Search code examples
c#.netasp.net-mvccode-analysis

Hierarchy of code analysis rulesets?


I've got a solution containing two MVC 5 web applications with associated class libraries and the code analysis settings are causing the build to hang. If I try to interact with the UI during this time I get the "VS is busy" bubble. Leaving the build to complete overnight doesn't work either.

To troubleshoot this I turned off code analysis on all projects and the project builds just fine [0]. So I enabled the "Microsoft All Rules" on one of the MVC projects and the build process doesn't complete.

"Microsoft Managed Minimum Rules" builds but what I'd now like is that there's some kind of structured way of going through the rulesets, where the next one I try is a superset of the last successful one. Does such a hierarchy exist, and if so, is there a canonical reference for it?

Once I get to that level then I can start to isolate individual rules, perhaps by increasing the verbosity of the build output...

[0]
This statement should not be interpreted as "Building without code analysis is perfectly okay"


Solution

  • A general hierarchy is exposed via the Include elements in the .ruleset files located under the Visual Studio install directory (e.g.: C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\Static Analysis Tools\Rule Sets for a typical VS 2015 installation). Broadly, it looks something like this (with "All Rules" not actually depending on any of the others):

    • All Rules
      • Extended Correctness Rules
        • Basic Correctness Rules
          • Minimum Recommended Rules
      • Extended Design Guideline Rules
        • Basic Design Guideline Rules
          • Minimum Recommended Rules (same as above)
      • Globalization Rules
      • Security Rules

    It's also worth noting that this isn't a clean hierarchy without overlaps. For example, rules included in the "Globalization" and "Security" rulesets are also included in some of the others (including the "Minimum" set).