By default, PowerShell doesn't stop the script when an error occurs. Instead, it writes the error to the error stream and continues executing the script. You can change this behavior by setting the $ErrorActionPreference variable to Stop. When you do this, PowerShell stops the script when an error occurs. PowerShell has two different kinds of commands: cmdlets and native commands. For example,… [read more]

A security audit for package managers like NuGet is indeed a critical process for ensuring the security of software projects. NuGet has a feature to assist with this process. It can run a security audit with the dotnet restore command, which checks your dependencies against a list of known vulnerabilities from the GitHub Advisory Database. If vulnerabilities are found, you can update the affected packages… [read more]

Activator.CreateInstance(Type) allows you to create an instance of a type without knowing the type at compile time. For example, you might want to create an instance of a type based on a configuration file or a user input. Anytime you cannot use the new keyword you can use Activator.CreateInstance(Type). Most people expect this method to return a non-null object as you explicitly ask to create a new… [read more]

SARIF (Static Analysis Results Interchange Format) is an OASIS Standard that defines an output file format. The SARIF standard is used to streamline how static analysis tools share their results. SARIF is a JSON-based format that is easy to parse. Lots of tools support it, including Visual studio Code or Visual Studio. GitHub also supports this file format to report static analysis results. You can upload… [read more]

I think the default settings for the tree view in Visual Studio Code are not very good. The indentation is too small, and the indentation guides are not visible enough. Here's how to improve the tree view settings: Open the VS Code settings Add the following json content to the settings: { "workbench.tree.indent": 15, "workbench.tree.renderIndentGuides": "always", "workbench.colorCustomizations": {… [read more]

Some commands in PowerShell display progress bars. For instance, Invoke-WebRequest displays the download progression. These progress bars can slow down the execution of the commands as writing to the console takes time. If you don't need the progress bars, you can disable them to improve the performance of your scripts. Note that recent versions of PowerShell Core (7.x) have a better performance than… [read more]

Renovate is a tool that helps you to keep your dependencies up-to-date. You can configure Renovate using a configuration file at the root of the repository. In this post, I describe how to share the Renovate configuration across multiple projects. Developers don't like to maintain the same configuration in multiple repositories. It's error-prone and time-consuming. By sharing the configuration, you can… [read more]

We are in a transition period where x64 architectures are not the only architectures available. Apple has switched to ARM with the M1 chip, and Microsoft is also pushing for ARM now. If you want to run your application on ARM64 and x64 architectures, you need to create a Docker image for each architecture. Docker supports multi-arch images, which allow you to create a single image that can run on multiple… [read more]

When you write a Roslyn analyzer, you should also write tests for it. The Roslyn SDK provides a set of NuGet packages that you can use to test your analyzers. In this post, I describe how to test a Roslyn analyzer using the Roslyn SDK NuGet packages. First, Roslyn SDK NuGet packages are not available on NuGet.org. You need to add the following package source to your project file:… [read more]

This post contains a collection of samples for writing Roslyn analyzers. It's a living document that I will update over time. Find an IMethodSymbol from a compilation var type = compilation.GetTypeByMetadataName("System.Threading.Tasks.Task") var methods = type.GetMembers("GetAwaiter").OfType<IMethodSymbol>(); If you want a specific method when there are multiple overloads, you can use the… [read more]