Merge pull request #137 from PowerShell/BugFixes

yutingc · yutingc · commit 8a675a7cb430 · 2015-05-11T15:54:23.000-07:00
Merge BugFixes to Master
diff --git a/RuleDocumentation/AvoidUsingConvertToSecureStringWithPlainTextNoViolations.md b/RuleDocumentation/AvoidUsingConvertToSecureStringWithPlainTextNoViolations.md
@@ -0,0 +1,30 @@
+#AvoidUsingConvertToSecureStringWithPlainTextNoViolations
+**Severity Level: Error**
+
+
+##Description
+
+Information in the script should be protected properly. Using ConvertTo-SecureString with plain text will expose secure information.
+
+##How to Fix
+
+To fix a violation of this rule, please use a standard encrypted variable to do the conversion.
+
+##Example
+
+Wrong： 
+
+```
+$notsecure = convertto-securestring "abc" -asplaintext -force
+
+New-Object System.Management.Automation.PSCredential -ArgumentList "username", (ConvertTo-SecureString "notsecure" -AsPlainText -Force)
+
+```
+
+Correct: 
+
+```
+$secure = read-host -assecurestring
+$encrypted = convertfrom-securestring -securestring $secure
+convertto-securestring -string $encrypted
+```
diff --git a/Rules/UseIdenticalMandatoryParametersDSC.cs b/Rules/UseIdenticalMandatoryParametersDSC.cs
@@ -98,7 +98,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName
                 {
                     List<string> functionsNotContainingParam = expectedTargetResourceFunctionNames.Except(mandatoryParameters[paramName]).ToList();
                     yield return new DiagnosticRecord(string.Format(CultureInfo.InvariantCulture, Strings.UseIdenticalMandatoryParametersDSCError, paramName, string.Join(", ", functionsNotContainingParam.ToArray())),
-                                    ast.Extent, GetName(), DiagnosticSeverity.Information, fileName);
+                                    ast.Extent, GetName(), DiagnosticSeverity.Error, fileName);
                 }                   
                 
             }
@@ -159,7 +159,7 @@ public SourceType GetSourceType()
         /// <returns></returns>
         public RuleSeverity GetSeverity()
         {
-            return RuleSeverity.Information;
+            return RuleSeverity.Error;
         }
 
         /// <summary>
diff --git a/Rules/UseIdenticalParametersDSC.cs b/Rules/UseIdenticalParametersDSC.cs
@@ -67,7 +67,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName
                         || !CompareParamAsts(paramAst, paramNames[paramAst.Name.VariablePath.UserPath]))
                     {
                         yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseIdenticalParametersDSCError),
-                            paramAst.Extent, GetName(), DiagnosticSeverity.Information, fileName);   
+                            paramAst.Extent, GetName(), DiagnosticSeverity.Error, fileName);   
                     }
                 }
             }
@@ -166,7 +166,7 @@ public SourceType GetSourceType()
         /// <returns></returns>
         public RuleSeverity GetSeverity()
         {
-            return RuleSeverity.Warning;
+            return RuleSeverity.Error;
         }
 
         /// <summary>
diff --git a/Rules/UseStandardDSCFunctionsInResource.cs b/Rules/UseStandardDSCFunctionsInResource.cs
@@ -54,7 +54,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName
                 if (!targetResourceFunctionNamesInAst.Contains(expectedTargetResourceFunctionName, StringComparer.CurrentCultureIgnoreCase))
                 {
                     yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseStandardDSCFunctionsInResourceError, expectedTargetResourceFunctionName),
-                        ast.Extent, GetName(), DiagnosticSeverity.Information, fileName);      
+                        ast.Extent, GetName(), DiagnosticSeverity.Error, fileName);      
                 }
             }
         }
@@ -85,7 +85,7 @@ item is TypeDefinitionAst
                     if (!functions.Any(function => String.Equals(resourceFunctionName, (function as FunctionMemberAst).Name)))
                     {
                         yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseStandardDSCFunctionsInClassError, resourceFunctionName),
-                            dscClass.Extent, GetName(), DiagnosticSeverity.Information, fileName);
+                            dscClass.Extent, GetName(), DiagnosticSeverity.Error, fileName);
                     }
                 }
             }
diff --git a/build.cmd b/build.cmd
@@ -0,0 +1,15 @@
+@echo off
+setlocal
+if "%VS120COMNTOOLS%"=="" GOTO NOTOOLS
+call "%VS120COMNTOOLS%\VsDevCmd.bat"
+msbuild .\PSScriptAnalyzer.sln  /p:Configuration=Debug /l:FileLogger,Microsoft.Build.Engine;logfile=PSScriptAnalyzer_Build.log;append=true
+if NOT [%ERRORLEVEL%]==[0] pause
+
+GOTO END
+
+:NOTOOLS
+echo The Visual Studio 2013 tools are not installed
+pause
+
+:END
+endlocal

