Skip to content

Latest commit

 

History

History
76 lines (53 loc) · 3.99 KB

README.md

File metadata and controls

76 lines (53 loc) · 3.99 KB

Introduction

PSScriptAnalyzer is a static code checker for Windows PowerShell modules and scripts. PSScriptAnalyzer checks the quality of Windows PowerShell code by running a set of rules. The rules are based on PowerShell best practices identified by PowerShell Team and the community. It generates DiagnosticResults (errors and warnings) to inform users about potential code defects and suggests possible solutions for improvements.

PSScriptAnalyzer is shipped with a collection of built-in rules that checks various aspects of PowerShell code such as presence of uninitialized variables, usage of PSCredential Type, usage of Invoke-Expression etc. Additional functionalities such as exclude/include specific rules are also supported.

PSScriptAnalyzer cmdlets

Get-ScriptAnalyzerRule [-CustomizedRulePath <string[]>] [-Name <string[]>] [<CommonParameters>] [-Severity <string[]>]

Invoke-ScriptAnalyzer [-Path] <string> [-CustomizedRulePath <string[]>] [-ExcludeRule <string[]>] [-IncludeRule <string[]>] [-Severity <string[]>] [-Recurse] [<CommonParameters>]

Requirements

WS2012R2 / Windows 8.1 / Windows OS running PowerShell v5.0 and Windows Management Framework 5.0 Preview

Download the latest WMF package from Windows Management Framework 5.0 Preview February 2015.

Installation

  1. Build the Code using Visual Studio [solution part of the repo] and navigate to the binplace location [~/ProjectRoot/PSScriptAnalyzer]

  2. In PowerShell Console:

Import-Module PSScriptAnalyzer

To confirm installation: run Get-ScriptAnalyzerRule in the PowerShell console to obtain the built-in rules

Building the Code

Use Visual Studio to build "ScriptAnalyzer.sln". Use ~/PSScriptAnalyzer/ folder to load PSScriptAnalyzer.psd1

Note: If there are any build errors, please refer to Requirements section and make sure all dependencies are properly installed

Running Tests

Pester-based ScriptAnalyzer Tests are located in <branch>/PSScriptAnalyzer/Tests folder

  • Ensure Pester is installed on the machine
  • Go the Tests folder in your local repository
  • Run Engine Tests: .\InvokeScriptAnalyzer.tests.ps1
  • Run Tests for Built-in rules: .*.ps1 (Example - .\ AvoidConvertToSecureStringWithPlainText.ps1) *You can also run all tests under \Engine or \Rules by calling Invoke-Pester in the Engine/Rules directory.

Contributing to ScriptAnalyzer

You are welcome to contribute to this project. There are many ways to contribute:

  1. Submit a bug report via Issues. For a guide to submitting good bug reports, please read Painless Bug Tracking.
  2. Verify fixes for bugs.
  3. Submit your fixes for a bug. Before submitting, please make sure you have:
  • Performed code reviews of your own
  • Updated the test cases if needed
  • Run the test cases to ensure no feature breaks or test breaks
  • Added the test cases for new code
  1. Submit a feature request.
  2. Help answer questions in the discussions list.
  3. Submit test cases.
  4. Tell others about the project.
  5. Tell the developers how much you appreciate the product!

You might also read these two blog posts about contributing code: Open Source Contribution Etiquette by Miguel de Icaza, and Don’t “Push” Your Pull Requests by Ilya Grigorik.

Before submitting a feature or substantial code contribution, please discuss it with the Windows PowerShell team via Issues, and ensure it follows the product roadmap. Note that all code submissions will be rigorously reviewed by the Windows PowerShell Team. Only those that meet a high bar for both quality and roadmap fit will be merged into the source.