3. I. Quality Demystified
II. Code Analysis in VS2012
III. Code Metrics and Maintainability
IV. Code Coverage
V. Code Clone Analysis
VI. Q & A
4. Quality is often non measurable
‘Code that smells’
Proper Solution vs. Quick Fix
Better crafted software
Drive quality ‘upstream’
By following proven processes
By Behavioral Changes
7. Find Problems before you make them
Code Analysis
Code Metrics
Code Clone Analysis
Don’t let bugs out of your sight
Unit Testing and Code Coverage
Test Impact Analysis
Coded UI Tests
Performance Tests
Don’t let bugs get into your builds
Gated Check-In
8. void wchar_t wchar_t
wchar_t
sizeof "%s: %sn"
warning C6057: Buffer overrun due to number of characters/number
of bytes mismatch in call to 'swprintf_s'
void wchar_t wchar_t
wchar_t
_countof
9. protected void Page_Load(object sender, EventArgs e)
{
string userName = Request.Params["UserName"];
string commandText = "SELECT * FROM Contacts
WHERE ContactFor =
'" + userName + "'";
SqlCommand command = new SqlCommand
CA2100 : Microsoft.Security : The query string passed to (commandText,
System.Data.SqlClient.SqlCommand..ctor in Page_Load could containthis.connection);
the following variables
this.get_Request().get_Params().get_Item(...). If any of these variables could come from user input, consider using a
stored procedure or a parameterized SQLreader of building the query with string concatenations.
SqlDataReader query instead = command.ExecuteReader();
while (reader.Read())
{
ListBox1.Items.Add
(new ListItem
(reader.GetString(0)));
}
}
10. protected void Page_Load(object sender, EventArgs e)
{
string userName = Request.Params["UserName"];
string commandText = "SELECT * FROM Contacts
WHERE ContactFor =
@userName";
SqlCommand command = new SqlCommand
(commandText,
connection);
command.Parameters.Add(new SqlParameter
("@userName", userName));
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
ListBox1.Items.Add
(new
ListItem(reader.GetString(2)));
}
}
11.
12. public class EquationBuilder
{
public override string ToString()
{
string result = CalculateResult().ToString();
switch (operatorKind)
{
case EquationOperator.Add:
return left + " + " + right +
" = " + result;
case EquationOperator.Subtract:
return left + " - " + right +
" = " + result;
default:
throw new NotImplementedException();
}
}
…
}
13. public void DisplayMultiplyResult()
{
EquationBuilder equation =
new EquationBuilder
(left,
EquationBuilder.EquationOperator.Multiply,
right);
ResultsBox.Text = equation.ToString();
}
14. public class EquationBuilder
{
public override string ToString()
{
string result = CalculateResult().ToString();
switch (operatorKind)
{
case EquationOperator.Add:
return left + " + " + right +
" = " + result;
case EquationOperator.Subtract:
return left + " - " + right +
" = " + result;
default:
throw new NotImplementedException();
CA1065 : Microsoft.Design : 'Class1.ToString()' creates an exception of
}
type}
'NotImplementedException'. Exceptions should not be raised in
this type of method. If this exception instance might be raised, change
…
this method's logic so it no longer raises an exception.
}
15. public class EquationBuilder
{
public override string ToString()
{
string result = CalculateResult().ToString();
switch (operatorKind)
{
case EquationOperator.Add:
return left + " + " + right +
" = " + result;
case EquationOperator.Subtract:
return left + " - " + right +
" = " + result;
default:
Debug.Assert(false,
"Unexpected operator!");
return "Unknown";
}
}
…
16. void TraceInformation(char *message,
int &totalMessages)
{
// Only print messages if there are
// more than 100 of them or the trace
// settings are set to verbose
if (TRACE_LEVEL > 3 ||
totalMessages++ > 100)
{
printf(message);
}
}
warning C6286: (<non-zero constant> || <expression>) is always a non-zero constant.
<expression> is never evaluated and might have side effects
17. void TraceInformation(char *message,
int &totalMessages)
{
// Only print messages if there are
// more than 100 of them or the trace
// settings are set to verbose
totalMessages++;
if (TRACE_LEVEL > 3 ||
totalMessages > 100)
{
printf(message);
}
}
18. public FldBrwserDlgExForm():
SomeSystem.SomeWindows.SomeForms.SomeForm
{
CA1704 : Microsoft.Naming : Correct the spelling of new in member name 'rtb.AcpectsTabs‘
this.opnFilDlg = 'Acpects' opnFilDlg();
CA1704 : Microsoft.Naming : Correct the spelling of 'Brwser' in new fldrBrwsrDlg1();
this.fldrBrwsrDlg1 = type name 'FldBrwserDlgExForm'.
this.rtb = new rtb();
CA1704 : Correct the spelling of 'Brwsr' in type name 'fldrBrwsrDlg1'.
this.opnFilDlg.DfltExt = "rtf";
this.desc = "Select the dir you want to use as
CA1704 : Correct the spelling of 'Btn' in member name 'fldrBrwsrDlg1.ShowNewFldrBtn’
default";
CA1704 : Correct the spelling of 'desc' in member name 'FldBrwserDlgExForm.desc'
this.fldrBrwsrDlg1.ShowNewFldrBtn = false;
this.rtb.AcpectsTabs = true;
CA1704 : Correct the spelling of 'Dflt' in member name 'opnFilDlg.DfltExt'
} CA1704 : Correct the spelling of 'Dlg' in type name 'FldBrwserDlgExForm'.
CA1704 : Correct the spelling of 'Fil' in type name 'opnFilDlg'.
CA1704 : Correct the spelling of 'Fld' in type name 'FldBrwserDlgExForm'.
CA1704 : Microsoft.Naming : Correct the spelling of 'opn' in type name 'opnFilDlg'.
CA1704 : Microsoft.Naming : Correct the spelling of 'rtb' in type name 'rtb'.
19. public class FolderBrowserDialogExampleForm :
System.Windows.Forms.Form
{
// Constructor.
public FolderBrowserDialogExampleForm()
{
this.openFileDialog1 = new OpenFileDialog();
this.folderBrowserDialog1 = new FolderBrowserDialog();
this.richTextBox1 = new RichTextBox();
this.openFileDialog1.DefaultExt = "rtf";
// Set the help text description
this.folderBrowserDialog1.Description =
"Select the directory that you want to use
as the default.";
// Do not allow the user to create new files
this.folderBrowserDialog1.ShowNewFolderButton = false;
this.richTextBox1.AcceptsTab = true;
}
}
With Visual Studio 2012 and Team Foundation Server 2012 there have been a lot of improvements to make developer collaboration even easier. We cover integrated code review, the new “My Work” experience for managing your active tasks, and once you’re “in the zone” we help you stay focused on the task at hand, no matter how much you’re randomized. We walk the full gamut of collaboration improvements, from the newly revamped Team Explorer, to the version control and build improvements. Want to work offline seamlessly? Wish merging happened less frequently and was simpler when it did? How about find work items faster? We talk about all this and more.