Warn or error when using the "caller" scope

[tingar]

The caller scope is a serious footgun since it breaks encapsulation and allows a custom tag to modify its calling code. It would be great if CFLint could throw a warning or error when using this scope.

From Adobe's scope documentation [1]:

Used only in custom tag pages. The custom tag's Caller scope is a reference to the calling page's Variables scope. Any variables that you create or change in the custom tag page using the Caller scope are visible in the calling page's Variables scope. For more information, see Creating and Using Custom CFML Tags.

There are also differences between Adobe and Lucee implementations [2], so it's best avoided for compatibility reasons as well.

1: https://helpx.adobe.com/coldfusion/developing-applications/the-cfml-programming-language/using-coldfusion-variables/about-scopes.html
2: https://www.bennadel.com/blog/3995-divergent-caller-scope-assignment-behavior-in-adobe-coldfusion-and-lucee-cfml-5-3-7-48.htm