Merge remote-tracking branch 'refs/remotes/PowerShell/development' into AvoidGlobalFunctions

Author: David Reynolds

CHANGELOG.MD

@@ -1,4 +1,20 @@
-## Release v1.7.0
+## [1.8.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.8.0) - 2016-10-06
+### Added
+- New [rule](RuleDocumentation/UseCompatibleCmdlets.md) to check cmdlet compatibility between different PowerShell flavors
+- New [rule](RuleDocumentation/UseLiteralInitializerForHashtable.md) to warn when using Hashtable constructor
+- Feature to [pass parameters to rules from settings file](RuleDocumentation/AvoidAlias.md)
+- Feature to [discover settings file](README.md#settings-support-in-scriptanalyzer)
+- Enhancement to [PSShouldProcess](RuleDocumentation/UseShouldProcessCorrectly.md) rule to check for ShouldProcess implementation in downstream functions
+- A helper [module](Utils/RuleMaker.psm1) to create `C#` based builtin rules
+
+### Fixed
+- False negatives for identically named variables (#552)
+- Passing `*Ast` arguments to external rules (#614)
+
+### Changed
+- PSShouldProcess rule to not check for presence of `ShouldContinue` when `SupportsShouldProcess` is declared
+
+## [1.7.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.7.0) - 2016-08-16
 
 Here are some improvements since the last release.
 
@@ -9,18 +25,18 @@ Here are some improvements since the last release.
 - Fix rule suppression caused by inavlid offsets
 - Whitelist `Data` in `PSUseSingularNoun` rule
 - Fix rule documentation of `PSDSCExamplesPresent`
-- Fix false positives caused by PSD1 files which are not module manifests 
+- Fix false positives caused by PSD1 files which are not module manifests
     - affects `PSUseToExportFieldsInManifest`, `PSMissingModuleManifestField` and `PSAvoidUsingDeprecatedManifestFields` rules
 - Use PlatyPS for generating MAML based documentation
 - Add build script to automate building and testing the solution
- 
+
 A big **Thank You!** to the following folks for making PSScriptAnalyzer even better:
 - [Kieran Jacobsen (@kjacobsen)](https://github.com/PowerShell/PSScriptAnalyzer/commits/development?author=kjacobsen): Fix rule documentation of `PSDSCExamplesPresent` [PR #591](https://github.com/PowerShell/PSScriptAnalyzer/pull/591)
 - [Charlie Schmidt (@charlieschmidt)](https://github.com/PowerShell/PSScriptAnalyzer/commits/development?author=charlieschmidt): Suppress External Rules [PR #585](https://github.com/PowerShell/PSScriptAnalyzer/pull/585)
 - [June Blender (@juneb)](https://github.com/PowerShell/PSScriptAnalyzer/commits/development?author=juneb): Add tests for module help [058f65e1](https://github.com/PowerShell/PSScriptAnalyzer/commit/058f65e1f6278222378fedf444eecb2e32865b1e)
 - [Shayde Nofziger (@Blackbaud-ShaydeNofziger)](https://github.com/PowerShell/PSScriptAnalyzer/commits/development?author=Blackbaud-ShaydeNofziger): Fix rule name typo and comment [PR #560](https://github.com/PowerShell/PSScriptAnalyzer/pull/560)
 
-## Release v1.6.0
+## [1.6.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.6.0) - 2016-06-07
 
 ### Engine
 - Add `SuggestedCorrections` property to `DiagnosticRecord`
@@ -50,7 +66,7 @@ A big **Thank You!** to the following folks for making PSScriptAnalyzer even bet
 - Fix a bug in `PSMissingModuleManifestField` rule caused by .psd1 files that do not contain Hashtable
 - Fix documentation of `PSAvoidUsingPlainTextForPassword`
 
-## Release v1.5.0 (Mar. 30, 2016)
+## [1.5.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.5.0) - 2016-03-29
 
 ### Engine
 - Fixed an engine bug that prevented versioned script rule modules from being loaded
@@ -67,57 +83,57 @@ A big **Thank You!** to the following folks for making PSScriptAnalyzer even bet
 - Community Fix: Fixed false positives on `PSUseApprovedVerbs` when scope is declared as a prefix to the Verb-Noun combination
 - Updated messages of `AvoidUsernameAndPasswordParams` rule and `UsePSCredentialType` rule
 
-## Release v1.4.0 (Feb.16, 2016)
-###Features:
+## [1.4.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.4.0) - 2016-02-16
+### Features:
 - IncludeRule and ExcludeRule now consume RuleInfo objects
 
-###Rules:
+### Rules:
 - Rule to validate HelpMessage parameter attribute value
 - Rule to suggest module manifest *ToExport field values for optimizing module loading
 
-###Fixes:
-####Engine:
+### Fixes:
+#### Engine:
 - Fixed bug in engine handling of severity for custom rules - this property was being ignored
 - Exclude help files from being Ast parsed
 
