This list does not apply for tests and examples.
PSSA rules may be suppressed for tests and examples on a case-by-case basis.
All DSC Resources must pass these rules.
They are not allowed to be suppressed.
| Rule Name | PSSA Type | Why Error? |
|---|---|---|
| PSAvoidDefaultValueForMandatoryParameter | Warning | This indicates an incorrect use of PowerShell. Default mandatory parameters will be overwritten by the user. |
| PSAvoidDefaultValueSwitchParameter | Warning | This indicates an incorrect use of PowerShell. Switch parameters should always default to 'not provided'. |
| PSAvoidInvokingEmptyMembers | Warning | Extra empty members can make code confusing and messy. |
| PSAvoidNullOrEmptyHelpMessageAttribute | Warning | This indicates an incorrect use of PowerShell. The HelpMessage attribute should not be provided if it is null or empty. |
| PSAvoidUsingCmdletAliases | Warning | Alias's may change hence the presence of an alias makes code potentially unstable. The base cmdlet should be used instead. |
| PSAvoidUsingComputerNameHardcoded | Error | Harcoding the computer name reveals sensitive system information. In addition, DSC Resources should be able to run on computers with any name. |
| PSAvoidUsingDeprecatedManifestFields | Warning | All manifests should stay updated with the correct manifest fields. |
| PSAvoidUsingEmptyCatchBlock | Warning | This indicates an incorrect use of PowerShell. Catch blocks should not be provided if empty. |
| PSAvoidUsingInvokeExpression | Warning | Invoke-Expression is vulnerable to string injection. |
| PSAvoidUsingPositionalParameters | Info | Named parameters should be used instead. |
| PSAvoidShouldContinueWithoutForce | Warning | If ShouldContinue is used, it should be used correctly with the Force parameter. |
| PSAvoidUsingWMICmdlet | Warning | The author should use CIM cmdlets instead to comply with WSMan standards. |
| PSAvoidUsingWriteHost | Warning | Write-Verbose should be used instead. |
| PSDSCReturnCorrectTypesForDSCFunctions | Info | Required for the resource to work. |
| PSDSCStandardDSCFunctionsInResource | Error | Required for the resource to work. |
| PSDSCUseIdenticalMandatoryParametersForDSC | Error | Required for the resource to work. |
| PSDSCUseIdenticalParametersForDSC | Error | Required for the resource to work. |
| PSMisleadingBacktick | Warning | Extra backticks are not neccessary and indicate that the code is not clean. |
| PSMissingModuleManifestField | Warning | All manifests should stay updated with the correct manifest fields. |
| PSPossibleIncorrectComparisonWithNull | Warning | $null should always be on the left side of comparisons in PowerShell in case the item you are comparing $null against is an array, may be an array in the future, or turns into an array due to an error. |
| PSProvideCommentHelp | Info | All exported functions should be documented with comment help. |
| PSReservedCmdletChar | Warning | This indicates that the code won't run. |
| PSReservedParams | Warning | Reserved params are reserved. Don't redefine them. |
| PSUseApprovedVerbs | Warning | Authors must follow PowerShell best practices by using only approved verbs. |
| PSUseCmdletCorrectly | Warning | This indicates that the author did not provide parameters required for a cmdlet. |
| PSUseOutputTypeCorrectly | Info | This ensures that all functions always return the correct types. |
DSC Resources should pass these rules, but there are cases where these rules are allowed to be suppressed.
| Rule Name | PSSA Type | Cases Where Rule Supression Approved |
|---|---|---|
| PSAvoidGlobalVars | Warning |
|
| PSAvoidUsingConvertToSecureStringWithPlainText | Error |
|
| PSAvoidUsingPlainTextForPassword | Warning |
|
| PSAvoidUsingUsernameAndPasswordParams | Error |
|
| PSDSCUseVerboseMessageInDSCResource | Info |
|
| PSShouldProcess | Warning |
|
| PSUseDeclaredVarsMoreThanAssigments | Warning |
|
| PSUsePSCredentialType | Warning |
|
These rules will not be run on DSC resources and can be ignored. They do not need to be suppressed.
| Rule Name | PSSA Type | Why Ignored? |
|---|---|---|
| PSDSCDscExamplesPresent | Info | High quality resources must have examples, but this rule doesn't correctly test this. |
| PSDSCDscTestsPresent | Info | High quality resources must have tests, but this rule doesn't correctly test this. |
| PSUseBOMForUnicodeEncodedFile | Warning | There is already a test in place to ensure that all files except the mofs are not in Unicode. The mofs must be in ASCII. |
| PSUseShouldProcessForStateChangingFunctions | Warning | This will trigger for Set-TargetResource which actually should not have ShouldProcess in this case. DSC Resources need to be able to run remotely without user confirmation or overrides. |
| PSUseSingularNouns | Warning | Fixing this rule can make function names inaccurate and usually does not result in improved code. |
| PSUseToExportFieldsInManifest | Warning | We currently approve of using '*' for these fields in the module manifests since the exported members are often in flux due to the open source nature of the Resource Kit. |
| PSUseUTF8EncodingForHelpFile | Warning | DSC Resources do not have help files. |