用于自定义生成任务的 YAML 配置选项YAML configuration options to customize the build tasks

本文列出了每个生成任务中可用的所有 YAML 配置选项。This article lists all YAML configuration options available in each of the build tasks. 本文首先介绍了与安全代码分析工具相关的任务,The article starts with the tasks for security code analysis tools. 最后介绍了处理后任务。It ends with the post-processing tasks.

反恶意软件扫描程序任务Anti-Malware Scanner task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
InputTypeInputType pickListpickList 通用always TrueTrue 基本Basic Basic、CustomBasic, Custom
ScanTypeScanType pickListpickList InputType = BasicInputType = Basic TrueTrue CustomScanCustomScan CustomScan、FullSystemScan、QuickScan、YourConfiguredScanCustomScan, FullSystemScan, QuickScan, YourConfiguredScan 要用于反恶意软件扫描的扫描类型。The scan type to use for the AntiMalware scan.
FileDirPathFileDirPath filePathfilePath ScanType = CustomScanScanType = CustomScan TrueTrue $(Build.StagingDirectory)$(Build.StagingDirectory) 指示要扫描的文件或目录。Indicates the file or directory to be scanned.
DisableRemediationDisableRemediation booleanboolean ScanType = CustomScanScanType = CustomScan FalseFalse true 当选中时:1) 将忽略文件排除。When checked: 1) File exclusions are ignored. 2) 将扫描存档文件。2) Archive files are scanned. 3) 检测后不应用操作。3) Actions are not applied after detection. 4) 检测后不写入事件日志条目。4) Event log entries are not written after detection. 5) 来自自定义扫描的检测不会显示在用户界面中。5) Detections from the custom scan are not displayed in the user interface. 6) 控制台输出将显示来自自定义扫描的检测列表。6) The console output will show the list of detections from the custom scan.
BootSectorScanBootSectorScan booleanboolean ScanType = CustomScanScanType = CustomScan FalseFalse falsefalse 如果选中,它将启用启动扇区扫描。If checked, it enables boot sector scanning.
参数Arguments stringstring InputType = CustomInputType = Custom TrueTrue -Scan -ScanType 3 -DisableRemediation -File $(Build.StagingDirectory)-Scan -ScanType 3 -DisableRemediation -File $(Build.StagingDirectory) 命令行参数,其中,-File 的参数是一个绝对路径,或者是相对于生成代理上预定义的 $(Build.StagingDirectory) 的相对路径。The command line arguments, where the argument for -File is an absolute path, or a relative path to the $(Build.StagingDirectory) predefined on your build agent. 注意:如果没有提供 -File 的参数作为最后一个参数,则它将默认为 $(Build.StagingDirectory)。Note: If you do not provide an argument for -File as the last argument, it defaults to $(Build.StagingDirectory). 你还可以提供 MpCmdRun.exe 工具允许的你自己的参数。You can also provide your own arguments allowed by the MpCmdRun.exe tool.

若要获得有关此工具的命令行参数的更多详细信息,请在 Arguments 字段中输入 -h-?For more details about the command line arguments for this tool, please enter -h or -? 并执行生成任务。in the Arguments field and execute the build task.
EnableServicesEnableServices booleanboolean 通用always TrueTrue falsefalse 如果选中,则当 Windows Update 所需的服务被禁用时,它会尝试启用这些服务。If checked, it will try enabling the required services for Windows Update in case they are disabled.
注意:请确保组策略没有禁用这些服务,并且运行此生成的帐户具有管理员权限。NOTE: Please make sure that the group policy does not disable the services and the account this build is running under has admin privileges.
SupportLogOnErrorSupportLogOnError booleanboolean 通用always TrueTrue falsefalse 如果选中此项,则当发生错误时,它会收集用于诊断的支持文件。If checked, it will collect the support files for diagnosis when an error happened. 此过程可能需要几分钟时间。This may take several minutes.
注意:请确保运行此生成的帐户具有管理员权限。NOTE: Please make sure that the account this build is running under has admin privileges.
TreatSignatureUpdateFailureAsTreatSignatureUpdateFailureAs pickListpickList 通用always TrueTrue 警告Warning Error、Standard、WarningError, Standard, Warning 在运行时无法更新特征时使用的日志级别。The log level used if the signature cannot be updated at run-time. 如果设置为 Error,则无法更新特征会导致生成任务失败。When set to Error, a failure to update the signature will fail the build task. 请注意,在托管的生成代理上,特征更新失败很常见,即使特征可能还相当新(存在时间不到 3 小时)。Note that it is common for the signature update to fail on hosted build agents, even though the signature may be relatively current (less than 3 hours old).
SignatureFreshnessSignatureFreshness pickListpickList 通用always TrueTrue UpToDateUpToDate OneDay、ThreeDays、TwoDays、UpToDateOneDay, ThreeDays, TwoDays, UpToDate 反恶意软件特征的最大允许使用期限。The maximum allowed age for the AntiMalware signature. 如果特征无法更新且早于此值,则生成任务将根据“特征使用期限验证方式”字段中的选定值进行操作。If the signature cannot be updated and is older than this value, the build task will behave according to the selected value in the Validate Signatures Age As field. 注意:如果选择 Up-To-Date,则最多允许使用特征 3 个小时。Note: If you choose Up-To-Date, the signatures are allowed to be up to 3 hours old.
TreatStaleSignatureAsTreatStaleSignatureAs pickListpickList 通用always TrueTrue 错误Error Error、Standard、WarningError, Standard, Warning 当特征使用期限早于所选的“反恶意软件特征使用期限”时使用的日志级别。The log level used if the signature age is older than the selected AntiMalware Signature Age. 过期的特征可能会被视为 WarningInformational,可以继续用于反恶意软件扫描,但不建议这样做。An outdated signature may be treated as a Warning or Informational to continue with the AntiMalware scan, but this is not recommended.

