SKU: Premium, ultimate
Version: 2010
Code: vstiptool0140
In vstiptool139 ("static code analysis-simple code analysis") We scratched the surface of code analysis for a simple class. now we will begin to delve deeper into the extensive set of predefined rules available out-of-the-box in Visual Studio. in these
Examples I will be using Visual Studio 2010 however most of the rules exist in Visual Studio 2008 as well. To see the list of the differences in Rules read this article from the code analysis team blog:
Http://blogs.msdn.com/ B /codeanalysis/archive/2010/03/22/what-s-new-in-code-analysis-for-visual-studio-2010.aspx
The biggest difference between Visual Studio 2008 and 2010 is the creation and management of rule sets which is why I have the version set to 2010 only. the new way to manage rules makes it very easy to work with existing rules in a multitude of ways. also,
I am limiting myself to managed code rules for these examples but the same techniques apply to unmanaged code rules as well. without further ado, let's just e some of the ways we can work with predefined rules.
First, create a new class library project in C # Or VB then go to the project properties. Click on the code analysis tab inside the project properties. You shocould see the following:
The first choice you are faced with is which set of predefined rules to use. by default the Microsoft minimum recommended rules will be applied However if you click on the dropdown list for the rule sets you will see more options to choose from:
This table lays out the names and general purpose of each of the available managed predefined rule sets:
Rule Set |
Description |
Microsoft all rules |
This rule set contains all rules. if you run this rule set, a large number of warnings might be reported. use this rule set to get a comprehensive picture of all issues in your code. this approach can help you decide which of the more focused rule sets are Most appropriate to run for your projects. |
Microsoft basic correctness rules |
These rules focus on logic errors and common mistakes made in the usage of framework APIs. Include this rule set to expand on the list of warnings that the minimum recommended rules report. |
Microsoft basic design guideline rules |
These rules focus on enforcing best practices to make your code easy to understand and use. Include this rule set if your project has des library code or if you want to enforce best practices for easily maintainable code. |
Microsoft extended correctness rules |
These rules expand on the basic correctness rules to specify the number of logic and framework usage errors that are reported. These rules emphasize specific scenarios such as com interoperability and mobile applications. Consider limit this rule set If one of these scenarios applies to your project or to find additional problems in your project. |
Microsoft extended design guideline rules |
These rules expand on the basic design guideline rules to maximize the number of usability and maintainability issues that are reported. these rules emphasize naming guidelines. consider including this rule set if your project has des library code or if You want to enforce the highest standards for writing maintainable code. |
Microsoft globalization rules |
These rules focus on problems that prevent data in your application from appearing correctly in different versions, locales, and cultures. Include this rule set if your application is localized, globalized or both. |
Microsoft minimum recommended rules |
These rules focus on the most critical problems in your code, including potential security holes, application crashes, and other important logic and design errors. you shoshould include this rule set in any custom rule set that you create for your projects. |
Microsoft Security Rules |
This rule set contains all Microsoft security rules. Include this rule set to maximize the number of potential security issues that are reported. |
Note: You can find this table in the documentation
Http://msdn.microsoft.com/en-us/library/dd264925 (vs.100). aspx
At a high level the rules deal with correctness, design, globalization, and security issues. since we are creating a class library it might make sense for us to use the design guidelines based on the description. pick the Microsoft extended design guideline
Rules for our project then click the OPEN button so we can have e the details:
Note: keep one thing in mind as you need e these rules: there is no "one size fits all" solution. your final rule set will almost always consist of several other rules that you feel are best for your needs.
We'll get to the inner workings of this editor in a later post but, for now, focus on the ID column. take note of the various categories we can expand to get details. below is a list of these categories and what they represent:
Category |
Description |
Design warnings |
Warnings that support correct library design as specified by the. NET Framework Design Guidelines. |
Globalization warnings |
Warnings that support world-ready libraries and applications. |
Interoperability warnings |
Warnings that support interaction with COM clients. |
Maintainability warnings |
Warnings that support library and application maintenance. |
Mobility warnings |
Warnings that support efficient power usage. |
Naming warnings |
Warnings that support adherence to the naming conventions of the. NET Framework Design Guidelines. |
Performance warnings |
Warnings that support high-performance libraries and applications. |
Portability warnings |
Warnings that support portability before SS different platforms. |
Reliability warnings |
Warnings that support library and application reliability, such as correct memory and thread usage. |
Security warnings |
Warnings that support safer libraries and applications. |
Usage warnings |
Warnings that support appropriate usage of the. NET Framework. |
Note: You can find this table in the documentation
Http://msdn.microsoft.com/en-us/library/ee1hzekz.aspx
The number of rules you deal with in each category depends on the Rule Set you have chosen. for example, the extended design rule set has about 60 design rules, 2 globalization rules, and 7 Interoperability rules among the other rules in this set:
By now you have no doubt noticed the warning just below the toolbar in this editor. you are just refreshing the rules for now but when we modify the rules in a later tip you will have to save your changes to a new rule set file. don't be intimidated by rule
Set files, they are just XML files. Here is a piece of the extended design rule set in Notepad:
Back in our Rule Set Editor, expand the Microsoft. Design Category and select rule ca1044:
The first time you select a rule, you will be presented with this choice at the bottom of the Rule Set Editor:
I suggest leaving the default settings and then click the OK button. When you do, you will then see the help entry for the rule you are currently looking:
At this point we have gone from understanding the basic function of the predefined rule sets to understanding the categories of the rules in a set to understanding individual rules. from here you can adjust e the different rule sets and each of the rules
In those sets to determine what rules may be interesting to you going forward. We will learn more about navigating these rule sets in the next tip.