Expand Minimize

Release notes

7.15.0.0

In this release, we have improved operation on Linux machines, introduced Office 365 rules for compatability, introduced React rules as well as fixed issues.

New Features

  • Improved operation on Linux machines.
  • Added O365 compatability rules.
  • Added React rules.
  • Added site definition inventory.
  • Added webpart class inventory.

Fixes

  • Fixed issues in SPFx rules with approved locations for external scripts
  • Fixed issue with extraction and deletion of temp folder.
  • Fixed an issue that could cause an exception in Code Metrics Report under certain circumstances.
  • Fixed an issue where SPC019105 Not Being Picked Up Correctly In PowerShell.
  • Fixed an issue where Javascript rules could misidentify line details reported in reports.
  • Fixed an issue where a subscription license always warn it is due to expire.
  • Fixed an issue where Angular analyzers slows down SPFx analysis.
  • Fixed an issue with SPF050602 which could return false positive.
  • Fixed an issue with SPF020802 under certain circumstandces could throw exceptions.
  • Fixed an issue with SPF010716 under certain circumstandces could throw exceptions.
  • Fixed an issue with SPC058701 under certain circumstandces could throw exceptions.
  • Fixed an issue FileNotFoundException Rencore.Analyzers.JavaScript.VulnerabilitiesDb.Model when running analysis using the CodeAnalyzer.

New React Rules

  • Correctness
    • RCT010101: Don't use "return false" in React event handler.
    • RCT010102: Style property of a React DOM element should be an object.
    • RCT010103: Don't specify children when using dangerouslySetinnerHTML.
    • RCT010104: Don't pass HTML as a string to the "dangerouslySetinnerHTML" property.
    • RCT010105: Don't use Generator as a child of a React element.
    • RCT010106: Don't check the "array.length" property when conditionally rendering elements.
    • RCT010107: React lifecycle method does'nt return a valid value.
    • RCT010108: Don't override React component methods suppported only in createReactClass() in ES6 class component.
    • RCT010109: Don't specify React event handlers as a string.
    • RCT010110: Don't use invalid CSS style names and values.
    • RCT010111: Don't use the return value of the "ReactDom.remder ()" method.
    • RCT010112: Don't use incorrectly spelled React API's.
    • RCT010113: Don't use incorrect casing for DOM attributes and properties in React.
    • RCT010114: Don't access special React properties.
    • RCT010115: The initial state in ES6 class component is not an object.
    • RCT010116: Don't call "setState" in specific lifecycle methods.

New Office 365 Rules

  • Compatibility
    • SPC170727: SiteDefinition references VisibilityFeatureDependency which is not transformable.
    • SPC170728: SiteDefinition references ProvisioningAssembly which is not transformable.
    • SPC172132: Feature contains FeatureReceiver.
    • SPC172134: Feature has scope 'WebApplication' or 'Farm' Warning.
    • SPC175122: Field contains resource keys.
    • SPC175123: Field based upon custom field type.
    • SPC175124: Field has not ID value set.
    • SPC175125: Calculated field outputs HTML encoded string.
    • SPC175222: ContentType contains complex to transform event receiver code.
    • SPC175223: ContentType inherits unknown parent ContentType.
    • SPC175224: ContentType inherits custom parent ContentType which needs to be provisioned before.
    • SPC175225: ContentType references a custom Field which needs to be provisioned before.
    • SPC175226: ContentType references an unknown Field.
    • SPC175230: ContentType uses DocumentTemplate.
    • SPC175230: ContentType references DocumentTemplate in Layouts folder.
    • SPC175233: ContentType contains resource keys.
    • SPC175422: List instance contains resource keys.
    • SPC175423: Field Reference has no ID value set.
    • SPC175722: Custom Action contains a reference to the layouts system folder.
    • SPC175723: Custom action contains resource keys.
    • SPC175724: Custom Action contains a reference to the admin system folder.

7.8.10.0

In this maintenance release, we have some issues with analysis execution and reports.

Fixes

  • Fixed issue with SPFx package analyzing same external JS file twice.
  • Fixed issue with reports showing incorrect number of passed rules.
  • Fixed issue with SPCAF client showing wrong number in code quality index.

7.8.4.0

In this maintenance release, we have some issues with analysis execution and reports.

Fixes

  • Fixed issue with analysis stuck at 92%.
  • Fixed issue with rules not showing correct source code for JavaScript files or report showed "Not available" as source code.

7.8.1.0

In this release, we have improved reporting further and added support for detecting the performance of scripts hosted on the Office 365 public CDN. Improve on the rule list for SharePoint Framework (SPFx) and SPCAF.

New Features

  • Added support for detecting performance of scripts hosted on the Office 365 Public CDN.
  • Extend the default ruleset "Extended" to include SPFx and AngularJS rules.
  • Add Support for SPF010716  for analyzing bundles with multiple components.
  • Updated SPF010716 to support projects using SharePoint Framework v1.3.2 and newer.

Fixes

  • Fixed bug where analyzing SharePoint Framework projects in some cases would lead to exceptions.
  • Fixed a couple minor UI issues.

New Rules for Web Files

  • Security
    • SPC028701: Don't use JavaScript libraries with known vulnerabilities.
    • SPC028702: When referencing scripts, specify the integrity hash.

New Rules for SharePoint Framework (SPFx)

  • Correctness
    • SPF010302: Extended the rule for detecting including assets in the solution package.

  • Inventory
    • SPF801001: Added inventory of API permission requests in solution package.
    • SPF800201: Added inventory of API permission requests in the project.
    • SPF801401: Added inventory of Field customizers.
    • SPF801402: Added inventory of List View Command Sets.
    • SPF801403: Added inventory of Application customizers.
  • Security
    • SPF020703: Don't reference JavaScript libraries with known vulnerabilities in client-side web part manifest.
    • SPF020803: Don't load JavaScript libraries with known vulnerabilities in JavaScript file.
    • SPF021302: Don't reference JavaScript libraries with known vulnerabilities in project.
    • SPF021401: Don't reference JavaScript libraries with known vulnerabilities in client-side extension manifest.

New Rules for JavaScript

  • Security
    • SPC028905: Don't use JavaScript libraries with known vulnerabilities.

7.7.0.0

In this release, we have improved reporting, providing a Quality Assurance Score as well as listing the rules passed and skipped to give a better understanding of the analysis performed. Improve on the rule list for SharePoint Framework (SPFx) and SPCAF.

New Features

  • Extended the Quality Assurance report with information about which rules passed and which were skipped to give a better understanding of the performed analysis as well as adding analysis score to the Quality Assurance report.
  • Added support for analyzing packages with assets (SPFx v1.4).
  • Improved detecting JavaScript libraries loaded in code.
  • Improved detecting JavaScript libraries referenced in the project configuration.

Fixes

  • Improved the aesthetics of the reports.
  • Fixed a couple minor UI issues.

