-
Notifications
You must be signed in to change notification settings - Fork 408
Add new AvoidUsingArrayList rule #2174
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
iRon7
wants to merge
16
commits into
PowerShell:main
Choose a base branch
from
iRon7:#2147AvoidArrayList
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
16 commits
Select commit
Hold shift + click to select a range
c34eb23
Implemented the AvoidUsingArrayList rule to warn when the ArrayList c…
iRon7 ba1167d
Testing-Commit-CSpell-issue
iRon7 77384e1
Apply suggestion from @liamjpeters
iRon7 77d1e6d
Update docs/Rules/AvoidUsingArrayList.md
iRon7 d9b88a8
Updated rule help
iRon7 1eb92e9
Merge branch '#2147AvoidArrayList' of https://github.com/iRon7/PSScri…
iRon7 c0aa82b
Changed "unintentionally"
iRon7 7bc3dfa
Update Rules/AvoidUsingArrayList.cs
iRon7 b35becb
Update Tests/Rules/AvoidUsingArrayList.tests.ps1
iRon7 9ed1355
ArrayListName could be null
iRon7 e1362e6
Resolved camelCase
iRon7 b80f01c
Remove ComponentModel namespace
iRon7 f913b1f
Fixed tests
iRon7 b3a5c3c
Updated Tests
iRon7 8aefe4c
fixed and tested empty (dynamic) BoundParameter
iRon7 ad49041
Robuster Pester tests
iRon7 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,143 @@ | ||
| // Copyright (c) Microsoft Corporation. All rights reserved. | ||
| // Licensed under the MIT License. | ||
|
|
||
| using Microsoft.Windows.PowerShell.ScriptAnalyzer.Generic; | ||
| using System; | ||
| using System.Collections.Generic; | ||
| using System.Globalization; | ||
| using System.Management.Automation.Language; | ||
| using System.Text.RegularExpressions; | ||
|
|
||
| #if !CORECLR | ||
| using System.ComponentModel.Composition; | ||
| #endif | ||
|
|
||
| namespace Microsoft.Windows.PowerShell.ScriptAnalyzer.BuiltinRules | ||
| { | ||
| #if !CORECLR | ||
| [Export(typeof(IScriptRule))] | ||
| #endif | ||
|
|
||
| /// <summary> | ||
| /// Rule that warns when the ArrayList class is used in a PowerShell script. | ||
| /// </summary> | ||
| public class AvoidUsingArrayListAsFunctionNames : IScriptRule | ||
| { | ||
|
|
||
| /// <summary> | ||
| /// Analyzes the PowerShell AST for uses of the ArrayList class. | ||
| /// </summary> | ||
| /// <param name="ast">The PowerShell Abstract Syntax Tree to analyze.</param> | ||
| /// <param name="fileName">The name of the file being analyzed (for diagnostic reporting).</param> | ||
| /// <returns>A collection of diagnostic records for each violation.</returns> | ||
|
|
||
| public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName) | ||
| { | ||
| if (ast == null) { throw new ArgumentNullException(Strings.NullAstErrorMessage); } | ||
|
|
||
| // If there is an using statement for the Collections namespace, check for the full typename. | ||
| // Otherwise also check for the bare ArrayList name. | ||
| Regex arrayListName = null; | ||
| var sbAst = ast as ScriptBlockAst; | ||
| foreach (UsingStatementAst usingAst in sbAst.UsingStatements) | ||
| { | ||
| if ( | ||
| usingAst.UsingStatementKind == UsingStatementKind.Namespace && | ||
| ( | ||
| usingAst.Name.Value.Equals("Collections", StringComparison.OrdinalIgnoreCase) || | ||
| usingAst.Name.Value.Equals("System.Collections", StringComparison.OrdinalIgnoreCase) | ||
| ) | ||
| ) | ||
| { | ||
| arrayListName = new Regex(@"^((System\.)?Collections\.)?ArrayList$", RegexOptions.IgnoreCase); | ||
| break; | ||
| } | ||
| } | ||
| if (arrayListName == null) { arrayListName = new Regex(@"^(System\.)?Collections\.ArrayList$", RegexOptions.IgnoreCase); } | ||
|
|
||
| // Find all type initializers that create a new instance of the ArrayList class. | ||
| IEnumerable<Ast> typeAsts = ast.FindAll(testAst => | ||
| ( | ||
| testAst is ConvertExpressionAst convertAst && | ||
| convertAst.StaticType != null && | ||
| convertAst.StaticType.FullName == "System.Collections.ArrayList" | ||
| ) || | ||
| ( | ||
| testAst is TypeExpressionAst typeAst && | ||
| typeAst.TypeName != null && | ||
