{"id":18385,"date":"2018-03-13T11:13:31","date_gmt":"2018-03-13T18:13:31","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/vcblog\/?p=18385"},"modified":"2019-02-18T17:48:01","modified_gmt":"2019-02-18T17:48:01","slug":"c-code-analysis-improvements-for-visual-studio-2017-15-7-preview-1","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/cppblog\/c-code-analysis-improvements-for-visual-studio-2017-15-7-preview-1\/","title":{"rendered":"C++ Code Analysis Improvements for Visual Studio 2017 15.7 Preview 1"},"content":{"rendered":"

\u70b9\u8fd9\u91cc\u770b\u4e2d\u6587\u7248<\/a><\/p>\n

We’re making it easier to configure and use the C++ code analysis features with a set of changes targeting 15.7. In the first 15.7 preview we’ve cleaned up the UI, fixed our documentation links<\/span> and, most importantly, simplified the way analysis extensions are <\/span>configured.<\/span>\u00a0<\/span><\/p>\n

If you’re not familiar with C++ Core Check, it’s a code analysis extension that helps you update your code to be safer and use a more modern style as outlined in the C++ Core Guidelines<\/a>. You can learn more about the rules we enforce on our reference page<\/a>.<\/p>\n

C++ Core Check Extension on by De<\/span>fault<\/span><\/h2>\n

We wanted to make it easier for developers to take advantage of the new checks from C++ Core Check<\/span>. <\/span>Previously if developers wanted to use C++ Core Check with code analysis, they had to explicitly enable the analysis extension for each project. Then, when running analysis, the tools would produce a deluge of Core Check warnings because all C++ Core Check warnings were enabled by default.<\/span>\u00a0<\/span><\/p>\n

Starting in Preview 1, the C++ Core Check extension is enabled whenever<\/span> code analysis <\/span>is run. We also updated the Microsoft Native Recommended Rules and Microsoft Native Minimum Rules to include only the highest impact C++ Core Check warnings (more on that below). We think this provides the best experience: running code analysis on a project “just works” without requiring additional configuration.<\/span>\u00a0<\/span><\/p>\n

We also removed the UI that was used to configure the analysis extensions because it’s no longer needed. Our goal is to make the ruleset the one-stop configuration file for code analysis. All a developer needs to worry about is which warnings he or she wants to run, and the engine will intelligently enable and disable extensions and checkers based on the ruleset. This feature isn’t fully implemented in Preview 1; the remaining work will ship in an upcoming preview.<\/em><\/span>\u00a0<\/span><\/p>\n

\"Screenshot<\/a>
The code analysis extensions selection panel has been removed – extensions will be enabled automatically based on the rules that are enabled.<\/figcaption><\/figure><\/p>\n

\"Screenshot<\/a>
The code analysis extensions panel was removed from the project properties page in 15.7 preview 1.<\/figcaption><\/figure><\/p>\n

Disabling C++ Core Check for a Project<\/span><\/h3>\n

Because this work is still in preview, we added a way to revert to the previous behavior. If the C++ Core Check extension is causing problems with a project, it can be disabled per-project by editing the vcxproj file and adding the following property.<\/span><\/p>\n

\u00a0 <<\/span>PropertyGroup<\/span>><\/span>\u00a0\n<\/span>\u00a0\u00a0\u00a0 <<\/span>EnableCppCoreCheck<\/span>>false<\/<\/span>EnableCppCoreCheck<\/span>><\/span>\u00a0\n<\/span>\u00a0 <\/<\/span>PropertyGroup<\/span>><\/span>\u00a0<\/span><\/pre>\n
When building from the command line with msbuild, it can also be disabled by passing the property \/p:EnableCppCoreCheck=false<\/span><\/p>\n
If you find you need to disable the extension, we’d like to know about any blocking issues you found. Use the “Send Feedback” button in Visual Studio to report any problems.<\/span>\u00a0<\/span><\/p>\n
New Rules in Recommended and Minimum Rulesets<\/span><\/h2>\n
Previously the Microsoft Native Recommended and Microsoft Minimum Rulesets had all C++ Core Check warnings <\/span>enabled <\/span>by default. This meant if you wanted to try out C++ Core Check and enabled the extension, you’d get a flood of additional warnings.<\/span>\u00a0<\/span><\/p>\n
To stay consistent with the spirit of the “Recommended” and “Minimum” rulesets, we<\/span> looked across our internal projects and identified the C++ Core Check rules that helped prevent the most critical bugs. The Recommended and Minimum rulesets still contain the core analyzer rules they had previously and now also contain the high-impact C++ Core Check rules. If you want to run with all the C++ Core Check warnings enabled, you can still choose the “C++ Core Check Rules” ruleset.<\/span>\u00a0<\/span><\/p>\n
New in Microsoft Native Minimum<\/span>\u00a0<\/span><\/h3>\n