New Rules for SharePoint Framework (SPFx)

  • Inventory
    • SPF811401 : Added support for detecting JavaScript libraries referenced in the client-side extension manifest.
  • Best Practices
    • SPF051304 : Use the latest version of JavaScript libraries in the project configuration.
    • SPF050701 : Use the latest version of JavaScript libraries in client-side web part manifest.
    • SPF051401 : Use the latest version of JavaScript libraries in the client-side extension manifest.
    • SPF050803 : Use the latest version of JavaScript libraries in JavaScript file.

New Rules for JavaScript

  • Code Quality
    • Added support for detecting third-party libraries included in .js files.
    • Extend detection of JS libraries references in .js files.
    • Improved detecting the usage of third-party JavaScript libraries in web files.
    • Prettifying minified JavaScript files before analyzing them to increase readability.

7.6.0.0

In this release, we now have support for Visual Studio 2017, increased the rules supported in SonarQube and improve on the rule list for SharePoint Framework (SPFx) and SPCAF.

New Features

  • Updated the list of SPCAF rules available in SonarQube to match SPCAF.
  • Updated severity mappings between SPCAF and SonarQube.
  • Added SharePoint Framework rules to the SPCAF SonarQube plugin.
  • Added AngularJS rules to the SPCAF SonarQube plugin.
  • Added support for Visual Studio 2017.
  • Added a set of rules detecting JavaScript libraries used in SharePoint Framework client-side web parts.
  • Add support for analyzing SharePoint Framework extensions.
  • Added support for analyzing contents of inline JavaScripts.
  • Improved accuracy of determining performance quality of external scripts referenced in a SharePoint Framework solution.
  • Changed IDs of SharePoint Framework Inventory rules.

Fixes

  • Fixed issue with suppression not working for None-Generated Rules in complex JS Files.
  • Fixed an exception in SPCAF.Rules.PowerShell.DoNotUsePositionalParameters caused by SPCAF.Rules.PowerShell.
  • Fixed an issued where SPC019104 was not flagging all functions as errors.
  • Fixed issued with SPC019105 identifying errors for both function and code (when the code is correct).
  • Fixed incorrect wording of exception message to correctly match the error.
  • Fixed an issue where Angular errors could be reported twice under certain circumstances.
  • Fixed an issue allowing the selection of multiple files for analysis.
  • Fixed an issue where .zip and .ps1 files could not be selected directly.
  • Corrected invalid URL's linked in the rules documentation.
  • Fixed minor UI issues.

New Rules for SharePoint Framework (SPFx)

  • Inventory
    • SPF810101 : Project configuration references AngularJS.
    • SPF810102 : Project configuration references jQuery.
    • SPF810103 : Project configuration references Knockout.
    • SPF810104 : Project configuration references React.
    • SPF810105 : Project configuration references ReactDOM.
    • SPF810106 : Project configuration references Handlebars.
    • SPF810701 : Client side web part manifest references AngularJS.
    • SPF810702 : Client side web part manifest references jQuery.
    • SPF810703 : Client side web part manifest references Knockout.
    • SPF810704 : Client side web part manifest references React.
    • SPF810705 : Client side web part manifest references ReactDOM.
    • SPF810706 : Client side web part manifest references Handlebars.
    • SPF810801 : JavaScript file references AngularJS.
    • SPF810802 : JavaScript file references jQuery.
    • SPF810803 : JavaScript file references Knockout.
    • SPF810804 : JavaScript file references React.
    • SPF810805 : JavaScript file references ReactDOM.
    • SPF810806 : JavaScript file references Handlebars

New Rules for JavaScript

  • Code Quality
    • SPC048901 : JavaScript file uses SharePoint REST API.
    • SPC048902 : JavaScript file uses SPService.
    • SPC048903 : JavaScript file uses SharePoint JavaScript Object Model.
    • SPC048904 : JavaScript file uses Microsoft Graph REST API.
    • SPC048905 : JavaScript file uses Microsoft Graph beta REST API.
    • SPC048906 : JavaScript file uses Microsoft Graph v1.0 REST API.
    • SPC048907 : JavaScript uses Microsoft Graph SDK.
    • SPC048908 : JavaScript file uses SP PnP JS.

7.5.0.0

In this release we introduce AngularJS analysis, added support selecting folders for analysis in the client application, improve on the rule list for SharePoint Framework (SPFx) and SPCAF.

New Features

  • Added support for selecting folders for analysis in the SPCAF client application.
  • Added support for analyzing AngularJS projects.
  • Update the user interface.
  • Add the facility to utilized the "ignoregeneratedcode" parameter in FxCop.

Fixes

  • Fixed bug in the SPC059108 rule where it would result in a false positive in specific cases.
  • Fixed bug that disallowed certain JavaScript rules to be suppressed.
  • Fixed bug in recursive analysis in the VSTS SPCAF task.
  • Improved the wording of the notification message for rule JM060101.
  • Changed wildcards in the IgnoredFiles setting to apply only to the file name instead of the whole path.
  • Expanded the 'SPF050103 npm-shrinkwrap.json file missing' rule to check for lock files from npm@5 and Yarn.
  • Adjusted the 'SPF020802 Don't use web part properties without escaping' rule to only check for escaping of string properties.
  • Adjusted the 'SPF050801 Validate web part properties' values' rule to only check for validation of text properties managed using the PropertyPaneTextField control

New Rules for SharePoint Framework (SPFx)

  • Best Practice
    • SPF050802 : Don't manipulate DOM elements outside the component.

New AngularJS Rules

  • Reliability Rules
    • NG1010402 : Don't inject invalid dependencies in controllers.
    • NG1010403 : Number of injected dependencies matches the number of function parameters in controllers.
    • NG1010404 : Use explicit dependency injection annotation in controllers with strict DI enabled.
    • NG1010501 : Don't inject invalid dependencies in directives.
    • NG1010502 : Number of injected dependencies matches the number of function parameters in directives.
    • NG1010503 : Use explicit dependency injection annotation in directives with strict DI enabled.
    • NG1010601 : Don't inject invalid dependencies in filters.
    • NG1010602 : Number of injected dependencies matches the number of function parameters in filters.
    • NG1010603 : Use explicit dependency injection annotation in filters with strict DI enabled.
    • NG1010701 : Don't inject invalid dependencies in services.
    • NG1010702 : Number of injected dependencies matches the number of function parameters in services.
    • NG1010703 : Use explicit dependency injection annotation in services with strict DI enabled.
    • NG1010704 : Use explicit dependency injection annotation in factories with strict DI enabled.
    • NG1010801 : Route refers to a known controller.
    • NG1011001 : Use built-in AngularJS directives whenever possible.
    • NG1011002 : Always have . in ngModel.
    • NG1011003 : Binding refers to a known property.
  • Security Rules
  • Maintainability Rules
    • NG1050201 : Inject built-in AngularJS dependencies before custom ones in module configs.
    • NG1050401 : Inject built-in AngularJS dependencies before custom ones in controllers.
    • NG1050501 : Use bindToController in directives with controllers and two-way bindings.
    • NG1050502 : Inject built-in AngularJS dependencies before custom ones in directives.
    • NG1050601 : Inject built-in AngularJS dependencies before custom ones in filters.
    • NG1050701 : Avoid accessing $rootScope in services.
    • NG1050702 : Inject built-in AngularJS dependencies before custom ones in services.
    • NG1050801 : Use controllerAs in $routeProvider.
    • NG1051001 : Use 'controller as' in ngController directives.
  • Performance Rules
    • NG1120101 : Disable debug data.
    • NG1120102 : Disable comment directives.
    • NG1120103 : Disable CSS class directives.
    • NG1120201 : Use inline array annotation for dependency injection in module configs.
    • NG1120401 : Use inline array annotation for dependency injection in controllers.
    • NG1120501 : Use inline array annotation for dependency injection in directives.
    • NG1120601 : Use inline array annotation for dependency injection in filters.
    • NG1120701 : Use inline array annotation for dependency injection in services.
    • NG1120702 : Use inline array annotation for dependency injection in factories.
    • NG1121001 : Use 'track by' in ngRepeat directives.
    • NG1121001 : Enable strict DI mode.

