Merge branch 'main' into avoid-new-object

Author: bergmeister

.github/CODEOWNERS

@@ -1,6 +1,6 @@
 # Default owners
-* @andyleejordan @bergmeister
+* @PowerShell/extension @bergmeister
 
 # Version bumps and documentation updates
 Directory.Build.props @sdwheeler @michaeltlombardi
-/docs/ @sdwheeler @michaeltlombardi
+/docs/ @PowerShell/extension @sdwheeler @michaeltlombardi

Directory.Packages.props

@@ -6,11 +6,11 @@
     <PackageVersion Include="Microsoft.PowerShell.5.ReferenceAssemblies" Version="1.1.0" />
     <PackageVersion Include="Microsoft.Win32.Registry" Version="5.0.0" />
     <!--  The version of Newtonsoft.Json needs to be newer than the version in the oldest supported version of PowerShell 7: https://github.com/PowerShell/PowerShell/blob/v7.2.17/src/System.Management.Automation/System.Management.Automation.csproj#L15 -->
-    <PackageVersion Include="Newtonsoft.Json" Version="13.0.3" />
+    <PackageVersion Include="Newtonsoft.Json" Version="13.0.4" />
     <PackageVersion Include="Pluralize.NET" Version="1.0.2" />
     <PackageVersion Include="PowerShellStandard.Library" Version="5.1.1" />
     <!-- Please update minimumPowerShellCoreVersion in PSScriptAnalyzer.psm1 when updating below SMA version for better user-facing error message -->
-    <PackageVersion Include="System.Management.Automation" Version="7.4.7" />
+    <PackageVersion Include="System.Management.Automation" Version="7.4.13" />
     <PackageVersion Include="System.Reflection.TypeExtensions" Version="4.7.0" />
   </ItemGroup>
 </Project>

Engine/CommandInfoCache.cs

@@ -80,23 +80,43 @@ public CommandInfo GetCommandInfo(string commandName, CommandTypes? commandTypes
         /// <returns>Returns null if command does not exists</returns>
         private CommandInfo GetCommandInfoInternal(string cmdName, CommandTypes? commandType)
         {
+            string moduleName = null;
+            string actualCmdName = cmdName;
+
+            // Check if cmdName is in the format "moduleName\CmdletName" (exactly one backslash)
+            int backslashIndex = cmdName.IndexOf('\\');
+            if (
+                backslashIndex > 0 &&
+                backslashIndex == cmdName.LastIndexOf('\\') &&
+                backslashIndex != cmdName.Length - 1 &&
+                backslashIndex != 0
+            )
+            {
+                moduleName = cmdName.Substring(0, backslashIndex);
+                actualCmdName = cmdName.Substring(backslashIndex + 1);
+            }
             // 'Get-Command ?' would return % for example due to PowerShell interpreting is a single-character-wildcard search and not just the ? alias.
             // For more details see https://github.com/PowerShell/PowerShell/issues/9308
-            cmdName = WildcardPattern.Escape(cmdName);
+            actualCmdName = WildcardPattern.Escape(actualCmdName);
 
             using (var ps = System.Management.Automation.PowerShell.Create())
             {
                 ps.RunspacePool = _runspacePool;
 
                 ps.AddCommand("Get-Command")
-                    .AddParameter("Name", cmdName)
+                    .AddParameter("Name", actualCmdName)
                     .AddParameter("ErrorAction", "SilentlyContinue");
 
                 if (commandType != null)
                 {
                     ps.AddParameter("CommandType", commandType);
                 }
 
+                if (!string.IsNullOrEmpty(moduleName))
+                {
+                    ps.AddParameter("Module", moduleName);
+                }
+
                 return ps.Invoke<CommandInfo>()
                     .FirstOrDefault();
             }