BinSkim 任务BinSkim task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
InputTypeInputType pickListpickList 通用always TrueTrue 基本Basic Basic、CommandLineBasic, CommandLine
参数arguments stringstring InputType = CommandLineInputType = CommandLine TrueTrue 要执行的标准 Binskim 命令行参数。Standard Binskim command line arguments to execute. 输出路径会被删除并替换。The output path will be removed and replaced.
有关此工具的命令行参数的更多详细信息,请在 Arguments 字段中输入 help 并执行生成任务。For more details about the command line arguments for this tool, please enter help in the Arguments field and execute the build task.
函数Function pickListpickList InputType = BasicInputType = Basic TrueTrue analyzeanalyze analyze、dump、exportConfig、exportRulesanalyze, dump, exportConfig, exportRules
AnalyzeTargetAnalyzeTarget filePathfilePath InputType = Basic && Function = analyzeInputType = Basic && Function = analyze TrueTrue $(Build.ArtifactStagingDirectory)*.dll;$(Build.ArtifactStagingDirectory)*.dll;
$(Build.ArtifactStagingDirectory)*.exe$(Build.ArtifactStagingDirectory)*.exe
可解析为要分析的一个或多个二进制文件的文件、目录或筛选模式的一个或多个说明符。One or more specifiers to a file, directory, or filter pattern that resolves to one or more binaries to analyze. (“;”分隔的列表)(';' separated list)
AnalyzeSymPathAnalyzeSymPath stringstring InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse 目标的符号文件的路径。Path to the symbols file for the target.
AnalyzeConfigPathAnalyzeConfigPath stringstring InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse 默认值default 将要用来配置分析的策略文件的路径。Path to a policy file that will be used to configure analysis. 传递“default”值以使用内置设置。Pass value of 'default' to use built-in settings.
AnalyzePluginPathAnalyzePluginPath stringstring InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse 将针对分析集中的所有目标调用的插件的路径。Path to a plug-in that will be invoked against all targets in the analysis set.
AnalyzeRecurseAnalyzeRecurse booleanboolean InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse true 在评估文件说明符参数时递归到子目录中。Recurse into subdirectories when evaluating file specifier arguments.
AnalyzeVerboseAnalyzeVerbose booleanboolean InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse falsefalse 发出详细输出。Emit verbose output. 生成的综合性报告旨在提供合规性方案的相应证据。The resulting comprehensive report is designed to provide appropriate evidence for compliance scenarios.
AnalyzeHashesAnalyzeHashes booleanboolean InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse falsefalse 发出 SARIF 报告时输出分析目标的 SHA-256 哈希。Output SHA-256 hash of analysis targets when emitting SARIF reports.
AnalyzeStatisticsAnalyzeStatistics booleanboolean InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse falsefalse 为分析会话生成计时和其他统计信息。Generate timing and other statistics for analysis session.
AnalyzeEnvironmentAnalyzeEnvironment booleanboolean InputType = Basic && Function = analyzeInputType = Basic && Function = analyze FalseFalse falsefalse 将运行的计算机环境详细信息记录到输出文件中。Log machine environment details of run to output file. 警告:此选项会将可能的敏感信息(例如所有环境变量值)记录到发出的任何日志中。WARNING: This option records potentially sensitive information (such as all environment variable values) to any emitted log.
ExportRulesOutputTypeExportRulesOutputType pickListpickList InputType = Basic && Function = exportRulesInputType = Basic && Function = exportRules FalseFalse SARIFSARIF SARIF、SonarQubeSARIF, SonarQube 要输出的规则描述符文件的类型。The type of rules descriptor file to output. 这将包含在由“发布安全分析日志”生成任务发布的 BinSkim 日志文件夹中。This will be included in the BinSkim logs folder published by the Publish Security Analysis Logs build task.
DumpTargetDumpTarget filePathfilePath InputType = Basic && Function = dumpInputType = Basic && Function = dump TrueTrue $(Build.ArtifactStagingDirectory)$(Build.ArtifactStagingDirectory) 可解析为要分析的一个或多个二进制文件的文件、目录或筛选模式的一个或多个说明符。One or more specifiers to a file, directory, or filter pattern that resolves to one or more binaries to analyze. (“;”分隔的列表)(';' separated list)
DumpRecurseDumpRecurse booleanboolean InputType = Basic && Function = dumpInputType = Basic && Function = dump FalseFalse true 在评估文件说明符参数时递归到子目录中。Recurse into subdirectories when evaluating file specifier arguments.
DumpVerboseDumpVerbose booleanboolean InputType = Basic && Function = dumpInputType = Basic && Function = dump FalseFalse true 发出详细输出。Emit verbose output. 生成的综合性报告旨在提供合规性方案的相应证据。The resulting comprehensive report is designed to provide appropriate evidence for compliance scenarios.
toolVersiontoolVersion pickListpickList 通用always FalseFalse 最新版本Latest 1.5.0、Latest、LatestPreRelease1.5.0, Latest, LatestPreRelease 要运行的工具的版本。The version of the tool to run.