PnP Rules

  • Suggestion to use PnP instead of CSOM
    • SPC02900 : Use the AddFieldToContentType method to add field to content type.
    • SPC029001 : Use the AddWebPartToWikiPage method to add a web part to a wiki page.
    • SPC029003 : Use the ContentTypeExists method to check if content type exists.
    • SPC029004 : Use the CreateContentType method to create content type.
    • SPC029005 : Use the CreateField method to create field.
    • SPC029006 : Use the CreateList method to create lists.
    • SPC029007 : Use the CreateView method to create list views.
    • SPC029008 : Use the GetListByUrl method to get list by URL.
    • SPC029009 : Use the GetWebParts method to get web parts.
    • SPC029010 : Use the SetDefaultContentType method to set the default content type.
    • SPC029011 : Use the UploadFile method to upload a file.
    • SPC029012 : Use the UploadFileWebDav method to upload a file using webdav.
    • SPC029013 : Use the AddJsLink method to set and add a JSLink File.
    • SPC029014 : Use the AddJsBlock method to set and add a JS block.
    • SPC029015 : Use the SetDefaultColumnValues method to set default column values.
    • SPC029016 : Use the EnsureProperty/EnsureProperties method to ensure a property is loaded.
    • SPC029017 : Use the ExecuteQueryRertry method to issue requests to SharePoint.

New JavaScript Rules

  • Inventory Rules
    • JSI010101 : JavaScript file references AngularJS.
    • JSI010102 : JavaScript file references jQuery.
    • JSI010103 : JavaScript file references Knockout.
    • JSI010104 : JavaScript file references React.
    • JSI010105 : JavaScript file references ReactDOM.
    • JSI010106 : JavaScript file references Handlebars.
  • Security Rules
    • SPC058914 : Use the latest versions of JavaScript libraries (applies to JavaScript files).
    • SPC058701 : Use the latest versions of JavaScript libraries (applies to web files, eg. .master, .aspx, .html, etc.).

7.4.1.0

In this release Improvements made on how reports are called and further improvements to the rule list of SharePoint Framework (SPFx) and SPCAF.

New Features

  • Improve how Reports in SPCAF client behave when resizing the Window.
  • Update the user interface for report format selection.
  • Add the facility to utilized the "ignoregeneratedcode" parameter in FxCop.

Fixes

  • Fixed an unexpected crash and Improved notification when trying to scan a locked file.
  • Fixed an issue where the Company Name was not being displayed on the PDF report.
  • Fixed an issue where Visual Studio was not linking to the right location for release notes.
  • Updated the Wording and Branding to Visual Studio.
  • SPM040201 : Corrected a false positive when the npm-shrinkwrap file is present in the project.
  • Fixed an issue with the Activation Window and Activate Link not showing.
  • SPM040201 : Fixed a spelling error on Rule.
  • Fixed the reported version in Control Panel.
  • Fixed an issue when using where reports were not created when using PowerShell or CommandLine and request report in lowercase (html,xml,docx or pdf).
  • Fixed display issue were "Release Notes Box" in "Dialogue Box" does not expand to show the release notes.
  • Fixed a display issue on the notes of "New Version Available" screen.
  • Running "gulp spcaf-nobuild" after "gulp build" now exits with warning.
  • Removed duplicated rule "Do not use inline code in ASPX pages".
  • Fixed an issue where rule SPF010711 was not returning notification if two web parts had a similar name.
  • Fixed an issue where rule SPF120701 was not being triggered on spkkg included in projects.
  • Fixed an issue where rule SPF010803 is not returning notification for web parts with a similar name.
  • Fixed spelling errors in documentation.
  • Fixed an issue with license transfer with Powershell.
  • Fixed an issue in documentation where browsing on one page takes you to another.
  • Updated Footers to show current year for copyright.
  • Fixed an issue with Rule SPC060402 incorrectly flagging up .svg as not being an image file.
  • Fixed a display issue with "Requesting Activation License" window.

New Rules for SharePoint Framework (SPFx)

  • Security
    • SPF021301 : Project doesn't reference scripts from unapproved locations.
  • Best Practice
    • SPF050901 : Server hosting bundles supports CORS.
  • Performance 
    • SPF120903 : Proxies should be able to cache the script.
    • SPF120904 : Script Served with an ETag.
    • SPF120905 : Script should be served using HTTP/2.
  • Correctness
    • SPF010802 : Don't use HttpClient to connect to SharePoint

New Metric Rules

  • Feature Elements
    • SPI027301: Provides information about deployed Master Pages.
    • SPI026901: Provides information about deployed Page Layouts

7.0.3.0

Major release with an optimized analysis engine. Update to the rules used in Powershell to match of Audit & Review Client. Added notifications on License Expiry and further improvements to the rule list of SharePoint Framework (SPFx).

New Features

  • Change default installation directory to %localappdata%\Rencore\SPCAF and change the default user directory to %UserProfile%\Documents\Rencore\SPCAF.
  • Powershell Version now contains the same number of rules as the Audit & Review Client.
  • Added a notification which now indicates the Expiration of Licenses in Audit & Review Client.
  • Support is now provided for analyzing resources embedded with in assemblies.
  • Introduce facility to perform SPCAF Analysis of SharePoint Framework projects without a build.
  • Introduce a new task definition file (gulfile-SPCAF.js) solely for SPCAF without worry of effecting gulpfile.js.
  • Improved SPFx rules.
  • Added a refresh button for better handling for offline activation in Audit & Review Client, added Refresh button to allow re-initiating activation after getting online again.
  • SharePoint Framework rules ID's have now changed.
  • SPCAF now comes shipped with specific ruleset for SharePoint Framework.
  • Refactored SPFx rules to support the SharePoint Framework GA release.
  • Highly improved analysis engine: Doubled analysis speed with halved memory consumption.
  • Analysis of SharePoint Framework projects (SPFx).

