Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

RPG static code analysis

Unique rules to find Bugs, Security Hotspots, and Code Smells in your RPG code

Debugging statements "DEBUG(*YES)" and "DUMP" should not be used

Vulnerability

This rule is deprecated; use S4507 instead.

Why is this an issue?

More Info

The DEBUG(*YES) and DUMP statements are useful during development and debugging, but could expose sensitive information to attackers and should not be included in production code.

Noncompliant code example

   H*-------------------------------------------------------------------------
   H   DATEDIT(*YMD) DEBUG(*YES)
   H**************************************************************************

   C     SR990         BegSR
   C     'CVTERR'      DUMP                                                   DUMP for error
   C                   Move      *on           *INLR

Compliant solution

   H*-------------------------------------------------------------------------
   H   DATEDIT(*YMD)
   H**************************************************************************

   C     SR990         BegSR
   C                   Move      *on           *INLR

Available In:

Catch issues on the fly,
in your IDE

Analyze code in your
on-premise CI

Enterprise
Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted