We are happy to announce the release of PSScriptAnalyzer 1.21. This minor version update includes:<\/p>\n
Invoke-Formatter<\/code><\/li>\n- Four bug fixes<\/li>\n
- Improved message details in
PSUseCorrectCasing<\/code><\/li>\n- Lots of documentation updates<\/li>\n
- Updated system requirements<\/li>\n<\/ul>\n
A big portion of changes are in less visible areas such as the maintenance of dependencies and CI.<\/p>\n
System requirements<\/h2>\n
Starting with this version the minimum requirements are changing as follows:<\/p>\n
\n- For PowerShell ‘Core’ users (
$PSVersionTable.PSEdition -eq 'Core'<\/code>):\nThe minimum required PowerShell version increases from 7.0.3<\/code> to 7.0.11<\/code>. With PowerShell 7.0\nreached end of life this December, the next version of PSScriptAnalyzer will require 7.2<\/code>.<\/p>\nUse $PSVersionTable.PSVersion<\/code> to see which version of PowerShell you are using. For more\ninformation about supported versions of PowerShell, see the\nPowerShell support lifecycle<\/a>.<\/li>\n- For Windows PowerShell users (version 3 to 5.1 or (
$PSVersionTable.PSEdition -ne 'Core')<\/code>)\nThe minimum required version of the .NET Framework runtime increased from 4.5.2<\/code> to 4.6.2<\/code>.\nVersions 4.5.2.<\/code>, 4.6<\/code> and 4.6.1<\/code> have reached end of support this year. This change should not\nimpact the majority of users on supported and patched OS versions.<\/p>\nFor more details about .NET support, see\n.NET Framework blog post<\/a>.<\/li>\n<\/ul>\nFor more information, see the full changelog<\/a>.<\/p>\nNew Rules<\/h2>\nAvoidMultipleTypeAttributes<\/h3>\n
This rule is to call out the usage of multiple type attributes in a function that the parser accepts\nas valid syntax but can later cause unexpected behavior or an error at runtime.<\/p>\n
For example, the following function<\/p>\n
function foo { [switch][string] $Param1 }<\/code><\/pre>\nwill throw the following error when the function is invoked:<\/p>\n
Cannot convert the “” value of type “System.String” to type “System.Management.Automation.SwitchParameter”<\/p><\/blockquote>\n
Thanks to GitHub user hankyi95<\/a> for contributing this rule.<\/p>\nAvoidSemicolonsAsLineTerminators<\/h3>\n
The rule detects the usage of a trailing semicolon at the end of a line, which is not required in\nmost PowerShell scripts and can be omitted. This rule is not enabled by default and can be used by\nInvoke-Formatter<\/code>.<\/p>\nThe latest Preview version of the PowerShell extension for Visual Studio Code already includes\nPSScriptAnalyzer 1.21.0 and can control this formatting rule via a new\npowershell.codeFormatting.avoidSemicolonsAsLineTerminators<\/code> setting. This should soon be available\nin the non-preview version of the extension as well.<\/p>\nThanks to Aliaksei (GitHub user tempora-mutantur<\/a>) for contributing this rule.<\/p>\nAvoidUsingBrokenHashAlgorithms<\/h3>\n
This rule inspects the Get-FileHash<\/a> cmdlet for usage of either MD5<\/code> or SHA-1<\/code> as the value\nto the -Algorithm<\/a> parameter since those algorithms are no longer considered secure. Users\nshould consider replacing the value with SHA256<\/code>, SHA384<\/code>, SHA512<\/code>, or other safer algorithms\nwhere possible. It is understood there will be legacy or backwards compatibility cases where this\ncannot be done. PSScriptAnalyzer has a suppression feature<\/a> that can be used to document the\nreason for it in your code.<\/p>\nThanks to Michael Van Leeuwen (GitHub user MJVL<\/a>) for contributing this rule.<\/p>\nEnhancements<\/h2>\n
Invoke-Formatter<\/code> now accepts input via the pipeline, either just as a string or\n[pscustomobject]<\/code> with parameter values.<\/p>\nThe AvoidUsingPlainTextForPassword<\/a> rule is the first built-in rule to now return more than one\nsuggestion for correction. In addition to suggesting the usage of SecureString<\/a>, it now offers\nan alternative suggestion with PSCredential<\/a>.<\/p>\nWith version 2.40.0 of the az<\/code> CLI, its entrypoint changed from a batch script to an az.ps1<\/code>\nscript. Since this script just passed its received arguments as $args<\/code> as-is to python, it is still\na CLI and not a script with parameters. But it causes now a AvoidUsingPositionalParameters<\/a>\nwarning, which is a false positive. We therefore added a CommandAllowList<\/code> configuration to it,\nwhich has az<\/code> in it by default.<\/p>\nDocumentation changes<\/h2>\n
In order to keep documentation all consolidated in one location, we have moved the documentation in\nthe repo to the repo of docs.microsoft.com<\/a>. Please see the documentation notice<\/a> in the\nrepo in order to get more specific details.<\/p>\nOutlook<\/h2>\n
Expect more formatting rules and options in the next release and continue giving us feedback. We are\nlooking to increase our release frequency now that the Microsoft internal build has moved to a new\nsystem, which is what caused some delay to this release. To reduce maintenance, we are looking to\ndrop support for PowerShell version 3 and 4 in future versions of PSScriptAnalyzer, which would also\nalign it with the PowerShell extension for Visual Studio Code where this change was successful. The\nfirst step could be to increase the value of the PowerShellVersion<\/code> property in the module manifest\nbut still ship the version specific binaries so that it would still work if one changed its value in\nthe manifest.<\/p>\nOn behalf of the Script Analyzer team,<\/p>\n
Christoph Bergmeister<\/a>, Project Maintainer from the community, Avanade<\/a><\/p>\nJim Truher<\/a>, Senior Software Engineer, PowerShell Team<\/a>, Microsoft<\/a><\/p>\n<\/p>\n","protected":false},"excerpt":{"rendered":"
Announcing the release of PSScriptAnalyzer 1.21<\/p>\n","protected":false},"author":2413,"featured_media":13641,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[3182],"class_list":["post-19758","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-powershell","tag-psscriptanalyzer"],"acf":[],"blog_post_summary":"
Announcing the release of PSScriptAnalyzer 1.21<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts\/19758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/users\/2413"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/comments?post=19758"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts\/19758\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/media\/13641"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/media?parent=19758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/categories?post=19758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/tags?post=19758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}