| arrayListName.IsMatch(typeAst.TypeName.Name) && | ||
| typeAst.Parent is InvokeMemberExpressionAst parentAst && | ||
| parentAst.Member != null && | ||
| parentAst.Member is StringConstantExpressionAst memberAst && | ||
| memberAst.Value.Equals("new", StringComparison.OrdinalIgnoreCase) | ||
| ), | ||
| true | ||
| ); | ||
|
|
||
| foreach (Ast typeAst in typeAsts) | ||
| { | ||
| yield return new DiagnosticRecord( | ||
| string.Format( | ||
| CultureInfo.CurrentCulture, | ||
| Strings.AvoidUsingArrayListError, | ||
| typeAst.Parent.Extent.Text), | ||
| typeAst.Parent.Extent, | ||
| GetName(), | ||
| DiagnosticSeverity.Warning, | ||
| fileName | ||
| ); | ||
| } | ||
|
|
||
| // Find all New-Object cmdlets that create a new instance of the ArrayList class. | ||
| var newObjectCommands = ast.FindAll(testAst => | ||
| testAst is CommandAst cmdAst && | ||
| cmdAst.GetCommandName() != null && | ||
| cmdAst.GetCommandName().Equals("New-Object", StringComparison.OrdinalIgnoreCase), | ||
| true); | ||
|
|
||
| foreach (CommandAst cmd in newObjectCommands) | ||
| { | ||
| // Use StaticParameterBinder to reliably get parameter values | ||
| var bindingResult = StaticParameterBinder.BindCommand(cmd, true); | ||
|
|
||
| // Check for -TypeName parameter | ||
| if ( | ||
| bindingResult.BoundParameters.ContainsKey("TypeName") && | ||
| bindingResult.BoundParameters["TypeName"] != null && | ||
| arrayListName.IsMatch(bindingResult.BoundParameters["TypeName"].ConstantValue as string) | ||
| ) | ||
| { | ||
| yield return new DiagnosticRecord( | ||
| string.Format( | ||
| CultureInfo.CurrentCulture, | ||
| Strings.AvoidUsingArrayListError, | ||
| cmd.Extent.Text), | ||
| cmd.Extent, | ||
| GetName(), | ||
| DiagnosticSeverity.Warning, | ||
| fileName | ||
| ); | ||
| } | ||
|
|
||
| } | ||
|
|
||
|
|
||
| } | ||
|
|
||
| public string GetCommonName() => Strings.AvoidUsingArrayListCommonName; | ||
|
|
||
| public string GetDescription() => Strings.AvoidUsingArrayListDescription; | ||
|
|
||
| public string GetName() => string.Format( | ||
| CultureInfo.CurrentCulture, | ||
| Strings.NameSpaceFormat, | ||
| GetSourceName(), | ||
| Strings.AvoidUsingArrayListName); | ||
|
|
||
| public RuleSeverity GetSeverity() => RuleSeverity.Warning; | ||
|
|
||
| public string GetSourceName() => Strings.SourceName; | ||
|
|
||
| public SourceType GetSourceType() => SourceType.Builtin; | ||
| } | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,223 @@ | ||
| # Copyright (c) Microsoft Corporation. All rights reserved. | ||
| # Licensed under the MIT License. | ||
|
|
||
| using namespace System.Management.Automation.Language | ||
|
|
||
| [Diagnostics.CodeAnalysis.SuppressMessage('PSUseDeclaredVarsMoreThanAssignments', '', Justification = 'False positive')] | ||
| param() | ||
|
|
||
| BeforeAll { | ||
| $ruleName = "PSAvoidUsingArrayList" | ||
| $ruleMessage = "The ArrayList class is used in '{0}'. Consider using a generic collection or a fixed array instead." | ||
| } | ||
|
|
||
| Describe "AvoidArrayList" { | ||
|
|
||
| Context "When there are violations" { | ||
|
|
||
| BeforeAll { | ||
| $usingCollections = 'using namespace system.collections' + [Environment]::NewLine | ||
| } | ||
|
|
||
| It "Unquoted New-Object type" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = New-Object ArrayList | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {New-Object ArrayList}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {New-Object ArrayList}) | ||
| } | ||
|
|
||
| It "Single quoted New-Object type" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = New-Object 'ArrayList' | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {New-Object 'ArrayList'}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {New-Object 'ArrayList'}) | ||
| } | ||
|
|
||
| It "Double quoted New-Object type" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = New-Object "ArrayList" | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {New-Object "ArrayList"}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {New-Object "ArrayList"}) | ||
