Showing posts with label Visual Studio. Show all posts
Showing posts with label Visual Studio. Show all posts

2019-10-17

Introduction to .ignore files syntax and capabilities



------------------

You'll mostly have to look up the documentation of the .ignore files syntax if you want to master this tool and find the right tradeoff/middleground between being specific and being generic about what files you ignore in your project.

------------------

In general, you can either 1/ be specific or 2/ use wildcards or 3/ use negation patterns. For instance you could say ignore all "bin" directories, except a particular one:

```
/**/bin
!/Golum/MyPrecious/bin
```

Notice the exclamation mark at the begining of the second line: it's a negation. It means: DO NOT IGNORE.
=> Those two lines combined, will ignore all "bin" directories, wherever they are in the tree ( double asterix = means any subdirectory ) except that one particular one, named on the next line and prefixed with an exclamation mark.


------------------

But saying this I'm only scratching the surface of the power of the .ignore files, you need to look at the doc to know more. (eg. you can have a generic .ignore file at the root of the solution and, for specific cases, other .ignore file(s) in subdirector.y.ies somewhere too)

------------------

Last but not least, if you're confident with .ignore file, you can even invoke destructive commands such as "clean" and delete everything that is not under source control ( ie. that is ignored )... which is basically a prequel to REBUILD ALL.

```
# WARNING: cleans absolutely everything that is not under source control
    git clean -nfdx # << To preview what would be deleted... -n = NoAction = --dry-run
    git clean -fdx # << The actual cleanup.
```

----------------

"tfignore file - Google Search"
"https://www.google.com/search?q=tfignore+file"


For Fox

"Visual Studio 2015 TFS .tfignore file - Stack Overflow"
"https://stackoverflow.com/questions/36768954/visual-studio-2015-tfs-tfignore-file"


For Seb

Excluding Files From Team Foundation Version Control Using .tfignore Files - Applied Information Sciences
https://www.appliedis.com/excluding-files-from-team-foundation-version-control-using-tfignore-files/


For everybody

"GitHub - sirkirby/tfignore: A Collection of .tfignore Templates"
"https://github.com/sirkirby/tfignore"

"GitHub - github/gitignore: A collection of useful .gitignore templates"
"https://github.com/github/gitignore"



Posted by at No comments:
Labels: , , , , , , , , ,

2019-10-16

The trend for an "Opt-out"-style philosophy for source control

The old "Opt-in"-style for source control

I remember, when using Microsoft's Team Foundation System and Visual Studio, you'd have two ways to add a file to source control:

  • either Visual Studio would take care of that for you when your file was part of a Solution
  • or you would have to manually browse the "Source Control Explorer" and add you new files


Preview of the Visual Studio's Source Control Explorer Graphical User Interface


A preview of how to explicitely add files to source control in Visual Studio




Things have changed

As far as source control goes, everybody is moving to "opt-out"-style policies, instead of "opt-in"-style ones, ( get used to it :stuck_out_tongue_winking_eye:  , 'cause it's actually much safer and nicer in the long run... even if there is an "up-front" price to pay -- ie. setting up your ".ignore" file)

Now, everything is under source control by default, unless you specify otherwise. This is nice because you typically don't get things happening behind your back without you knowing or forgetting (files added, changed or deleted).

Configuring what is ignored

When using the Git version control system, the critical files for specifying what is not meant to be kept under source control are the famous ".gitignore" files.

Visual Studio and Team Foundation System have a very similar concept, except the file is called ".tfignore".



Posted by at No comments:
Labels: , , , , , , , , ,

2019-01-22

Code Analysis for C# – Comparing Visual Studio and Sonar Capabilities


I have made some attempts to run code analysis tools on C# code and I have a couple remarks and examples.

But first, let's clarify what is the technology that makes it so easy to inspect static C# code: the Roslyn compiler.

Roslyn doesn't have a preference for any particular set of rules. The "Rules" are just a plugin. Each of us could write our own set of rules if we wanted to (see "Tutorial: Write your first analyzer and code fix | Microsoft Docs" ).

