Welcome to MSDN Blogs Sign in | Join | Help

Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

As some of you may already know, the majority of the Developer Division is currently planning features to be included in the next version of Visual Studio (Orcas). As part of this planning phase, the Managed Code Analysis (FxCop) team is beginning to work with other teams around Microsoft to ensure that any customer facing code released in Orcas is Code Analysis clean.
 
We’re also asking for your help. If you’ve ever come across code that hasn’t passed Code Analysis whether that be generated by custom tools, compilers, MSDN Library examples, sample applications, templates, designers, articles or any other Microsoft produced code, we want to hear about it.

Blog about it, tell your colleagues, managers, friends, spouses (if they write code), mailing lists, forums and any other medium that you can think of that if they have ever come across code that made them say ‘Damn Microsoft, I wish they would follow their own guidelines’ - then the Code Analysis team wants to hear from them.

As an example of what kind of issues we are looking for, see the following Product Feedback Center bugs:

Prevent generated DSL code from producing FxCop warnings
Windows Service template Dispose method does not pass FxCop analysis
AssemblyInfo to be FxCop compliant by default
"exception" expansion code sniplet has incorrect "public" visibility for serialisation contructor. FxCop rule violation

You can either post your feedback via a comment below or by using this blog's contact form.

Published Tuesday, April 11, 2006 9:51 PM by David M. Kean

Comments

Wednesday, April 12, 2006 1:12 AM by Managed from down under

# The Managed Code Analysis (FxCop) team wants your feedback!

Wednesday, April 12, 2006 2:53 AM by Aaron

# re: The Managed Code Analysis (FxCop) team wants your feedback! [David Kean]

FxCop doesn't pass fxcop :P
Wednesday, April 12, 2006 8:19 AM by John Bledsoe

# re: The Managed Code Analysis (FxCop) team wants your feedback! [David Kean]

This case may be the kind of thing that you're looking for, and it relates to FxCop, so it seems like a fit.

I have a class that has a DbDataAdapter as a public property. Per the MSDN Property Naming Guidelines, I gave the property the same name as its underlying type, DbDataAdapter. However, when I run FxCop against my class library, it gives me a SortAcronymsShouldBeUppercase warning, saying that I should call the property DBDataAdapter (uppercase "B"). Of course I won't do that, since that would make my property definition:

public DbDataAdapter DBDataAdapter { . . . }

The information in the message even states:

"For example, 'DbConnection', is common but incorrect; use DBConnection."

Common? I'll say! It's baked right into the framework! In any case, I ignored the message and wasn't really concerned, but since you're asking, here you go!
Wednesday, April 12, 2006 8:21 AM by notgartner.com: Mitch Denny's Blog

# What public Microsoft code doesn't cut it with FxCop?

Wednesday, April 12, 2006 9:48 AM by David M. Kean

# re: The Managed Code Analysis (FxCop) team wants your feedback! [David Kean]

Aaron: As part of our checkin tests we actually have to be clean on FxCop. The only assembly as it stands in 1.35 that doesn't pass is Microsoft.Cci.dll, which is owned by another team, however, this will be clean in future versions.

John: This is by design. The System.Data team got it wrong. However, for consistancy, you may choose to suppress it.
Wednesday, April 12, 2006 10:26 AM by Jan Schreuder on .Net

# Any suggestions for the new FxCop are welcome

The Managed Code Analysis (FxCop) team are working with other teams around Microsoft to ensure that...
Friday, April 14, 2006 3:33 AM by Obiwan Jacobi

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

I like FxCop to recognize the construct of having an internal Guard/Check class to validate incoming method parameters. If I have code like:

public void Method(string name)
{
 Guard.ThrowIfArgumentNull(name, "name");

 // use the name parameter here
}

the current FxCop (vs2005) says I need to check the parameter of the public method (which is great).

I would like to be able to tell FxCop how I've taken care of parameter checking in my app; maybe have a FxCop code Attribute (similar to the SuppressMessageAttribute) that marks my class (Guard) or method (ThrowIfArgumentNull) as an implementation of one of the rules.

That would be great ;-)

Thanx,
Marc Jacobi
Friday, April 14, 2006 8:12 AM by Mads Kristensen

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

A rule in FxCop says that static methods on a Generic class should be avoided with no exceptions due to the way that method gets called. That's just wrong.

I have a Generic base class like this:
public abstract class Foo<T>

With a static method like this:
public static T Load(T instance, Guid id)

FxCop gives me an error on the static method because when you call it, you have to declare the T-type. That is not the case. Here's how it is called:

FooBar f = FooBar.Load(instance, id)

The rule simply isn't true in this scenario and should be changed.
Monday, April 17, 2006 2:29 PM by asdfasdf

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

when you run xsd on the xml schema for reporting services at http://blogs.msdn.com/fxcop/archive/2006/04/11/WeWantYourFeedback.aspx the output is not clean
Wednesday, May 03, 2006 5:41 PM by Sri

# FxCop Example Code fails?

FxCop 1.32
FxCop Build 50628.0


Example code from
Override methods on comparable types

public static bool operator == (RatingInformation r1, RatingInformation r2)
     {
        return r1.Equals(r2);
     }  

Will throw
ValidateArgumentsOfPublicMethods

Saturday, May 13, 2006 6:47 AM by seanf

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

The following wizard generated code has many CA warnings:

1) Create a new Visual Studio AddIn.

2) Create a new WCF service reference.

Using VS 2005 with WinFX Feb CTP.
Tuesday, May 23, 2006 11:20 AM by Jonathan Allen

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

The vb code snippit for a new exception class inherits from ApplicationException instead of Exception.

Tuesday, May 23, 2006 1:46 PM by Sri

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

VS2003

Create a new web app.

Default Global.asax.cs generated doesn't pass code analysis.

Thursday, June 01, 2006 11:55 AM by Amit Weisman

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

Hi ,
I was reading this article "Exception Management Architecture Guide” (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/exceptdotnet.asp) and stumbled across two issues :
1. The example code violates this rule (http://www.gotdotnet.com/team/fxcop/docs/rules.aspx?version=1.35&url=/Design/ValidateArgumentsOfPublicMethods.html) , page 9 , the parameter “info” is not checked.
2. There is a clash between this rule (http://www.gotdotnet.com/team/fxcop/docs/rules.aspx?version=1.35&url=/Design/TypesShouldNotExtendCertainBaseTypes.html) and the purpose of the applicationexception class as described in this article. If I understood correctly this class supposed to be the base class for all the specific application exceptions, so the violating the rule is a “must”.

Thanks
I’m using fxcop and enjoying it.
Amit
Tuesday, June 06, 2006 10:34 AM by GBtG

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

This came up in our development recently.  In VB.NET (under VS.NET 2003), follow these steps:

1) Create a class that inherits from a Framework class (e.g. System.Web.UI.Control).
2) Add some read-write properties.  Notice that the "Value" parameter of the "Set" portion of the property starts with an upper-case "V".  Violation of CA1709, although FxCop doesn't seem to care...
3) Now override an existing read-write property on the base class (e.g. Control.Visible).  Again notice the incorrect casing of the "Set" portion of the property.
4) FxCop reports a violation of CA1725 for "renaming" the "value" parameter of the base-class property.
Tuesday, June 06, 2006 10:56 AM by David M. Kean

# re: Seen any Microsoft produced code that doesn't pass Code Analysis/FxCop? [David Kean]

GBtG: The first issue is by-design, we ignore the casing of property parameters because no one actually sees the parameter.

The second issue has been resolved in the latest build of FxCop.

Thanks for the great feedback!

Regards

David
New Comments to this post are disabled
 
Page view tracker