The ``++DEBUG(*YES)++`` and ``++DUMP++`` statements are useful during development and debugging, but could expose sensitive information to attackers and should not be included in production code. 


== Noncompliant Code Example

----
   H*------------------------------------------------------------------------- 
   H   DATEDIT(*YMD) DEBUG(*YES)                                               
   H**************************************************************************

   C     SR990         BegSR                                                                   
   C     'CVTERR'      DUMP                                                   DUMP for error
   C                   Move      *on           *INLR                                          
----


== Compliant Solution

----
   H*------------------------------------------------------------------------- 
   H   DATEDIT(*YMD) 
   H**************************************************************************

   C     SR990         BegSR                                                                   
   C                   Move      *on           *INLR                                          
----


== See

* https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure[OWASP Top 10 2017 Category A3] - Sensitive Data Exposure
* http://cwe.mitre.org/data/definitions/489.html[MITRE, CWE-489] - Leftover Debug Code