Visual Studio provides its own implementation of a C# analyzer with its own set of rules. But as it turns out, based on my case study, those rules are not the same ones as the ones implemented and enforced in Sonar for instance. The default Visual Studio analyzer and the default Sonar analyzer are not chasing after the same things. In fact either of this tool might report as a "warning", things that the other does not report at all. I believe that the same thing applies to NDepend.

This means that tools like *Sonar* and *NDepend* are NOT just GUIs to a well established set of rules. Each tool comes with its own philosophy and system of beliefs about what is good or bad practice.

You might then say: whatever then, who's better than Microsoft for setting rules about the language they created, right? Maybe. And maybe not.

In practice, different analyzers are complementary. The analyzer provided by Visual Studio seems better at picking up edge cases related to the language, whereas Sonar seems to operate at a higher (logical) level.


EXAMPLE #1:

Example of a problem picked up by the the Visual Studio analyzer but not by by the Sonar analyzer :

the following code



Stream data = webclient.OpenRead(url);
StreamReader reader = new StreamReader(data);
xmlstring = reader.ReadToEnd();
data.Close();
reader.Close();



supposedly will cause Dispose() to be called twice on the 'data' object...

The following code removes the warnings:



using (StreamReader reader = new StreamReader(webclient.OpenRead(url)))
    xmlstring = reader.ReadToEnd();



Like I said, this was not picked up by Sonar.



EXAMPLE #2:

Example of a problem picked up by the the Sonar analyzer but not by by the Visual Studio analyzer :
"Comparing to itself always returns true."







FYI, I've turned on all info and warnings and made them all visible. Visual Studio just does not see the pb with `listPrevious.SequenceEqual(listPrevious)`  :stuck_out_tongue:  Which is a shame, because that is a real bug in production code (a typo, or a bad copy-paste), it's not something I just made up. And Sonar's set of rule was able to detect this.


So in conclusion, my feeling is that Visual Studio's set of rules is better at detecting the "edge cases" related to the actual syntax features of the language and the .NET APIs, (which is only natural since both are Microsoft's creations). Whereas Sonar, being 10 years old, and being born in another world (Java) and supporting many languages, is more capable when it comes to reasoning on the semantic and logical levels.


CONCLUSION:



If I had to rephrase, I think that Sonar just doesn't bother with the flavor of the language; it cares about the logic and the semantics. Whereas Visual Studio tries to make it hard to shoot yourself in the foot with this one particular language; but on the other hand, it will let you write silly code if you want to, as long as you respect the internal constructs and overall code design.



READ MORE:


To close on this matter, a final quantitative analysis gives us:

SONAR:

  • Number of active C# rules in Sonar, by default = 216
  • Maximum number of available C# rules in Sonar = 355


VISUAL:

  • Number of active C# rules in Visual, by default = 62
  • Maximum number of available C# rules in Visual = 455


RulesCount-inSonar:


RulesCount-inVisual:


RulesCount-inVisual+ALL:





REMARK 1: A shared server is the preferred way to use Sonar, because it is very easy to create projects (one – or more – per developer) and use individual tokens to upload results before checking code in (and browsing results anonymously, in read-only mode, within the company's LAN/VPN). [However, if really wanted, an individual, private localhost instance setup, is possible too, in about 20 minutes when you have a concise documentation.]

REMARK 2: There seems to be a Visual Studio plugin that allows to run Sonar's rule on the fly
SonarLint for Visual Studio 2017: https://marketplace.visualstudio.com/items?itemName=SonarSource.SonarLintforVisualStudio2017
SonarLint for Visual Studio 2019 : https://marketplace.visualstudio.com/items?itemName=SonarSource.SonarLintforVisualStudio2019
From the website:

SonarLint spots bugs and quality issues as fast as you code.

  • 5 languages supported: C#, VB .Net, C, C++ and Javascript.
  • Open source, Roslyn based code analyzers.
  • Deep code analysis algorithms using pattern matching and dataflow analysis
  • Hundreds of rules, and growing.
  • Comes with explanations to resolve detected issues.



Posted by at No comments:
Labels: , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)