When I scan my .net code with Fortify SCA I get disappointing results depending if I start the scanning from the subproject folder or the top main project folder (the main project of all the .net projects).
[.net main project folder]
[.net subproject folder 1]
[.net subproject folder 2]
Some source files are reported as issues with one scan approach and disappear completely in the other approach.
Have you also encountered this problem?
I'm using HPE Security Fortify SCA 17.20
Related
I made a new .NET Class Library solution if TFS, and added a bunch of preexisting classes that were developed for a windows forms application. Basically just dumped the old folder in. The forms app worked fine and the folders in bin were expectedly barren, apart from the exe and the required nuget references. The dll build however copies over libraries all the way from Microsoft.Win32.Primitives.dll, to System.Xml.XPath.XDocument.dll for no apparent reason. I have removed unused references with ReSharper and commented out unnecessary using statements. No difference whatsoever. I don't think it's a problem from the deployment perspective, it's just annoying to have so many files copied over each build. Could it be that the initial presence of Forms just poisoned the new project forever? Any help whatsoever would be much appreciated.
Prevent Visual studio 2017 from copying almost 100 unnecessary system
dlls to output folder for dll project
Please check if your VS2017 is very old and also check if the framework version of your project targets to 4.6 or 4.7.1.
If so, there is an known issue about this issue.
This is a .net standard 2.0/net 4.6/4.7.1 issue which was improved in 4.7.2. You can check this similar issue.
Suggestion
1) you should first update your VS2017 in case some updates fix it.
2) change the framework version of your project to net framework 4.7.2.(if you do not have net frameowork 4.7.2, you should install it in the VS Installer)
I've found out that over a course of several years, a lot of programs keep seemingly duplicate "project folders" in the Android Studio, why is that?
To elaborate a bit further, if you import their projects, and if you take a look at there folder structure, there is going to be something like this:
Java
|--com.myproject.spaceInvader
|--com.myproject.spaceInvader(test)
|--com.myproject.spaceInvader(alphaTest)
What are these? Something generated by 3rd party testing tools?
When you create a project in Android Studio, it has a standard structure:
From official documentation:
main
Contains the "main" sourceset files: the Android code and
resources shared by all build variants (files for other build variants
reside in sibling directories, such as src/debug/ for the debug build
type). AndroidManifest.xml Describes the nature of the application and
each of its components. For more information, see the
AndroidManifest.xml documentation. java/ Contains Java code sources.
test
Contains code for local tests that run on your host JVM.
androidTest
Contains code for instrumentation tests that run on an
Android device. For more information, see the Android Test
documentation.
How do I add unit or integration tests to and existing Android Studio project?
I've tried adding folders in Project View as well as creating tests through the context menu (right-click).
I can't get Android Studio to recognize the folder as test folders.
I've also tried:
How to get Android Studio to recognize file as source (test)
Unit testing in android studio
Create unit tests in android studio
I can't get Android Studio to recognize the folder as test folders.
Following below folder structure, you should be able to see all your test cases labeled as "test" when select your Project View as "Android"
|- src
\-- androidTest // for android instrumentation tests
\-- main // your source code
\-- test // for unit tests
Adding a test directory labeled 'androidTest' is only recognized as a test directory if you already have directory 'test' under your src/ directory.
This is as of Android 3.1.3.
I had a similar issue, my Android TV had no 'androidTest' nor 'Test' directories, and I wanted to add some unit tests to the project.
What I did was to create an new Android project from scratch (regular app, not for TV), and I copied the test directory from the new project into my existing project (mantaining the folder structure that #shizhen mentioned above).
Finally I renamed the package folder's names and I got the ExampleUnitTest to run and work ok. After that, I could begin writing unit tests on my Android TV project.
Hope it Helps! It's probably not the best solution, but it works
Although posted answers are pretty straight forward, you may also try this auto generation plugin. This will handle everything for you and more, it'll also try to auto write test cases.
Use Unit Test Architect
Although TDD should be the approach for writing tests, but there may be a lot of untested code already written many times in larger projects.
