What's New in CodeIt.Right v2.0

  • New (!) Instant Code Review feature - allows to run select set of rules in the background and get real-time code issues feedback to developers in the Visual Studio Editor. Highlights code element that raised violation, shows complete list of file issues in the right violations bar (next to the scrollbar). Each issue shows description, offers auto-refactoring options, option to ignore (exclude) the violation. The feature can be turned on/off with a single click, supports multiple user configured profiles which can be switched from within right margin violations bar context menu.

  • Added support for Visual Studio 11 Developer Preview

  • Copy Rule feature - Enables to copy existing rule instance and reconfigure it under a new name

  • Added Multiselect in Violations Report - helps when need to exclude or copy many violations at once

  • Added SDK support for multiple categories for a single rule. No breaking changes, new SDK is still compatible with your existing custom rules.

  • Added XAML Parser - XAML Parser enables creation of Silverlight/WPF specific rules

  • Added 8 new Silverlight/WPF/XAML rules 
    • Assign object should define To member (Xaml)
    • Assign object should define Value member (Xaml)
    • ControlTemplate object should define TargetType member (Xaml)
    • Delay object should define Duration member (Xaml)
    • Parallel object should define Branches member (Xaml)
    • Sequence object should define Activities member (Xaml)
    • Xaml file should be well-formed (Xaml)
    • Property should be set once (Xaml)
  • Added 27 new ASP.NET/Security rules
    • Avoid setting the AutoPostBack property to True (AspNet;Security)
    • Always define a global error handler (AspNet;Security)
    • EnableEventValidation should be True (AspNet;Security)
    • ValidateRequest should be True (AspNet;Security)
    • ViewStateEncryptionMode should be Always (AspNet;Security)
    • EnableViewStateMac should be True (AspNet;Security)
    • EnableViewState should be True (AspNet;Security)
    • Compilation Debug should be False in web.config (AspNet;Security)
    • Do not disable custom errors in web.config (AspNet;Security)
    • Form authentication Protection should be All in web.config (AspNet;Security)
    • Disable form authentication EnableCrossAppRedirects in web.config (AspNet;Security)
    • Form authentication RequireSSL should be True in web.config (AspNet;Security)
    • Http cookies HttpOnlyCookies should be True in web.config (AspNet;Security)
    • Http cookies RequireSSL should be True in web.config (AspNet;Security)
    • Trace should be disabled in web.config (AspNet;Security)
    • Role manager CookieProtection should be All in web.config (AspNet;Security)
    • Role manager CookieRequireSSL should be True in web.config (AspNet;Security)
    • Role manager CookieSlidingExpiration should be False in web.config (AspNet;Security)
    • Page EnableViewStateMac should be True in web.config (AspNet;Security)
    • Page EnableEventValidation should be True in web.config (AspNet;Security)
    • Page ValidateRequest should be True in web.config (AspNet;Security)
    • Page ViewStateEncryptionMode should be Always in web.config (AspNet;Security)
    • Http runtime EnableHeaderChecking should be True in web.config (AspNet;Security)
    • Custom errors DefaultRedirect should be specified in web.config (AspNet;Security)
    • Form authentication should not contain credentials in web.config (AspNet;Security)
    • Form authentication SlidingExpiration should be False in web.config (AspNet;Security)
    • Disable anonymous access in web.config (AspNet;Security)
    • Enable request validation in MVC controller action (AspNet;Security)
    • Use ValidateAntiforgeryTokenAttribute to protect against potential CSRF attacks in MVC controller action (AspNet;Security)

  • New rule - Remove Unused Classes

  • (EE) Option to publish custom dictionary - Enterprise Edition introduces Shared dictionary (in addition to User dictionary). Shared dictionary can be published and distributed to all Analysis Module users

  • (EE)(Cmd) Added Auto Update parameter /RuleUpdate to pull published rules and profiles to a build server in a command line version only ("no Visual Studio") setup

  • (EE)(Cmd) Added "Project Configuration" parameter /projectConfiguration

  • (EE)(Cmd) Added "MailSubjectSuffix" for email in command line version

  • (EE)(Cmd) Email metrics report - enables command line version to distribute metrics report output via email; /sendto parameter now works with the /metrics parameter

  • (EE) Improved handing of non-unique RuleIds in Statistics.db - you will no longer get unhandled error dialog if use existing RuleId in your custom rule. Still a unique (GUID-based recommended) RuleId is required for custom rules

  • Profile Editor - Added filter for selected/unselected rules

  • Added Option to Require Exclude Comments. The date/time stamped comments show up within the Excluded -> Violations tab

  • Improved Auto Update - it no longer requires Admin permission to check for an update. It will only ask to elevate permissions if there is update found and you choose to install it.
  • Improved Auto Update mechanism - Introduce Update frequency option. For SE, PE and EE TCM choices are Manual/Every Month/Every Week(default), for EE AM Manual/Every Month/Every Week(default)/Every Day/Every Hour

  • Added Offline License Activation option - launch it from Registration Window or use separate EXE version

  • Improved VS Debug windows (for the IDE version) and console (for the Cmd version) output - it now displays accurate numbers of issues found without excluded violations

  • Added option to "hard" exclude file/project. In the regular ("soft") exclude scenario, CodeIt.Right will still analyze the file/project and will show number of violations within the Excluded tab, not in the violations report. With "hard" exclude the file/project will be completely ignored during the analysis. Use "hard" excludes with caution - it is useful for CodeGen code that cannot be excluded using GeneratedCode attribute or regions but not recommended for regular source code as this may result in missed violations. 

  • Improved ASP.NET MVC support - now fully compatible with ASP.NET MVC 3 syntax

  • Improved Exclude file/project - these now store relative path instead of absolute - helps in a team environment when solution source folders differ on developer workstations

  • Tweaked UX and refreshed icons

  • Added Search tab in Help file

  • Added manifest to setup file - no more "The program did not install properly" messages on Windows 7

  • Note for Standard Edition users - we have added "Standard" edition name to all folder locations (Program Files, My Documents, etc) and registry keys

  • Changed Show Analysis Window to Show Violations Report and added Show Report toolbar button

  • Added new product edition - Personal Edition - includes all features of Standard Edition and Code Metrics from Enterprise Edition. Priced for personal use, one license max, nontransferable

  • Fixed Issues (.12075):
    • Command Line Tool doesn't work with ASP file [023-16F2242A-0102]
    • Inconsistent behavior with "Naming" rule category [0A0-16E3B265-0101]
    • Issue with partial types in Web Application - type violation should only trigger once on partial type [0A0-16E3B265-0101]
    • Issue navigating from violaitons report to source code for custom Naming rule violations [1AA-16F0C155-0102]
    • Some rules failed to trigger for varialbles that initilize at declaration [12D-16D5613B-0101]
    • Resolved parser issue with comments in ASP.NET above the @Page declaration [10E-16EA7A5D-0101]
    • Visual Studio crashing when Instant Review is On 
  • Build 2.0.12104:
    • Optimized performance and memory utilization for Instant Code Review
    • Fixed issues with VS crashing while in Debug mode
  • Build 2.0.12137:
    • Added support for syntax changes in C# 5.0 and VB 11 (VS11)
    • Custom rules can now target HTML Comments in ASP.NET files
    • Fixed Scope="expression" within GlobalSuppression.cs(.vb) files
  • Added StyleCop compliant correct option for the rule SourceFileShouldHaveHeader

  • Number of existing rule fixes