凭据扫描程序任务Credential Scanner task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
outputFormatoutputFormat pickListpickList 通用always FalseFalse prepre csv、pre、tsvcsv, pre, tsv 凭据扫描程序结果文件的输出格式。The output format of the Credential Scanner results file.
toolVersiontoolVersion pickListpickList 通用always FalseFalse 最新版本Latest 1.27.7、Latest、LatestPreRelease1.27.7, Latest, LatestPreRelease 要运行的工具的版本。The version of the tool to run.
scanFolderscanFolder filePathfilePath 通用always FalseFalse $(Build.SourcesDirectory)$(Build.SourcesDirectory) 存储库中要在其中扫描凭据的文件夹。The folder in your repository to scan for credentials.
searchersFileTypesearchersFileType pickListpickList 通用always FalseFalse 默认Default Custom、Default、DefaultAndCustomCustom, Default, DefaultAndCustom 用于查找用于扫描的搜索器文件的选项。Options to locate the searchers file used for scanning.
searchersFilesearchersFile filePathfilePath searchersFileType == Custom OR searchersFileType == DefaultAndCustomsearchersFileType == Custom OR searchersFileType == DefaultAndCustom FalseFalse 要执行的检查的凭据扫描程序搜索器配置文件。The Credential Scanner searchers configuration file of checks to execute. 通过提供凭据扫描程序搜索器文件路径的逗号分隔列表,可以包含和使用多个值。Multiple values can be included and used by providing a comma-separated list of paths to Credential Scanner searchers files.
suppressionsFilesuppressionsFile filePathfilePath 通用always FalseFalse 凭据扫描程序抑制文件,用于在输出日志中抑制问题。The Credential Scanner suppressions file to use for suppressing issues in the output log.
suppressAsErrorsuppressAsError booleanboolean 通用always FalseFalse falsefalse 被抑制的匹配项将输出到输出文件 [-O]-matches.[-f] 而非输出到默认抑制的输出文件 [-O]-suppressed.[-f]。Suppressed matches will be output to the output file [-O]-matches.[-f] rather than the default suppressed output file [-O]-suppressed.[-f]. (默认值为“False”)(Defaults to 'False')
verboseOutputverboseOutput booleanboolean 通用always FalseFalse falsefalse 输出详细信息。Output verbose information.
batchSizebatchSize stringstring 通用always FalseFalse 用于并行运行凭据扫描程序的并发线程数。The number of concurrent threads used to run Credential Scanners in parallel. (默认值为 20)(Default to 20)
值必须位于 1-2147483647 范围内。Value must be within the range of 1-2147483647.
regexMatchTimeoutInSecondsregexMatchTimeoutInSeconds stringstring 通用always FalseFalse 在放弃检查之前,尝试搜索器匹配所花费的时间(以秒为单位)。The amount of time in seconds to spend attempting a searcher match before abandoning the check.
-Co RegexMatchTimeoutInSeconds=<Value> 添加到命令行。Adds -Co RegexMatchTimeoutInSeconds=<Value> to the command line.
fileScanReadBufferSizefileScanReadBufferSize stringstring 通用always FalseFalse 读取内容时的缓冲区大小(以字节为单位)。Buffer size while reading content in bytes. (默认值为 524288)(Defaults to 524288)
-Co FileScanReadBufferSize=<Value> 添加到命令行。Adds -Co FileScanReadBufferSize=<Value> to the command line.
maxFileScanReadBytesmaxFileScanReadBytes stringstring 通用always FalseFalse 执行内容分析期间要从给定文件读取的最大字节数。Maximum number of bytes to read from a given file during content analysis. (默认值为 104857600)(Defaults to 104857600)
-Co MaxFileScanReadBytes=<Value> 添加到命令行。Adds -Co MaxFileScanReadBytes=<Value> to the command line.

Microsoft 安全风险检测任务Microsoft Security Risk Detection task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
ServiceEndpointNameServiceEndpointName connectedService:GenericconnectedService:Generic 通用always TrueTrue VSTS 项目上预配置的服务终结点(泛型)的名称,该终结点存储着(你已登录到的)MSRD 实例 URL 和 REST API 访问令牌(它是从帐户设置页生成的,允许对你的帐户进行完全访问)。The name of the preconfigured Service Endpoint (Generic type) on your VSTS project that stores the MSRD instance URL (you have onboarded to) and the REST API access token (which was generated from your account settings page and allows full access to your account).
AccountIdAccountId stringstring 通用always TrueTrue 用于标识帐户的 GUID。The GUID identifying the account. 可以从帐户 URL 中检索它。It can be retrieved from the account URL.
BinariesURLBinariesURL stringstring 通用always TrueTrue 一个以分号分隔的 URL 列表,可供模糊计算机用来下载二进制文件。A semicolon delimited list of URLs to be used by the fuzzing machine to download the binaries. 请确保 URL 公开可用。Makes sure that the URLs are publicly available.
SeedsURLSeedsURL stringstring 通用always FalseFalse 一个以分号分隔的 URL 列表,可供模糊计算机用来下载种子。A semicolon delimited list of URLs to be used by the fuzzing machine to download the seeds. 请确保 URL 公开可用。Make sure that the URLs are publicly available.
OSPlatformTypeOSPlatformType pickListpickList 通用always TrueTrue WindowsWindows Linux、WindowsLinux, Windows 要在其上运行模糊作业的计算机的 OS 平台类型。The OS platform type of machines to run the fuzzing job on.
WindowsEditionWindowsEdition stringstring OSPlatformType = WindowsOSPlatformType = Windows TrueTrue Server 2008 R2Server 2008 R2 要在其上运行模糊作业的计算机的 OS 版本。The OS edition of machines to run the fuzzing job on.
LinuxEditionLinuxEdition stringstring OSPlatformType = LinuxOSPlatformType = Linux TrueTrue RedhatRedhat 要在其上运行模糊作业的计算机的 OS 版本。The OS edition of machines to run the fuzzing job on.
PreSubmissionCommandPreSubmissionCommand stringstring 通用always FalseFalse 在提交模糊作业之前,需要在测试计算机上运行以安装测试目标程序及其依赖项的脚本。The script that needs to be run on a test machine to install the test target program and its dependencies before submission of the fuzzing job.
SeedDirectorySeedDirectory stringstring 通用always TrueTrue 模糊计算机上包含种子的目录的路径。Path to the directory on the fuzzing machine containing the seeds. 有关详细信息,请参阅种子文件目录See Seed File Directory for details.
SeedExtensionSeedExtension stringstring 通用always TrueTrue 种子的文件扩展名。The file extension of the seeds.
TestDriverExecutableTestDriverExecutable stringstring 通用always TrueTrue 模糊计算机上目标可执行文件的路径。Path to the target executable on the fuzzing machine. 有关详细信息,请参阅 EPE 的完整路径See Full Path to the EPE for details.
TestDriverExeTypeTestDriverExeType pickListpickList 通用always TrueTrue x86x86 amd64、x86amd64, x86 目标可执行文件体系结构。The target executable file architecture.
TestDriverParametersTestDriverParameters stringstring 通用always TrueTrue "%testfile%""%testfile%" 传递给测试目标可执行文件的命令行参数。Command-line arguments passed to the test target executable. 请注意, "%testfile%" 符号(包括双引号)将自动替换为测试驱动程序要分析的目标文件的完整路径,并且是必需的。Note that the "%testfile%" symbol, including the double quotes, will be automatically be replaced with the full path to the target file the test driver is expected to parse, and is required. 有关详细信息,请参阅命令行参数Refer to Command-Line Arguments for details.
ClosesItselfClosesItself booleanboolean 通用always TrueTrue true 如果测试驱动程序在完成后自行终止(例如,测试驱动程序分析输入文件并立即退出),请选中;如果需要强制关闭测试驱动程序(例如,测试驱动程序是一个在解析输入后主窗口保持打开的 GUI 应用程序),请取消选中。Check if the test driver terminates itself upon completion (e.g. the test driver parses the input files and exits immediately); Uncheck if the test driver needs to be forcibly closed (e.g. the test driver is a GUI application whose main window remains open after parsing the input). 有关详细信息,请参阅自行终止See Self-termination for details.
MaxDurationInSecondsMaxDurationInSeconds stringstring 通用always TrueTrue 55 测试驱动程序的最大持续时间(秒)。Maximum duration of the test driver in seconds. 提供目标程序分析输入文件时所需的最长合理预期时间的估计。Provide an estimation of the longest reasonably-expected time required for the target program to parse an input file. 此估计值越准确,模糊运行越高效。The more accurate this estimation, the more efficient the fuzzing run. 有关详细信息,请参阅最大预期执行持续时间See Maximum expected execution duration for details.
CanRunRepeatCanRunRepeat booleanboolean 通用always TrueTrue true 如果测试驱动程序可以在不依赖于持久化/共享全局状态的情况下重复运行,则选中。Check if the test driver can be run repeatedly without depending on a persisted/shared global state. 有关详细信息,请参阅从头开始运行See Runs from scratch for details.
CanTestDriverBeRenamedCanTestDriverBeRenamed booleanboolean 通用always TrueTrue falsefalse 如果测试驱动程序可执行文件可以重命名并且仍能正常工作,则选中。Check if the test driver executable can be renamed and can still work correctly. 有关详细信息,请参阅可重命名和并行化See Can be renamed and parallelized for details.
SingleOsProcessSingleOsProcess booleanboolean 通用always TrueTrue falsefalse 如果测试驱动程序在单个操作系统进程下运行,则选中;如果测试驱动程序生成更多进程,则取消选中。Check if the test driver runs under a single OS process; Uncheck if the test driver spawns additional processes. 有关详细信息,请参阅单进程See Single process for details.

