|.NET Adds Latent Bug Discovery Feature|
|Written by Kay Ewbank|
|Friday, 11 September 2020|
Microsoft has added a new set of warnings for common coding mistakes and API misuse patterns. The warnings will be introduced in the C# compiler in .NET 5.
The development team says that the .NET platform already includes "rich diagnostics and code suggestions in the .NET SDK by default", but that if you wanted more code analysis, until now you'd need to install NuGet packages or other stand-alone tools.
.NET 5 is a combination of .NET Framework and .NET Core that aims to unify the .NET platform. The new version is due for general availability in November.
The team was reluctant to add new warnings to C# because it would cause code to stop as broken for users who have warnings set as errors. However, because a lot of code really does need the warnings, the team has added a new level for the AnalysisLevel to the C# compiler.
The default Analysis Level for all projects targeting .NET 5 will be set to 5, meaning that more warnings (and suggestions to fix them) will be introduced. You can set this to a lower level to avoid triggering warnings from within Visual Studio via the Code Analysis property page.
One aspect that s interesting about the new analysis level is the type of coding errors that Microsoft's research has shown they need to check for. Some are obvious - warn when an expression is always true or false, for example, along with a warning when code uses as or is on static types, or tries to put a lock on non-reference types.
Other no-nos that are flagged in the new warning include the use of rethrow on an exception incorrectly by including the variable of the exception so it changes stack details; and accidentally comparing a struct by reference.
Other warnings point out incorrect .NET API usage, and a number to help with low level coding to avoid problems due to trying to write code for high-performance applications that breaches safety considerations.
In the future Microsoft plans to add a new analysis level for every release of .NET. The goal is to make sure that a given analysis level always represents the same set of analysis defaults (the rules and their severities). This means that Microsoft will have a way to turn an existing rule on by default by doing it as a new analysis level rather than changing the existing level.
or email your comment to: firstname.lastname@example.org