint-1.5.0/CFLint-1.5.0-all.jar'
cflintarguments: '' #extra arguments you want to pass alongArguments have to be specified:
-
By default the cfLint is running in the root of the repository, you can modify that in the advanced settings as the working folder task parameter.
-
By default the cfLint jar is downloaded from the url:
https://github.com/cflint/CFLint/releases/download/CFLint-1.5.0/CFLint-1.5.0-all.jar:- You can change overwrite it to a different version if needed
- But now file shares and local files are supported to such as:
file://my-file-share/public/software/cflint.jar
or
./cflint.jar
Linting
This extension uses the CFLint tool to scan CFML files and provide feedback on potential issues. The linter optionally takes rule configuration via a .cflintrc file, for which details can be found at CFLint's repo.
Known Issues/Limitations
- Not an issue with the extension itself, but be aware that CFLint is a heavy/slow application compared to most linters, especially when used through the command line. Some things are done with the extension to account for this.
- As of this writing, CFLint (v1.5.0) often misreports issue location.