New Rules for SharePoint Framework (SPFx)

  • Security
    • SPF020702: WebPart doesn't reference scripts from unapproved location.
    • SPF020802: WebPart properties should be escaped.
  • Best Practice
  • Performance 
    • SPF120501: Don't bundle external libraries into your WebPart.
    • SPF120901: CDN hosting external scripts has far future expiry configured.
    • SPF120902: Bundle is served gzipped.
  • Metrics

Fixes

  • SPC019904: Fixed an issue that which could causes different results per scan.
  • SPC019013: Fixed an issue causing a false positive with <IF> in context without an <ELSE>.
  • Updated ZIP analyzer (hotfix)
  • Shortened display name of the SPCAF TFS task to support TFS2017 (hotfix)
  • Fixed issue with analysis of SharePoint addins and usage of "UpgradeActions" (hotfix)

6.9.1.2001

Added support for SharePoint Framework RC0 and fixes.

New Features

  • Support for SharePoint Framework (SPFx) RC0: Analysis of SPFx projects with over 50 rules, metrics and inventories

Fixes

  • Fixed false positive issue in rule SPC015302 AddMissingModuleFileToFeature: Referenced files in Module have not been resolved correctly.

6.8.1.2810

Major release with support for the new SharePoint Framework (SPFx), SonarQube and Gulp, including some fixes.

New Features

  • Support for SharePoint Framework (SPFx): Analysis of SPFx projects with over 50 rules, metrics and inventories
  • Support for Analysis via Gulp: Ability to run analysis in Visual Studio Code via Gulp
  • Support for SonarQube: Ability to run SPCAF analysis in SonarQube

Fixes

  • Fixed issue in Visual Studio: build with SPCAF analysis failed if C# 6.0 language features are used.

New Rules for SharePoint Framework (SPFx)

6.5.5.2709

Major release with great new features, new PowerShell rules and many improvements.

Warning: Breaking change for custom rules: Due to major changes in the analysis engine custom developed rules must be recompiled with the latest SPCAF.Sdk. See "Upgrade of custom rules developed before v6.5". Also more files can be discovered and will be analyzed with the improved engine. Therefore you can find more errors and warnings in your code with this version.

New Features

Improvements

  • Added picture with dependency diagram to dependency reports
  • PowerShell cmdlet can be configured with a custom config file

Fixes

  • Fixed issues with integration of CSSLint
  • Fixed issues with printing of reports inside the client application
  • Fix in rule SPC055503 AvoidContentTypesInListDefinitions to allow suppression
  • Fixed issue in metric reports: sometimes numbers in charts where not displayed correctly
  • Fixed casing issue in PowerShell script of TFS 2015 build task
  • Fix in rule SPC055502 AddEnsureFolderContentTypeInListDefinition: Attribute "FolderCreation" was not correctly evaluated
  • Fix in rule SPC052201 CustomFieldTypesShouldNotBeUserCreatable: Value for "UserCreatable" was not correctly parsed
  • Fix in schema of ListDefinitions (error message "'ShowToolbar' is not a valid value for ToolbarType."), added 'ShowToolbar' manually to the schema of ListDefinitions
  • Fix in reading folders in WSP files that contains '%20'
  • Fix in ListInstances: Line number inside XML was not corectly evaluated
  • Hotfix 2016-06-29: Issue with empty reports after analysis fixed

6.0.5

Major release with many improvements, new features, new CSOM rules, improved desktop UI and many more.

New Features

New Rules (Full Trust and CSOM)

Improvements

  • Ability to change installation folder during installation
  • Added Application Insights in analysis engine

Fixes

  • Fix in dependencies for .ASPX and ASCX page to ignore HTML and ASP.NET comments code during analysis
  • Fixed rule 'SPC015705 DeployMissingRibbonImageOfCustomAction', rule was not mapping {SiteUrl} correctly
  • Fix in handling of ignored files: Some rules analyzed files which are part of "IgnoredFiles" list
  • Added more details to FxCop messages, e.g. method and type of violation
  • Hotfix 2015-11-02: Added handling for assemblies which cannot be loaded due to special obfuscation
  • Hotfix 2015-11-02: Update Razor engine to solve special issue with empty report

5.3.3

Important improvements and fixes

New Features

  • SPCAF Benchmark Program: Submit anonymized results to get comparison of results to others in the same industry or country.

Fixes

  • Fix in CAT.NET integration (attribute "Statement" was not added to SPCAF reports)
  • Fixed fuzzy rendering of HTML reports caused by special screen resolutions and graphic cards
  • Fixed loading of PDB files for analysis in client application
  • Fixed rule "SPC110212 Dispose SPSite created by SPSiteCollection[] index operator" to prevent false positives

5.3.2

Important improvements and fixes

New Features

  • Suppress Messages in XML
  • New section "Suppressed Messages" in reports
  • Added TFS Build Activity for 2013 to allow for TFS2013 build templates with Visual Studio 2013

New Rules

  • Rule SPC015511 DoNotDeployTaxonomyFieldsInListDefinition
  • Rule SPC010214 DoNotUseSPWebProperties
  • Rule SPC055502 AddEnsureFolderContentTypeInListDefinition
  • Rule SPC055503 AvoidContentTypesInListDefinitions
  • Rule SPC015109 DoNotDefineLowerCaseFieldId
  • Rule SPC055101 DefineSameStaticAndInternalNameInField
  • Rule SPC015213 AvoidCommentsInsideContentType
  • Rule SPC015112 DefineUniqueFieldName
  • Rule SPC015113 DefineUniqueFieldStaticName
  • Rule SPC050239 DoNotUseGetPublishingPages
  • Rule SPC055102 ConsiderAllowDeletionInField
  • Rule SPC055202 ConsiderSealedInContentType
  • Rule SPC055504 ConsiderAllowDeletionInListTemplate
  • Rule SPC056401 DeclareAllowCloseInWebPart

Improvements

  • Improved the exclusion of files for the analysis: if in a ruleset the list of "IgnoredFiles" is configured the input files that match this settings are globally ignored. This helps to completely exclude files from the analysis when files for the analysis are loaded from a folder (which is often the case in team builds).
  • Rule SPC015404 DeployMissingListTemplateForListInstance, added 116 (Master Page Gallery), 123 (Theme Gallery), 124 (Composed Looks)
  • Updated 'Good practice' in documentation for "SPC020202 AvoidCallToAllowUnsafeUpdatesOnSPWeb"

Fixes

  • Fix with PathTooLongException for certain rules
  • Rule RemoveUnusedFilesFromPackage (PathTooLongException)
  • Rule DoNotUseSPListItems fixed issue with wrong evaluation of SuppressMessage attributes
  • Hotfix 2015-03-12: Fix in SuppressMessage for XML, suppression not correctly applied in some situations

5.2.4

Important improvements

Improvements

  • Added support for IE8 of the HTML reports.
  • Added configurable timeout for long running execution of rules.
  • Analysis of InfoPath code behind assemblies that are deployed as ElementFile.
  • Added Migration Assessment report to the default ruleset (Extended Recommended).
  • Added save buttons in client application to save additionally created reports (e.g. PDF, DOCX) easier.