Roslyn 分析器任务Roslyn Analyzers task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
userProvideBuildInfouserProvideBuildInfo pickListpickList 通用always TrueTrue autoauto auto、msBuildInfoauto, msBuildInfo 用户用来为 Roslyn 分析提供 MSBuild 版本、MSBuild 体系结构和生成命令行的选项。Options for a user to provide the MSBuild version, MSBuild architecture, and build commandline for Roslyn analysis. 如果选择了 Auto,则此任务会从同一管道中以前的 MSBuildVSBuild 和/或 .NET Core(用于生成)任务中检索生成信息。If Auto is selected, this task will retrieve the build info from the previous MSBuild, VSBuild, and/or .NET Core (for build) tasks in the same pipeline.
msBuildVersionmsBuildVersion pickListpickList userProvideBuildInfo == msBuildInfouserProvideBuildInfo == msBuildInfo TrueTrue 16.016.0 15.0、16.015.0, 16.0 MSBuild 版本。The MSBuild version.
msBuildArchitecturemsBuildArchitecture pickListpickList userProvideBuildInfo == msBuildInfouserProvideBuildInfo == msBuildInfo TrueTrue x86x86 DotNetCore、x64、x86DotNetCore, x64, x86 MSBuild 体系结构。The MSBuild architecture. 注意:如果生成命令行调用 dotnet.exe 生成,请选择“通过 .Net Core”选项。Note: If the build commandline calls dotnet.exe build, choose the Via .Net Core option.
msBuildCommandlinemsBuildCommandline stringstring userProvideBuildInfo == msBuildInfouserProvideBuildInfo == msBuildInfo TrueTrue 用于编译你的解决方案或项目的完整生成命令行。The complete build commandline for compiling your solution or projects.

说明:此命令行应当以 MSBuild.exedotnet.exe 的完整路径开头。Notes: The commandline should begin with a full path to MSBuild.exe or dotnet.exe.
此命令在运行时将以 $(Build.SourcesDirectory) 作为工作目录。The command will run with $(Build.SourcesDirectory) as the working directory.
rulesetNamerulesetName pickListpickList 通用always FalseFalse 建议Recommended Custom、None、Recommended、RequiredCustom, None, Recommended, Required 要使用的已命名规则集。A named ruleset to use.

如果选择了“Ruleset Configured In Your Visual Studio Project File(s)”,则会使用在 VS 项目文件中预先配置的规则集。If Ruleset Configured In Your Visual Studio Project File(s) is chosen, the ruleset preconfigured in your VS project file(s) will be used. 如果选择了“Custom”,则可以设置自定义规则集路径选项。If Custom is chosen, a custom ruleset path option can be set.
rulesetVersionrulesetVersion pickListpickList rulesetName == Required OR rulesetName == RecommendedrulesetName == Required OR rulesetName == Recommended FalseFalse 最新版本Latest 8.0、8.1、8.2、Latest、LatestPreRelease8.0, 8.1, 8.2, Latest, LatestPreRelease 所选 SDL 规则集的版本。The version of the chosen SDL ruleset.
customRulesetcustomRuleset stringstring rulesetName = CustomrulesetName = Custom FalseFalse 要使用的规则集的可访问路径。An accessible path to a ruleset to use. 相对路径将规范化为源存储库的根 ($(Build.SourcesDirectory))。Relative paths will be normalized to the root of the source repository ($(Build.SourcesDirectory)).

如果规则集指定了 Rules 并将 Actions 设置为 Error,则生成任务会失败。If the ruleset specifies Rules with Actions set to Error, the build task will fail. 若要使用这样做的规则集,请在生成任务的 Control Options 中选中 Continue on errorTo use a ruleset that does this, please check Continue on error in the build task's Control Options.
microsoftAnalyzersVersionmicrosoftAnalyzersVersion pickListpickList 通用always FalseFalse 最新版本Latest 2.9.3、2.9.4、2.9.6、Latest、LatestPreRelease2.9.3, 2.9.4, 2.9.6, Latest, LatestPreRelease 要运行的 Microsoft.CodeAnalysis.FxCopAnalyzers 包的版本。The version of the Microsoft.CodeAnalysis.FxCopAnalyzers package to run.
suppressionFileForCompilerWarningssuppressionFileForCompilerWarnings filePathfilePath 通用always FalseFalse 用于抑制 C# 和 VB 编译器警告的抑制文件。A suppressions file to suppress C# and VB compiler warnings.

一个列出了每个警告 ID 的纯文本文件,其中每个 ID 占用一个单独的行。A plain-text file with each warning ID listed one a separate line.
对于编译器警告,请仅指定警告标识符的数字部分。For compiler warnings, specify only the numeric part of the warning identifier. 例如,1018 将抑制 CS1018,CA1501 将抑制 CA1501。For example 1018 will suppress CS1018, and CA1501 will suppress CA1501.

