What is New in Code Analysis for Visual Studio 2013

What is New in Code Analysis for Visual Studio 2013

Rate This
  • Comments 39

This post (addressing uservoice feedback on CA) was written by Nat Ayewah, a member of the code analysis team in Windows

Last year's release of Visual Studio 2012 marked a significant update to the Code Analysis experience in Visual Studio. We made code analysis available in more editions of Visual Studio, introduced a new user interface for viewing, filtering and stepping through results, and made accuracy and other improvements.

In Visual Studio 2013, our focus has been on fixing bugs in response to user feedback, and making a few more improvements to the user experience. Highlights include:

  • Categorization of results and enables users to filter by category
  • Users can now sort results by various properties including Rule ID, File Name and Category

Code Analysis Categories

Visual Studio 2013 introduces categories for native rules and exposes the existing managed code analysis categories in the user interface. These categories provide a more fine-grained grouping of defects to indicate, for example, if the defect is related to an annotation syntax error, a critical security vulnerability or a simple logic error. Categories are particularly helpful when dealing with a large list of warnings, which can be overwhelming without some guidance on which warnings to focus on first. With this change, users can focus their efforts on the categories that are most relevant to their needs. Users will immediately notice the new categories because they augment the results displayed in the code analysis viewer:

image

Users also have the option to filter the results by category using the search box, or select a specific category from a new dropdown button. By design, this button replaces the Error/Warning option that was in Visual Studio 2012. Users can still use the search box to separate errors from warnings.

image

Sorting Results

Visual Studio 2012 moved code analysis results out of the error list and into a new Code Analysis Viewer that makes it easier to read and filter results. It also provides a detailed explanation of the code path for some warnings. One key feature of the error list that was missing in the new viewer was the ability to sort the defect list. Visual Studio 2013 adds support for sorting to the new viewer by way of a new toolbar Sort button. Users can sort the defect list by six common properties or reset the list to its default sort order. Selecting a sort property twice results in a descending order sort:

image

In Closing

The code analysis team received lots of useful feedback from users that was used to improve the accuracy of the analysis for native code analysis. We also worked with partners to improve the quality of headers shipped with Windows and Drivers Kits. Please try out Visual Studio 2013 and check out the new Code Analysis features.

We would love to hear any questions or comments you have in the comments below or on our MSDN forum.

Leave a Comment
  • Please add 8 and 4 and type the answer here:
  • Post
  • @Jay: the code analysis window does require you to run code analysis interactively in order to use the code analysis window to filter through the results. If this is something you would like to see in future versions, I suggest you add an idea on visualstudio.uservoice.com in the Languages - C# or Languages - C++ section

  • Hi,  in the previous comments, author was saying FxCop is not part of SDK anymore but the support will resume. But I can see the FxCopCmd.exe in the "Program Files\Microsoft Visual Studio 12.0\Team Tools\Static Analysis Tools". So it is still with VS 2013 Ultimate?

  • @Antoops: Yes - FxCop no longer ships as part of a standalone SDK.  The way to get FxCopCmd now is by installing Visual Studio 2013.

  • Is CAT.NET or BinScope integrated with any Visual Studio 2013 versions?

  • I have my project(s) set to "Enable Code Analysis on Build" and I have the project(s) to treat warnings as errors. I see:

    Code Analysis Complete -- 0 error(s), 11 warning(s)

    ... but, I also see:

    ========== Rebuild All: 8 succeeded, 0 failed, 0 skipped ==========

    Why are the Code Analysis warnings not breaking the build? Is there a way to fail the build if there are Code Analysis errors or warnings?

    Assuming the answer is 'No', in VS2010, I analyzed the FxCop XML ouptut to cause a build failure. Is there at least a way to get Code Analysis to output a log file so that I can at least use the same process to break the build? I found "/analyze:log filename" in the context of C++. Where can I enter this MsBuild option in a C# project?

  • i need some one to explain for me the codes how i can put the right code in each buton or text box

  • i need some one to explain for me the codes , how to write the codes for each boxes , for exampl text botx or button

    please help!!!

  • Mr. Dan J Taylor , could you help please i need your help

  • @meme: I am not sure what you are having trouble with, please e-mail me at dantaylo [at] microsoft.com with more specifics.

Page 3 of 3 (39 items) 123