如何在现有代码库上实现FxCop/静态分析 [英] How does one implement FxCop / static analysis on an existing code base

问题描述

在存在违规情况的现有代码库上执行FxCop/静态分析时，会使用哪些策略?如何最有效地减少静态分析违规?

What are some of the strategies that are used when implementing FxCop / static analysis on existing code bases with existing violations? How can one most effectively reduce the static analysis violations?

推荐答案

首先要充分利用[SuppressMessage]属性.至少在开始时.通过该属性将计数计数为0后，您便应遵循以下规则:新签入操作不得引入FxCop违规行为.

Make liberal use of [SuppressMessage] attribute to begin with. At least at the beginning. Once you get the count to 0 via the attribute, you then put in a rule that new checkins may not introduce FxCop violations.

Visual Studio 2008具有出色的代码分析功能，可让您确保代码分析可以在每个版本上运行，并且可以将警告视为错误.这可能会使速度变慢，所以我建议设置一个持续集成服务器(如CruiseControl.NET)，并在每个签入中运行代码分析.

Visual Studio 2008 has a nice code analysis feature that allows you to ensure that code analysis runs on every build and you can treat warnings as errors. That might slow things down a bit so I recommend setting up a continuous integration server (like CruiseControl.NET) and having it run code analysis on every checkin.

一旦您控制住了它，并且不会在每次签入中引入新的违规行为，就开始一次解决整个FxCop违规问题，以期删除您使用的SuppressMessageAttributes.

Once you get it under control and aren't introducing new violations with every checkin, start to tackle whole classes of FxCop violations at a time with the goal of removing the SuppressMessageAttributes that you used.

跟踪真正要保留的值的方法是始终向要真正抑制的值添加一个Justification值.

The way to keep track of which ones you really want to keep is to always add a Justification value to the ones you really want to suppress.

这篇关于如何在现有代码库上实现FxCop/静态分析的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！