IT:AD:FXCop
- See also:
Summary
FXCop iswas a free standalone static analysis tool that checks .NET managed assemblies that has since been folded into Visual Studio.
It .NET managed code assemblies for conformance to Microsoft's .NET Framework Design Guidelines.
It inspect assemblies for more than 200 different possible violations in the following areas: * COM (Interoperability) * Design= * Globalization * Naming (types, members, parameters, namespaces, assemblies naming). * Performance – rules that detect elements in your assemblies that will degrade performance. * Security – although CA2010 does look for SQL Injections, the checks are to be taken as only a starting point:
- https://msdn.microsoft.com/en-us/library/ms182296(v=vs.80).aspx
* Usage * Maintainability * Portability * Reliability (memory/thread usage).
Alternatives
IT:AD:Micrsoft Code Analysis Tool (CAT.NET) was an option – but's it's no longer maintained.
Same for IT:AD:Gendarme.
IT:AD:CodeIt.Right offers a commercial engine that appears to offer the same functionality (meet MS Guidelines) and more.
Security
FXCop was originally focused more on meeting development standards and guidelines than security 1).
That said, it some work looking for SQL Injection.