diff --git a/js/apps/system/sessions/app.js b/js/apps/system/sessions/app.js
index 8c8c226e83..f0a87105ce 100644
--- a/js/apps/system/sessions/app.js
+++ b/js/apps/system/sessions/app.js
@@ -1,12 +1,12 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, applicationContext */
 (function () {
   'use strict';
-  var _ = require('underscore');
-  var Foxx = require('org/arangodb/foxx');
-  var errors = require('./errors');
-  var controller = new Foxx.Controller(applicationContext);
-  var api = Foxx.requireApp(applicationContext.mount).sessionStorage;
+  var _ = require('underscore'),
+    Foxx = require('org/arangodb/foxx'),
+    errors = require('./errors'),
+    controller = new Foxx.Controller(applicationContext),
+    api = Foxx.requireApp(applicationContext.mount).sessionStorage;
 
   controller.post('/', function (req, res) {
     var session = api.create(req.body());
@@ -31,8 +31,8 @@
     .notes('Fetches the session with the given sid.');
 
   controller.put('/:sid', function (req, res) {
-    var body = JSON.parse(req.rawBody());
-    var session = api.get(req.urlParameters.sid);
+    var body = JSON.parse(req.rawBody()),
+      session = api.get(req.urlParameters.sid);
     session.set('sessionData', body);
     session.save();
     res.json(session.forClient());
@@ -48,8 +48,8 @@
     .notes('Updates the session with the given sid by replacing the sessionData.');
 
   controller.patch('/:sid', function (req, res) {
-    var body = JSON.parse(req.rawBody());
-    var session = api.get(req.urlParameters.sid);
+    var body = JSON.parse(req.rawBody()),
+      session = api.get(req.urlParameters.sid);
     _.extend(session.get('sessionData'), body);
     session.save();
     res.json(session.forClient());
diff --git a/js/apps/system/sessions/errors.js b/js/apps/system/sessions/errors.js
index e9d79e6164..b55816c382 100644
--- a/js/apps/system/sessions/errors.js
+++ b/js/apps/system/sessions/errors.js
@@ -1,4 +1,4 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, exports */
 (function () {
   'use strict';
diff --git a/js/apps/system/sessions/setup.js b/js/apps/system/sessions/setup.js
index 35a6ee8997..593d6a228f 100644
--- a/js/apps/system/sessions/setup.js
+++ b/js/apps/system/sessions/setup.js
@@ -1,9 +1,9 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, applicationContext */
 (function () {
   'use strict';
-  var db = require('org/arangodb').db;
-  var sessionsName = applicationContext.collectionName('sessions');
+  var db = require('org/arangodb').db,
+    sessionsName = applicationContext.collectionName('sessions');
 
   if (db._collection(sessionsName) === null) {
     db._create(sessionsName);
diff --git a/js/apps/system/sessions/storage.js b/js/apps/system/sessions/storage.js
index c380bb8127..67afab2e7f 100644
--- a/js/apps/system/sessions/storage.js
+++ b/js/apps/system/sessions/storage.js
@@ -1,34 +1,31 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, exports, applicationContext */
 (function () {
   'use strict';
-  var _ = require('underscore');
-  var internal = require('internal');
-  var arangodb = require('org/arangodb');
-  var db = arangodb.db;
-  var addCookie = require('org/arangodb/actions').addCookie;
-  var crypto = require('org/arangodb/crypto');
-  var Foxx = require('org/arangodb/foxx');
-  var errors = require('./errors');
-
-  var cfg = applicationContext.configuration;
-
-  var Session = Foxx.Model.extend({}, {
-    attributes: {
-      _key: {type: 'string', required: true},
-      uid: {type: 'string', required: false},
-      sessionData: {type: 'object', required: true},
-      userData: {type: 'object', required: true},
-      created: {type: 'integer', required: true},
-      lastAccess: {type: 'integer', required: true},
-      lastUpdate: {type: 'integer', required: true}
-    }
-  });
-
-  var sessions = new Foxx.Repository(
-    applicationContext.collection('sessions'),
-    {model: Session}
-  );
+  var _ = require('underscore'),
+    internal = require('internal'),
+    arangodb = require('org/arangodb'),
+    db = arangodb.db,
+    addCookie = require('org/arangodb/actions').addCookie,
+    crypto = require('org/arangodb/crypto'),
+    Foxx = require('org/arangodb/foxx'),
+    errors = require('./errors'),
+    cfg = applicationContext.configuration,
+    Session = Foxx.Model.extend({}, {
+      attributes: {
+        _key: {type: 'string', required: true},
+        uid: {type: 'string', required: false},
+        sessionData: {type: 'object', required: true},
+        userData: {type: 'object', required: true},
+        created: {type: 'integer', required: true},
+        lastAccess: {type: 'integer', required: true},
+        lastUpdate: {type: 'integer', required: true}
+      }
+    }),
+    sessions = new Foxx.Repository(
+      applicationContext.collection('sessions'),
+      {model: Session}
+    );
 