-####Rules:
+#### Rules:
 - Emit accurate ast extents for rules - helps VSCode-PowerShell to mark violations better
 - Improved heuristics for Singular noun rule - reduce false positives
 - Updated credential rules to be less noisy based on community feedback
 - Support for [switch] type along with [boolean] for ShouldContinueWithoutForce rule
 - Improved handling of deprecated module manifest fields when PSv2.0 is specified in the manifest
 
-## Release v1.3.0 (Jan.19, 2016)
-###Features:
+## [1.3.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.3.0) - 2016-01-19
+### Features:
 - Support for running ScriptAnalyzer on PowerShell version v3 or higher! This means PSv5 is no longer the minimum PS version for ScriptAnalyzer
 
-###Rules:
+### Rules:
 - [From Community] Rule for warning about backticks that look like line-continuations but are not [MisleadingBacktick rule]
 - Ability in default ruleset to recognize PowerShell variable scopes - global, local, script, private
 - Ability to use functions as a variable and support for special type of functions like prompt
 
-###Fixes:
-####Rules:
+### Fixes:
+#### Rules:
 - Fix for recognizing PowerShell preference variable ($OFS) in the default ruleset
 - Fix for false positive - PSShouldProcess rule requires boolean value
 - Fix to account for function scope prefix
 - Raise ReservedParam rule only for exported functions as cmdlets
 
-## Release v1.2.0 (Dec.17, 2015)
-###Features:
+## [1.2.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.2.0) - 2015-12-16
+### Features:
 - Support for consuming PowerShell content as streams (-ScriptDefinition)
 - ScriptAnalyzer accepts configuration (settings) in the form of a hashtable (-Settings), added sample Settings
 - Ability to run default ruleset along with custom ones in the same invocation (-IncludeDefaultRules)
 - Recurse Custom Rule Paths (-RecurseCustomRulePath)
 - Consistent Engine error handling when working with Settings, Default and Custom Rules
 
-###Rules:
+### Rules:
 - Rule to detect the presence of default value for Mandatory parameters (AvoidDefaultValueForMandatoryParameter)
 
-###Fixes:
-####Engine:
+### Fixes:
+#### Engine:
 - Engine update to prevent script based injection attacks
-- CustomizedRulePath is now called CustomRulePath – Fixes to handle folder paths
+- CustomizedRulePath is now called CustomRulePath – Fixes to handle folder paths
 - Fixes for RecurseCustomRulePath functionality
 - Fix to binplace cmdlet help file as part of build process
 - ScriptAnalyzer Profile is now called Settings
@@ -126,69 +142,59 @@ A big **Thank You!** to the following folks for making PSScriptAnalyzer even bet
 - Added additional pester tests to take care of test holes in Custom Rule feature
 - Post-build error handling improvements, fixed typos in the project
 
-####Rules:
+#### Rules:
 - Fixed bug in Positional parameter rule to trigger only when used with >= 3 positional parameters
 - Updated keywords that trigger PSAvoidUsingPlainTextForPassword rule
 - Updated ProvideDefaultParameterValue rule to AvoidDefaultValueForMandatoryParameter rule
 - Deprecate Internal Url rule based on community feedback, identified additional rules to handle hardcoded paths etc
 - Added localhost exceptions for HardCodedComputerName Rule
 - Update to Credential based rules to validate the presence of CredentialAttribute and PSCredential type
 
-###Documentation:
-- Rule & Cmdlet documentation updates – Cmdlet help file addition
-
+### Documentation:
+- Rule & Cmdlet documentation updates – Cmdlet help file addition
 
-##
-
-## Release v1.1.1 (Nov.3, 2015)
-###Features:
+## [1.1.1](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.1.1) - 2015-11-03
+### Features:
 - Support for PSDrives when using Invoke-ScriptAnalyzer
 - More robust Profiles feature - better defaulting when supplied with invalid profile - actionable Warnings
 - Validated integration with ISESteroids, ISEScriptAnalyzerAddon
 
-###Rules:
+### Rules:
 - New rule to ensure that a file with missing BOM is encoded in ASCII
 
-###Fixes:
+### Fixes:
 - Doc Updates, Cleaned up source files to reflect accurate comments
 - Fix SuppressedOnly switch functionality
 - Updated Positional parameter rule to trigger only when used with > 3 positional parameters
 
-##
-
-## Release v1.1.0 (Sep.1, 2015)
-###Features:
+## [1.1.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.1.0) - 2015-09-01
+### Features:
 - Support for using ScriptAnalyzer as a .net library - ScriptAnalyzer APIs
 - Support for ScriptAnalyzer Profiles
 - Documentation for using Inline Rule Suppression
 - Added about help topic file as part of the module
 
-###Rules:
+### Rules:
 - Rule to checks for UTF8 encoding in help file
 - Deprecate Uninitialized Variable rule as per community feedback
 
-
-###Fixes:
+### Fixes:
 - Fix false positive for UsingInternalURL
 - WriteVerbose only when analyzing valid powershell files
 - DSCClass rules not being applied when exclude rule is used
 - Add host to list of initialized variable
 - Exclude external non-powershell applications (Console/GUI) from Positional Parameter rule application
 - Additional heuristics for detecting psavoidusingplaintextforpassword rule violation
 
-##
-
-## Release v1.0.2 (June.24, 2015)
-###Features:
+## [1.0.2](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.0.2) - 2015-06-24
+### Features:
 - Perf improvements in the Engine to execute rules concurrently.
 
