Static analysis
Static analysis is the process of evaluating code without executing it. PSScriptAnalyzer
uses static analysis.
In PowerShell, static analysis most often makes use of an Abstract Syntax Tree (AST): a tree-like representation of a piece of code. In PowerShell, an element of a script is represented by a node in the syntax tree. AST was introduced with PowerShell 3.
The largest elements represent the script itself, the root of the tree in effect. Each element added to the script is represented by a child node. For example, the parameter block is described by a ParamBlockAst
object, an individual parameter by a ParameterAst
, and so on.
Evaluating elements of the AST is the basis for many of the rules implemented in PSScriptAnalyzer
.
PSScriptAnalyzer
The PSScriptAnalyzer
module is used to run a series of rules against a file or string containing a script. You can install the tool can using the following code:
Install-Module PSScriptAnalyzer...