todolint 0.0.10

code comment SAST security scanner
Documentation

todolint: code comment SAST security scanner

CloudFlare R2 install media downloads Crates.io Downloads (recent) docs.rs Test license

pencil case logo

SUMMARY

todolint identifies bugs based on code comments.

  • hack
  • fixme
  • todo
  • etc.

EXAMPLES

% cd examples/en-us

% todolint .
docs/backlog.txt:1:FIXME: Internationalize console messages.
greet.c:4:// TODO: Validate 1 < argc < 3
greet.c:8:// TODO
metrics.js:10:// hack: divide by zero

DOWNLOAD

For more platforms and installation methods, see INSTALL.

For details on tuning todolint, see CONFIGURATION.

For details on building from source, see DEVELOPMENT.

ABOUT

todolint identifies software bugs, by searching codebases for mentions of unresolved TODO tasks.

Examples:

// todo: walk the dog

// todo
// walk the dog

However, todolint allows comments that cite a URI-like resource, using the notation <status>: <uri>. The resource may provide a FAQ, ticketing system, or other documentation.

Exception:

// pending: https://doc.rust-lang.org/beta/rustc/platform-support.html

Thus, we now have a formal notation to track coding imperfections, including metadata about why the code may be stuck indefinitely in its current written state.

LOCALIZATIONS WELCOME

Speakers are invited to submit pull requests to improve the writing in our examples.

RESOURCES

✏️