diff --git a/.scrutinizer.yml b/.scrutinizer.yml
index 175e383d..048faab3 100644
--- a/.scrutinizer.yml
+++ b/.scrutinizer.yml
@@ -16,4 +16,10 @@ tools:
     php_mess_detector: true
     php_code_sniffer: true
     sensiolabs_security_checker: true
-    php_code_coverage: true
\ No newline at end of file
+    php_code_coverage: true
+
+build_failure_conditions:
+    - 'issues.label("coding-style").new.count > 5'
+    - 'issues.severity(>= MAJOR).new.exists'
+    - 'elements.rating(<= D).new.exists'
+    - 'project.metric("scrutinizer.quality", < 7.5)'
\ No newline at end of file
diff --git a/js/app/app.js b/js/app/app.js
index a78ccc1b..229ce6e3 100644
--- a/js/app/app.js
+++ b/js/app/app.js
@@ -82,6 +82,7 @@
 					redirectTo: '/'
 				});
 		}).config(['$httpProvider', function ($httpProvider) {
+		/** global: oc_requesttoken */
 		$httpProvider.defaults.headers.common.requesttoken = oc_requesttoken;
 	}]).config(function (localStorageServiceProvider) {
 		localStorageServiceProvider
diff --git a/js/app/app_public.js b/js/app/app_public.js
index cb8ee990..bdbef743 100644
--- a/js/app/app_public.js
+++ b/js/app/app_public.js
@@ -35,6 +35,7 @@
 			'pascalprecht.translate'
 
 		]).config(['$httpProvider', function ($httpProvider) {
+		/** global: oc_requesttoken */
 		$httpProvider.defaults.headers.common.requesttoken = oc_requesttoken;
 	}]).config(function ($translateProvider) {
 		$translateProvider.useUrlLoader(OC.generateUrl('/apps/passman/api/v2/language'));
diff --git a/js/app/controllers/bookmarklet.js b/js/app/controllers/bookmarklet.js
index f13ede25..a95135d4 100644
--- a/js/app/controllers/bookmarklet.js
+++ b/js/app/controllers/bookmarklet.js
@@ -384,6 +384,7 @@
 
 				$scope.parseQR = function (QRCode) {
 					var re = /otpauth:\/\/(totp|hotp)\/(.*)\?(secret|issuer)=(.*)&(issuer|secret)=(.*)/, parsedQR, qrInfo;
+					qrInfo = [];
 					parsedQR = (QRCode.qrData.match(re));
 					if (parsedQR)
 						qrInfo = {
diff --git a/js/app/controllers/credential.js b/js/app/controllers/credential.js
index 4fa77a96..d70ceaa4 100644
--- a/js/app/controllers/credential.js
+++ b/js/app/controllers/credential.js
@@ -157,6 +157,7 @@
 					var private_key = EncryptService.decryptString(VaultService.getActiveVault().private_sharing_key);
 
 					private_key = ShareService.rsaPrivateKeyFromPEM(private_key);
+					/** global: forge */
 					crypted_shared_key = private_key.decrypt(forge.util.decode64(crypted_shared_key));
 					crypted_shared_key = EncryptService.encryptString(crypted_shared_key);
 
diff --git a/js/app/controllers/edit_credential.js b/js/app/controllers/edit_credential.js
index 840ae511..e0e23587 100644
--- a/js/app/controllers/edit_credential.js
+++ b/js/app/controllers/edit_credential.js
@@ -275,6 +275,7 @@
 
 				$scope.parseQR = function (QRCode) {
 					var re = /otpauth:\/\/(totp|hotp)\/(.*)\?(secret|issuer)=(.*)&(issuer|secret)=(.*)/, parsedQR, qrInfo;
+					qrInfo = [];
 					parsedQR = (QRCode.qrData.match(re));
 					if (parsedQR)
 						qrInfo = {
diff --git a/js/app/directives/otp.js b/js/app/directives/otp.js
index bf8f6c3e..9bbb0f07 100644
--- a/js/app/directives/otp.js
+++ b/js/app/directives/otp.js
@@ -87,6 +87,7 @@
 							var key = base32tohex(scope.secret);
 							var epoch = Math.round(new Date().getTime() / 1000.0);
 							var time = leftpad(dec2hex(Math.floor(epoch / 30)), 16, '0');
+							/** global: jsSHA */
 							var hmacObj = new jsSHA(time, 'HEX');
 							var hmac = hmacObj.getHMAC(key, 'HEX', 'SHA-1', "HEX");
 							var offset = hex2dec(hmac.substring(hmac.length - 1));
diff --git a/js/app/directives/passwordgen.js b/js/app/directives/passwordgen.js
index 65fbe9b2..f53f3bc2 100644
--- a/js/app/directives/passwordgen.js
+++ b/js/app/directives/passwordgen.js
@@ -124,6 +124,7 @@
 
