Merge branch 'master' into dev (#732)

* v 1.5.0 * Added IntelliJ IDEA Ultimate plugin link * Fixed CFLint version in README.md from 1.4 to 1.5 (#704) * Bump commons-io from 2.5 to 2.7 (#706) Bumps commons-io from 2.5 to 2.7. Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump junit from 4.12 to 4.13.1 (#694) Bumps [junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1. - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md) - [Commits](junit-team/junit4@r4.12...r4.13.1) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Updated the gradle wrapper to 6.4 (#703) * Bump ant from 1.7.0 to 1.10.9 (#701) Bumps ant from 1.7.0 to 1.10.9. Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jackson.version from 2.10.1 to 2.12.1 (#702) Bumps `jackson.version` from 2.10.1 to 2.12.1. Updates `jackson-core` from 2.10.1 to 2.12.1 - [Release notes](https://github.com/FasterXML/jackson-core/releases) - [Commits](FasterXML/jackson-core@jackson-core-2.10.1...jackson-core-2.12.1) Updates `jackson-databind` from 2.10.1 to 2.12.1 - [Release notes](https://github.com/FasterXML/jackson/releases) - [Commits](https://github.com/FasterXML/jackson/commits) Updates `jackson-module-jaxb-annotations` from 2.10.1 to 2.12.1 - [Release notes](https://github.com/FasterXML/jackson-modules-base/releases) - [Commits](FasterXML/jackson-modules-base@jackson-modules-base-2.10.1...jackson-modules-base-2.12.1) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * make all urls https since it will fail with http urls (#725) * Bump com.fasterxml.jackson.core:jackson-databind from 2.10.1 to 2.12.7.1 (#726) Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.10.1 to 2.12.7.1. - [Commits](https://github.com/FasterXML/jackson/commits) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.ant:ant from 1.10.9 to 1.10.11 (#727) Bumps org.apache.ant:ant from 1.10.9 to 1.10.11. --- updated-dependencies: - dependency-name: org.apache.ant:ant dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add Gradle GitHub Action (#728) * Update Rules (#729) * Updated RULES writer * Updated README * Update Gradle to 6.9.4 (#731) --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Ryan <[email protected]> Co-authored-by: Pr1st0n <[email protected]> Co-authored-by: Kai Koenig <[email protected]> Co-authored-by: Ed Bartram <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andy Jarrett <[email protected]> Co-authored-by: Travis Frisinger <[email protected]>
cflint · Mar 25, 2024 · 208c354 · 208c354
1 parent feb924c
commit 208c354
Show file tree

Hide file tree

Showing 12 changed files with 1,252 additions and 580 deletions.
diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
@@ -0,0 +1,32 @@
+name: Gradle
+
+on:
+  pull_request:
+    branches:
+      - main
+      - master
+      - dev
+
+jobs:
+  gradle:
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+
+    - name: Set up JDK 8
+      uses: actions/setup-java@v4
+      with:
+        distribution: temurin
+        java-version: 8
+
+    - name: Setup Gradle
+      uses: gradle/actions/setup-gradle@v3
+      with:
+        gradle-version: wrapper
+
+    - name: Build with Gradle
+      run: ./gradlew build
diff --git a/README.md b/README.md
@@ -1,26 +1,28 @@
 ![CFLint](/src/main/resources/CFLint-logo.jpg)
 
-# CFLint [![Maven Central](https://maven-badges.herokuapp.com/maven-central/com.github.cflint/CFLint/badge.svg)](https://maven-badges.herokuapp.com/maven-central/com.github.cflint/CFLint) [![License](https://img.shields.io/badge/License-BSD%203--Clause-blue.svg)](https://opensource.org/licenses/BSD-3-Clause) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/6f4b01d4d2cb4860b60ac666452071f1)](https://www.codacy.com/app/ryaneberly/CFLint?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=cflint/CFLint&amp;utm_campaign=Badge_Grade) [![Build Status](https://travis-ci.org/cflint/CFLint.svg?branch=master)](https://travis-ci.org/cflint/CFLint)
+# CFLint
+
+[![Maven Central](https://maven-badges.herokuapp.com/maven-central/com.github.cflint/CFLint/badge.svg)](https://maven-badges.herokuapp.com/maven-central/com.github.cflint/CFLint) [![License](https://img.shields.io/badge/License-BSD%203--Clause-blue.svg)](https://opensource.org/licenses/BSD-3-Clause) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/6f4b01d4d2cb4860b60ac666452071f1)](https://www.codacy.com/app/ryaneberly/CFLint?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=cflint/CFLint&amp;utm_campaign=Badge_Grade) [![Build Status](https://travis-ci.org/cflint/CFLint.svg?branch=master)](https://travis-ci.org/cflint/CFLint)
 
 A static code analysis tool for CFML.
 
