Visual Studio代码分析 - 微软是否自己遵循?
[英]Visual Studio Code Analysis - Does Microsoft follow it themselves?
问题描述
Did a quick search but could not find anything about this. 
快速搜索但找不到任何相关信息。
I guess all of you know that the Visual Studio Code Analysis is quite nitpicking and gives warnings about a lot of things. 我想大家都知道Visual Studio Code Analysis非常挑剔,并且会对很多事情发出警告。 Does anybody know how well Microsoft follow this themselves..? 有人知道微软自己如何做到这一点......? That is, if I were to run a code analysis on their assemblies, would the warnings be none or very few (perhaps surpress warning with a justification..?). 也就是说,如果我要在他们的程序集上运行代码分析,那么警告是否会是非常少的(也许是有正当理由的警告......?)。
2 个解决方案
解决方案1
6 已采纳 2010-05-15 10:29:12
Most of the things that code analysis (or FXCop) check are closely based on the ".NET Framework Library Design Guidelines" (either the book , or on MSDN ). 代码分析(或FXCop)检查的大部分内容都是基于“.NET Framework库设计指南”( 本书或MSDN )。
However those guidelines (especially in the book) have caveats, not all apply in all circumstances. 然而,这些指导方针(特别是在书中)有一些警告,并非所有情况都适用。
There are plenty of indications that MS do use these tools, but I assume they do have reasons to not apply all the rules all the time, as any other project does. 有很多迹象表明MS确实使用这些工具,但我认为他们确实有理由不像其他任何项目那样始终应用所有规则。
解决方案2
4 2010-07-15 22:53:27
There are two core tools used widely at Microsoft for Code Analysis: FXCop for managed code and PreFast for native C++. Microsoft在代码分析中广泛使用了两种核心工具:用于托管代码的FXCop和用于本机C ++的PreFast。
Historically, while not every team has thoroughly enforced the use of CA when building their products, there's been a significant upswing over the last 3-4 years in particular in the number of teams that now enforce pretty stringent CA requirements on their feature teams and on the product as a whole. 从历史上看,虽然并非每个团队在构建产品时都彻底强制使用CA,但在过去的3到4年中,特别是在现在对其功能团队实施非常严格的CA要求的团队数量方面出现了显着的增长。整个产品。
For example, in Vista, the Windows team essentially took 3 months off product development and SAL-annotated the vast majority of their key method and function declarations. 例如,在Vista中,Windows团队基本上需要3个月的时间才能完成产品开发,并且SAL注释了绝大多数关键方法和功能声明。 in Win7, they mandated that all new code had to comply with a set of requirements for SAL-annotating key scenarios (primarily to reduce the likelihood of buffer overruns). 在Win7中,他们强制要求所有新代码必须符合SAL注释关键场景的一系列要求(主要是为了减少缓冲区溢出的可能性)。 In Win8 they're going further still and are incorporating new SAL annotations for a number of key scenarios. 在Win8中,它们还要进一步发展,并且正在为许多关键场景引入新的SAL注释。 Combined with improved compilers and tools like PreFast (now build into VS 2010 Pro and up), they and you can find and eliminate potential issues before the product is released. 结合改进的编译器和工具(如PreFast(现在构建到VS 2010 Pro及更高版本)),他们可以在产品发布之前找到并消除潜在问题。
Note that the warnings issues by CA (whichever CA tool you choose to use) will always require overrides - sometimes, there's a really good reason as to why the code has to do what it does. 请注意,CA(您选择使用哪种CA工具)的警告问题始终需要覆盖 - 有时,为什么代码必须执行它所做的事情,这是一个非常好的理由。 But you should only override if you're ABSOLUTELY sure it's necessary and appropriate. 但是如果你绝对确定它是必要和适当的,你应该只能覆盖。 NEVER turn off a warning because you don't understand it and never turn off a warning if you can't be bothered to fix it. 永远不要关闭警告,因为你不理解它,如果你不能解决它,就不要关闭警告。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.