microsoftgraph · KenitoInc · Nov 20, 2024 · Nov 18, 2024 · Nov 19, 2024 · Nov 19, 2024
@@ -32,6 +32,14 @@ extends:
         name: MSSecurity-1ES-Build-Agents-Pool
         image: MSSecurity-1ES-Windows-2022
         os: windows
+      credscan:
+        suppressionsFile: $(Build.SourcesDirectory)\.config\CredScanSuppressions.json
+        outputFormat: pre
+        debugMode: false
+        batchSize: 16
+      psscriptanalyzer:
+        break: false
+        enabled: true
     stages:
     - stage: build
       jobs:

@@ -0,0 +1,45 @@
+{
+    "tool": "Credential Scanner",
+    "suppressions": [
+      {
+        "file": "test\\module\\Entra\\Update-EntraSignedInUserPassword.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "test\\module\\Entra\\Update-EntraUserFromFederated.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "test\\module\\EntraBeta\\Update-EntraBetaSignedInUserPassword.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "test\\module\\EntraBeta\\Update-EntraBetaUserFromFederated.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "testVNext\\Entra\\Users\\Update-EntraSignedInUserPassword.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "testVNext\\Entra\\Users\\Update-EntraUserFromFederated.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "testVNext\\EntraBeta\\Users\\Update-EntraBetaSignedInUserPassword.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "testVNext\\EntraBeta\\Users\\Update-EntraBetaUserFromFederated.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "test\\module\\Entra\\New-EntraUser.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      },
+      {
+        "file": "testVNext\\Entra\\Users\\New-EntraUser.Tests.ps1",
+        "_justification": "Unit test file has a sample Password used in mocking."
+      }
+    ]
+}
@@ -1,8 +1,8 @@
+# ------------------------------------------------------------------------------
+#  Copyright (c) Microsoft Corporation.  All Rights Reserved.  Licensed under the MIT License.  See License in the project root for license information.
+# ------------------------------------------------------------------------------
 
-# [cmdletbinding()]
-# param (
-#     [string]$Module = "Entra"
-# )
+Set-StrictMode -Version 5
 
 . "$psscriptroot/common-functions.ps1"
 

@@ -3,6 +3,7 @@
 #  Licensed under the MIT License.  See License in the project root for license information. 
 # ------------------------------------------------------------------------------ 
 function New-EntraUser {
+    [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")]
     [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')]
     param (
 

@@ -3,6 +3,7 @@
 #  Licensed under the MIT License.  See License in the project root for license information. 
 # ------------------------------------------------------------------------------ 
 function Set-EntraUser {
+    [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")]
     [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')]
     param (
 

@@ -3,6 +3,7 @@
 #  Licensed under the MIT License.  See License in the project root for license information. 
 # ------------------------------------------------------------------------------ 
 function Update-EntraUserFromFederated {
+    [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")]
     [CmdletBinding(DefaultParameterSetName = 'GetQuery')]
     param (
         [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName,

@@ -3,6 +3,7 @@
 #  Licensed under the MIT License.  See License in the project root for license information. 
 # ------------------------------------------------------------------------------ 
 function New-EntraBetaUser {
+    [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")]
     [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')]
     param (
 

@@ -3,6 +3,7 @@
 #  Licensed under the MIT License.  See License in the project root for license information. 
 # ------------------------------------------------------------------------------ 
 function Set-EntraBetaUser {
+    [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")]
     [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')]
     param (
 

@@ -3,6 +3,7 @@
 #  Licensed under the MIT License.  See License in the project root for license information. 
 # ------------------------------------------------------------------------------ 
 function Update-EntraBetaUserFromFederated {
+    [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")]
     [CmdletBinding(DefaultParameterSetName = 'GetQuery')]
     param (
         [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName,

@@ -1,6 +1,10 @@
 # ------------------------------------------------------------------------------
 #  Copyright (c) Microsoft Corporation.  All Rights Reserved.  Licensed under the MIT License.  See License in the project root for license information.
 # ------------------------------------------------------------------------------
+
+[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")]
+param()
+
 BeforeAll {  
     if((Get-Module -Name Microsoft.Graph.Entra.Users) -eq $null){
         Import-Module Microsoft.Graph.Entra.Users       

@@ -2,6 +2,9 @@
 #  Copyright (c) Microsoft Corporation.  All Rights Reserved.  Licensed under the MIT License.  See License in the project root for license information.
 # ------------------------------------------------------------------------------
 
+[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")]
+param()
+
 BeforeAll{
     if((Get-Module -Name Microsoft.Graph.Entra.Users) -eq $null){
         Import-Module Microsoft.Graph.Entra.Users      

@@ -2,6 +2,9 @@
 #  Copyright (c) Microsoft Corporation.  All Rights Reserved.  Licensed under the MIT License.  See License in the project root for license information.
 # ------------------------------------------------------------------------------
 
+[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")]
+param()
+
 BeforeAll {  
     if((Get-Module -Name Microsoft.Graph.Entra.Beta.Users) -eq $null){
         Import-Module Microsoft.Graph.Entra.Beta.Users