 License: [BSD](https://opensource.org/licenses/bsd-license.html)
 
-Current Version: 1.4.1
+Current Version: 1.5.x
 
-# Versions
+## Versions
 
 See [CHANGELOG.md](/CHANGELOG.md) for further information.
 
-# Project and library organization
+## Project and library organization
 
 CFLint is a project developed and worked on by volunteers. When logging issues please, be nice and considerate. We're here to help. We really appreciate fixes and improvements, so feel free to talk to us and/or provide pull requests.
 
 `/src/main` contains the source code. Tests can be found in `/src/test`. CFLint relies heavily on the [CFParser](https://github.com/cfparser/cfparser) project as well as a bunch of third-party Java libraries.
 
 The master branch is considered our stable codebase. Most of the development happens in the dev branch resp. local development branches for specific issues.
 
-# Building CFLint
+## Building CFLint
 
 1. Fork the repository into your account and clone or download the codebase as a zip-file.
 1. Install the tooling of your choice and build via Gradle or Maven (deprecated). CFLint requires Java 8.
@@ -39,7 +41,7 @@ The master branch is considered our stable codebase. Most of the development hap
 
     Alternatively, import the CFLint codebase into the IDE of your choice and use its respectively Gradle/Maven integration. This should work out of the box for Eclipse and IntelliJ users.
 
-# Using CFLint - Quickstart Guide
+## Using CFLint - Quickstart Guide
 
 Get the latest version from [Maven Central](https://search.maven.org/search?q=cflint) or the [CFLint GitHub release page](https://github.com/cflint/CFLint/releases) or build the project.
 
@@ -65,21 +67,21 @@ Or always use the latest:
 
 With the binaries retrieved one or the other way, you can now use CFLint on the command line.
 
-#### Use the "-all"-version of the jar-file
+### Use the "-all"-version of the jar-file
 
-    CFLint-1.4.1-all.jar
+    CFLint-1.5.0-all.jar
 
-#### Scan a folder with the complete set of rules
+### Scan a folder with the complete set of rules
 
-    java -jar CFLint-1.4.1-all.jar -folder <baseFolder>
+    java -jar CFLint-1.5.0-all.jar -folder <baseFolder>
 
-#### Scan a file with the complete set of rules
+### Scan a file with the complete set of rules
 
-    java -jar CFLint-1.4.1-all.jar -file <fullPathToFile>
+    java -jar CFLint-1.5.0-all.jar -file <fullPathToFile>
 
-#### See parameters and help
+### See command line parameters and help
 
-    java -jar CFLint-1.4.1-all.jar -help
+    java -jar CFLint-1.5.0-all.jar -help
 
 # User manual
 
@@ -131,13 +133,13 @@ An example `.cflintrc` file is shown below:
 
 * `inheritParent` configures if the rules set in the global or any parent configuration should be inherited as a base set of rules.
 
-* `parameters` allows configuration of rule parameters. See `cflint.definition.json` for the parameters and their defaults.
+* `parameters` allows configuration of rules. See [RULES.md](/RULES.md) for the parameters of each rule and their defaults. You must precede the parameter name with the rule name separated by a dot.
 
 * Please note: `inheritPlugins` and `output` were marked deprecated in CFLint 1.2.0 and removed in 1.4.0. Plugin inheritance is now always treated as true since the team cannot see a use case in which it should be disabled. The output type can be controlled elsewhere, such as command-line flags.
 
 We provide a [schema with the deprecated properties excluded](/src/main/resources/schemas/.cflintrc.schema.json).
 
-More examples of `.cflintrc` files can be found by browsing the [project test files](/src/test/resources/com/cflint/tests).
+See [Recipes](#recipes) for some usage examples of `.cflintrc`. Example files can be found by browsing the [project test files](/src/test/resources/com/cflint/tests).
 
 ### Annotation-based configuration
 
@@ -567,5 +569,6 @@ Please note that the majority of the libraries and projects mentioned here are n
 * [SonarQube plugin](https://github.com/stepstone-tech/sonar-coldfusion)
 * [NPM wrapper](https://github.com/morgdenn/npm-cflint)
 * Vim [Syntastic support for CFLint](https://github.com/cflint/cflint-syntastic)
+* [IntelliJ IDEA Ultimate plugin](https://github.com/Pr1st0n/cflint-intellij)
 
 If you have been working on (or are thinking about starting) a project related to CFLint, please let us know. We're happy to include relevant third-party projects to the list above.