 			var rng_psize, rng_state, rng_pool, rng_pptr, t, z, crypt_obj, num, buf, i
 			if (Arcfour.prototype.init = ARC4init, Arcfour.prototype.next = ARC4next, rng_psize = 256, null == rng_pool) {
+				/** global: navigator */
 				if (rng_pool = [], rng_pptr = 0, "undefined" != typeof navigator && "Netscape" == navigator.appName && navigator.appVersion < "5" && "undefined" != typeof window && window.crypto)for (z = window.crypto.random(32), t = 0; t < z.length; ++t)rng_pool[rng_pptr++] = 255 & z.charCodeAt(t)
 				try {
 					if (crypt_obj = null, "undefined" != typeof window && void 0 !== window.crypto ? crypt_obj = window.crypto : "undefined" != typeof window && void 0 !== window.msCrypto && (crypt_obj = window.msCrypto), void 0 !== crypt_obj && "function" == typeof crypt_obj.getRandomValues && rng_psize > rng_pptr)for (num = Math.floor((rng_psize - rng_pptr) / 2) + 1, buf = new Uint16Array(num), crypt_obj.getRandomValues(buf), i = 0; i < buf.length; i++)t = buf[i], rng_pool[rng_pptr++] = t >>> 8, rng_pool[rng_pptr++] = 255 & t
diff --git a/js/app/directives/qrreader.js b/js/app/directives/qrreader.js
index fe0628b0..5f4f766e 100644
--- a/js/app/directives/qrreader.js
+++ b/js/app/directives/qrreader.js
@@ -37,6 +37,7 @@
 					var invoker = $parse(attributes.onRead);
 					scope.imageData = null;
 
+					/** global: qrcode */
 					qrcode.callback = function (result) {
 						//console.log('QR callback:',result);
 						invoker(scope, {
@@ -48,12 +49,14 @@
 						//element.val('');
 					};
 					element.bind("change", function (changeEvent) {
+						/** global: FileReader */
 						var reader = new FileReader(), file = changeEvent.target.files[0];
 						reader.readAsDataURL(file);
 						reader.onload = (function () {
 							return function (e) {
 								//gCtx.clearRect(0, 0, gCanvas.width, gCanvas.height);
 								scope.imageData = e.target.result;
+								/** global: qrcode */
 								qrcode.decode(e.target.result);
 							};
 						})(file);
diff --git a/js/app/services/credentialservice.js b/js/app/services/credentialservice.js
index 5b92bb34..27eb966d 100644
--- a/js/app/services/credentialservice.js
+++ b/js/app/services/credentialservice.js
@@ -297,7 +297,7 @@
 							this.plain_credential = master_promise.plain_credential;
 						};
 						this.credential_data = {};
-
+						/** global: C_Promise */
 						(new C_Promise(promise_credential_update, new password_data())).progress(function (data) {
 							master_promise.call_progress(data);
 						}).then(function (data) {
@@ -306,7 +306,7 @@
 							master_promise.promises++;
 
 							master_promise.credential_data = data;
-
+							/** global: C_Promise */
 							(new C_Promise(promise_files_update, new password_data())).progress(function (data) {
 								master_promise.call_progress(data);
 							}).then(function () {
@@ -318,6 +318,7 @@
 							});
 
 							master_promise.promises++;
+							/** global: C_Promise */
 							(new C_Promise(promise_revisions_update, new password_data())).progress(function (data) {
 								master_promise.call_progress(data);
 							}).then(function () {
@@ -329,7 +330,7 @@
 							});
 						});
 					};
-
+					/** global: C_Promise */
 					return new C_Promise(promise_workload);
 				}
 			};
diff --git a/js/app/services/encryptservice.js b/js/app/services/encryptservice.js
index f79b2e9d..6767ffb5 100644
--- a/js/app/services/encryptservice.js
+++ b/js/app/services/encryptservice.js
@@ -46,6 +46,7 @@
 						_key = VaultService.getActiveVault().vaultKey;
 					}
 					var rp = {};
+					/** global: sjcl */
 					var ct = sjcl.encrypt(_key, string, encryption_config, rp);
 					return window.btoa(ct);
 				},
@@ -56,6 +57,7 @@
 					ciphertext = window.atob(ciphertext);
 					var rp = {};
 					try {
+						/** global: sjcl */
 						return sjcl.decrypt(_key, ciphertext, encryption_config, rp);
 					} catch (e) {
 						throw e;
diff --git a/js/app/services/fileservice.js b/js/app/services/fileservice.js
index 52f974b0..54cad62c 100644
--- a/js/app/services/fileservice.js
+++ b/js/app/services/fileservice.js
@@ -107,10 +107,12 @@
 					}
 
