microsoft / DevSkim
Source Code Overview

Analysis scope, overview of main, test, generated, deployment, build, and other code.

Source Code Analysis Scope
Files includes and excluded from analyses
txt
razor
csproj
gitattributes
resx
xaml
vsixmanifest
el
props
vscodeignore
cmd
  • 22 extensions are included in analyses: cs, json, md, ts, yml, txt, js, razor, csproj, css, gitignore, gitattributes, svg, resx, xaml, vsixmanifest, py, html, el, props, vscodeignore, cmd
  • 7 criteria are used to exclude files from analysis:
    • exclude files with path like ".*/[.][a-zA-Z0-9_]+.*" (Hidden files and folders) (24 files).
    • exclude files with path like ".*[.]resx" (The resx resource files) (2 files).
    • exclude files with path like ".*/bin/.*" (Binaries for distribution) (2 files).
    • exclude files with path like ".*/git[-]history[.]txt" (Git history) (1 file).
    • exclude files with path like ".*/git[-][a-zA-Z0-9_]+[.]txt" (Git data exports for sokrates analyses) (0 files).
    • exclude files with path like ".*/sokrates_conventions[.]json" (Sokrates scoping conventions) (1 file).
    • exclude files with path like ".*[.]txt" (Text files) (11 files).
Overview of Analyzed Files
Basic stats on analyzed files
Intro
For analysis purposes we separate files in scope into several categories: main, test, generated, deployment and build, and other.

  • The main category contains all manually created source code files that are being used in the production.
  • Files in the main category are used as input for other analyses: logical decomposition, concerns, duplication, file size, unit size, and conditional complexity.
  • Test source code files are used only for testing of the product. These files are normally not deployed to production.
  • Build and deployment source code files are used to configure or support build and deployment process.
  • Generated source code files are automatically generated files that have not been manually changed after generation.
  • While a source code folder may contain a number of files, we are primarily interested in the source code files that are being written and maintained by developers.
  • Files containing binaries, documentation, or third-party libraries, for instance, are excluded from analysis. The exception are third-party libraries that have been changed by developers.

main11287 LOC (17%) 137 files
test1143 LOC (1%) 24 files
generated18262 LOC (28%) 4 files
build and deployment489 LOC (<1%) 6 files
other33059 LOC (51%) 136 files
Main Code
All manually created or maintained source code that defines logic of the product that is run in a production environment.
razor
xaml
el
vsixmanifest
props
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*".
  • 137 files match defined criteria (11,287 lines of code, 100.0% vs. main code):
    • 76 *.cs files (5,153 lines of code)
    • 28 *.ts files (3,952 lines of code)
    • 10 *.yml files (1,067 lines of code)
    • 9 *.razor files (553 lines of code)
    • 1 *.css files (147 lines of code)
    • 2 *.xaml files (112 lines of code)
    • 1 *.py files (96 lines of code)
    • 1 *.el files (76 lines of code)
    • 6 *.js files (65 lines of code)
    • 1 *.vsixmanifest files (29 lines of code)
    • 1 *.html files (28 lines of code)
    • 1 *.props files (9 lines of code)
  • " *.cs" is biggest, containing 45.65% of code.
  • " *.props" is smallest, containing 0.08% of code.


