SC004
Published 20 November 2017
Found a --TODO, --Warning, --Bug or --Fix comment
There is a --TODO, --Warning, --Bug or --Fix comment left in the code.
A deliberately inserted single line or nested comment where the comment flow-of-control string '--' is followed by one of the following flag words: 'Todo', 'Warning', 'Bug', or 'Fix'; case insensitive with the optional addition of a colon. This word is then followed on the same line by a space and one or more characters
Unlike any other code analysis warning, this is looking for a comment that is deliberately inserted by the developer as a safety net to prevent in-progress code being unintentionally built into a released database. It could be a supervisory or review process, or merely individual programmers reminding themselves. As soon as the issue is resolved, the developer deletes the line.
The flag word must be followed by a space (or a colon and then a space), and then by the Comment text on the same line. For example:
--bug: This transaction stays open and uncommitted when the parameter is NULL +--
--Fix: This stored procedure is vulnerable to a code injection!
--Warning ... and this code should spring and grow up, he knoweth not how. (Mark 4:27)
--ToDo – update the affected views
Currently, SC004 does not work for multi-line comments (/*…*/).
