From 93a3adab91accbd139ed5622397a238c997c2e2b Mon Sep 17 00:00:00 2001 From: Michael Van Leeuwen Date: Thu, 7 Apr 2022 21:38:55 -0700 Subject: [PATCH 1/9] Add AvoidUsingBrokenHashAlgorithms rule --- Rules/AvoidUsingBrokenHashAlgorithms.cs | 186 ++++++++++++++++++++++++ 1 file changed, 186 insertions(+) create mode 100644 Rules/AvoidUsingBrokenHashAlgorithms.cs diff --git a/Rules/AvoidUsingBrokenHashAlgorithms.cs b/Rules/AvoidUsingBrokenHashAlgorithms.cs new file mode 100644 index 000000000..b7e48c63b --- /dev/null +++ b/Rules/AvoidUsingBrokenHashAlgorithms.cs @@ -0,0 +1,186 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System; +using System.Management.Automation.Language; +using Microsoft.Windows.PowerShell.ScriptAnalyzer.Generic; +#if !CORECLR +using System.ComponentModel.Composition; +#endif +using System.Globalization; +using System.Linq; + +namespace Microsoft.Windows.PowerShell.ScriptAnalyzer.BuiltinRules +{ + /// + /// AvoidUsingBrokenHashAlgorithms: Avoid using the broken algorithms MD5 or SHA-1. + /// +#if !CORECLR +[Export(typeof(IScriptRule))] +#endif + public class AvoidUsingBrokenHashAlgorithms : AvoidParameterGeneric + { + private readonly string[] brokenAlgorithms = new string[] + { + "md5", + "sha1", + }; + + private string algorithm; + + /// + /// Condition on the cmdlet that must be satisfied for the error to be raised + /// + /// + /// + public override bool CommandCondition(CommandAst CmdAst) + { + return true; + } + + /// + /// Condition on the parameter that must be satisfied for the error to be raised. + /// + /// + /// + /// + public override bool ParameterCondition(CommandAst CmdAst, CommandElementAst CeAst) + { + if (CeAst is CommandParameterAst) + { + CommandParameterAst cmdParamAst = CeAst as CommandParameterAst; + + if (String.Equals(cmdParamAst.ParameterName, "algorithm", StringComparison.OrdinalIgnoreCase)) + { + Ast hashAlgorithmArgument = cmdParamAst.Argument; + if (hashAlgorithmArgument == null) + { + hashAlgorithmArgument = GetHashAlgorithmArg(CmdAst, cmdParamAst.Extent.StartOffset); + if (hashAlgorithmArgument == null) + { + return false; + } + } + + var constExprAst = hashAlgorithmArgument as ConstantExpressionAst; + if (constExprAst != null) + { + algorithm = constExprAst.Value as string; + return IsBrokenAlgorithm(algorithm); + } + } + } + + return false; + } + + private bool IsBrokenAlgorithm(string algorithm) + { + if (algorithm != null) + { + return brokenAlgorithms.Contains( + algorithm, + StringComparer.OrdinalIgnoreCase); + } + + return false; + } + + private Ast GetHashAlgorithmArg(CommandAst CmdAst, int StartIndex) + { + int small = int.MaxValue; + Ast hashAlgorithmArg = null; + foreach (Ast ast in CmdAst.CommandElements) + { + if (ast.Extent.StartOffset > StartIndex && ast.Extent.StartOffset < small) + { + hashAlgorithmArg = ast; + small = ast.Extent.StartOffset; + } + } + + return hashAlgorithmArg; + } + + /// + /// Retrieves the error message + /// + /// + /// + /// + public override string GetError(string FileName, CommandAst CmdAst) + { + if (CmdAst == null) + { + return string.Empty; + } + + return string.