如何在现有代码库上实现FxCop/静态分析 [英] How does one implement FxCop / static analysis on an existing code base
问题描述
在存在违规情况的现有代码库上执行FxCop/静态分析时,会使用哪些策略?如何最有效地减少静态分析违规?
What are some of the strategies that are used when implementing FxCop / static analysis on existing code bases with existing violations? How can one most effectively reduce the static analysis violations?
推荐答案
首先要充分利用[SuppressMessage]属性.至少在开始时.通过该属性将计数计数为0后,您便应遵循以下规则:新签入操作不得引入FxCop违规行为.
Make liberal use of [SuppressMessage] attribute to begin with. At least at the beginning. Once you get the count to 0 via the attribute, you then put in a rule that new checkins may not introduce FxCop violations.
Visual Studio 2008具有出色的代码分析功能,可让您确保代码分析可以在每个版本上运行,并且可以将警告视为错误.这可能会使速度变慢,所以我建议设置一个持续集成服务器(如CruiseControl.NET),并在每个签入中运行代码分析.
Visual Studio 2008 has a nice code analysis feature that allows you to ensure that code analysis runs on every build and you can treat warnings as errors. That might slow things down a bit so I recommend setting up a continuous integration server (like CruiseControl.NET) and having it run code analysis on every checkin.
一旦您控制住了它,并且不会在每次签入中引入新的违规行为,就开始一次解决整个FxCop违规问题,以期删除您使用的SuppressMessageAttributes.
Once you get it under control and aren't introducing new violations with every checkin, start to tackle whole classes of FxCop violations at a time with the goal of removing the SuppressMessageAttributes that you used.
跟踪真正要保留的值的方法是始终向要真正抑制的值添加一个Justification值.
The way to keep track of which ones you really want to keep is to always add a Justification value to the ones you really want to suppress.
这篇关于如何在现有代码库上实现FxCop/静态分析的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!