In Visual Studio 2005, we integrated a couple of internal static analysis tools – FxCop and PREfast into the product under the names Managed Code Analysis and C/C++ Code Analysis. This helped customers write secure and quality code for managed and native platforms using the same tools that we had been using internally for years. This is part of our philosophy of “ship what we use and use what we ship”.
For Visual Studio 2008, the Code Analysis team has added some new features that I wanted to talk about today.
Code Metrics – This is a new tool window that allows you to not only get an overall view of the health (code-wise) of your application, but also gives you the ability to dig deep to find those un-maintainable and complex hotspots. For Visual Studio 2008, Code Metrics will ship with five metrics – Cyclomatic Complexity, Depth of Inheritance, Class Coupling, Lines of Code and Maintainability Index. The Code Analysis team has a couple of posts describing the new feature, here and here.
Code Analysis Policy improvements – Code Analysis Policy provides the ability to ensure that Code Analysis is run before every check-in. Based on feedback from customers, the team made a few usability improvements, including better guidance and providing more control over how settings are applied from the policy to projects.
Analysis improvements – A number of improvements were made around analysis:
– Support for analyzing anonymous methods and lambda expressions
– Reduced noise in existing analysis and the ability to skip over tool generated code
– Better support for C++/CLI and the Compact Framework
– Performance improvements that cut analysis time over managed code by 2x, and used half as much memory than in Visual Studio 2005.
Better suppression support – Code Analysis supports suppressing an instance of a warning by right-clicking on it in the Error List and choosing Suppress Message. This support has been extended for Visual Studio 2008, giving more control over whether a suppression applied in-source or in a separate project suppression file. The underlying suppression format has also changed to support generic methods, C++ boxed value types and special type modifiers, such as C++s const.