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingBrokenHashAlgorithmsError, CmdAst.GetCommandName(), algorithm); + } + + /// + /// GetName: Retrieves the name of this rule. + /// + /// The name of this rule + public override string GetName() + { + return string.Format(CultureInfo.CurrentCulture, Strings.NameSpaceFormat, GetSourceName(), Strings.AvoidUsingBrokenHashAlgorithmsName); + } + + /// + /// GetCommonName: Retrieves the common name of this rule. + /// + /// The common name of this rule + public override string GetCommonName() + { + return string.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingBrokenHashAlgorithmsCommonName); + } + + /// + /// GetDescription: Retrieves the description of this rule. + /// + /// The description of this rule + public override string GetDescription() + { + return string.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingBrokenHashAlgorithmsDescription); + } + + /// + /// GetSourceType: Retrieves the type of the rule: builtin, managed or module. + /// + public override SourceType GetSourceType() + { + return SourceType.Builtin; + } + + /// + /// GetSeverity: Retrieves the severity of the rule: error, warning or information. + /// + /// + public override RuleSeverity GetSeverity() + { + return RuleSeverity.Error; + } + + /// + /// DiagnosticSeverity: Retrieves the severity of the rule of type DiagnosticSeverity: error, warning or information. + /// + /// + public override DiagnosticSeverity GetDiagnosticSeverity() + { + return DiagnosticSeverity.Error; + } + + /// + /// GetSourceName: Retrieves the module/assembly name the rule is from. + /// + public override string GetSourceName() + { + return string.Format(CultureInfo.CurrentCulture, Strings.SourceName); + } + } +} + + + + From 458d7612516cdadb320984bf7a8a8acfdbf28b91 Mon Sep 17 00:00:00 2001 From: Michael Van Leeuwen Date: Thu, 7 Apr 2022 21:39:54 -0700 Subject: [PATCH 2/9] Add AvoidUsingBrokenHashAlgorithms strings --- Rules/Strings.Designer.cs | 38 +++++++++++++++++++++++++++++++++++++- Rules/Strings.resx | 14 +++++++++++++- 2 files changed, 50 insertions(+), 2 deletions(-) diff --git a/Rules/Strings.Designer.cs b/Rules/Strings.Designer.cs index 9fead171c..e1bfac319 100644 --- a/Rules/Strings.Designer.cs +++ b/Rules/Strings.Designer.cs @@ -19,7 +19,7 @@ namespace Microsoft.Windows.PowerShell.ScriptAnalyzer { // class via a tool like ResGen or Visual Studio. // To add or remove a member, edit your .ResX file then rerun ResGen // with the /str option, or rebuild your VS project. - [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "16.0.0.0")] + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] internal class Strings { @@ -726,6 +726,42 @@ internal static string AvoidUsernameAndPasswordParamsName { } } + /// + /// Looks up a localized string similar to Avoid Using Broken Hash Algorithms. + /// + internal static string AvoidUsingBrokenHashAlgorithmsCommonName { + get { + return ResourceManager.GetString("AvoidUsingBrokenHashAlgorithmsCommonName", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Avoid using the broken algorithms MD5 or SHA-1.. + /// + internal static string AvoidUsingBrokenHashAlgorithmsDescription { + get { + return ResourceManager.GetString("AvoidUsingBrokenHashAlgorithmsDescription", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to The Algorithm parameter of cmdlet '{0}' was used with the broken algorithm '{1}'.. + /// + internal static string AvoidUsingBrokenHashAlgorithmsError { + get { + return ResourceManager.GetString("AvoidUsingBrokenHashAlgorithmsError", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to