Code Quality Assurance

Code Better and Avoid Security & Stability risks

Validate your Solution Packages and Add-ins, Scripts and more with hundreds Rules and ensure Security, Performance, Supportability, Quality and Company Compliance


How it works

SPCop (included in all SPCAF Products) scans all files in WSPs, Add-in packages, Javascript and PowerShell script files and applies several hundred rules. If a violation against one of these rules is detected a notification is added to the report.

The notification are reported with their severity e.g. CriticalError, Error, CriticalWarning, Warning or Information

The generated report aggregates the notifications and displays each violation with filename, line number and source code (if available) to make it easier to solve the issue.

How it looks

Find out how SPCop results look like and how you can customize it.

Sample Reports


Find Errors in XML, JavaScript and more

Sample Report with Errors in XML

SPCop scans all the XML, .net, JavaScript etc. code within WSP and App files and applies hundreds of rules to check correctness, schema and best practices.

Developers can use it to find errors in their code fast and easy (e.g. typos, syntax errors, bad practices) and fix violations against best practices.

Check Design and Best Practices

Sample Report with violations

SPCAF can also check the compiled .net code without having the source code available.

Architects use the reports to check for violations against design and deployment rules to ensure a maintainable code base and a stable deployment process. Developers can easily see if they follow best practices and don’t use operations which have a negative impact on the performance of the solution.

Detect risks for Security, Supportability and Operations

Sample report with risks for operation

SharePoint administrators can check the reports for violations against SharePoint supportability and security rules before they install a SharePoint solution or app. If there are errors or critical errors in these categories the WSP solutions or apps should not be deployed to the farm.

Migrate Code to newer SharePoint Version

Sample Report with App model Compatibility Issues

The special rules for SharePoint version compatibility can be used to ensure that the WSP or Add-in is compatible with a given SharePoint version and also help you to migrate your full trust code to the Add-in Model.

As an architect or developer you can check for instance that during a migration of code from SharePoint 2010 to 2013 or 2016 all necessary changes in Assemblies, XML files, ASPX files etc. are correctly implemented (e.g changes of path, referenced assembly version etc.)

Integrate other third party analyzers

SPCop provides integation of third party analyzers like FxCop, Metrics, SPDisposeCheck (directly included in SPCAF), JSLint (directly included in SPCAF and CSSLint. During analysis the analyzers are started (for instance FxCop is executed for every found assembly in WSPs) and the results are integrated into the reports.

Extend SPCAF with custom rules

SPCAF provides a software development kit (SDK) which lets you create your custom rules. These custom rules can be easily integrated into the standard analysis process and reports.

Get your free trial now or watch the training

Some of our clients

Join our mailing list

Get updates on news, special offers and much more.
You can unsubscribe at any time.