一个相对文件路径将追加到源存储库的根 ($(Build.SourcesDirectory))。A relative file path will be appended to the root of the source repository ($(Build.SourcesDirectory)).

TSLint 任务TSLint task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
RuleLibraryRuleLibrary pickListpickList 通用always TrueTrue tslinttslint custom、microsoft、tslintcustom, microsoft, tslint 所有结果都包括所选 TSLint 版本附带的规则(仅限基础)。All results include the rules shipped with the selected version of TSLint (Base Only).

仅限基础 - 仅限 TSLint 附带的规则。Base Only - Only the rules shipped with TSLint.

包括 Microsoft 规则 - 下载 tslint-microsoft-contrib 并包括其规则以供在 TSLint 运行中使用。Include Microsoft Rules - Downloads tslint-microsoft-contrib and includes its rules to be available for use in the TSLint run. 选择此选项将隐藏 Type Checking 复选框,因为该复选框是 Microsoft 的规则所需的,将会自动使用。Choosing this option hides the Type Checking checkbox, as it is required by Microsoft's rules and will automatically be used. 它还将取消隐藏 Microsoft Contribution Version 字段,从而允许选择 npm 中的 tslint-microsoft-contrib 的版本。It also unhides the Microsoft Contribution Version field, allowing a version of the tslint-microsoft-contrib from npm to be selected.

包括自定义规则 - 取消隐藏 Rules Directory 字段,该字段接受供在 TSLint 运行中使用的 TSLint 规则所在目录的可访问路径。Include Custom Rules - Unhides the Rules Directory field, which accepts an accessible path to a directory of TSLint rules to be available for use in the TSLint run.

注意: 默认值已更改为 tslint,因为许多用户在配置 Microsoft 规则集时遇到问题。Note: The default value has changed to tslint, as many users have experienced issues configuring the Microsoft ruleset. 有关特定的版本配置,请参阅 GitHub 上的 tslint-microsoft-contribFor specific version configuration, please see tslint-microsoft-contrib on GitHub.
RulesDirectoryRulesDirectory stringstring RuleLibrary == customRuleLibrary == custom TrueTrue 包含可供在 TSLint 运行中使用的其他 TSLint 规则的可访问目录。An accessible directory containing additional TSLint rules to be available for use in the TSLint run.
RulesetRuleset pickListpickList RuleLibrary != microsoftRuleLibrary != microsoft TrueTrue tsrecommendedtsrecommended custom、tslatest、tsrecommendedcustom, tslatest, tsrecommended 定义要对 TypeScript 文件运行的规则。Defines the rules to run against TypeScript files.

tslint:latest - 扩展了 tslint:recommended 并不断更新以包括每个 TSLint 版本中的最新规则的配置。tslint:latest - Extends tslint:recommended and is continuously updated to include configuration for the latest rules in every TSLint release. 使用此配置可能会在次版本之间引入中断性变更,因为启用了会导致在代码中出现 lint 失败的新规则。Using this config may introduce breaking changes across minor releases as a new rules are enabled which cause lint failures in your code. 当 TSLint 到达主版本更新时,tslint:recommended 将更新为与 tslint:latest 相同。When TSLint reaches a major version bump, tslint:recommended will be updated to be identical to tslint:latest.

tslint:recommended - TSLint 推荐用于一般 TypeScript 编程的一组稳定的、有点“固执己见”的规则。tslint:recommended - A stable, somewhat opinionated set of rules which TSLint encourages for general TypeScript programming. 此配置遵循 semver,因此它在次版本或修补程序版本之间不会有中断性变更。This configuration follows semver, so it will not have breaking changes across minor or patch releases.
RulesetMicrosoftRulesetMicrosoft pickListpickList RuleLibrary == microsoftRuleLibrary == microsoft TrueTrue mssdlrequiredmssdlrequired custom、msrecommended、mssdlrecommended、mssdlrequired、tslatest、tsrecommendedcustom, msrecommended, mssdlrecommended, mssdlrequired, tslatest, tsrecommended 定义要对 TypeScript 文件运行的规则。Defines the rules to run against TypeScript files.

microsoft:sdl-required - 运行由满足必需的安全开发生命周期 (SDL) 策略的 tslint 和 tslint-microsoft-contrib 规则提供的所有可用检查。microsoft:sdl-required - Run all of the available checks provided by tslint and the tslint-microsoft-contrib rules that satisfy the required Security Development Lifecycle (SDL) policies.

microsoft:sdl-recommended - 运行由满足必需的和建议的安全开发生命周期 (SDL) 策略的 tslint 和 tslint-microsoft-contrib 规则提供的所有可用检查。microsoft:sdl-recommended - Run all of the available checks provided by tslint and the tslint-microsoft-contrib rules that satisfy the required and recommended Security Development Lifecycle (SDL) policies.

microsoft:recommended 由 tslint-microsoft-contrib 规则的创建者建议的所有检查。microsoft:recommended All checks that are recommended by the creators of the tslint-microsoft-contrib rules. 这包括安全检查和非安全检查。This includes security and non-security checks.

tslint:latest - 扩展了 tslint:recommended 并不断更新以包括每个 TSLint 版本中的最新规则的配置。tslint:latest - Extends tslint:recommended and is continuously updated to include configuration for the latest rules in every TSLint release. 使用此配置可能会在次版本之间引入中断性变更,因为启用了会导致在代码中出现 lint 失败的新规则。Using this config may introduce breaking changes across minor releases as a new rules are enabled which cause lint failures in your code. 当 TSLint 到达主版本更新时,tslint:recommended 将更新为与 tslint:latest 相同。When TSLint reaches a major version bump, tslint:recommended will be updated to be identical to tslint:latest.

tslint:recommended - TSLint 推荐用于一般 TypeScript 编程的一组稳定的、有点“固执己见”的规则。tslint:recommended - A stable, somewhat opinionated set of rules which TSLint encourages for general TypeScript programming. 此配置遵循 semver,因此它在次版本或修补程序版本之间不会有中断性变更。This configuration follows semver, so it will not have breaking changes across minor or patch releases.
RulesetFileRulesetFile stringstring Ruleset == custom OR RulesetMicrosoft == customRuleset == custom OR RulesetMicrosoft == custom TrueTrue 配置文件指定要运行的规则。A configuration file specifying which rules to run.

