Allow Static Code Analysis Rule Execution on Source Control Checked-Out Files Only | Microsoft Connect

Welcome, guest Sign in | Your Profile | Help

HOME

YOUR DASHBOARD

CONNECTION DIRECTORY

Search

Visual Studio and .NET Framework - Home Downloads Feedback Surveys

Allow Static Code Analysis Rule Execution on Source Control Checked-Out Files Only by Doug Holland

Active

12

Sign in to vote

0

Sign in to vote

Sign in
to vote

Type:	Suggestion
ID:	488181
Opened:	9/4/2009 10:25:14 AM
Access Restriction:	Public

0

Workaround(s)

view

While discussing performance implications of static code analysis with other MVP's it occurred to me that Visual Studio could use a model for static code analysis that is very similiar in concept to test impact analysis.

Performance is a concern for some people with large solutions containing many projects and they may elect to not run static code analysis upon each build on their development machines. While they might run static code analysis as part of their build process this reduces the value of static code analysis.

Below are two suggested options to help reduce the performance impact of static code analysis while maintaining the benefit of static code analysis.

Details (expand)

Visual Studio Team System 2010 Beta 1

Windows 7

It would therefore be great if one or both of the following were done:
1. Provide a build option that overrides the solution / project settings for static code analysis and only executes static code analysis rules against files within the solution / project that are currently checked out from source control.
2. Provide a "smart" build option that uses something like test impact analysis to determine which files the static code analysis rules should be executed against.
While these additional build options should be also provided, the current behavior should be maintained for the default builds.

Faster Development

Improved User Interface

Improved Performance

0 attachments

Sign in to post a comment.

Posted by Doug Holland on 9/4/2009 at 11:29 AM

Given the analysis that Visual Studio is doing for test impact analysis, it might be that the same analysis could also provide the information necessary to determine which code analysis rules should be executed. If this is not the case, then using the source control state of a given file to determine if code analysis rules should be executed would also yield the required performance improvement.

Posted by CommonGenius.com on 9/4/2009 at 11:45 AM

Static code analysis is performed against compiled IL. Limiting analysis only to changed files AND cascading to anything that those files might have impacted (which would be necessary) would require a hard link between code files and metadata elements, which is typically not preserved post-build (unless you are building PDBs).

Posted by Microsoft on 9/6/2009 at 11:56 PM

Thank you for your feedback, we are currently reviewing the feedback you have submitted.

Posted by Doug Holland on 9/7/2009 at 6:30 PM

While FxCop rules are applied to compiled IL code the Source Analysis rules (e.g. http://blogs.msdn.com/sourceanalysis) within the tool Style Cop are applied against the actual source code itself. Style Cop rules could then be applied to those files checked out from source control.

© 2009 Microsoft Corporation. All rights reserved. Microsoft Connect Terms of Use | Trademarks | Privacy Statement