Add rule for tracking all the conventional comments in code like FIXME, TODO, HACK

[IVNSTN]

Summary of the new feature

I'd like to see notifications/warnings/info messages about conventional comments detected in code, e.g.

# FIXME : something that does not work properly in some conditions
# TODO - unfinished work
# HACK bad place, dirty trick

Also we export code analysis results to SonarQube and since there is no such rule, I cant see all the technical debt mentioned in the whole codebase.

Proposed technical implementation details (optional)

A rule needs to be created. TODO comments should have info/hint status, FIXME and others may have warning status.

Here is what I see in SonarQube for C# repo

I'd like to have the same information for Powershell repo.

Related links

• CWE Suspicious comments
• Docs on sonar scanner for .net rules: fixme, todo

What is the latest version of PSScriptAnalyzer at the point of writing

1.23.0

[HeyItsGilbert]

What level would it make sense to make this alert? I feel like Warning might be too high. Been working on something similar for my team since we use TODO Tree to highlight these in vscode.

@SydneyhSmith does the up-for-grabs tag indicate that you're open to contributors?

[bergmeister]

I'd actually say, that this sort of things is better for Editors and its extensions to handle. There is already a lot out there: https://medium.com/@EclecticCoder/manage-todo-list-in-vscode-beb53774d776

[IVNSTN]

Thank you for your suggestions, but I'm afraid this topic is about static code analysis and codebase management, code-smell detection, source code metrics. Not about primitive personal task management or getting-things-done-handy-tools.

[HeyItsGilbert]

This could easily be a custom script analyzer rule. I'm not necessarily sold that it should be an out of the box rule. If it was, I wouldn't want it to be enabled by default (I have a lot of TODO's lol). By if your group/org/etc. wants to warn on these, it's doable.

This is the regex I use to detect these kinds of things with the "ToDo Tree" VSCode extension:

((\/\/|#|<!--|;|\*|^)((\s+(!|\?|\*|\-))?(\s+\[ \])?|(\s+(!|\?|\*)\s+\[.\])?)\s*(fix|todo|bug|mark|\[.\])\s*\:?)

For each AST passing through the custom rule you would just inspect the Extent for anything that matches that regex.

[HeyItsGilbert]

I decided to give it a shot. I created Measure-TODOComment rule in a new module where I'm gonna toss these custom rules I decide to throw together.

In a future version I'd like to make the types configurable. Maybe folks will care only about FIX or TODO, etc.

https://github.com/HeyItsGilbert/GoodEnoughRules