配置的路径将添加为自定义规则的路径。The path to the config will be added as the path for custom rules.
FileSelectionTypeFileSelectionType pickListpickList 通用always TrueTrue fileGlobfileGlob fileGlob、projectFilefileGlob, projectFile
文件Files stringstring FileSelectionType == fileGlobFileSelectionType == fileGlob TrueTrue ***.ts***.ts 一个文件 glob,它确定了要处理的文件。A file glob that determines which file(s) to process. 路径相对于 Build.SourcesDirectory 值。Paths are relative to the Build.SourcesDirectory value.

Microsoft 的贡献库要求使用项目文件。Microsoft's Contribution library requires the use of a project file. 如果你将 Microsoft 的贡献库与 File Glob Pattern 选项一起使用,则会为你生成一个项目文件。If you are using Microsoft's Contribution library with the File Glob Pattern option, a project file will be generated for you.
ECMAScriptVersionECMAScriptVersion pickListpickList FileSelectionType == fileGlob && RuleLibrary == microsoftFileSelectionType == fileGlob && RuleLibrary == microsoft TrueTrue ES3ES3 ES2015、ES2016、ES2017、ES3、ES5、ES6、ESNextES2015, ES2016, ES2017, ES3, ES5, ES6, ESNext 随你的 TypeScript 编译器配置的 ECMAScript 的目标版本。The target version of ECMAScript configured with your TypeScript compiler. 使用项目文件时,这是 TypeScript tsconfig.json 文件的 compilerOptions.target 字段。When using a project file, this is the compilerOptions.target field of your TypeScript tsconfig.json file.
ProjectProject stringstring FileSelectionType == projectFileFileSelectionType == projectFile TrueTrue 一个 tsconfig.json 文件的路径,该文件用于指定要对其运行 TSLint 的 TypeScript 文件。Path to a tsconfig.json file that specifies TypeScript files to run TSLint on. 路径相对于 Build.SourcesDirectory 值。Paths are relative to the Build.SourcesDirectory value.
TypeCheckTypeCheck booleanboolean RuleLibrary != microsoft && FileSelectionType == projectFileRuleLibrary != microsoft && FileSelectionType == projectFile FalseFalse true 在运行 lint 分析规则时启用类型检查器。Enables the type checker when running linting rules.
ExcludeFilesExcludeFiles stringstring 通用always FalseFalse 一个 glob,它指示要从 Lint 分析中排除的文件。A glob which indicates files to exclude from linting. 路径相对于 Build.SourcesDirectory 值。Paths are relative to the Build.SourcesDirectory value. 可以指定多个值,用分号分隔。Multiple values can be specified separated by semicolon.
OutputFormatOutputFormat pickListpickList 通用always TrueTrue jsonjson checkstyle、codeFrame、filesList、json、msbuild、pmd、prose、stylish、verbose、vsocheckstyle, codeFrame, filesList, json, msbuild, pmd, prose, stylish, verbose, vso 用于生成输出的格式化程序The formatter to use to generate output. 请注意,JSON 格式与事后分析兼容。Note that the JSON format is compatible with Post Analysis.
NodeMemoryNodeMemory stringstring 通用always FalseFalse 要分配给节点以运行 TSLint 的显式内存量 (MB)。An explicit amount of memory in MBs to allocate to node for running TSLint. 示例:8000Example: 8000

映射到节点的 --max_old_space=<value> CLI 选项,这是一个 v8 optionMaps to the --max_old_space=<value> CLI option for node, which is a v8 option.
ToolVersionToolVersion pickListpickList RuleLibrary != microsoftRuleLibrary != microsoft TrueTrue 最新latest 4.0.0、4.0.1、4.0.2、4.1.0、4.1.1、4.2.0、4.3.0、4.3.1、4.4.0、4.4.1、4.4.2、4.5.0、4.5.1、5.0.0、5.1.0、5.2.0、5.3.0、5.3.2、5.4.0、5.4.1、5.4.2、5.4.3、5.5.0、latest4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.2.0, 4.3.0, 4.3.1, 4.4.0, 4.4.1, 4.4.2, 4.5.0, 4.5.1, 5.0.0, 5.1.0, 5.2.0, 5.3.0, 5.3.2, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.5.0, latest 要下载和运行的 TSLint 的版本The version of TSLint to download and run.
TypeScriptVersionTypeScriptVersion pickListpickList 通用always TrueTrue 最新latest 0.8.0、0.8.1、0.8.2、0.8.3、0.9.0、0.9.1、0.9.5、0.9.7、1.0.0、1.0.1、1.3.0、1.4.1、1.5.3、1.6.2、1.7.3、1.7.5、1.8.0、1.8.10、1.8.2、1.8.5、1.8.6、1.8.7、1.8.9、1.9.0、2.0.0、2.0.10、2.0.2、2.0.3、2.0.6、2.0.7、2.0.8、2.0.9、2.1.1、2.1.4、2.1.5、2.1.6、2.2.0、2.2.1、custom、latest0.8.0, 0.8.1, 0.8.2, 0.8.3, 0.9.0, 0.9.1, 0.9.5, 0.9.7, 1.0.0, 1.0.1, 1.3.0, 1.4.1, 1.5.3, 1.6.2, 1.7.3, 1.7.5, 1.8.0, 1.8.10, 1.8.2, 1.8.5, 1.8.6, 1.8.7, 1.8.9, 1.9.0, 2.0.0, 2.0.10, 2.0.2, 2.0.3, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.1.1, 2.1.4, 2.1.5, 2.1.6, 2.2.0, 2.2.1, custom, latest 要下载和使用的 typescript 的版本。The version of typescript to download and use.
注意: 这需要与用来编译代码的 TypeScript 版本相同。Note: This needs to be the same version of TypeScript as is used to compile your code.
TypeScriptVersionCustomTypeScriptVersionCustom stringstring TypeScriptVersion == customTypeScriptVersion == custom TrueTrue 最新latest 要下载和使用的 typescript 的版本。The version of typescript to download and use.
注意: 这需要与用来编译代码的 TypeScript 版本相同。Note: This needs to be the same version of TypeScript as is used to compile your code.
MicrosoftContribVersionMicrosoftContribVersion pickListpickList RuleLibrary == microsoftRuleLibrary == microsoft 最新latest 4.0.0、4.0.1、5.0.0、5.0.1、latest4.0.0, 4.0.1, 5.0.0, 5.0.1, latest 要下载和使用的 tslint-microsoft-contrib(SDL 规则)的版本。The version of tslint-microsoft-contrib (SDL Rules) to download and use.
注意: 将选择与为 tslint-microsoft-contrib 选择的版本兼容的 tslint 版本。Note: The version of tslint will be chosen that is compatible with the version chosen for tslint-microsoft-contrib. 此生成任务将封闭对 tslint-microsoft-contrib 的更新,直到可以进行一段时间的测试。Updates to tslint-microsoft-contrib will be gated by this build task, until a period of testing can occur.

