{"id":14373,"date":"2015-02-24T11:59:00","date_gmt":"2015-02-24T19:59:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/powershell\/2015\/02\/24\/powershell-script-analyzer-static-code-analysis-for-windows-powershell-scripts-modules\/"},"modified":"2024-02-28T13:20:04","modified_gmt":"2024-02-28T21:20:04","slug":"powershell-script-analyzer-static-code-analysis-for-windows-powershell-scripts-modules-2","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/powershell\/powershell-script-analyzer-static-code-analysis-for-windows-powershell-scripts-modules-2\/","title":{"rendered":"PowerShell Script Analyzer: Static Code analysis for Windows PowerShell scripts & modules"},"content":{"rendered":"

Introduction:<\/strong><\/p>\n

Windows Management Framework 5.0 Preview February 2015<\/a> includes the addition of a new Windows PowerShell Module called PSScriptAnalyzer. This is a static code checker for Windows PowerShell modules and scripts and is installed in $env:ProgramFiles\/WindowsPowerShell\/Modules.<\/p>\n

 <\/p>\n

\"\"<\/a><\/p>\n

 <\/p>\n

PSScriptAnalyzer checks the quality of Windows PowerShell code by running a set of rules. The rules are based on PowerShell best practices identified by PowerShell Team and the community. PSScriptAnalyzer generates DiagnosticResults (errors and warnings) to inform users about potential code defects and suggests possible solutions for improvements.<\/p>\n

PSScriptAnalyzer is shipped with a collection of built-in rules that checks various aspects of PowerShell code such as presence of uninitialized variables, usage of PSCredential Type, usage of Invoke-Expression etc. Additional functionalities such as exclude\/include specific rules are also supported.<\/p>\n

Custom rules written as PowerShell scripts can be supplied to the Script Analyzer. Read more about this in the last section. Code samples are also posted.<\/p>\n

 <\/p>\n

 <\/p>\n

Usage and Scenarios:<\/strong><\/p>\n