New Rules

  • SPC062112 DoNotDeploySharePointAssembliesAsElementFile
  • SPC030206 DoNotStartProcessInReceiver
  • SPC030207 DoNotWriteToFileSystem
  • SPC030208 DoNotModifyRegistry
  • SPC015111 DeclareAttributeMultForMultipleValueFields

New Metric

  • SPM010411 NumberOfInfoPathForms

Fix

  • Fix in handling of SuppressMessage attribute when using delegates (hotfix 2015-02-05)

5.2.3

Important fixes

Fixes

  • Fixed issue during extraction of malformed WSP (CAB) files (extraction occurs to the installation directory of SPCAF).
  • Fixed issue that some reports are not rendered correctly (CSS style sheets are missing).
  • Hotfix 2014-12-02: Fixed issue that PDBs have not been loaded correctly and path to .CS file with was not resolved in Visual Studio.
  • Fixed issue with not rendered dashboard in PDF and DOCX files.

Changes

5.2.2

Critical fixes (app crash, PathTooLongException)

Fixes

  • Fixed application crash due to issue with automatic proxy settings on machine.
  • Fixed PathTooLongException during extraction of WSP if it contains folder whoses names exceed 255 characters.

Changes

  • Changed ruleset ExtendedRecommended and removed migration assessment rules. They are contained in a separate ruleset already.

5.2.1

Important new functionality and important fixes for TFS analysis

New Features

  • New PowerShell commandlet: allows the integration of SPCAF into PowerShell scripts (only available for SERVER license).
  • New 'Summary Report' is created as analysis result. The report shows a graphical summary of all results (code quality, metrics, dependencies, inventory) in one report.
  • Free Usage of SPCAF client without license: without any license at least the new summary report is created.
  • New option to suppress error messages in an assembly rule.
  • New metrics and rules for IT-Pros counts modifications of SPFarm and SPWebApplication object, farm feature activiations in full trust code etc.
  • New 'Dependency Inspector' in dependency report to make it easier to browse incoming and outgoing dependencies of a single element in the code.

Changes

  • Small UI enhancements: Collapsable result view increased space for report view, new animation during analysis.
  • Change in default rulesets: Removed exclusion of 'Microsoft.SharePoint*.dll' (in property 'IgnoredFiles'). Now Microsoft assemblies are always excluded from analysis.
  • HTML reports are now listed in overview page of results and can be opened in an external browser.
  • HTML reports are listed in advanced view in the list of available report types and are activated by default.
  • Improved error message if analysis failes during file extraction.
  • New argument 'Filters' for Team Build and command line to filter the input files with regular expressions.
  • Change in the HTML rule report. Filtering by Severity does not update the numbers in the summary tiles (errors, warnings etc.) to avoid confusion.
  • Reduced the severity for rule "SPC017511 DeclareRequiredAttributesInListDefinition" from Error down to CriticalWarning. Missing required properties are not causing an error in SharePoint but are still critical enough to fix them.

Fixes

  • Fixed issue in TFS team build when an exception occured which contains non-printable characters in the exception message.
  • Fixed issue with not excluding Microsoft assemblies completely from analysis.
  • Fixed issue with errors during analysis because of custom rules which are compiled with an older version of SPCAF SDK.
  • Fixed issue in TFS team build when build result was not set to 'partially succeeded' and SPCAF executed with 'quiet' verbosity.
  • Fixed rule 'SPC050237 Do not request SPField from SPFieldCollection by index. Use SPFieldCollection.GetField() instead' to detect only usage of 'Item[System.String]'. Calls to 'Item[System.Guid]' and 'Item[System.Int32]' are ignored.
  • Fixed rule 'SPC080801: WebTemplate file in site definitions should start with 'WEBTEMP'' to case-insensitive check for 'webtemp'.
  • Fixed issue in Settings Editor while loading custom rules which are compiled with an older version of SPCAF SDK.

5.1.4

1 important fix (settings editor) and minor fixes and updates

Fixes v5.1.4.9436

  • Fixed issue with incorrect ruleset files. New settings editor saved rulesets not correctly.
  • Fixed issue with empty reports in TFS TeamBuild.
  • Fixed exception while opening a project file and still busy background process.
  • Fixed issue with maximizing client application on different screen sizes.
  • SPCAF Client: Added more information to the list of licenses.

Hotfix v5.1.4.9447

  • Fixed issue in TFS Team Build: Message 'Method not found: TrackBuildWarning' stopped build.
  • Fixed issue in TFS Team Build: Message 'A generic error occurred in GDI+' during report creation.
  • Fixed rule 'SPC156101 Deploy missing control from attribute ControlSrc'. Folder '/15/' in path was not interpreted correctly.
  • Fixed rule 'SPC050250 Assign RowLimit for SPQuery in limited range'. Some assigned values to RowLimit were not interpreted as uint (e.g. value '50').
  • Fixed issue with large memory consumption due to .NET framework assemblies in Silverlight applications.

5.1.3

Minor fixes

Fixes

  • Fixed issue with non excluded assemblies. Value "Microsoft.SharePoint.*.dll" in spruleset files updated.
  • Fixed issue with showing trial information in free Migration Assessment report
  • Fixed issue with international characters in HTML reports (wrong encoding)
  • Fixed limitation in spruleset file: now files can be globally excluded from analysis (before only on analyzer level exclusion was supported).

5.1.2

Major release with lots of important improvements

New Features

  • Analyzers
    • New analyzer for JavaScript code applies ca. 150 rules to .JS files in WSPs and Apps
    • New analyzer for SharePoint Apps with lots of rules, metrics, dependencies and inventory checks
  • Client application
    • Completely new client application to improve usability and functionality
    • New client application "Result Viewer" (separate download) to view analysis results without license
    • New settings editor application
  • Migration Assessment
    • New analyzers and reports to analyze WSPs and give recommendations for a transition to the App model
    • Free limited version available
  • Reporting
    • New format of HTML reports with filters, charts, sorting, grouping and many more
    • Extensibility with custom reports and report section
    • New reporting engine based on Razor to ease the creation of custom reports
    • New report type PDF

Changes

  • JSLint Integration deactivated by default
  • New and consolidated default settings files
  • New option in settings file to only load enabled analyzers
  • New option in TFS build task to skip project file creation
  • Free tool SPCopCE Community Edition does not loads custom rules to circumvent recreation of commercial rules. It only loads SPCAF rules.