“发布安全分析日志”任务Publish Security Analysis Logs task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
ArtifactNameArtifactName stringstring 通用always TrueTrue CodeAnalysisLogsCodeAnalysisLogs 要创建的项目的名称。The name of the artifact to create.
ArtifactTypeArtifactType pickListpickList 通用always TrueTrue 容器Container Container、FilePathContainer, FilePath 要创建的项目的类型。The type of the artifact to create.
TargetPathTargetPath stringstring ArtifactType = FilePathArtifactType = FilePath FalseFalse \my\share$(Build.DefinitionName)\my\share$(Build.DefinitionName)
$(Build.BuildNumber)$(Build.BuildNumber)
要将文件复制到的文件共享The file share to which to copy the files
AllToolsAllTools booleanboolean 通用always TrueTrue true 发布由所有安全开发工具生成任务生成的结果。Publish results generated by all Secure Development Tools build tasks.
AntiMalwareAntiMalware booleanboolean AllTools = falseAllTools = false TrueTrue true 发布由反恶意软件生成任务生成的结果。Publish results generated by AntiMalware build tasks.
BinSkimBinSkim booleanboolean AllTools = falseAllTools = false TrueTrue true 发布由 BinSkim 生成任务生成的结果。Publish results generated by BinSkim build tasks.
CredScanCredScan booleanboolean AllTools = falseAllTools = false TrueTrue true 发布由凭据扫描程序生成任务生成的结果。Publish results generated by Credential Scanner build tasks.
MSRDMSRD booleanboolean AllTools = falseAllTools = false TrueTrue true 发布由 MSRD 生成任务启动的 MSRD 作业的作业信息和作业 URL。Publish job info and job urls for MSRD jobs started by the MSRD build task. MSRD 作业长时间运行,并提供单独的报告。MSRD jobs are long running and provide separate reports.
RoslynAnalyzersRoslynAnalyzers booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 发布由 Roslyn 分析器生成任务生成的结果。Publish results generated by Roslyn Analyzers build tasks.
TSLintTSLint booleanboolean AllTools = falseAllTools = false TrueTrue true 发布由 TSLint 生成任务生成的结果。Publish results generated by TSLint build tasks. 请注意,报告仅支持 JSON 格式的 TSLint 日志。Note that only TSLint logs in the JSON format are supported for reports. 如果选择了其他格式,请相应地更新你的 TSLint 生成任务。If you have chosen a different format, please update your TSLint build task accordingly.
ToolLogsNotFoundActionToolLogsNotFoundAction picklistpicklist 通用always TrueTrue 标准Standard Error、None、Standard、WarningError, None, Standard, Warning 找不到所选工具的日志(意味着该工具未运行)时要采取的操作,或者在选中“所有工具”的情况下找不到任意工具的日志时要采取的操作。The action to take when logs for a selected tool (or any tool if All Tools is checked) are not found, implying the tool was not run.

选项:Options:
None: 只有将 VSTS 变量 system.debug 设置为 true 时才会将消息写入到可访问的详细输出流中。None: Message is written to the verbose output stream accessible only by setting the VSTS variable system.debug to true.
标准: (默认值)写入一条标准输出消息,指出没有找到该工具的日志。Standard: (Default) Writes a standard output message that no logs were found for the tool.
警告: 写入一条黄色警告消息,指出没有找到该工具的日志,这将在生成摘要页上显示为警告。Warning: Writes a yellow warning message that no logs were found for the tool, which shows up on the build summary page as a warning.
错误: 写入一条红色错误消息并引发异常,中断生成。Error: Writes a red error message and throws an exception, breaking the build. 使用此选项可确保通过选择各个工具来确保运行哪些工具。Use this option to ensure with individual tool choices to ensure which tools ran.

安全报告任务Security Report task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
VstsConsoleVstsConsole booleanboolean 通用always FalseFalse true 将结果写入管道控制台。Write results to the Pipeline Console.
TsvFileTsvFile booleanboolean 通用always FalseFalse true 生成一个 tsv 文件(制表符分隔的值),找到的每个结果对应一行,并使用制表符分隔结果信息。Generate a tsv file (tab separated values) with one line per found result and tabs separating info for the result.
HtmlFileHtmlFile booleanboolean 通用always FalseFalse true 生成 html 报告文件。Generate an html report file.
AllToolsAllTools booleanboolean 通用always TrueTrue falsefalse 报告由所有安全开发工具生成任务生成的结果。Report results generated by all Secure Development Tools build tasks.
BinSkimBinSkim booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 报告由 BinSkim 生成任务生成的结果。Report results generated by BinSkim build tasks.
BinSkimBreakOnBinSkimBreakOn pickListpickList AllTools = true OR BinSkim = trueAllTools = true OR BinSkim = true TrueTrue 错误Error Error、WarningAboveError, WarningAbove 要报告的结果的级别。The level of results to report.
CredScanCredScan booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 报告由凭据扫描程序生成任务生成的结果。Report results generated by Credential Scanner build tasks.
MSRDMSRD booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 报告由 MSRD 生成任务启动的 MSRD 作业的作业信息和作业 URL。Report job info and job urls for MSRD jobs started by the MSRD build task. MSRD 作业长时间运行,并提供单独的报告。MSRD jobs are long running and provide separate reports.
RoslynAnalyzersRoslynAnalyzers booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 报告由 Roslyn 分析器生成任务生成的结果。Report results generated by Roslyn Analyzer build tasks.
RoslynAnalyzersBreakOnRoslynAnalyzersBreakOn pickListpickList AllTools = true OR RoslynAnalyzers = trueAllTools = true OR RoslynAnalyzers = true TrueTrue 错误Error Error、WarningAboveError, WarningAbove 要报告的结果的级别。The level of results to report.
TSLintTSLint booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 报告由 TSLint 生成任务生成的结果。Report results generated by TSLint build tasks. 请注意,报告仅支持 JSON 格式的 TSLint 日志。Note that only TSLint logs in the JSON format are supported for reports. 如果选择了其他格式,请相应地更新你的 TSLint 生成任务。If you have chosen a different format, please update your TSLint build task accordingly.
TSLintBreakOnTSLintBreakOn pickListpickList AllTools = true OR TSLint = trueAllTools = true OR TSLint = true TrueTrue 错误Error Error、WarningAboveError, WarningAbove 要报告的结果的级别。The level of results to report.
ToolLogsNotFoundActionToolLogsNotFoundAction picklistpicklist 通用always TrueTrue 标准Standard Error、None、Standard、WarningError, None, Standard, Warning 找不到所选工具的日志(意味着该工具未运行)时要采取的操作,或者在选中“所有工具”的情况下找不到任意工具的日志时要采取的操作。The action to take when logs for a selected tool (or any tool if All Tools is checked) are not found, implying the tool was not run.