| } | ||
|
|
||
| It "New-Object with full parameter name" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = New-Object -TypeName ArrayList | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {New-Object -TypeName ArrayList}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {New-Object -TypeName ArrayList}) | ||
| } | ||
|
|
||
| It "New-Object with abbreviated parameter name and odd casing" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = New-Object -Type ArrayLIST | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {New-Object -Type ArrayLIST}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {New-Object -Type ArrayLIST}) | ||
| } | ||
|
|
||
| It "New-Object with full type name" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = New-Object -TypeName System.Collections.ArrayList | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {New-Object -TypeName System.Collections.ArrayList}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {New-Object -TypeName System.Collections.ArrayList}) | ||
| } | ||
|
|
||
| It "New-Object with semi full type name and odd casing" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = New-Object COLLECTIONS.ArrayList | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {New-Object COLLECTIONS.ArrayList}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {New-Object COLLECTIONS.ArrayList}) | ||
| } | ||
|
|
||
| It "Type initializer with 3 parameters" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = [ArrayList](1,2,3) | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {[ArrayList](1,2,3)}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {[ArrayList](1,2,3)}) | ||
| } | ||
|
|
||
| It "Type initializer with array parameters" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = [ArrayList]@(1,2,3) | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {[ArrayList]@(1,2,3)}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {[ArrayList]@(1,2,3)}) | ||
| } | ||
|
|
||
| It "Type initializer with new constructor" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = [ArrayList]::new() | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {[ArrayList]::new()}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {[ArrayList]::new()}) | ||
| } | ||
|
|
||
| It "Full type name initializer with new constructor" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = [System.Collections.ArrayList]::new() | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {[System.Collections.ArrayList]::new()}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {[System.Collections.ArrayList]::new()}) | ||
| } | ||
|
|
||
| It "Semi full type name initializer with new constructor and odd casing" { | ||
| $scriptDefinition = $usingCollections + { | ||
| $List = [COLLECTIONS.ArrayList]::new() | ||
| 1..3 | ForEach-Object { $null = $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations.Count | Should -Be 1 | ||
| $violations.Severity | Should -Be Warning | ||
| $violations.Extent.Text | Should -Be {[COLLECTIONS.ArrayList]::new()}.ToString() | ||
| $violations.Message | Should -Be ($ruleMessage -f {[COLLECTIONS.ArrayList]::new()}) | ||
| } | ||
| } | ||
|
|
||
| Context "When there are no violations" { | ||
|
|
||
| BeforeAll { | ||
| $usingGeneric = 'using namespace System.Collections.Generic' + [Environment]::NewLine | ||
| } | ||
|
|
||
| It "New-Object List[Object]" { | ||
| $scriptDefinition = { | ||
| $List = New-Object List[Object] | ||
| 1..3 | ForEach-Object { $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations | Should -BeNullOrEmpty | ||
| } | ||
|
|
||
| It "[List[Object]]::new()" { | ||
| $scriptDefinition = { | ||
| $List = [List[Object]]::new() | ||
| 1..3 | ForEach-Object { $List.Add($_) } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations | Should -BeNullOrEmpty | ||
| } | ||
|