Fixes

  • During deinstallation of SPCAF the menu items in Visual Studio are not removed
  • Memory Issue when analyzing of large projects (saving of project at the end failed)
  • Smaller fixes in several rules

v4.5.3

Fixes

  • Improvements in handling of external analysis tools (like CAT.NET) in case of crashes or hangs of these tools
  • Fix in cleaning procedure after analysis

v4.5.2

New

  • Improved analysis in client application: Choose ruleset in quick analysis, ability to select custom ruleset and start rule set editor
  • Improved result view in client application: Ability to copy/paste error messages
  • Save all reports: Added function to save all generated reports in client application to a given folder
  • New separate tools SPCop, SPDepend, SPMetrics and SPInventory
  • New report type DOCX (Microsoft Word)
  • Added new output arguments to TFS build activity (e.g. number of critical errors, errors etc.) to react on occured issues during build workflow
  • New rule: SPC060113 DoNotDeployMSIFiles
  • New rule: SPC050237 DoNotUseFieldCollectionByIndex
  • New rule: SPC050238 DoNotUseSPWebGetListFromUrl
  • New rule: SPC062103 DoNotDeployFeatureMultipleTimes
  • New rule: SPC062104 DoNotDeployFeatureWithSameIDMultipleTimes
  • New rule: SPC016102 DeployMissingControlAssembly
  • New rule: SPC016103 DeployMissingControlTemplate
  • Updated list of SharePoint assemblies in check for deprecated types, members and interfaces

Fixes

  • Dependency SPD015403 fixed issue with NullPointerException
  • Rule SPC030202 DoNotUseReflectionToAccessSharePointAPI fixed issue with NullPointerException
  • Function "Show Error help" in Visual Studio works for custom rules
  • Dependency SPD015301 ModuleReferencedElementFiles, fixed issue when ElementFiles are deployed as TemplateFiles
  • Rule SPC060402 DeployOnlyImageToImagesFolder, Added BMP as allowed image file
  • Dependency SPD016102 ControlReferencesControlTemplate, fixed issue with missing '~' for ControlSrc
  • Fixed CheckIds for SPInventory to match the CheckId conventions
  • Rule SPC030101 DoNotOverrideSystemFiles. fixed to securely detect overwritten system files
  • Dependency SPD016102 ControlReferencesControlTemplate, fixed issue with ControlTemplates path
  • Rule SPC050233 UseRowLimitInQueries, ignores now created SPQuery with SPView as argument
  • WPF client crashed on RDP sessions when session window is closed and opened again
  • Integration of CAT.NET failed in certain situations: results did not show up in the reports
  • Rule SPC010221 DoNotCallDeprecatedMethods: improved check depending on method parameters

Changes

  • Removed JSHint analysis from rule set "Extended Recommended" due to performance issues. Use rule set "All Rules" to enable JSHint.
  • Client application: Reports are not displayed inline within the client app. Reports are opened directly in the browser or local application.
  • Changed sorting of violations in report (previously first criteria was severity, now it is the category to have same sorting in all reports).
  • Better exception handling: If an exception occurs during report generation the analysis is not stopped. Instead the analysis finishes and the failed report is excluded.
  • The max. number of elements listed in the inventory is now limited to 1000. Otherwise reports size may increase drastically and the reports cannot be handled anymore.
  • Removed rule SPC042105: Declare attribute 'SolutionId' in Feature (automatically set by SharePoint)
  • Removed rule SPC045202: Declare attribute 'FeatureId' in ContentTypes (automatically set by SharePoint)

v4.3.5

Changes

  • Analysis runs now multi-threaded
  • Reduced memory consumption during analysis
  • Disabled FxCopMetrics by default in rulesets due to exception in FxCop metrics (missing assemblies)
  • Optimized speed with WPF application
  • Setup now provides retry function if Visual Studio is running
  • Send report form in client application contains text box for email address of the user (optional)
  • Replaced StructureMap with custom solution to load SPCAF assemblies

Fixes

  • Error during load of project file with hexadecimal characters
  • SPC050224 DoNotUseListItemsByIndex false positives and changed implementation of the rule
  • SPC010104 RemoveUnusedFilesFromPackage now also checks Assembly.ClassResources
  • SPC015701 DeclareRequiredAttributesInCustomAction Title is not required if Location is 'ScriptLink'
  • SPC026901 DoNotUseInlineCodeInASPXPage excluded files in _layouts folder from rule
  • SPC015702 DefineUniqueIDInCustomAction fixed error message to show correct name of feature

v4.1.1

Fixes

  • SPC015404 DeployMissingListTemplateForListInstance failed for FeatureId with brackets
  • SPC046401 DeclareTitleAndDescriptionInWebPart failed for webparts without properties
  • SPC015108 DeclareAllRecommendedAttributesInFields will ignore Fields in ListDefinitions
  • SPCAF.Sdk.Model.FieldDefinition returned source code of parent Feature instead of ElementManifest
  • SPCAF.Sdk.Model.ModuleDefinition returned source code of parent Feature instead of ElementManifest
  • SPC015212 DefineInheritsToFalseInContentTypeWithForms detected false positive for imported ContentTypes with SharePoint forms
  • Evaluation of attribute SharePointVersion of rules failed
  • Disabled generation of serializion assembly in Visual Studio package during analysis build

Changes

  • CheckId of rule SPC106101 DoNotDeployControl (was SPC106701)
  • Path to license file changed to user AppData folder (instead of Program Files)
  • Updated severity of several rules, updated definition of severities CriticalError and Error

v4.1.0

New Functionality

  • Syntax highlighting for source code in rule reports
  • New argument for command line tools: Verbosity to reduce content in output window and in build logs
  • New argument for command line tools: LogFile to provide a path to a log file
  • Added ability to exclude files from analysis (like 'jqery.js,Telerik*.dll'): configuration parameter 'IgnoredFiles' contains the list of excluded files
  • Name of created project file is configurable (via output argument)
  • Improved logging capabilities in custom rules

New Rules

  • Category Correctness
    • SPC010703: DoNotAddDependencyToWebAppFeatureInSiteDefinition
    • SPC017601: DeployMissingAssemblyInWCFWebService
    • SPC010212: DoNotCallSPSiteCatchAccessDeniedException
    • SPC010213: DoNotCallSPSiteReadLocked
    • SPC010223: DoNotImplementDeprecatedInterfaces
    • SPC010224: DoNotInheritFromDeprecatedTypes
    • SPC010225: DoNotUseDeprecatedTypes
  • Best Practices
    • SPC050250: AssignSPQueryRowLimitInLimitedRange
  • Deployment
    • SPC062111: DoNotDeployEmptyElementManifests
    • SPC060111: DoNotDeployBatchFiles
    • SPC060112: DoNotDeployPowerShellScripts

New Depedency Checks

  • SPD010705: SiteTemplateConfigurationReferencesVisibilityFeatureDependency
  • SPD037601: WCFWebServiceReferencesAssembly