   function generateSessionId() {
     var sid = '';
@@ -43,17 +40,17 @@
   }
 
   function createSession(sessionData) {
-    var sid = generateSessionId(cfg);
-    var now = Number(new Date());
-    var session = new Session({
-      _key: sid,
-      sid: sid,
-      sessionData: sessionData || {},
-      userData: {},
-      created: now,
-      lastAccess: now,
-      lastUpdate: now
-    });
+    var sid = generateSessionId(cfg),
+      now = Number(new Date()),
+      session = new Session({
+        _key: sid,
+        sid: sid,
+        sessionData: sessionData || {},
+        userData: {},
+        created: now,
+        lastAccess: now,
+        lastUpdate: now
+      });
     sessions.save(session);
     return session;
   }
@@ -106,11 +103,12 @@
   }
 
   function fromCookie(req, cookieName, secret) {
-    var session = null;
-    var value = req.cookies[cookieName];
+    var session = null,
+      value = req.cookies[cookieName],
+      signature;
     if (value) {
       if (secret) {
-        var signature = req.cookies[cookieName + '_sig'] || '';
+        signature = req.cookies[cookieName + '_sig'] || '';
         if (!crypto.constantEquals(signature, crypto.hmac(secret, value))) {
           return null;
         }
@@ -131,8 +129,8 @@
       if (!cfg.timeToLive) {
         return;
       }
-      var now = Number(new Date());
-      var prop = cfg.ttlType;
+      var now = Number(new Date()),
+        prop = cfg.ttlType;
       if (!prop || !this.get(prop)) {
         prop = 'created';
       }
@@ -141,8 +139,8 @@
       }
     },
     addCookie: function (res, cookieName, secret) {
-      var value = this.get('_key');
-      var ttl = cfg.timeToLive;
+      var value = this.get('_key'),
+        ttl = cfg.timeToLive;
       ttl = ttl ? Math.floor(ttl / 1000) : undefined;
       addCookie(res, cookieName, value, ttl);
       if (secret) {
@@ -167,16 +165,16 @@
       return session;
     },
     save: function () {
-      var session = this;
-      var now = Number(new Date());
+      var session = this,
+        now = Number(new Date());
       session.set('lastAccess', now);
       session.set('lastUpdate', now);
       sessions.replace(session);
       return session;
     },
     delete: function () {
-      var session = this;
-      var now = Number(new Date());
+      var session = this,
+        now = Number(new Date());
       session.set('lastAccess', now);
       session.set('lastUpdate', now);
       try {
diff --git a/js/apps/system/simple-auth/auth.js b/js/apps/system/simple-auth/auth.js
index cb40930ad2..725a7daef0 100644
--- a/js/apps/system/simple-auth/auth.js
+++ b/js/apps/system/simple-auth/auth.js
@@ -1,26 +1,26 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, exports, applicationContext */
 (function () {
   'use strict';
-  var crypto = require('org/arangodb/crypto');
-  var cfg = applicationContext.configuration;
+  var crypto = require('org/arangodb/crypto'),
+    cfg = applicationContext.configuration;
 