 					// write the ArrayBuffer to a blob, and you're done
+					/** global: Blob */
 					bb = new Blob([ab], {
 						type: ftype
 					});
 
+					/** global: URL */
 					return URL.createObjectURL(bb);
 				}
 			};
diff --git a/js/app/services/shareservice.js b/js/app/services/shareservice.js
index a0270cf9..60ebf30d 100644
--- a/js/app/services/shareservice.js
+++ b/js/app/services/shareservice.js
@@ -35,6 +35,7 @@
 		.service('ShareService', ['$http', 'VaultService', 'EncryptService', 'CredentialService', function ($http, VaultService, EncryptService, CredentialService) {
 			// Setup sjcl random engine to max paranoia level and start collecting data
 			var paranoia_level = 10;
+			/** global: sjcl */
 			sjcl.random.setDefaultParanoia(paranoia_level);
 			sjcl.random.startCollectors();
 
@@ -65,6 +66,7 @@
 					return $http.get(queryUrl, {search: userId}).then(function (response) {
 						if (response.data) {
 							for (var i = 0; i < response.data.length; i++) {
+								/** global: forge */
 								response.data[i].public_sharing_key = forge.pki.publicKeyFromPem(response.data[i].public_sharing_key);
 							}
 							return response.data;
@@ -201,10 +203,13 @@
 				},
 
 				generateRSAKeys: function (key_length) {
+					/** global: C_Promise */
 					var p = new C_Promise(function () {
+						/** global: forge */
 						var state = forge.pki.rsa.createKeyPairGenerationState(key_length, 0x10001);
 						var step = function () {
 							// run for 100 ms
+							/** global: forge */
 							if (!forge.pki.rsa.stepKeyPairGenerationState(state, 100)) {
 								if (state.p !== null) {
 									// progress(50);
@@ -227,8 +232,10 @@
 				},
 				generateSharedKey: function (size) {
 					size = size || 20;
+					/** global: C_Promise */
 					return new C_Promise(function () {
 						var t = this;
+						/** global: CRYPTO */
 						CRYPTO.PASSWORD.generate(size,
 							function (pass) {
 								t.call_then(pass);
@@ -253,9 +260,11 @@
 					};
 				},
 				rsaPrivateKeyFromPEM: function (private_pem) {
+					/** global: forge */
 					return forge.pki.privateKeyFromPem(private_pem);
 				},
 				rsaPublicKeyFromPEM: function (public_pem) {
+					/** global: forge */
 					return forge.pki.publicKeyFromPem(public_pem);
 				},
 				/**
@@ -267,6 +276,7 @@
 					var workload = function () {
 						if (this.current_index < this.vaults.length > 0 && this.vaults.length > 0) {
 							var _vault = angular.copy(this.vaults[this.current_index]);
+							/** global: forge */
 							_vault.key = forge.util.encode64(
 								_vault.public_sharing_key.encrypt(this.string)
 							);
@@ -282,6 +292,7 @@
 							this.call_then(this.data);
 						}
 					};
+					/** global: C_Promise */
 					return new C_Promise(function () {
 						this.data = [];
 						this.vaults = vaults;
diff --git a/js/importers/importer-clipperz.js b/js/importers/importer-clipperz.js
index 3ecf51df..156dc4a5 100644
--- a/js/importers/importer-clipperz.js
+++ b/js/importers/importer-clipperz.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 (function(window, $, PassmanImporter) {
 	'use strict';
@@ -33,6 +34,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.clippers.readFile = function (file_data) {
+		/** global: C_Promise */
 		return new C_Promise(function() {
 			var credential_list = [];
 			var re = /<textarea>(.*?)<\/textarea>/gi;
diff --git a/js/importers/importer-dashlanecsv.js b/js/importers/importer-dashlanecsv.js
index 0823372e..0ad1308a 100644
--- a/js/importers/importer-dashlanecsv.js
+++ b/js/importers/importer-dashlanecsv.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 (function(window, $, PassmanImporter) {
 	'use strict';
@@ -34,6 +35,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.dashLaneCsv.readFile = function (file_data) {
+		/** global: C_Promise */
 		return new C_Promise(function(){
 			var rows = file_data.split('\n');
 			var credential_list = [];
diff --git a/js/importers/importer-keepasscsv.js b/js/importers/importer-keepasscsv.js
index 1b9bbf2f..6bf32e55 100644
--- a/js/importers/importer-keepasscsv.js
+++ b/js/importers/importer-keepasscsv.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 (function(window, $, PassmanImporter) {
 	'use strict';
@@ -34,6 +35,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.keepassCsv.readFile = function (file_data) {
+		/** global: C_Promise */
 		var p = new C_Promise(function(){
 			var parsed_csv = PassmanImporter.readCsv(file_data);
 			var credential_list = [];
diff --git a/js/importers/importer-lastpasscsv.js b/js/importers/importer-lastpasscsv.js
index b4533984..09bfdc30 100644
--- a/js/importers/importer-lastpasscsv.js
+++ b/js/importers/importer-lastpasscsv.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 (function(window, $, PassmanImporter) {
 	'use strict';
@@ -34,6 +35,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.lastpassCsv.readFile = function (file_data) {
+		/** global: C_Promise */
 		return new C_Promise(function(){
 			var parsed_csv = PassmanImporter.readCsv(file_data);
 			var credential_list = [];
diff --git a/js/importers/importer-passmanjson.js b/js/importers/importer-passmanjson.js
index d91773f9..1020e766 100644
--- a/js/importers/importer-passmanjson.js
+++ b/js/importers/importer-passmanjson.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 (function(window, $, PassmanImporter) {
 	'use strict';
@@ -33,6 +34,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.passmanJson.readFile = function (file_data) {
+		/** global: C_Promise */
 		return new C_Promise(function(){
 			var parsed_json = PassmanImporter.readJson(file_data);
 			var credential_list = [];
diff --git a/js/importers/importer-passpackcsv.js b/js/importers/importer-passpackcsv.js
index 2c09eef4..4a6e8c05 100644
--- a/js/importers/importer-passpackcsv.js
+++ b/js/importers/importer-passpackcsv.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 (function(window, $, PassmanImporter) {
 	'use strict';
@@ -34,6 +35,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.passpackCsv.readFile = function (file_data) {
+		/** global: C_Promise */
 		return new C_Promise(function(){
 			var parsed_csv = PassmanImporter.readCsv(file_data, false);
 			var credential_list = [];
diff --git a/js/importers/importer-randomdata.js b/js/importers/importer-randomdata.js
index 8380c07a..7280a674 100644
--- a/js/importers/importer-randomdata.js
+++ b/js/importers/importer-randomdata.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 (function(window, $, PassmanImporter) {
 	'use strict';
@@ -36,6 +37,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.randomData.readFile = function () {
+		/** global: C_Promise */
 		return new C_Promise(function () {
 			var tags =
 				['Social media',
diff --git a/js/importers/importer-zohocsv.js b/js/importers/importer-zohocsv.js
index 70e29ac9..f3564647 100644
--- a/js/importers/importer-zohocsv.js
+++ b/js/importers/importer-zohocsv.js
@@ -21,6 +21,7 @@
  */
 
