I recently had a little problem with my build scripts on my CI server. Since I have Visual Studio 2008 installed on my development machine, NAnt finds the Windows SDK v6.0A installed (flack from the VS2k8 install) and runs along happily building .NET 3.5 libraries (where I use WCF for SOA layers). However, when I [...]
The third post in this series on Automating Code Review tools will cover FxCop. FxCop is a coding standard and introspective analysis tool that looks at code using a ruleset and analyzes things such as code design (”should this method be static, internal, etc”) and performance (”change this method to static because it never uses [...]
Yesterday I posted about automating CAT.NET. Today while adding it to another build file, I ran across a great error! The tool did not detect any vulnerabilities in my code and therefore the XPath used in the xmlpeek task failed! This caused the build to fail with a false positive. I’ve updated my target to [...]
The other day in Part I of this series I said I was going to write up some more articles about automating code review tools in your build process. Today I spent some time looking over CAT.NET and figuring out how it fits into my build process. CAT.NET is a static code analysis tools that [...]
The Connected Information Security Group blog at Microsoft recently published a couple of articles (part 1, part 2) about a tool recently released called CAT.NET. This is a static code analysis tool which reads a compiled programs code and looks for security problems such as null pointers, null references, and other problems specific to interpreted [...]
