Skip to content

Merge BugFixes to Master #137

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
May 11, 2015
Merged

Merge BugFixes to Master #137

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
23cbc5b
Added script to build module
GoodOlClint May 7, 2015
1a14613
Check for VS Build tools
GoodOlClint May 7, 2015
2db0200
Specify build configuration and logging
GoodOlClint May 7, 2015
6a8fbe8
Corrected visual studio version name
GoodOlClint May 7, 2015
7b968a7
Merge pull request #114 from GoodOlClint/buildcmd
raghushantha May 11, 2015
2d91cdb
Modify DSC rule severity
yutingc May 11, 2015
9cea2a8
Merge pull request #135 from PowerShell/dscServer
yutingc May 11, 2015
6c388d1
Add rule documentation for AvoidUsingCovertToSecureString
yutingc May 11, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions RuleDocumentation/AvoidUsingConvertToSecureStringWithPlainTextNoViolations.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
#AvoidUsingConvertToSecureStringWithPlainTextNoViolations
**Severity Level: Error**


##Description

Information in the script should be protected properly. Using ConvertTo-SecureString with plain text will expose secure information.

##How to Fix

To fix a violation of this rule, please use a standard encrypted variable to do the conversion.

##Example

Wrong:

```
$notsecure = convertto-securestring "abc" -asplaintext -force

New-Object System.Management.Automation.PSCredential -ArgumentList "username", (ConvertTo-SecureString "notsecure" -AsPlainText -Force)

```

Correct:

```
$secure = read-host -assecurestring
$encrypted = convertfrom-securestring -securestring $secure
convertto-securestring -string $encrypted
```
4 changes: 2 additions & 2 deletions Rules/UseIdenticalMandatoryParametersDSC.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName
{
List<string> functionsNotContainingParam = expectedTargetResourceFunctionNames.Except(mandatoryParameters[paramName]).ToList();
yield return new DiagnosticRecord(string.Format(CultureInfo.InvariantCulture, Strings.UseIdenticalMandatoryParametersDSCError, paramName, string.Join(", ", functionsNotContainingParam.ToArray())),
ast.Extent, GetName(), DiagnosticSeverity.Information, fileName);
ast.Extent, GetName(), DiagnosticSeverity.Error, fileName);
}

}
Expand Down Expand Up @@ -159,7 +159,7 @@ public SourceType GetSourceType()
/// <returns></returns>
public RuleSeverity GetSeverity()
{
return RuleSeverity.Information;
return RuleSeverity.Error;
}

/// <summary>
Expand Down
4 changes: 2 additions & 2 deletions Rules/UseIdenticalParametersDSC.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName
|| !CompareParamAsts(paramAst, paramNames[paramAst.Name.VariablePath.UserPath]))
{
yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseIdenticalParametersDSCError),
paramAst.Extent, GetName(), DiagnosticSeverity.Information, fileName);
paramAst.Extent, GetName(), DiagnosticSeverity.Error, fileName);
}
}
}
Expand Down Expand Up @@ -166,7 +166,7 @@ public SourceType GetSourceType()
/// <returns></returns>
public RuleSeverity GetSeverity()
{
return RuleSeverity.Warning;
return RuleSeverity.Error;
}

/// <summary>
Expand Down
4 changes: 2 additions & 2 deletions Rules/UseStandardDSCFunctionsInResource.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ public IEnumerable<DiagnosticRecord> AnalyzeDSCResource(Ast ast, string fileName
if (!targetResourceFunctionNamesInAst.Contains(expectedTargetResourceFunctionName, StringComparer.CurrentCultureIgnoreCase))
{
yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseStandardDSCFunctionsInResourceError, expectedTargetResourceFunctionName),
ast.Extent, GetName(), DiagnosticSeverity.Information, fileName);
ast.Extent, GetName(), DiagnosticSeverity.Error, fileName);
}
}
}
Expand Down Expand Up @@ -85,7 +85,7 @@ item is TypeDefinitionAst
if (!functions.Any(function => String.Equals(resourceFunctionName, (function as FunctionMemberAst).Name)))
{
yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.UseStandardDSCFunctionsInClassError, resourceFunctionName),
dscClass.Extent, GetName(), DiagnosticSeverity.Information, fileName);
dscClass.Extent, GetName(), DiagnosticSeverity.Error, fileName);
}
}
}
Expand Down
15 changes: 15 additions & 0 deletions build.cmd
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
@echo off
setlocal
if "%VS120COMNTOOLS%"=="" GOTO NOTOOLS
call "%VS120COMNTOOLS%\VsDevCmd.bat"
msbuild .\PSScriptAnalyzer.sln /p:Configuration=Debug /l:FileLogger,Microsoft.Build.Engine;logfile=PSScriptAnalyzer_Build.log;append=true
if NOT [%ERRORLEVEL%]==[0] pause

GOTO END

:NOTOOLS
echo The Visual Studio 2013 tools are not installed
pause

:END
endlocal