One day I got frustrated with writing test cases of existing, older codebase. Hence, I thought of auto generating all the unit test cases.
I have created an Open-source Gradle Plugin which can be used for the above task. It is already hosted on mavenCentral. I have used it to generate test cases for my projects. But it can be used in any gradle project, (android, java, kotlin, kotlin+java). It may be rough around the edges but it has done it's job well for me.
BuildScript Dependency:
classpath "io.github.orange-3:unit-test-architect:$PLUGIN_VERSION"
I am trying to contribute to my first open source project but after forking and cloning from the repo, all files are marked as an error.
Sample error
This is after selecting a source folder.
Current project source
Under package it says: package name does not correspond to filepath
... but I have this
misnamed packages?
Android studio isn't picking up those libraries.
IME there are 2 ways of importing these (I have only had success with the first):
1) copy the source parallel to your own (ie example.com)
2a) include the jar in a libs folder and tell AS to look out for it. (right click will typically provide a good option that I can't recall)
2b) because Android can struggle (ie I couldn't do it, though inroads may have been made since) with importing jars, you may need to use AAR's (android library packages, Android Archive Library (aar) vs standard jar)
However, because this is an open source project, this should all be handled auto-magically for you via the gradle scripts included in the distro.
Just wondering if there is a preference between sln or csproj files when building projects in TFS 2012. We typically build sln files in TFS to support our dev teams and that's usually the standard, but one team is asking why we can't build csproj files instead in TFS.
I noticed that to build a csproj file you have to provide arguments in the MSBuild Arguments field for a TFS build definition, and you do not have to provide these arguments when building a solution file. So other than this small detail I'm not sure what the pros and cons are between building an sln vs csproj.
Can someone please shed some light on the benefits, pros/cons of building a sln vs csproj in TFS, is there a common practice, a standard, or does it really matter?
Just wondering if there is a preference between sln or csproj files
when building projects in TFS 2012. We typically build sln files in
TFS to support our dev teams and that's usually the standard, but one
team is asking why we can't build csproj files instead in TFS.
Why do they want to do this? Is there some sort of advantage articulated in this inquiry?
I noticed that to build a csproj file you have to provide arguments in
the MSBuild Arguments field for a TFS build definition, and you do not
have to provide these arguments when building a solution file. So
other than this small detail I'm not sure what the pros and cons are
between building an sln vs csproj.
A .sln is a master project that is converted to an msbuild script at runtime and will use a metadata file using the same schema as the .csproj projects in your solution.
To see what I'm talking about, open a command prompt, type "SET MSBUILDEMITSOLUTION=1" then "msbuild.exe solution.sln", then parse the new "solution.metaproj" and "solution.metaproj.tmp" files.
Can someone please shed some light on the benefits, pros/cons of
building a sln vs csproj in TFS, is there a common practice, a
standard, or does it really matter?
A .csproj would be a single project while a .sln would be a collection of projects. Building a single .csproj would yield the output binaries of that project (along with dependencies) and building the entire solution would yield the outputs of the entire solution.
I had the same question. Build times may be a bit slower but I haven't tested this myself (probably a negliable difference). I believe that when you build using the solution file it will automatically set 'BuildInParallel' to true.
Faster Buidls with MSBuild
I am currently working on the TFS 2012 deployment build. Based on what I experience, you don't have to provide MSBuild Arguments unless it is really required.
Lets take the following example: You have a solution with 2 projects,
Soln
> Web Proj 1
> Console Proj 2
> Dependency Library Folder
case 1: building a sln
a. In source settings, you have to mention only your solution folder. The MSBuild will automatically take care of any dependencies as they are within the solution.
b. In Process -> Items to build, you have to mention your solution file.
c. For example, if your solution has a web project, then the MSBuild output will be as shown below,
\\<build server> \d$\Builds\<Build Name>\<Build File Name>_20141210.6\_PublishedWebsites\<web proj>
Case 2: building a csproj
a. In source settings, you have to mention only your csproject folder and also the dependency folder path separately.
b. In Process -> Items to build, you have to mention your csproject file.
If you are looking for something more specific, please let us know.