   function verifyPassword(authData, password) {
     if (!authData) {
       authData = {};
     }
-    var hashMethod = authData.method || cfg.hashMethod;
-    var salt = authData.salt || '';
-    var storedHash = authData.hash || '';
-    var generatedHash = crypto[hashMethod](salt + password);
+    var hashMethod = authData.method || cfg.hashMethod,
+      salt = authData.salt || '',
+      storedHash = authData.hash || '',
+      generatedHash = crypto[hashMethod](salt + password);
     // non-lazy comparison to avoid timing attacks
     return crypto.constantEquals(storedHash, generatedHash);
   }
 
   function hashPassword(password) {
-    var hashMethod = cfg.hashMethod;
-    var salt = crypto.genRandomAlphaNumbers(cfg.saltLength);
-    var hash = crypto[hashMethod](salt + password);
+    var hashMethod = cfg.hashMethod,
+      salt = crypto.genRandomAlphaNumbers(cfg.saltLength),
+      hash = crypto[hashMethod](salt + password);
     return {method: hashMethod, salt: salt, hash: hash};
   }
 
diff --git a/js/apps/system/users/errors.js b/js/apps/system/users/errors.js
index bcc31bf1a7..59a268dd22 100644
--- a/js/apps/system/users/errors.js
+++ b/js/apps/system/users/errors.js
@@ -1,4 +1,4 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, exports */
 (function () {
   'use strict';
diff --git a/js/apps/system/users/setup.js b/js/apps/system/users/setup.js
index d6417b2345..564bda8c74 100644
--- a/js/apps/system/users/setup.js
+++ b/js/apps/system/users/setup.js
@@ -1,9 +1,9 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, applicationContext */
 (function () {
   'use strict';
-  var db = require('org/arangodb').db;
-  var usersName = applicationContext.collectionName('users');
+  var db = require('org/arangodb').db,
+    usersName = applicationContext.collectionName('users');
 
   if (db._collection(usersName) === null) {
     db._create(usersName);
diff --git a/js/apps/system/users/storage.js b/js/apps/system/users/storage.js
index 5408c663bb..bb72b1336a 100644
--- a/js/apps/system/users/storage.js
+++ b/js/apps/system/users/storage.js
@@ -1,25 +1,23 @@
-/*jslint indent: 2, nomen: true, maxlen: 120, vars: true, es5: true */
+/*jslint indent: 2, nomen: true, maxlen: 120, es5: true */
 /*global require, exports, applicationContext */
 (function () {
   'use strict';
-  var _ = require('underscore');
-  var arangodb = require('org/arangodb');
-  var db = arangodb.db;
-  var Foxx = require('org/arangodb/foxx');
-  var errors = require('./errors');
-
-  var User = Foxx.Model.extend({}, {
-    attributes: {
-      user: {type: 'string', required: true},
-      authData: {type: 'object', required: true},
-      userData: {type: 'object', required: true}
-    }
-  });
-
-  var users = new Foxx.Repository(
-    applicationContext.collection('users'),
-    {model: User}
-  );
+  var _ = require('underscore'),
+    arangodb = require('org/arangodb'),
+    db = arangodb.db,
+    Foxx = require('org/arangodb/foxx'),
+    errors = require('./errors'),
+    User = Foxx.Model.extend({}, {
+      attributes: {
+        user: {type: 'string', required: true},
+        authData: {type: 'object', required: true},
+        userData: {type: 'object', required: true}
+      }
+    }),
+    users = new Foxx.Repository(
+      applicationContext.collection('users'),
+      {model: User}
+    );
 
   function resolve(username) {
     var user = users.firstExample({user: username});