Writing Custom Rules for FxCop

Code review or monitoring inevitably becomes a part of our project’s life cycle. It’s a process which analyzes your code, helps to mitigate issues and reduce the percentage of bugs in testing by performing code cleaning. We can do the code review either manually or, preferably, automatically. In a big project reviewing code manually is a massively time consuming matter, and so tools like FxCop not only help us to clean the code but also save a lot of time. It is a free tool from Microsoft and provides the capability of writing custom rules along with its inbuilt rules. It checks violations or non-conformance to some pre-defined standards. Before writing the custom rules it is very much essential to know the basics of FxCop along with inbuilt rules. Hence this article is divided into two parts: in part I it will cover the basics of FxCop and its use. In the 2nd part emphasize has been given on the custom rules of FxCop.

What is FxCop ?

FxCop stands for “Framework Police”.  It’s a tool designed to check .net code for violations of a wide range of programming rules and conventions based on Microsoft’s .Net Framework design guidelines and other standards. It does not analyze source code, but rather analyzes the MSIL (Microsoft Intermediate language) generated by .NET compilers and persisted in .NET assemblies (EXE and DLL files). It is (thankfully) not coupled to any particular .NET programming language, and will work with all .net compliant languages (VB.Net, C#, C++ etc.).

Features of FxCop

· It works only with assembly metadata but not with source code. It has the following advantages:

· It provides an automated way of identifying code that violates rule.

· It works with any managed assembly created by any .NET-compliant language.

· It has an extensive store of built-in rules.

· It supports to create custom rules.

· It produces a rule violation reports.

· It is a free and open source tool.

· It can be integrated with Visual Studio.


Why Use FxCop?

When we are talking about any product or project three major and most important considerations are cost, time and quality. Every client wants a quality product to be delivered with within budget  and also within the deadline. Tool like FxCop have an important role in achieving the abovementioned these goals.

FxCop’s inbuilt rules improve the code in a number of areas including performance, security and globalization/localization and thus help to produce quality product.                             

FxCop helps developers identify the violations of rules from the very early stage of development and thus saves lot of time for code refactoring which indirectly saves man-hours and cost.

How to get FxCop ?

Anyone can download the latest copy of FxCop  (version 1.36) from http://www.microsoft.com/downloads/details.aspx?FamilyID=9aeaa970-f281-4fb0-aba1-d59d7ed09772.

Existing Rules:

FxCop has its own built-in rules. Considering the latest version (1.36) of FxCop we have the following built in rules (see screen shot I):

· Design Rules

· Globalization Rules

· InteroperabilityRules

· MobilityRules

· NamingRules

· PerformanceRules

· PortabilityRules

· SecurityRules

· UsageRules


How to Run FxCop?

In the above screen shot we can see that there are basically two tabs: Targets and Rules. Using Add Target (Project->Add Target) we can map any DLL or .exe which we want to analyze code for and using the Add Rule ((Project->Add Rule) option we can add our own custom rules. All rules are displayed in a tree hierarchy where we can select or deselect any particular rule or rules that we do not want to implement. Finally we need to click the Analyze button which will produce a rule violation report .

By clicking on a violation in the report, we can obtain detailed information about that violation. In the screen shot we can see a hyperlink to our Visual Studio source file which assists us in locating the code that needs to be modified (see screen shot below): Here we have two choices:

1.            Update the code.

2.            Keep the code as it is to update latter.


If we click in the hyperlink of location path we can reach the exact line of code that we have to modify (see screen shot below where the exact line is marked with red color).



In the above screen shot we can update the code marked under the red line as follows to resolve the rule violation:

            Resolved code: string strFullName = strName + ” ” + strTitle;

After updating the code , we can run FxCop again and  see the issue has been resolved as there is nothing in the report for violating the ToString() related issue(see screen shot below)




Pages: 1 2


No comments yet... Be the first to leave a reply!