 // Importers should always start with this
+/** global: PassmanImporter */
 var PassmanImporter = PassmanImporter || {};
 
 (function(window, $, PassmanImporter) {
@@ -36,6 +37,7 @@ var PassmanImporter = PassmanImporter || {};
 	};
 
 	PassmanImporter.zohoCsv.readFile = function (file_data) {
+		/** global: C_Promise */
 		return new C_Promise(function(){
 			var parsed_csv = PassmanImporter.readCsv(file_data, false);
 			var credential_list = [];
diff --git a/js/lib/crypto_wrap.js b/js/lib/crypto_wrap.js
index 152d7ab3..0776799e 100644
--- a/js/lib/crypto_wrap.js
+++ b/js/lib/crypto_wrap.js
@@ -42,6 +42,8 @@ var CRYPTO = {    // Global variables of the object:
          * @param progress  The process of the generation, optional, called each 4 characters generated.
          */
         generate : function (length, callback, progress, start_string) {
+			/** global: paranoia_level */
+			/** global: sjcl */
             if (!sjcl.random.isReady(paranoia_level)) {
                 setTimeout(this.generate(length, callback, progress, start_string), 500);
                 return;
@@ -49,6 +51,7 @@ var CRYPTO = {    // Global variables of the object:
 
             if (start_string == null) start_string = "";
             if (start_string.length < length) {
+				/** global: CRYPTO */
                 start_string += CRYPTO.RANDOM.getRandomASCII();
                 if (progress != null) progress(start_string.length / length * 100);
             }
@@ -80,6 +83,8 @@ var CRYPTO = {    // Global variables of the object:
 
             var ret = "";
             while (ret.length < 4) {
+				/** global: paranoia_level */
+				/** global: sjcl */
                 var int = sjcl.random.randomWords(1, paranoia_level);
                 int = int[0];
 
@@ -134,6 +139,7 @@ var CRYPTO = {    // Global variables of the object:
     initEngines : function (default_paranoia) {
         paranoia_level = default_paranoia || 10;
 
+		/** global: sjcl */
         sjcl.random.setDefaultParanoia(this.paranoia_level);
         sjcl.random.startCollectors();