Engine/Helper.cs

@@ -761,8 +761,15 @@ public IScriptExtent GetScriptExtentForFunctionName(FunctionDefinitionAst functi
                 token =>
                 ContainsExtent(functionDefinitionAst.Extent, token.Extent)
                 && token.Text.Equals(functionDefinitionAst.Name));
-            var funcNameToken = funcNameTokens.FirstOrDefault();
-            return funcNameToken == null ? null : funcNameToken.Extent;
+
+            // If the functions name is 'function' then the first token in the
+            // list is the function keyword itself, so we need to skip it
+            if (functionDefinitionAst.Name.Equals("function", StringComparison.OrdinalIgnoreCase))
+            {
+                var funcNameToken = funcNameTokens.Skip(1).FirstOrDefault() ?? funcNameTokens.FirstOrDefault();
+                return funcNameToken?.Extent;
+            }
+            return funcNameTokens.FirstOrDefault()?.Extent;
         }
 
         /// <summary>

Engine/PSScriptAnalyzer.psm1

@@ -9,7 +9,7 @@ $PSModuleRoot = $PSModule.ModuleBase
 
 # Import the appropriate nested binary module based on the current PowerShell version
 $binaryModuleRoot = $PSModuleRoot
-[Version] $minimumPowerShellCoreVersion = '7.4.7'
+[Version] $minimumPowerShellCoreVersion = '7.4.13'
 if ($PSVersionTable.PSVersion.Major -ge 6) {
     $binaryModuleRoot = Join-Path -Path $PSModuleRoot -ChildPath "PSv$($PSVersionTable.PSVersion.Major)"
     # Minimum PowerShell Core version given by PowerShell Core support itself and

Rules/AvoidDefaultValueForMandatoryParameter.cs

@@ -3,6 +3,7 @@
 
 using System;
 using System.Collections.Generic;
+using System.Linq;
 using System.Management.Automation.Language;
 #if !CORECLR
 using System.ComponentModel.Composition;
@@ -27,59 +28,73 @@ public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
         {
             if (ast == null) throw new ArgumentNullException(Strings.NullAstErrorMessage);
 
-            // Finds all functionAst
-            IEnumerable<Ast> functionAsts = ast.FindAll(testAst => testAst is FunctionDefinitionAst, true);
-
-            foreach (FunctionDefinitionAst funcAst in functionAsts)
+            // Find all ParameterAst which are children of a ParamBlockAst. This
+            // doesn't pick up where they appear as children of a
+            // FunctionDefinitionAst. i.e.
+            //
+            // function foo ($a,$b){} -> $a and $b are `ParameterAst`
+            //
+            // Include only parameters which have a default value (as without
+            // one this rule would never alert)
+            // Include only parameters where ALL parameter attributes have the
+            // mandatory named argument set to true (implicitly or explicitly)
+
+            var mandatoryParametersWithDefaultValues =
+                ast.FindAll(testAst => testAst is ParamBlockAst, true)
+                    .Cast<ParamBlockAst>()
+                    .Where(pb => pb.Parameters?.Count > 0)
+                    .SelectMany(pb => pb.Parameters)
+                    .Where(paramAst =>
+                        paramAst.DefaultValue != null &&
+                        HasMandatoryInAllParameterAttributes(paramAst)
+                    );
+
+            // Report diagnostics for each parameter that violates the rule
+            foreach (var parameter in mandatoryParametersWithDefaultValues)
             {
-                if (funcAst.Body != null && funcAst.Body.ParamBlock != null
-                    && funcAst.Body.ParamBlock.Attributes != null && funcAst.Body.ParamBlock.Parameters != null)
-                {
-                    foreach (var paramAst in funcAst.Body.ParamBlock.Parameters)
-                    {
-                        bool mandatory = false;
-
-                        // check that param is mandatory
-                        foreach (var paramAstAttribute in paramAst.Attributes)
-                        {
-                            if (paramAstAttribute is AttributeAst)
-                            {
-                                var namedArguments = (paramAstAttribute as AttributeAst).NamedArguments;
-                                if (namedArguments != null)
-                                {
-                                    foreach (NamedAttributeArgumentAst namedArgument in namedArguments)
-                                    {
-                                        if (String.Equals(namedArgument.ArgumentName, "mandatory", StringComparison.OrdinalIgnoreCase))
-                                        {
-                                            // 3 cases: [Parameter(Mandatory)], [Parameter(Mandatory=$true)] and [Parameter(Mandatory=value)] where value is not equal to 0.
-                                            if (namedArgument.ExpressionOmitted
-                                                || (String.Equals(namedArgument.Argument.Extent.Text, "$true", StringComparison.OrdinalIgnoreCase))
-                                                || (int.TryParse(namedArgument.Argument.Extent.Text, out int mandatoryValue) && mandatoryValue != 0))
-                                            {
-                                                mandatory = true;
-                                                break;
-                                            }
-                                        }
-                                    }
-                                }
-                            }
-                        }
-
-                        if (!mandatory)
-                        {
-                            break;
-                        }
-
-                        if (paramAst.DefaultValue != null)
-                        {
-                            yield return new DiagnosticRecord(string.Format(CultureInfo.CurrentCulture, Strings.AvoidDefaultValueForMandatoryParameterError, paramAst.Name.VariablePath.UserPath),
-                            paramAst.Name.Extent, GetName(), DiagnosticSeverity.Warning, fileName, paramAst.Name.VariablePath.UserPath);
-                        }
-                    }
-                }
+                yield return new DiagnosticRecord(
+                        string.Format(
+                            CultureInfo.CurrentCulture,
+                            Strings.AvoidDefaultValueForMandatoryParameterError,
+                            parameter.Name.VariablePath.UserPath
+                        ),
+                        parameter.Name.Extent,
+                        GetName(),
+                        DiagnosticSeverity.Warning,
+                        fileName,
+                        parameter.Name.VariablePath.UserPath
+                    );
             }
         }
 
