Running SSW Code Auditor from Visual Studio

How to use the scan

After installing the Code Auditor via Extensions and Updates, or (website link) and restarting a new menu will appear in Visual Studio.

Figure: Code Auditor Visual Studio extension
  1. Open a solution in Visual Studio
    Figure: Sample Solution
  2. Select scan type (Complete solution, pending changes for both Git or TFS)
    1. Scan entire solution
    2. Scan pending changes of either Git or TFS
    Figure: Scanning selections of Code Auditor
  3. Once scan has begun, the loading bar shows the scan's progress
    1. Scan has begun
    2. Progress of scan
    Figure: Visual Studio feedback for scan progress
  4. Report result window
    Figure: Report result window
  5. Double-click an error to jump to the source
    1. Double-click error result
    2. Jump to source (highlighted line)
    Figure: How to quickly jump to source of error


  • Select non default ruleset to run
    1. Click "Code Auditor"
    2. Click "Windows"
    3. Click "Rules"
    4. Select rules to run
    Figure: Rules selection in Visual Studio
    Figure: Rules screen of Code Auditor
  • Open Rule Description

    Right click error and select "Open Rule in Browser" to go to the associated SSW Rule webpage.

    1. Right click rule
    2. Click "Open rule in browser" to open SSW Rules page explaining the purpose of the rule
    Figure: Process to select "Open Rule in Browser" from the Report window
    Figure: Associated SSW rule example webpage
  • Check Report History (New)

    View previously scanned reports

    1. Click "Code Auditor"
    2. Click "Windows"
    3. Click "History"
    4. Double click on report to open
    5. The report page will display the old report
    Figure: History selection in Visual Studio
    Figure: Report History Window
    Figure: Opening old report from report history
  • Edit my options
    1. Click "Code Auditor"
    2. Click "Windows"
    3. Click "Options"
    Figure: Selecting options in Visual Studio
  • Email report to self or company (New)
    1. Open options, click the "Email" tab and input your associated email details
    2. Click "Send Email" from the report window
    3. Visual studio will update about the email’s progress until sending is complete
    4. The report is received
    5. Select "Automatically email report when scan is complete" to send an email automatically after every scan
    Figure: Email panel of Options
    Figure: Report window
    Figure: Received email report
  • Do not scan certain code

    You might find an instance where your code must break a rule for a valid reason.

    To improve the project, comment the reasoning behind this, and skip over the few lines of code.

    1. Open options and click the "Scanning" tab
    2. Ensure checkbox "Ignore code blocks"
    3. Click "Show Help" in order to open the Ignore Code Blocks window
    4. The Ignore Code Blocks window provides the commands to ignore specific code blocks when a scan is run
    Figure: Scanning tab of options
    Figure: Ignore Code blocks command list window
  • Enable TFS Check-In policy

    TFS Check-in policy allows TFS to run code Auditor whenever code is checked in.

    Select "Windows | Options | TFS" and then register the TFS version.

    1. Open options and click "TFS" tab
    2. Click "Register" for your associated Server version
    Figure: TFS panel of Options