*.cs5153 LOC (45%) 76 files
*.ts3952 LOC (35%) 28 files
*.yml1067 LOC (9%) 10 files
*.razor553 LOC (4%) 9 files
*.css147 LOC (1%) 1 files
*.xaml112 LOC (<1%) 2 files
*.py96 LOC (<1%) 1 files
*.el76 LOC (<1%) 1 files
*.js65 LOC (<1%) 6 files
*.vsixmanifest29 LOC (<1%) 1 files
*.html28 LOC (<1%) 1 files
*.props9 LOC (<1%) 1 files
Test Code
Used only for testing of the product. Normally not deployed in a production environment.
csproj
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.][Tt]ests/.*".
    • files with paths like ".*[.][Tt]ests[.].*".
    • files with paths like ".*[.][Tt]est[.].*".
    • files with paths like ".*[.]test[.].*".
    • files with paths like ".*__tests__.*".
    • files with paths like ".*[.]spec[.]ts".
    • files with paths like ".*/__mocks?__/.*".
    • files with paths like ".*[-]test[-].*".
    • files with any line of content like ".*/simpletest/.*".
  • 24 files match defined criteria (1,143 lines of code, 10.1% vs. main code):
    • 8 *.cs files (692 lines of code)
    • 12 *.ts files (306 lines of code)
    • 3 *.csproj files (106 lines of code)
    • 1 *.yml files (39 lines of code)
  • " *.cs" is biggest, containing 60.54% of code.
  • " *.yml" is smallest, containing 3.41% of code.


*.cs692 LOC (60%) 8 files
*.ts306 LOC (26%) 12 files
*.csproj106 LOC (9%) 3 files
*.yml39 LOC (3%) 1 files
Generated Code
Automatically generated files, not manually changed after generation.
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]cs" AND any line of content like "[/][/][ ]*".
    • files with paths like ".*/package[-]lock[.]json".
  • 4 files match defined criteria (18,262 lines of code, 161.8% vs. main code):
    • 3 *.json files (18,199 lines of code)
    • 1 *.cs files (63 lines of code)
  • " *.json" is biggest, containing 99.66% of code.
  • " *.cs" is smallest, containing 0.34% of code.


*.json18199 LOC (99%) 3 files
*.cs63 LOC (<1%) 1 files
Build and Deployment Code
Source code used to configure or support build and deployment process.
csproj
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]git[a-z]+".
    • files with paths like ".*/[.]gitignore".
    • files with paths like ".*[.]csproj".
    • files with paths like ".*/[.]gitattributes".
    • files with paths like ".*/package[-]lock[.]json".
    • files with paths like ".*/package[.]json".
    • files with paths like ".*([.]|/)webpack([.]|/).*".
  • 6 files match defined criteria (489 lines of code, 4.3% vs. main code):
    • 4 *.csproj files (417 lines of code)
    • 2 *.js files (72 lines of code)
  • " *.csproj" is biggest, containing 85.28% of code.
  • " *.js" is smallest, containing 14.72% of code.


*.csproj417 LOC (85%) 4 files
*.js72 LOC (14%) 2 files
Other Code
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]json".
    • files with paths like ".*[.]md".
    • files with paths like ".*/[.]gitignore".
    • files with paths like ".*[.]txt".
    • files with paths like ".*/LICENSE[.][a-z0-9]+".
    • files with paths like ".*/README[.][a-z0-9]+".
    • files with paths like ".*[.]svg".
    • files with paths like ".*/[.]vscodeignore".
  • 136 files match defined criteria (33,059 lines of code, 292.9% vs. main code):
    • 68 *.json files (30,174 lines of code)
    • 2 *.svg files (2,022 lines of code)
    • 66 *.md files (863 lines of code)
  • " *.json" is biggest, containing 91.27% of code.
  • " *.md" is smallest, containing 2.61% of code.


*.json30174 LOC (91%) 68 files
*.svg2022 LOC (6%) 2 files
*.md863 LOC (2%) 66 files
Analyzers
Info about analyzers used for source code examinations.
  • *.cs files are analyzed with CSharpAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis (based on namespace heuristics)
  • *.ts files are analyzed with TypeScriptAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.yml files are analyzed with YamlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.razor files are analyzed with HtmlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.css files are analyzed with CssAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.xaml files are analyzed with XmlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.py files are analyzed with PythonAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.el files are analyzed with DefaultLanguageAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Basic code cleaning (empty lines removed for LOC calculations and duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.js files are analyzed with JavaScriptAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.vsixmanifest files are analyzed with XmlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.html files are analyzed with HtmlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.props files are analyzed with XmlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis

2022-01-30 13:49