+        /// <summary>
+        /// Determines if a parameter is mandatory in all of its Parameter attributes.
+        /// A parameter may have multiple [Parameter] attributes for different parameter sets.
+        /// This method returns true only if ALL [Parameter] attributes have Mandatory=true.
+        /// </summary>
+        /// <param name="paramAst">The parameter AST to examine</param>
+        /// <param name="comparer">String comparer for case-insensitive attribute name matching</param>
+        /// <returns>
+        /// True if the parameter has at least one [Parameter] attribute and ALL of them 
+        /// have the Mandatory named argument set to true (explicitly or implicitly).
+        /// False if the parameter has no [Parameter] attributes or if any [Parameter] 
+        /// attribute does not have Mandatory=true.
+        /// </returns>
+        private static bool HasMandatoryInAllParameterAttributes(ParameterAst paramAst)
+        {
+            var parameterAttributes = paramAst.Attributes.OfType<AttributeAst>()
+                .Where(attr => string.Equals(attr.TypeName?.Name, "parameter", StringComparison.OrdinalIgnoreCase));
+
+            return parameterAttributes.Any() &&
+                parameterAttributes.All(attr =>
+                    attr.NamedArguments.OfType<NamedAttributeArgumentAst>()
+                    .Any(namedArg =>
+                        string.Equals(namedArg.ArgumentName, "mandatory", StringComparison.OrdinalIgnoreCase) &&
+                        Helper.Instance.GetNamedArgumentAttributeValue(namedArg)
+                    )
+                );
+        }
+
         /// <summary>
         /// GetName: Retrieves the name of this rule.
         /// </summary>
@@ -134,6 +149,3 @@ public string GetSourceName()
     }
 }
 