Original file line number	Diff line number	Diff line change
`@@ -98,7 +98,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName`
`98`	`98`	`{`
`99`	`99`	`List<string> functionsNotContainingParam = expectedTargetResourceFunctionNames.Except(mandatoryParameters[paramName]).ToList();`
`100`	`100`	`yield return new DiagnosticRecord(string.Format(CultureInfo.InvariantCulture, Strings.UseIdenticalMandatoryParametersDSCError, paramName, string.Join(", ", functionsNotContainingParam.ToArray())),`
`101`		`- ast.Extent, GetName(), DiagnosticSeverity.Information, fileName);`
	`101`	`+ ast.Extent, GetName(), DiagnosticSeverity.Error, fileName);`
`102`	`102`	`}`
`103`	`103`
`104`	`104`	`}`
`@@ -159,7 +159,7 @@ public SourceType GetSourceType()`
`159`	`159`	`/// <returns></returns>`
`160`	`160`	`public RuleSeverity GetSeverity()`
`161`	`161`	`{`
`162`		`- return RuleSeverity.Information;`
	`162`	`+ return RuleSeverity.Error;`
`163`	`163`	`}`
`164`	`164`
`165`	`165`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName`
`67`	`67`	`\|\| !CompareParamAsts(paramAst, paramNames[paramAst.Name.VariablePath.UserPath]))`
`68`	`68`	`{`
`69`	`69`	`yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseIdenticalParametersDSCError),`
`70`		`- paramAst.Extent, GetName(), DiagnosticSeverity.Information, fileName);`
	`70`	`+ paramAst.Extent, GetName(), DiagnosticSeverity.Error, fileName);`
`71`	`71`	`}`
`72`	`72`	`}`
`73`	`73`	`}`
`@@ -166,7 +166,7 @@ public SourceType GetSourceType()`
`166`	`166`	`/// <returns></returns>`
`167`	`167`	`public RuleSeverity GetSeverity()`
`168`	`168`	`{`
`169`		`- return RuleSeverity.Warning;`
	`169`	`+ return RuleSeverity.Error;`
`170`	`170`	`}`
`171`	`171`
`172`	`172`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -54,7 +54,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName`
`54`	`54`	`if (!targetResourceFunctionNamesInAst.Contains(expectedTargetResourceFunctionName, StringComparer.CurrentCultureIgnoreCase))`
`55`	`55`	`{`
`56`	`56`	`yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseStandardDSCFunctionsInResourceError, expectedTargetResourceFunctionName),`
`57`		`- ast.Extent, GetName(), DiagnosticSeverity.Information, fileName);`
	`57`	`+ ast.Extent, GetName(), DiagnosticSeverity.Error, fileName);`
`58`	`58`	`}`
`59`	`59`	`}`
`60`	`60`	`}`
`@@ -85,7 +85,7 @@ item is TypeDefinitionAst`
`85`	`85`	`if (!functions.Any(function => String.Equals(resourceFunctionName, (function as FunctionMemberAst).Name)))`
`86`	`86`	`{`
`87`	`87`	`yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseStandardDSCFunctionsInClassError, resourceFunctionName),`
`88`		`- dscClass.Extent, GetName(), DiagnosticSeverity.Information, fileName);`
	`88`	`+ dscClass.Extent, GetName(), DiagnosticSeverity.Error, fileName);`
`89`	`89`	`}`
`90`	`90`	`}`
`91`	`91`	`}`