SharePoint Code Analysis Framework BETA released!

Matthias Einig recently published the SharePoint Code Analysis Framework (SPCAF).

Get it here as BETA.

The SharePoint Code Analysis Framework (SPCAF)  provides tools to analyze SharePoint code. This includes

• SharePoint solutions (.wsp) for SharePoint 2007 / 2010 / 2013
• SharePoint 2013 apps

SPCAF cannot only analyze assemblies like other tools as FxCop or SPDisposeCheck. It can also analyze all the XML code in SharePoint packages like Features, ContentTypes, ListTemplates and all the other files like controls (.ascx), pages (.aspx) and master pages (.master) etc.

SPCAF can be used directly in Visual Studio 2012 or 2010 to analyze SharePoint projects. It also provides a client application to analyze existing WSP packages, can be integrated into a Team Build via a custom build activity, it can be run on command line or as MSBuild task during each local build.

Use SPCAF directly in Visual Studio

Get Errors and Warnings and open the files directly in VS

Visualize Dependencies

Use the client application to analyze existing WSPs or APPs

Highlights

• Contains ~300 rules to validate SharePoint code for correctness, solution design, best practices etc..
• Creates dependency diagrams in DGML to visualize dependencies within SharePoint code
• Can be seamlessly integrated into your development process
• Provides a client application to analyze WSP and APP files.
• Can also be run during a Team Build (supports TFS 2010 and TFS 2012)
• Can be extended with custom rules or custom metrics

Sample analysis results

• Rules reports shows errors and warnings Open sample report
• Dependency diagram visualizes package dependencies Open sample report
• Inventory reports lists all contents of the packages Open sample report
• Metric reports shows complexity and amount of elements in the code Open sample report

Who should use it?

• SharePoint Architects can ensure proper application design and detect violations against best practices
• SharePoint Developers can ensure that their code is correct and that errors in XML code can be found early directly in Visual Studio and not only after deployment to SharePoint.
• SharePoint Quality Assurance can ensure that WSP packages are developed according to the best practices and the e.g. Customization Policies are not violated.
• IT Pros can ensure that the WSP files does not contain “dangerous” code and that they can install the packages without fear. The inventory reports gives a detailed overview about the contents in the packages and is a good documentation of the code.

Comments

• Anonymous
  April 15, 2013
  Hi Torsten, this really looks incredible and I can't wait to test it in my current project. Will the toolset be available as open source or are you going to build a commercial product?

• Anonymous
  April 21, 2013
  Hi Dirk, parts of SPCAF (primarily the SPCop engine) will remain free but not OpenSource. A commercial version including support, updates etc. could be a future evolution step of SPCAF. If you have further questions, please contact us directly via feedback at spcaf dot com BR Matthias

• Anonymous
  June 27, 2013
  Hi Dirk Is SPCAF also support on client object model code? I did not find anything on client object model. Please share your thoughts on this. Regards Avian

• Anonymous
  June 27, 2013
  I am trying to install on my Win7 -32 bit laptop, but I am getting following error, it seems it only support on 64 bit machine. Please confirm. "This installation package is not supported by this processor type". Ani