Fixes

  • Improved error message and guidance to make it easier to solve issues
  • Fixed issues with message Unhandled exception: System.Exception: Exception ReFormatXmlDocument
  • Fixed AddTranslationForResourceKey not working for feature with DefaultResourceFile
  • Fixed DeployMissingImageOfListTemplate with schema.xml deployed as Resource file and not Elementfile
  • Fixed issues with calling SPCAF.exe via DOS path: providing error message in this case
  • Fixed issues when unloadable assemblies crashed SPCAF

v4.0.7 BETA

New Functionality

  • Custom rules created with older versions of SPCAF can now be loaded by newer SPCAF versions (no recompile needed)
  • Ability to save configuration properties in ruleset files (previous Dictonary.xml not required anymore)
  • Ability to add comments in the ruleset files (which will be added to the reports)
  • New Parameter "Help" in the custom rule metadata can be used to override the URL for help
  • Added analysis of ListDefinitions
  • Integration of CSSLint for analysis of CSS files
  • Integration of JSHint for analysis of JavaScript files
  • Reduced minimum .NET Framework version to 4.0
  • Support for Visual Studio 2013 Preview
  • Renamed default FxCop ruleset from SPCAF.ruleset to MSOCAF.ruleset
  • Aligned MSOCAF.ruleset with current MSOCAF rules
  • Inventory: Added ContentType Group to ContentType inventory
  • Client Application: New function to send error reports to SPCAF support

New Rules

  • Category Correctness
    • SPC015404: DeployMissingListTemplateForListInstance
    • SPC015405: RemoveCurlyBracketsFromFeatureIdInListInstance
    • SPC015406: DeployMissingCustomSchemaForListInstance
    • SPC015705: DeployMissingRibbonImageOfCustomAction
    • SPC015706: DeployMissingRibbonCommandUIHandlerOfCustomAction
    • SPC015212: DefineInheritsToFalseInContentTypeWithForms
    • SPC016503: DefineFieldRefInCorrectCasing
  • Category Design
    • SPC046902: AvoidInlineJavaScriptInASPXPage
    • SPC046903: AvoidInlineCSSInASPXPage
  • Category Best Practice
    • SPC052101: DoNotActivateFeaturesViaAPI
    • SPC050223: DoNotCallSPItemEventPropertiesOpenWeb
  • Category Deployment
    • SPC067601: DoNotDeployWCFWebServiceToLAYOUTS
    • SPC067602: DoNotDeployWCFAdministrationWebServiceToADMIN
  • Category Memory Disposal
    • SPC110201: Dispose created SPSite objects
    • SPC110203: Dispose SPWeb objects created with SPSite.OpenWeb
    • SPC110204: Dispose SPSite objects created with SPSite.SelfServiceCreateSite
    • SPC110205: Dispose SPWeb created by SPLimitedWebPartManager
    • SPC110211: Dispose SPSite created by SPSiteCollection.Add
    • SPC110212: Dispose SPSite created by SPSiteCollection[] index operator
    • SPC110213: Dispose SPWeb created by SPWebCollection.Add
    • SPC110214: Dispose SPWeb created by SPWebCollection[] index operator
    • SPC110231: Do not dispose SPListEventProperties.Web
    • SPC110232: Do not dispose SPWebEventProperties.Web
    • SPC110233: Do not dispose SPItemEventProperties.Web
    • SPC110234: Do not dispose SPItemEventProperties.ListItem.Web
    • SPC110235: Do not dispose SPItemEventProperties.Web.Site
    • SPC110236: Do not dispose SPItemEventProperties.ListItem.Web.Site
    • SPC110237: Do not dispose SPFeatureReceiverProperties.Feature.Parent
    • SPC110241: Do not dispose SPSite.RootWeb
    • SPC110242: Do not dispose SPWeb.ParentWeb
    • SPC110243: Do not dispose SPList.ParentWeb
    • SPC110244: Do not dispose SPSite returned by SPControl.GetContextSite
    • SPC110245: Do not dispose SPWeb returned by SPControl.GetContextWeb
    • SPC110246: Do not dispose SPSite returned by SPContext.Current.Site
    • SPC110247: Do not dispose SPWeb returned by SPContext.Current.Web
    • SPC110261: Close PublishingWeb created by PublishingWeb.GetPublishingWebs[] index operator
    • SPC110262: Close PublishingWeb created by PublishingWeb.GetVariation
    • SPC110263: Close PublishingWeb created by PublishingWebCollection.Add
    • SPC110281: Dispose SPSite created with UserProfiles.PersonalSite

New Depedency Checks

  • SPD015302: ModuleReferencedTemplateFiles
  • SPD027504: ListDefinitionContentTypeReferencesContentType

New ThirdParty Analyzer Rules

  • JSHint
    • JSH318901: Remove debugger statements
    • JSH318902: Do not use bitwise operators
    • JSH318903: Use correct comparison
    • JSH318904: Use camelCase in variables
    • JSH318905: Use curly braces around blocks
    • JSH318906: Use correct === and !==
    • JSH318907: Use correct null comparisons
    • JSH318908: Do not use eval
    • JSH318909: Do not use a single expression
    • JSH318910: Use filter in for in loops
    • JSH318911: Use parens for immediate function invocations
    • JSH318912: Use correct indent
    • JSH318913: Define variable before it is used
    • JSH318914: Use correct line breakings
    • JSH318915: Use correct line breakings around commas
    • JSH318916: Do not make functions within a loop
    • JSH318917: Avoid multi line strings
    • JSH318918: Do not use empty blocks
    • JSH318920: Do not use 'new' for side effects
    • JSH318921: Use consistent of quotation marks
    • JSH318922: Do not use single case switch
    • JSH318923: Use regular expressions correctly
    • JSH318924: Avoid . in regexp literals
    • JSH318925: Declare variable before it is used
    • JSH318926: Avoid JavaScript URLs
    • JSH318927: Remove unused variables
    • JSH318928: Avoid redeclaring a variable
    • JSH318929: Avoid correct construction of objects and function
    • JSH318930: Avoid this in non-constructor functions
    • JSH318931: Do not use arguments.caller and arguments.callee
    • JSH318941: Use semicolon correctly
    • JSH318942: Define uppercase constructors
    • JSH318943: Do not use unary increment and decrement operators
    • JSH318944: Use semicolon in last statement
    • JSH318945: Use dot notation instead of []
    • JSH318946: Avoid trailing whitespaces
    • JSH318961: Do not exceed max number of formal parameters per function
    • JSH318962: Do not exceed max number of nested blocks in a function
    • JSH318963: Do not exceed max number of statements per function
    • JSH318964: Do not exceed max allowed cyclomatic complexity
    • JSH318965: Do not exceed max length of a line in code
  • CSSHint
    • CSL308801: Avoid unwanted box model sizing issues in CSS
    • CSL308802: Avoid properties that don't work based with the display property being used in CSS
    • CSL308803: Avoid duplicate properties in CSS
    • CSL308804: Avoid un anchored hovers in CSS
    • CSL308805: Avoid empty rules in CSS
    • CSL308806: Use only known properties in CSS
    • CSL308807: Avoid adjoining classes in CSS
    • CSL308808: Avoid property box-sizing in CSS
    • CSL308809: Use compatible vendor prefixes in CSS
    • CSL308810: Use all gradient definitions in CSS
    • CSL308811: Avoid negative text indent in CSS
    • CSL308812: Use standard property with vendor prefix in CSS
    • CSL308813: Use fallback colors in CSS
    • CSL308814: Avoid star hack in CSS
    • CSL308815: Avoid underscore hack in CSS
    • CSL308816: Use bulletproof font face in CSS
    • CSL308817: Do not use too many web fonts in CSS
    • CSL308818: Do not use @import in CSS
    • CSL308819: Avoid selectors that look like regular expressions in CSS
    • CSL308820: Do not use universal selector in CSS
    • CSL308821: Do not use unqualified attribute selectors in CSS
    • CSL308822: Do not use units for zero values in CSS
    • CSL308823: Avoid overqualified elements in CSS
    • CSL308824: Use shorthand properties in CSS
    • CSL308825: Do not use duplicate background images in CSS
    • CSL308826: Avoid too many floats in CSS
    • CSL308827: Do not use too many font size declarations in CSS
    • CSL308828: Do not use IDs in selectors in CSS
    • CSL308829: Do not use !important in CSS
    • CSL308830: Do not use outline:none in CSS
    • CSL308831: Do not use qualified headings in CSS
    • CSL308832: Define headings only once in CSS