|
||
| It "Using the pipeline" { | ||
| $scriptDefinition = { | ||
| $List = 1..3 | ForEach-Object { $_ } | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations | Should -BeNullOrEmpty | ||
| } | ||
|
|
||
| It "Out of the namespace scope" { | ||
| $scriptDefinition = $usingGeneric + { | ||
| $List = New-Object ArrayList | ||
| $List = [ArrayList](1,2,3) | ||
| $List = [ArrayList]@(1,2,3) | ||
| $List = [ArrayList]::new() | ||
| }.ToString() | ||
| $violations = Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) | ||
| $violations | Should -BeNullOrEmpty | ||
| } | ||
| } | ||
|
|
||
| Context "Test for potential errors" { | ||
|
|
||
| It "Dynamic types shouldn't error" { | ||
| $scriptDefinition = { | ||
| $type = "System.Collections.ArrayList" | ||
| New-Object -TypeName '$type' | ||
| }.ToString() | ||
|
|
||
| $analyzer = { Invoke-ScriptAnalyzer -ScriptDefinition $scriptDefinition -IncludeRule @($ruleName) } | ||
| $analyzer | Should -Not -Throw # but won't violate either (too complex to cover) | ||
| } | ||
| } | ||
| } |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The class name has a little copy-pasta 😊
Also, I think this should be a configurable rule, disabled by default.
Instead of directly implementing
IScriptRule, implementConfigurableRule. See AvoidExclaimOperator as an example.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When I change this, I notice that there are quite some inherited methods to be implemented.
Before going into this direction, can you argue why you think this rule should be disabled by default?
Or even configurable?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will start by saying that this is just my own personal opinion. I'm not a part of Microsoft or the PSScriptAnalyzer team - just an interested community member. @bergmeister is the community maintainer and will have their own take 😊.
I've submitted a few PRs to the project and added a few new rules over the years, and this is just from my own experience from going through PR review.
ArrayListis extremely common in existing PowerShell scripts. Enabling this by default would flood users with warnings on legacy code they may not own or want to refactor. PSSA is used commonly in CICD pipelines - introducing a bunch of new warnings (which you would usually treat as a build failure) would not be popular - maybe even with the PowerShell team themselves.Replacing ArrayList with
List[Object]changes behavior (no return value from.Add(). Code that relied on the index return fromArrayList.Add()- even accidentally via pipeline pollution - would break. Admittedly, 99.9% of the time, you don't want the collection size returned when you're appending to it - but there's always someone!Making it opt-in lets people set it up for new code, or work through their legacy code base in their own time more easily.
As to why
ConfigurableRule...Only
ConfigurableRulecan be truly disabled by default. While it's true that all rules, includingIScriptRulerules, can be stopped from participating in analysis by using-ExcludeRuleas a cmdlet parameter or in a settings files - that is explicit opt-out. Any analysis with no settings file or include/exclude parameter will run allIScriptRulerules.If you're interested, here's where the enabled rules are checked. If it's not a configurable rule, it's considered enabled.
PSScriptAnalyzer/Engine/ScriptAnalyzer.cs
Lines 1923 to 1927 in a143b9f
The Refactor should be fairly simple.
ConfigurableRuleis an abstract class which itself implementsIScriptRule, so when you change from implementingIScriptRuletoConfigurableRuleyou will just need to mark your existing methods asoverride- it's not a wholesale rewrite. So for instance:That should be it within the class. You would also need to update your tests to enable your rule for testing.
As I said - just my opinion 🙂
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for you thoughts, I will take it in consideration.