AvoidUsingBrokenHashAlgorithms. + /// + internal static string AvoidUsingBrokenHashAlgorithmsName { + get { + return ResourceManager.GetString("AvoidUsingBrokenHashAlgorithmsName", resourceCulture); + } + } + /// /// Looks up a localized string similar to Avoid Using Clear-Host. /// diff --git a/Rules/Strings.resx b/Rules/Strings.resx index da1032671..f20ea6f38 100644 --- a/Rules/Strings.resx +++ b/Rules/Strings.resx @@ -1164,4 +1164,16 @@ AvoidMultipleTypeAttributes - + + Avoid Using Broken Hash Algorithms + + + Avoid using the broken algorithms MD5 or SHA-1. + + + The Algorithm parameter of cmdlet '{0}' was used with the broken algorithm '{1}'. + + + AvoidUsingBrokenHashAlgorithms + + \ No newline at end of file From d9fae0761c017f62e41c71e0457266f1d036a0a1 Mon Sep 17 00:00:00 2001 From: Michael Van Leeuwen Date: Fri, 8 Apr 2022 22:26:12 -0700 Subject: [PATCH 3/9] Add AvoidUsingBrokenhashAlgorithms test suite --- .../AvoidUsingBrokenHashAlgorithms.tests.ps1 | 51 +++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 Tests/Rules/AvoidUsingBrokenHashAlgorithms.tests.ps1 diff --git a/Tests/Rules/AvoidUsingBrokenHashAlgorithms.tests.ps1 b/Tests/Rules/AvoidUsingBrokenHashAlgorithms.tests.ps1 new file mode 100644 index 000000000..d6f0059c7 --- /dev/null +++ b/Tests/Rules/AvoidUsingBrokenHashAlgorithms.tests.ps1 @@ -0,0 +1,51 @@ +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. + +BeforeAll { + $settings = @{ + IncludeRules = @('PSAvoidUsingBrokenHashAlgorithms') + Rules = @{ + PSAvoidUsingBrokenHashAlgorithms = @{ + Enable = $true + } + } + } + + $violationMessageMD5 = [regex]::Escape("The Algorithm parameter of cmdlet 'Get-FileHash' was used with the broken algorithm 'MD5'.") + $violationMessageSHA1 = [regex]::Escape("The Algorithm parameter of cmdlet 'Get-FileHash' was used with the broken algorithm 'SHA1'.") +} + +Describe "AvoidUsingBrokenHashAlgorithms" { + Context "When there are violations" { + It "detects broken hash algorithms violations" { + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo -Algorithm MD5' -Settings $settings).Count | Should -Be 1 + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo -Algorithm SHA1' -Settings $settings).Count | Should -Be 1 + } + + It "has the correct description message for MD5" { + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo -Algorithm MD5' -Settings $settings).Message | Should -Match $violationMessageMD5 + } + + It "has the correct description message for SHA-1" { + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo -Algorithm SHA1' -Settings $settings).Message | Should -Match $violationMessageSHA1 + } + + It "detects arbitrary cmdlets" { + (Invoke-ScriptAnalyzer -ScriptDefinition 'Fake-Cmdlet foo -Algorithm MD5' -Settings $settings).Count | Should -Be 1 + (Invoke-ScriptAnalyzer -ScriptDefinition 'Fake-Cmdlet foo -Algorithm SHA1' -Settings $settings).Count | Should -Be 1 + } + + } + + Context "When there are no violations" { + It "does not flag default algorithm" { + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo' -Settings $settings).Count | Should -Be 0 + } + + It "does not flag safe algorithms" { + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo -Algorithm SHA256' -Settings $settings).Count | Should -Be 0 + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo -Algorithm SHA384' -Settings $settings).Count | Should -Be 