Using external code tools (UsingExternalCodeTools)¶

Type	Scope	Severity	Activated by default	Minutes to fix	Tags
`Security Hotspot`	`BSL` `OS`	`Critical`	`Yes`	`15`	`standard` `design`

Description¶

For application solutions it is forbidden to execute in unsafe mode any code on the 1C:Enterprise server that is not part of the application solution (configuration) itself.
The restriction does not apply to the code that has passed the audit, and to the code executed on the client.

Examples of invalid execution of "external" code in unsafe mode:

external reports and processings (print forms, etc.)
configuration extensions

Restrictions¶

At the moment, the server context is not analyzed, so diagnostic works both at client and server contexts

Examples¶

Sources¶

Restriction on the execution of "external" code (RU)

Snippets¶

Diagnostic ignorance in code¶

// BSLLS:UsingExternalCodeTools-off
// BSLLS:UsingExternalCodeTools-on

Parameter for config¶

"UsingExternalCodeTools": false