选项:Options:
None: 只有将 VSTS 变量 system.debug 设置为 true 时才会将消息写入到可访问的详细输出流中。None: Message is written to the verbose output stream accessible only by setting the VSTS variable system.debug to true.
标准: (默认值)写入一条标准输出消息,指出没有找到该工具的日志。Standard: (Default) Writes a standard output message that no logs were found for the tool.
警告: 写入一条黄色警告消息,指出没有找到该工具的日志,这将在生成摘要页上显示为警告。Warning: Writes a yellow warning message that no logs were found for the tool, which shows up on the build summary page as a warning.
错误: 写入一条红色错误消息并引发异常,中断生成。Error: Writes a red error message and throws an exception, breaking the build. 使用此选项可确保通过选择各个工具来确保运行哪些工具。Use this option to ensure with individual tool choices to ensure which tools ran.
CustomLogsFolderCustomLogsFolder stringstring 通用always FalseFalse 分析工具日志所在的基文件夹;各个日志文件将位于此路径下按每个工具命名的子文件夹中。The base folder where analysis tool logs are located; the individual log files will be in subfolders named after each tool, under this path.

事后分析任务Post-Analysis task

InputTypeInputType 类型Type 适用于Applicable 必需Required 默认值Default Value 选项(针对 pickList)Options (for picklists) 说明Description
AllToolsAllTools booleanboolean 通用always TrueTrue falsefalse 如果有任何 Microsoft 安全代码分析生成任务发现任何问题,则中断生成。Break the build if any issues are found by any Microsoft Security Code Analysis build task.
BinSkimBinSkim booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 如果发现任何 BinSkim 问题,则根据你选择的“中断条件”选项中断生成。Break the build if any BinSkim issues are found, according to the Break On option you selected.
BinSkimBreakOnBinSkimBreakOn pickListpickList AllTools = true OR BinSkim = trueAllTools = true OR BinSkim = true TrueTrue 错误Error Error、WarningAboveError, WarningAbove 将中断生成的问题的级别。The level of issues to break the build.
CredScanCredScan booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 如果发现任何凭据扫描程序问题,则中断生成。Break the build if any Credential Scanner issues are found.
RoslynAnalyzersRoslynAnalyzers booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 如果发现任何 Roslyn 分析器问题,则中断生成。Break the build if any Roslyn Analyzers issues are found.
RoslynAnalyzersBreakOnRoslynAnalyzersBreakOn pickListpickList AllTools = true OR RoslynAnalyzers = trueAllTools = true OR RoslynAnalyzers = true TrueTrue 错误Error Error、WarningAboveError, WarningAbove 将中断生成的问题的级别。The level of issues to break the build.
TSLintTSLint booleanboolean AllTools = falseAllTools = false TrueTrue falsefalse 如果发现任何 TSLint 问题,则中断生成。Break the build if any TSLint issues are found. 请注意,事后分析仅支持 JSON 格式的 TSLint 日志。Note that only TSLint logs in the JSON format are supported for post analysis. 如果选择了其他格式,请相应地更新你的 TSLint 生成任务。If you have chosen a different format, please update your TSLint build task accordingly.
TSLintBreakOnTSLintBreakOn pickListpickList AllTools = true OR TSLint = trueAllTools = true OR TSLint = true TrueTrue 错误Error Error、WarningAboveError, WarningAbove 将中断生成的问题的级别。The level of issues to break the build.
VstsConsoleVstsConsole booleanboolean 通用always FalseFalse true 将结果写入管道控制台。Write results to the Pipeline Console.
ToolLogsNotFoundActionToolLogsNotFoundAction picklistpicklist 通用always TrueTrue 标准Standard Error、None、Standard、WarningError, None, Standard, Warning 找不到所选工具的日志(意味着该工具未运行)时要采取的操作,或者在选中“所有工具”的情况下找不到任意工具的日志时要采取的操作。The action to take when logs for a selected tool (or any tool if All Tools is checked) are not found, implying the tool was not run.

选项:Options:
None: 只有将 VSTS 变量 system.debug 设置为 true 时才会将消息写入到可访问的详细输出流中。None: Message is written to the verbose output stream accessible only by setting the VSTS variable system.debug to true.
标准: (默认值)写入一条标准输出消息,指出没有找到该工具的日志。Standard: (Default) Writes a standard output message that no logs were found for the tool.
警告: 写入一条黄色警告消息,指出没有找到该工具的日志,这将在生成摘要页上显示为警告。Warning: Writes a yellow warning message that no logs were found for the tool, which shows up on the build summary page as a warning.
错误: 写入一条红色错误消息并引发异常,中断生成。Error: Writes a red error message and throws an exception, breaking the build. 使用此选项可确保通过选择各个工具来确保运行哪些工具。Use this option to ensure with individual tool choices to ensure which tools ran.

后续步骤Next steps

对于安全代码分析扩展和所提供的工具,如果仍有疑问,请查看我们的常见问题解答页If you have further questions about the Security Code Analysis extension and the tools offered, check out our FAQ page.