-
-###Rules:
+### Rules:
 - New rule to validate the presence of deprecated module manifest fields.
-- Removed PSAvoidTrapStatement rule from the builtin set – since this is not deprecated and using trap is a better choice in certain scenarios.
-
+- Removed PSAvoidTrapStatement rule from the builtin set – since this is not deprecated and using trap is a better choice in certain scenarios.
 
-###Fixes:
+### Fixes:
 - Verbose Message rule applies to only DSC cmdlet based resources.
 - Multiple fixes to AvoidUninitializedVariable to work with non-mandatory parameters, fix in the flow graphs for throw statements;  support for missing preference variables; support for automatic variables.
 - PSAvoidUsingInternalsURLs to work with xPath expressions.
@@ -204,36 +210,30 @@ A big **Thank You!** to the following folks for making PSScriptAnalyzer even bet
 - AvoidUsingPlainTextForPassword rule to be raised only strings or object types.
 - Fix for PositionalParameterUsed method (Helper.cs) uses unsafe method to exclude ForEach-Object and Where-Object.
 
-##
-
-## Release v1.0.1 (May.8, 2015)
-###Features:
+## [1.0.1](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.0.1) - 2015-05-12
+### Features:
 - Integrated with waffle.io for Project Management.
 - Added documentation for writing script rules.
 
-###Rules:
+### Rules:
 - AvoidUsingWMICmdlet rule: For PowerShell 3.0 and above, usage of WMI cmdlets is not recommended. This rule is to detect WMI cmdlet usage in scripts that are written for PS 3.0 and above.
 - DSCTestsPresent rule: Resource module contains Tests folder with tests for given resource.
 - UseOutputTypeCorrectly rule: If we can identify the type of an object that is outputted to the pipeline by a cmdlet, then that type must be listed in the OutputType attribute.
 
-###Fixes:
-
+### Fixes:
 - PSProvideVerboseMessage only throws warnings in non-advanced functions.
 - Fix the issue in importing customized rule
 - Fix Function Member Ast cast error
 
-##
-
-##Released v1.0.0 on Apr.24, 2015
-###Features:
+## [1.0.0](https://github.com/PowerShell/PSScriptAnalyzer/tree/1.0.0) - (2015/04/24)
+### Features:
 - Finalized three levels of Severity - Error/Warning/Information.
 - Improved PSScriptAnalyzer engine behavior: emits non-terminating errors (Ex: for failed ast parse) and continues rule application when running on multiple scripts.
 - Added wild card supports for rules in Invoke-ScriptAnalyzer and Get-ScriptAnalyzer. Eg. Invoke-ScriptAnalyzer -IncludeRule PSAvoid* will apply all rules starting with PSAvoid* in built in rule assemblies.
 - Added -Severity to Get-ScriptAnalyzerRules. Get-ScriptAnalyzer -Severity will filter rules based on the severity given.
 - Added Suppression functionality. Users are now able to specify suppression on certain parts of the scripts by specifying "SupressMessageAttribute" in the scripts. More details and documentations will be coming soon in blog posts. Also comes with this feature is the ability for users to display a list of suppressed messages.
 
-###Rules:
-
+### Rules:
 - Added DSC Rules for resources including Parameter validation, Usage of standard DSC functions and return type validation. Rule checkings also support for DSC classes. Built-in DSC rules include:
     + UseStandardDSCFunctionsInResource
     + UseIdenticalParametersDSC
@@ -242,12 +242,9 @@ A big **Thank You!** to the following folks for making PSScriptAnalyzer even bet
 - Added support in the engine to detect DSC configuration/resource files and disable default rule checkings on DSC configuration and resource files.
 - UseShouldProcessForStateChangingFunctions - If an advanced function has Verbs like New/Start/Stop/Restart/Reset/Set- that will change system state, it should support ShouldProcess attribute.
 
-
-###Fixes:
-
+### Fixes:
 - Improved heuristics to detect usage of Username and Password instead of PSCredential type.
 - Improved accuracy in the detection of uninitialized variables.
 - Improved error messages to include error line numbers and file names.
 - Identified usage of PSBound parameters and PowerShell supplied variables such as $MyInvocation to avoid unnecessary noise in the results returned by some of the built-in rules.
 - Fixed terminating errors including "Illegal characters in Path".
-