What is New in Code Analysis for Visual Studio 2013

What is New in Code Analysis for Visual Studio 2013

Rate This
  • Comments 34

This post (addressing uservoice feedback on CA) was written by Nat Ayewah, a member of the code analysis team in Windows

Last year's release of Visual Studio 2012 marked a significant update to the Code Analysis experience in Visual Studio. We made code analysis available in more editions of Visual Studio, introduced a new user interface for viewing, filtering and stepping through results, and made accuracy and other improvements.

In Visual Studio 2013, our focus has been on fixing bugs in response to user feedback, and making a few more improvements to the user experience. Highlights include:

  • Categorization of results and enables users to filter by category
  • Users can now sort results by various properties including Rule ID, File Name and Category

Code Analysis Categories

Visual Studio 2013 introduces categories for native rules and exposes the existing managed code analysis categories in the user interface. These categories provide a more fine-grained grouping of defects to indicate, for example, if the defect is related to an annotation syntax error, a critical security vulnerability or a simple logic error. Categories are particularly helpful when dealing with a large list of warnings, which can be overwhelming without some guidance on which warnings to focus on first. With this change, users can focus their efforts on the categories that are most relevant to their needs. Users will immediately notice the new categories because they augment the results displayed in the code analysis viewer:

image

Users also have the option to filter the results by category using the search box, or select a specific category from a new dropdown button. By design, this button replaces the Error/Warning option that was in Visual Studio 2012. Users can still use the search box to separate errors from warnings.

image

Sorting Results

Visual Studio 2012 moved code analysis results out of the error list and into a new Code Analysis Viewer that makes it easier to read and filter results. It also provides a detailed explanation of the code path for some warnings. One key feature of the error list that was missing in the new viewer was the ability to sort the defect list. Visual Studio 2013 adds support for sorting to the new viewer by way of a new toolbar Sort button. Users can sort the defect list by six common properties or reset the list to its default sort order. Selecting a sort property twice results in a descending order sort:

image

In Closing

The code analysis team received lots of useful feedback from users that was used to improve the accuracy of the analysis for native code analysis. We also worked with partners to improve the quality of headers shipped with Windows and Drivers Kits. Please try out Visual Studio 2013 and check out the new Code Analysis features.

We would love to hear any questions or comments you have in the comments below or on our MSDN forum.

Leave a Comment
  • Please add 4 and 8 and type the answer here:
  • Post
  • @Jay: the code analysis window does require you to run code analysis interactively in order to use the code analysis window to filter through the results. If this is something you would like to see in future versions, I suggest you add an idea on visualstudio.uservoice.com in the Languages - C# or Languages - C++ section

  • Hi,  in the previous comments, author was saying FxCop is not part of SDK anymore but the support will resume. But I can see the FxCopCmd.exe in the "Program Files\Microsoft Visual Studio 12.0\Team Tools\Static Analysis Tools". So it is still with VS 2013 Ultimate?

  • @Antoops: Yes - FxCop no longer ships as part of a standalone SDK.  The way to get FxCopCmd now is by installing Visual Studio 2013.

  • Is CAT.NET or BinScope integrated with any Visual Studio 2013 versions?

Page 3 of 3 (34 items) 123