Context
PR #294 added PSScriptAnalyzer scanning. The first CI run found 9 warnings across 4 scripts. These are code quality warnings, not security issues.
Findings
| Rule |
Severity |
Script |
Description |
PSUseDeclaredVarsMoreThanAssignments |
Warning |
scripts/ui-chat-api-identity/setup-agent-identity.ps1 |
Variable declared but only assigned, not used elsewhere |
PSUseDeclaredVarsMoreThanAssignments |
Warning |
scripts/reporting-api-identity/setup-agent-identity.ps1 |
Same |
PSUseDeclaredVarsMoreThanAssignments |
Warning |
cosmos-emulator.ps1 |
Same |
PSUseBOMForUnicodeEncodedFile |
Warning |
scripts/ui-chat-api-identity/configure-agent-identity.ps1 |
File should use BOM for Unicode encoding |
PSUseBOMForUnicodeEncodedFile |
Warning |
scripts/reporting-api-identity/configure-agent-identity.ps1 |
Same |
PSUseBOMForUnicodeEncodedFile |
Warning |
scripts/reporting-svc-identity/configure-agent-identity.ps1 |
Same |
PSUseBOMForUnicodeEncodedFile |
Warning |
cosmos-emulator.ps1 |
Same |
PSUseShouldProcessForStateChangingFunctions |
Warning |
cosmos-emulator.ps1 |
Functions that change state should support -WhatIf/-Confirm |
PSUseShouldProcessForStateChangingFunctions |
Warning |
cosmos-emulator.ps1 |
Same (2 functions) |
Suggested Fixes
-
PSUseDeclaredVarsMoreThanAssignments — Review variables in setup-agent-identity.ps1 scripts and cosmos-emulator.ps1. Remove or use the declared-but-unused variables.
-
PSUseBOMForUnicodeEncodedFile — Re-save configure-agent-identity.ps1 files and cosmos-emulator.ps1 with UTF-8 BOM encoding.
-
PSUseShouldProcessForStateChangingFunctions — Add [CmdletBinding(SupportsShouldProcess)] to cosmos-emulator.ps1 functions that start/stop Docker containers, or suppress this rule in PSScriptAnalyzerSettings.psd1.
Alternative
If these warnings are not worth fixing, add them to the exclusion list in PSScriptAnalyzerSettings.psd1:
@{
Severity = @('Error', 'Warning')
ExcludeRules = @(
'PSAvoidUsingWriteHost'
'PSUseBOMForUnicodeEncodedFile'
'PSUseShouldProcessForStateChangingFunctions'
)
}References
- PSScriptAnalyzer workflow:
.github/workflows/psscriptanalyzer.yml
- Settings:
PSScriptAnalyzerSettings.psd1
Context
PR #294 added PSScriptAnalyzer scanning. The first CI run found 9 warnings across 4 scripts. These are code quality warnings, not security issues.
Findings
PSUseDeclaredVarsMoreThanAssignmentsscripts/ui-chat-api-identity/setup-agent-identity.ps1PSUseDeclaredVarsMoreThanAssignmentsscripts/reporting-api-identity/setup-agent-identity.ps1PSUseDeclaredVarsMoreThanAssignmentscosmos-emulator.ps1PSUseBOMForUnicodeEncodedFilescripts/ui-chat-api-identity/configure-agent-identity.ps1PSUseBOMForUnicodeEncodedFilescripts/reporting-api-identity/configure-agent-identity.ps1PSUseBOMForUnicodeEncodedFilescripts/reporting-svc-identity/configure-agent-identity.ps1PSUseBOMForUnicodeEncodedFilecosmos-emulator.ps1PSUseShouldProcessForStateChangingFunctionscosmos-emulator.ps1-WhatIf/-ConfirmPSUseShouldProcessForStateChangingFunctionscosmos-emulator.ps1Suggested Fixes
PSUseDeclaredVarsMoreThanAssignments— Review variables insetup-agent-identity.ps1scripts andcosmos-emulator.ps1. Remove or use the declared-but-unused variables.PSUseBOMForUnicodeEncodedFile— Re-saveconfigure-agent-identity.ps1files andcosmos-emulator.ps1with UTF-8 BOM encoding.PSUseShouldProcessForStateChangingFunctions— Add[CmdletBinding(SupportsShouldProcess)]tocosmos-emulator.ps1functions that start/stop Docker containers, or suppress this rule inPSScriptAnalyzerSettings.psd1.Alternative
If these warnings are not worth fixing, add them to the exclusion list in
PSScriptAnalyzerSettings.psd1:References
.github/workflows/psscriptanalyzer.ymlPSScriptAnalyzerSettings.psd1