1st commit

Author: iRon7

Rules/AvoidDynamicVariableNames.cs

@@ -0,0 +1,87 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Microsoft.Windows.PowerShell.ScriptAnalyzer.Generic;
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Management.Automation.Language;
+using System.Linq;
+
+#if !CORECLR
+using System.ComponentModel.Composition;
+#endif
+
+namespace Microsoft.Windows.PowerShell.ScriptAnalyzer.BuiltinRules
+{
+#if !CORECLR
+    [Export(typeof(IScriptRule))]
+#endif
+
+    /// <summary>
+    /// Rule that warns when reserved words are used as function names
+    /// </summary>
+    public class AvoidDynamicVariableNames : IScriptRule
+    {
+        /// <summary>
+        /// Analyzes the PowerShell AST for uses of reserved words as function names.
+        /// </summary>
+        /// <param name="ast">The PowerShell Abstract Syntax Tree to analyze.</param>
+        /// <param name="fileName">The name of the file being analyzed (for diagnostic reporting).</param>
+        /// <returns>A collection of diagnostic records for each violation.</returns>
+        public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
+        {
+            if (ast == null) throw new ArgumentNullException(Strings.NullAstErrorMessage);
+
+            // Find all FunctionDefinitionAst in the Ast
+            var newVariableAsts = ast.FindAll(testAst =>
+                testAst is CommandAst cmdAst &&
+                (
+                    String.Equals(cmdAst.GetCommandName(), "New-Variable", StringComparison.OrdinalIgnoreCase) ||
+                    String.Equals(cmdAst.GetCommandName(), "Set-Variable", StringComparison.OrdinalIgnoreCase)
+                ),
+                true
+            );
+
+            foreach (CommandAst newVariableAst in newVariableAsts)
+            {
+                // Use StaticParameterBinder to reliably get parameter values
+                var bindingResult = StaticParameterBinder.BindCommand(newVariableAst, true);
+
+                // Dynamic parameters return null for the ConstantValue property
+                if (
+                    bindingResult.BoundParameters.ContainsKey("Name") &&
+                    bindingResult.BoundParameters["Name"] == null
+                )
+                {
+                    yield return new DiagnosticRecord(
+                        string.Format(
+                            CultureInfo.CurrentCulture,
+                            Strings.AvoidDynamicVariableNamesError,
+                            newVariableAst.Parent.Extent.Text),
+                        newVariableAst.Parent.Extent,
+                        GetName(),
+                        DiagnosticSeverity.Warning,
+                        fileName
+                    );
+                }
+            }
+        }
+
+        public string GetCommonName() => Strings.AvoidDynamicVariableNamesCommonName;
+
+        public string GetDescription() => Strings.AvoidDynamicVariableNamesDescription;
+
+        public string GetName() => string.Format(
+                CultureInfo.CurrentCulture,
+                Strings.NameSpaceFormat,
+                GetSourceName(),
+                Strings.AvoidDynamicVariableNamesName);
+
+        public RuleSeverity GetSeverity() => RuleSeverity.Warning;
+
+        public string GetSourceName() => Strings.SourceName;
+
+        public SourceType GetSourceType() => SourceType.Builtin;
+    }
+}

Rules/Strings.resx

@@ -873,6 +873,18 @@
   <data name="UseCompatibleTypesTypeAcceleratorError" xml:space="preserve">
     <value>The type accelerator '{0}' is not available by default in PowerShell version '{1}' on platform '{2}'</value>
   </data>
+  <data name="AvoidDynamicVariableNamesName" xml:space="preserve">
+    <value>AvoidDynamicVariableNames</value>
+  </data>
+  <data name="AvoidDynamicVariableNamesCommonName" xml:space="preserve">
+    <value>Avoid dynamic variable names</value>
+  </data>
+  <data name="AvoidDynamicVariableNamesDescription" xml:space="preserve">
+    <value>Do not dynamically create variable names in the general variable pool, this might introduce conflicts with other variables and is difficult to maintain.</value>
+  </data>
+  <data name="AvoidDynamicVariableNamesError" xml:space="preserve">
+    <value>Avoid dynamically creating variable names</value>
+  </data>
   <data name="AvoidGlobalFunctionsCommonName" xml:space="preserve">
     <value>Avoid global functions and aliases</value>
   </data>

docs/Rules/AvoidDynamicVariableNames.md

@@ -0,0 +1,51 @@
+---
+description: Avoid dynamic variable names, instead use a hash table or similar dictionary type.
+ms.date: 04/21/2026
+ms.topic: reference
+title: AvoidDynamicVariableNames
+---
+# AvoidDynamicVariableNames
+
+**Severity Level: Warning**
+
+## Description
+
+Do not dynamically create variable names in the general variable pool, this might introduce conflicts with other
+variables and is difficult to maintain.
+
+## How
+
+Use a hash table or similar dictionary type to store values with dynamic keys.
+
+## Example
+
+### Wrong
+
+```powershell
+'One', 'Two', 'Three' | ForEach-Object -Begin { $i = 1 } -Process {
+    New-Variable -Name "My$_" -Value ($i++)
+}
+$MyTwo # returns 2
+```
+
+### Correct
+
+```powershell
+$My = @{}
+'One', 'Two', 'Three' | ForEach-Object -Begin { $i = 1 } -Process {
+    $My[$_] = $i++
+}
+$My.Two # returns 2
+```
+
+When it concerns a specific scope, option or visibility, put the concerned dictionary (hash table) in that
+scope, option or visibility. In example, if the values should be read only and available in the script scope,
+put the _hash table_ in the script scope and make it read only.:
+
+```powershell
+New-Variable -Name My -Value @{} -Option ReadOnly -Scope Script
+'One', 'Two', 'Three' | ForEach-Object -Begin { $i = 1 } -Process {
+    $Script:My[$_] = $i++
+}
+$Script:My.Two # returns 2
+```

docs/Rules/README.md

@@ -34,6 +34,7 @@ The PSScriptAnalyzer contains the following rule definitions.
 | [AvoidUsingConvertToSecureStringWithPlainText](./AvoidUsingConvertToSecureStringWithPlainText.md) | Error       |        Yes         |                 |
 | [AvoidUsingDeprecatedManifestFields](./AvoidUsingDeprecatedManifestFields.md)                     | Warning     |        Yes         |                 |
 | [AvoidUsingDoubleQuotesForConstantString](./AvoidUsingDoubleQuotesForConstantString.md)           | Information |         No         |                 |
+| [AvoidUsingDynamicVariableNames](./AvoidUsingDynamicVariableNames.md)                             | Warning     |        Yes         |                 |
 | [AvoidUsingEmptyCatchBlock](./AvoidUsingEmptyCatchBlock.md)                                       | Warning     |        Yes         |                 |
 | [AvoidUsingInvokeExpression](./AvoidUsingInvokeExpression.md)                                     | Warning     |        Yes         |                 |
 | [AvoidUsingPlainTextForPassword](./AvoidUsingPlainTextForPassword.md)                             | Warning     |        Yes         |                 |