0 + (Invoke-ScriptAnalyzer -ScriptDefinition 'Get-FileHash foo -Algorithm SHA512' -Settings $settings).Count | Should -Be 0 + } + } +} \ No newline at end of file From 157c16219e1597a8efc32c7da38ef24b9c0d71a7 Mon Sep 17 00:00:00 2001 From: Michael Van Leeuwen Date: Fri, 8 Apr 2022 22:29:08 -0700 Subject: [PATCH 4/9] Fix tests and improve style --- Rules/AvoidUsingBrokenHashAlgorithms.cs | 10 +++++----- Tests/Engine/GetScriptAnalyzerRule.tests.ps1 | 8 ++++---- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Rules/AvoidUsingBrokenHashAlgorithms.cs b/Rules/AvoidUsingBrokenHashAlgorithms.cs index b7e48c63b..49283b071 100644 --- a/Rules/AvoidUsingBrokenHashAlgorithms.cs +++ b/Rules/AvoidUsingBrokenHashAlgorithms.cs @@ -22,8 +22,8 @@ public class AvoidUsingBrokenHashAlgorithms : AvoidParameterGeneric { private readonly string[] brokenAlgorithms = new string[] { - "md5", - "sha1", + "MD5", + "SHA1", }; private string algorithm; @@ -53,10 +53,10 @@ public override bool ParameterCondition(CommandAst CmdAst, CommandElementAst CeA if (String.Equals(cmdParamAst.ParameterName, "algorithm", StringComparison.OrdinalIgnoreCase)) { Ast hashAlgorithmArgument = cmdParamAst.Argument; - if (hashAlgorithmArgument == null) + if (hashAlgorithmArgument is null) { hashAlgorithmArgument = GetHashAlgorithmArg(CmdAst, cmdParamAst.Extent.StartOffset); - if (hashAlgorithmArgument == null) + if (hashAlgorithmArgument is null) { return false; } @@ -110,7 +110,7 @@ private Ast GetHashAlgorithmArg(CommandAst CmdAst, int StartIndex) /// public override string GetError(string FileName, CommandAst CmdAst) { - if (CmdAst == null) + if (CmdAst is null) { return string.Empty; } diff --git a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 index 50a6f0077..418463331 100644 --- a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 +++ b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 @@ -63,7 +63,7 @@ Describe "Test Name parameters" { It "get Rules with no parameters supplied" { $defaultRules = Get-ScriptAnalyzerRule - $expectedNumRules = 66 + $expectedNumRules = 67 if ($PSVersionTable.PSVersion.Major -le 4) { # for PSv3 PSAvoidGlobalAliases is not shipped because @@ -154,17 +154,17 @@ Describe "Test RuleExtension" { Describe "TestSeverity" { It "filters rules based on the specified rule severity" { $rules = Get-ScriptAnalyzerRule -Severity Error - $rules.Count | Should -Be 7 + $rules.Count | Should -Be 8 } It "filters rules based on multiple severity inputs"{ $rules = Get-ScriptAnalyzerRule -Severity Error,Information - $rules.Count | Should -Be 18 + $rules.Count | Should -Be 19 } It "takes lower case inputs" { $rules = Get-ScriptAnalyzerRule -Severity error - $rules.Count | Should -Be 7 + $rules.Count | Should -Be 8 } } From de7a0d0267f173df41807c9b917985f8cf0cfa67 Mon Sep 17 00:00:00 2001 From: Michael Van Leeuwen Date: Fri, 8 Apr 2022 22:36:03 -0700 Subject: [PATCH 5/9] Add AvoidUsingBrokenHashAlgorithms to docs --- docs/Rules/AvoidUsingBrokenHashAlgorithms.md | 39 ++++++++++++++++++++ docs/Rules/README.md | 1 + 2 files changed, 40 insertions(+) create mode 100644 docs/Rules/AvoidUsingBrokenHashAlgorithms.md diff --git a/docs/Rules/AvoidUsingBrokenHashAlgorithms.md b/docs/Rules/AvoidUsingBrokenHashAlgorithms.md new file mode 100644 index 000000000..eda889080 --- /dev/null +++ b/docs/Rules/AvoidUsingBrokenHashAlgorithms.md @@ -0,0 +1,39 @@ +# AvoidUsingBrokenHashAlgorithms + +**Severity Level: Error** + +## Description + +Avoid using the broken algorithms MD5 or SHA-1. + +## How + +Replace broken algorithms with secure alternatives. MD5 and SHA-1 should be replaced with SHA256, SHA384, SHA512, or other safer algorithms when possible, with MD5 and SHA-1 only being utilized by necessity for backwards compatibility. + +## Example 1 + +### Wrong + +```powershell +Get-FileHash foo.txt -Algorithm MD5 +``` + +### Correct + +```powershell +Get-FileHash foo.txt -Algorithm SHA256 +``` + +## Example 2 + +### Wrong + +```powershell +Get-FileHash foo.txt -Algorithm SHA1 +``` + +### Correct + +```powershell +Get-FileHash foo.txt +``` diff --git a/docs/Rules/README.md b/docs/Rules/README.md index aec9ff777..f8735385e 100644 --- a/docs/Rules/README.md +++ b/docs/Rules/README.md @@ -25,6 +25,7 @@ The PSScriptAnalyzer contains the following rule definitions. | [AvoidOverwritingBuiltInCmdlets](./AvoidOverwritingBuiltInCmdlets.md) | Warning | Yes | Yes | | [AvoidShouldContinueWithoutForce](./AvoidShouldContinueWithoutForce.md) | Warning | Yes | | | [AvoidTrailingWhitespace](./AvoidTrailingWhitespace.md) | Warning | Yes | | +| [AvoidUsingBrokenHashAlgorithms](./AvoidUsingBrokenHashAlgorithms.md) | Error | Yes | | | [AvoidUsingCmdletAliases](./AvoidUsingCmdletAliases.md) | Warning | Yes | Yes2 | | [AvoidUsingComputerNameHardcoded](./AvoidUsingComputerNameHardcoded.md) | Error | Yes | | | [AvoidUsingConvertToSecureStringWithPlainText](./AvoidUsingConvertToSecureStringWithPlainText.md) | Error | Yes | | From fc09bd8941e8b429b4202e74974574f22c6eca5d Mon Sep 17 00:00:00 2001 From: Michael Van Leeuwen Date: Mon, 30 May 2022 15:07:29 -0700 Subject: [PATCH 6/9] Fix severity and unit tests Co-authored-by: Christoph Bergmeister [MVP] --- Rules/AvoidUsingBrokenHashAlgorithms.cs | 4 ++-- Tests/Engine/GetScriptAnalyzerRule.tests.ps1 | 4 ++-- docs/Rules/AvoidUsingBrokenHashAlgorithms.md | 2 +- docs/Rules/README.md | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Rules/AvoidUsingBrokenHashAlgorithms.cs b/Rules/AvoidUsingBrokenHashAlgorithms.cs index 49283b071..b43116020 100644 --- a/Rules/AvoidUsingBrokenHashAlgorithms.cs +++ b/Rules/AvoidUsingBrokenHashAlgorithms.cs @@ -159,7 +159,7 @@ public override SourceType GetSourceType() /// public override RuleSeverity GetSeverity() { - return RuleSeverity.Error; + return RuleSeverity.Warning; } /// @@ -168,7 +168,7 @@ public override RuleSeverity GetSeverity() /// public override DiagnosticSeverity GetDiagnosticSeverity() { - return DiagnosticSeverity.Error; + return DiagnosticSeverity.Warning; } /// diff --git a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 index 418463331..031ae0d93 100644 --- a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 +++ b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 @@ -159,12 +159,12 @@ Describe "TestSeverity" { It "filters rules based on multiple severity inputs"{ $rules = Get-ScriptAnalyzerRule -Severity Error,Information - $rules.Count | Should -Be 19 + $rules.Count | Should -Be 18 } It "takes lower case inputs" { $rules = Get-ScriptAnalyzerRule -Severity error - $rules.Count | Should -Be 8 + $rules.Count | Should -Be 7 } } diff --git a/docs/Rules/AvoidUsingBrokenHashAlgorithms.md b/docs/Rules/AvoidUsingBrokenHashAlgorithms.md index eda889080..aed882553 100644 --- a/docs/Rules/AvoidUsingBrokenHashAlgorithms.md +++ b/docs/Rules/AvoidUsingBrokenHashAlgorithms.md @@ -1,6 +1,6 @@ # AvoidUsingBrokenHashAlgorithms -**Severity Level: Error** +**Severity Level: Warning** ## Description diff --git a/docs/Rules/README.md b/docs/Rules/README.md index f8735385e..5e2c7804b 100644 --- a/docs/Rules/README.md +++ b/docs/Rules/README.md @@ -25,7 +25,7 @@ The PSScriptAnalyzer contains the following rule definitions. | [AvoidOverwritingBuiltInCmdlets](./AvoidOverwritingBuiltInCmdlets.md) | Warning | Yes | Yes | | [AvoidShouldContinueWithoutForce](./AvoidShouldContinueWithoutForce.md) | Warning | Yes | | | [AvoidTrailingWhitespace](./AvoidTrailingWhitespace.md) | Warning | Yes | | -| [AvoidUsingBrokenHashAlgorithms](./AvoidUsingBrokenHashAlgorithms.md) | Error | Yes | | +| [AvoidUsingBrokenHashAlgorithms](./AvoidUsingBrokenHashAlgorithms.md) | Warning | Yes | | | [AvoidUsingCmdletAliases](./AvoidUsingCmdletAliases.md) | Warning | Yes | Yes2 | | [AvoidUsingComputerNameHardcoded](./AvoidUsingComputerNameHardcoded.md) | Error | Yes | | | [AvoidUsingConvertToSecureStringWithPlainText](./AvoidUsingConvertToSecureStringWithPlainText.md) | Error | Yes | | From 1a35e453e8404242958fe6f0fd110abe9275a9bd Mon Sep 17 00:00:00 2001 From: Michael Van Leeuwen Date: Mon, 30 May 2022 15:28:01 -0700 Subject: [PATCH 7/9] Fix error severity count in unit test --- Tests/Engine/GetScriptAnalyzerRule.tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 index 031ae0d93..de9e6e326 100644 --- a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 +++ b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 @@ -154,7 +154,7 @@ Describe "Test RuleExtension" { Describe "TestSeverity" { It "filters rules based on the specified rule severity" { $rules = Get-ScriptAnalyzerRule -Severity Error - $rules.Count | Should -Be 8 + $rules.Count | Should -Be 7 } It "filters rules based on multiple severity inputs"{ From b79a48e922c18f4456f0aa45666628cd683071c3 Mon Sep 17 00:00:00 2001 From: Sean Wheeler Date: Tue, 31 May 2022 08:29:05 -0500 Subject: [PATCH 8/9] Adding frontmatter --- docs/Rules/AvoidUsingBrokenHashAlgorithms.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/Rules/AvoidUsingBrokenHashAlgorithms.md b/docs/Rules/AvoidUsingBrokenHashAlgorithms.md index aed882553..5f0406934 100644 --- a/docs/Rules/AvoidUsingBrokenHashAlgorithms.md +++ b/docs/Rules/AvoidUsingBrokenHashAlgorithms.md @@ -1,3 +1,10 @@ +--- +description: Cmdlet Verbs +ms.custom: PSSA v1.21.0 +ms.date: 05/31/2022 +ms.topic: reference +title: AvoidUsingBrokenHashAlgorithms +--- # AvoidUsingBrokenHashAlgorithms **Severity Level: Warning** From f252ecd33e42bf410a81df5ee3eeebe6a5447746 Mon Sep 17 00:00:00 2001 From: Christoph Bergmeister Date: Mon, 25 Jul 2022 15:17:35 +0100 Subject: [PATCH 9/9] Update Tests/Engine/GetScriptAnalyzerRule.tests.ps1 --- Tests/Engine/GetScriptAnalyzerRule.tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 index de9e6e326..0ca6e569f 100644 --- a/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 +++ b/Tests/Engine/GetScriptAnalyzerRule.tests.ps1 @@ -63,7 +63,7 @@ Describe "Test Name parameters" { It "get Rules with no parameters supplied" { $defaultRules = Get-ScriptAnalyzerRule - $expectedNumRules = 67 + $expectedNumRules = 68 if ($PSVersionTable.PSVersion.Major -le 4) { # for PSv3 PSAvoidGlobalAliases is not shipped because