-
-
-

Rules/AvoidReservedWordsAsFunctionNames.cs

@@ -0,0 +1,103 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Microsoft.Windows.PowerShell.ScriptAnalyzer.Generic;
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Management.Automation.Language;
+using System.Linq;
+
+#if !CORECLR
+using System.ComponentModel.Composition;
+#endif
+
+namespace Microsoft.Windows.PowerShell.ScriptAnalyzer.BuiltinRules
+{
+#if !CORECLR
+    [Export(typeof(IScriptRule))]
+#endif
+
+    /// <summary>
+    /// Rule that warns when reserved words are used as function names
+    /// </summary>
+    public class AvoidReservedWordsAsFunctionNames : IScriptRule
+    {
+
+        // The list of PowerShell reserved words.
+        // https://learn.microsoft.com/en-gb/powershell/module/microsoft.powershell.core/about/about_reserved_words
+        // 
+        // The Below are omitted as they don't pose an issue being a function
+        // name:
+        // assembly, base, command, hidden, in, inlinescript, interface, module,
+        // namespace, private, public, static
+        static readonly HashSet<string> reservedWords = new HashSet<string>(
+            new[] {
+                "begin", "break", "catch", "class", "configuration",
+                "continue", "data", "define", "do",
+                "dynamicparam", "else", "elseif", "end",
+                "enum", "exit", "filter", "finally",
+                "for", "foreach", "from", "function",
+                "if", "parallel", "param", "process",
+                "return", "sequence", "switch",
+                "throw", "trap", "try", "type",
+                "until", "using","var", "while", "workflow"
+            },
+            StringComparer.OrdinalIgnoreCase
+        );
+
+        /// <summary>
+        /// Analyzes the PowerShell AST for uses of reserved words as function names.
+        /// </summary>
+        /// <param name="ast">The PowerShell Abstract Syntax Tree to analyze.</param>
+        /// <param name="fileName">The name of the file being analyzed (for diagnostic reporting).</param>
+        /// <returns>A collection of diagnostic records for each violation.</returns>
+        public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
+        {
+            if (ast == null)
+            {
+                throw new ArgumentNullException(Strings.NullAstErrorMessage);
+            }
+
+            // Find all FunctionDefinitionAst in the Ast
+            var functionDefinitions = ast.FindAll(
+                astNode => astNode is FunctionDefinitionAst,
+                true
+            ).Cast<FunctionDefinitionAst>();
+
+            foreach (var function in functionDefinitions)
+            {
+                string functionName = Helper.Instance.FunctionNameWithoutScope(function.Name);
+                if (reservedWords.Contains(functionName))
+                {
+                    yield return new DiagnosticRecord(
+                        string.Format(
+                            CultureInfo.CurrentCulture,
+                            Strings.AvoidReservedWordsAsFunctionNamesError,
+                            functionName),
+                        Helper.Instance.GetScriptExtentForFunctionName(function) ?? function.Extent,
+                        GetName(),
+                        DiagnosticSeverity.Warning,
+                        fileName
+                    );
+                }
+            }
+        }
+
+        public string GetCommonName() => Strings.AvoidReservedWordsAsFunctionNamesCommonName;
+
+        public string GetDescription() => Strings.AvoidReservedWordsAsFunctionNamesDescription;
+
+        public string GetName() => string.Format(
+                CultureInfo.CurrentCulture,
+                Strings.NameSpaceFormat,
+                GetSourceName(),
+                Strings.AvoidReservedWordsAsFunctionNamesName);
+
+        public RuleSeverity GetSeverity() => RuleSeverity.Warning;
+
+        public string GetSourceName() => Strings.SourceName;
+
+        public SourceType GetSourceType() => SourceType.Builtin;
+    }
+}

Rules/Strings.resx

@@ -1236,4 +1236,16 @@
   <data name="AvoidUsingAllowUnencryptedAuthenticationName" xml:space="preserve">
     <value>AvoidUsingAllowUnencryptedAuthentication</value>
   </data>
+  <data name="AvoidReservedWordsAsFunctionNamesCommonName" xml:space="preserve">
+    <value>Avoid reserved words as function names</value>
+  </data>
+  <data name="AvoidReservedWordsAsFunctionNamesDescription" xml:space="preserve">
+    <value>Avoid using reserved words as function names. Using reserved words as function names can cause errors or unexpected behavior in scripts.</value>
+  </data>
+  <data name="AvoidReservedWordsAsFunctionNamesName" xml:space="preserve">
+    <value>AvoidReservedWordsAsFunctionNames</value>
+  </data>
+  <data name="AvoidReservedWordsAsFunctionNamesError" xml:space="preserve">
+    <value>The reserved word '{0}' was used as a function name. This should be avoided.</value>
+  </data>
 </root>

Tests/Engine/GetScriptAnalyzerRule.tests.ps1

@@ -63,7 +63,7 @@ Describe "Test Name parameters" {
 
         It "get Rules with no parameters supplied" {
             $defaultRules = Get-ScriptAnalyzerRule
-            $expectedNumRules = 70
+            $expectedNumRules = 71
             if ($PSVersionTable.PSVersion.Major -le 4)
             {
                 # for PSv3 PSAvoidGlobalAliases is not shipped because