Jump to navigation

Poupou's Corner of the Web

Looking for perfect security? Try a wireless brick.
Otherwise you may find some unperfect stuff here...


Gendarme 2.2

Mono branched for 2.2 earlier this week and Gendarme follow its wave. A first preview, binaries and win32 installer, are now available on Ohloh. Linux packages (inside mono-tools) for the first preview should be available soon.

This Gendarme release includes the development results of the last four months, including some major events like the Novell Hack Week 3 and the second half of GSoC 2008 work done by Nestor Salceda. Major highlights includes:

  • Improvement to the framework by the addition of engines that can build extra information to extend the model Cecil gives us to work with.
  • New [FxCopCompatibility] attribute to match between Gendarme and FxCop rules. This will be used to support [SuppressMessage] inside assemblies in a future release.
  • New TearDown capability on rules and runners allow rules to defer the reporting of defects until the analysis is completed.
  • New "Audit" severity. This is used to denotate defects that, too often, can't be fixed (i.e. will always be reported) but needs to be audited (e.g. security items).
  • By default the console runner now reports only when both Severity > Low, i.e. skipping Low and Audit severity defects, and Confidence > Low, i.e. skipping Low confidence defects.
    This is to help reduce false positives and get smaller reports with the most important defects. You can override both option, with lower or higher values, with new command switches.
  • The wizard runner is now, by default, limited to 1000 defects on the visible API and will, like the console runner, report only defects when both Severity > Low and Confidence > Low. A new step in the wizard allow users to change those settings before the analysis (defaults can be modified and saved).
  • You can now save your rule selection as the new default in the wizard. The same set will be enable next time you restart the wizard.

32 new rules including:


Lots of rules have been updated and, in a few cases, renamed or moved, to provide extended functionalities. Biggest move/merge changes are:

  • CAS-related Security rules were moved into Security.Cas
  • DisposableFieldsShouldBeDisposedRule was moved from Design into Correctness
  • EnumNotEndsWithEnumOrFlagsSuffixRule was merged with UseCorrectSuffixRule (Naming)
  • FinalizersShouldCallBaseClassFinalizerRule was moved from Design into Correctness
  • ImplementGenericCollectionInterfacesRule was moved from Design into Design.Generic

Contributors for this release are: Peter Johanson, Nestor Salceda, Cedric Vivier, Jesse Jones, Alan McGovern and me :-)

11/13/2008 20:18:15 | Comments

The views expressed on this website/weblog are mine alone and do not necessarily reflect the views of my employer.