Fixes

  • Custom Rules without Metadata will not crash SPCAF
  • Fix in rule SPC030203 Do not read ConnectionString from SPContentDatabase
  • Fixed: endless loop during loading of imported WebTemplate project
  • Fixed: SPCAF menu not enabled in Visual Studio when a project is unloaded

Changes

  • SPC016501: DeclareRequiredAttributesInFieldRef Remove DisplayName
  • SPC015105: DeclareAllRequiredAttributesInFields Removed check for attribute 'Required'
  • Help: Changed root URL for documentation to http://docs.spcaf.com/v4
  • Changed rule categories: Not loaded from SDK anymore

v4.0.6.1005 BETA

New

  • Category Correctness
    • SPC010203: DeployReferencedAssemblyWithCorrectVersion
    • SPC015703: DeployMissingUrlActionFileOfCustomAction
  • Category Deployment
    • SPC060304: DoNotDeployRootFileMultipleTimes
    • SPC060404: DoNotDeployTemplateFileMultipleTimes
    • SPC062101: DeployMissingImageForFeature
    • SPC060303: DoNotDeployRootFileToTemplatesFolder

Fixes

  • Fix in SolutionDefinition: Handle schema errors in site definitions
  • Fix in Dependencies "FeatureReferencesImage" (SPD012112): Images not found if they contain slash
  • Fix in Dependencies "ASPXPageRegisterControlTemplate" (SPD036904): Controltemplates not referenced correctly

Changes

  • Change for Integration of third party analyzers like FxCop: Path to tools is now stored in Dictionary.xml (and not in app.config anymore). Reason: storing config values centrally for all components; app.config could not be read in Team Build Activity
  • Allow relative paths to third party analyzers (relative to SPCAF installation directory)
  • Disable FxCop and CAT.NET in all rulesets (due to large reports and negative impact on SPCAF performance). FxCop and CAT.NET need to be enabled manually in ruleset via RuleEditor.

v4.0.5.2504 BETA

New Functionality

  • Update notification for SPCAF new versions in Visual Studio (see Visual Studio Extension Manager)

Fixes

  • SPC015302 AddMissingModuleFileToFeature fixed issue that attribute 'Path' of Module was not included in search path
  • Fixed exception for missing webpart properties
  • SPC050225 DoNotUseListItemsCount fixed issue with wrongly detected violations

Changes

  • Setup: Check for required .NET Framework 4.5
  • General: Reduced strictness of default severity for several rules (e.g. we use CriticalError only for violations which are highly critical for SharePoint and may damage the farm)
  • SPC010102 DeclareSafeControlEntryForWebControls limited to non abstract types
  • Remove rules SPC050221 DoNotCallListItemsAddToAddItems (rule no present in MSDN anymore)

New

  • Category Correctness
    • SPC015506 DefineUniqueListTemplateType (Category Correctness)
    • SPC017401 DeclareRequiredAttributesInFeatureActivationDependency
    • SPC017402 DefineOptionalAttributesInFeatureActivationDependencyCorrectly
    • SPC017411 DoNotAddActivationDependencyToHiddenFeature
    • SPC017412 DoNotAddActivationDependencyToMoreRestrictiveScope
    • SPC017413 DoNotAddCrossScopeActivationDependencyToHiddenFeature
    • SPC017414 DoNotChainActivationDependencies
    • SPC017415 DoNotCreateCircularChaingOfActivationDependencies
    • SPC012121 AddMissingAssemblyForFeatureReceiverAssembly
    • SPC012122 DeployFeatureReceiverAssemblyToGAC
  • Category Design
    • SPC042107 DefineFeatureReceiverAssemblyAsFQN
  • Category Deployment
    • SPC060401 DoNotDeployImagesToLayouts
    • SPC060402 DeployOnlyImageToImagesFolder
    • SPC060403 DeployBinaryFilesToClientBin
  • Category Best Practices
    • SPC050230 DoNotUseSPFolderItemsCount
  • Category SharePoint 2013 Compatibility
    • SPC150102 DeclareSharePointVersionInSolution
    • SPC150207 BuildAssemblyForFramework45
    • SPC150208 ReplaceReferencesToOlderHivesInCode
    • SPC159901 Reference15HiveInPages
    • SPC159902 Reference15HiveInMasterPages
    • SPC159903 Reference15HiveInScripts
    • SPC159904 Reference15HiveInStyles
    • SPC159905 Reference15HiveInControls
    • SPC159906 Reference15HiveInXSLT
    • SPC155701 Reference15HiveInURLsInCustomAction
    • SPC155702 Reference15HiveInURLActionInCustomAction
    • SPC155703 Reference15HiveInScriptSrcInCustomAction
    • SPC156101 Reference15HiveInControlSrcInControl
    • SPC155501 Reference15HiveInImageInListTemplate

v4.0.4.1804 BETA

New

  • Client App: New function 'Check for Updates' which notifies the user if updates are available
  • Metrics: New Metric for BDCModel und ClientWebPart
  • Help: Added functionality for comments to online documentation
  • Rules: New rules DeclareFileElementInModule (Checkid: SPC015303)

Changes

  • Help: Changed root URL for documentation to http://docs.spcaf.com/spcaf
  • Rules: Changed severity for rule DeclareSafeControlEntryForWebControls from Error to CriticalWarning

Fixes

  • Rules: Changed CheckId for Rule MasterPageShouldReferenceSharePointVersion15 to SPC157303
  • Setup: Added registration as addin for VS 2010 to setup
  • Analysis Engine: Fixed problem with long paths (PathTooLongException during project save)
  • Analysis Engine: Fixed problem with special characters in method names of assemblies (e.g. obfuscated assemblies)

v4.0.3.1546 BETA

  • First public beta release.
Disclaimer: The views and opinions expressed in this documentation and in SPCAF do not necessarily reflect the opinions and recommendations of Microsoft or any member of Microsoft. SPCAF and RENCORE are registered trademarks of Rencore. All other trademarks, service marks, collective marks, copyrights, registered names, and marks used or cited by this documentation are the property of their respective owners.