Overview of .NET Compiler Platform analyzers
.NET Compiler Platform ("Roslyn") analyzers analyze your code for style, quality and maintainability, design, and other issues. Visual Studio includes a built-in set of analyzers that analyze your C# or Visual Basic code as you type. You configure preferences for these built-in analyzers on the text editor Options page or in an .editorconfig file. You can install additional analyzers as a Visual Studio extension or a NuGet package.
If rule violations are found by an analyzer, they are reported in the code editor (as a squiggle under the offending code) and in the Error List window.
Many analyzer rules, or diagnostics, have one or more associated code fixes that you can apply to correct the problem. The analyzer diagnostics that are built into Visual Studio each have an associated code fix. Code fixes are shown in the light bulb icon menu along with other types of Quick Actions. For information about these code fixes, see Common Quick Actions.
Roslyn analyzers vs. static code analysis
.NET Compiler Platform ("Roslyn") analyzers will eventually replace static code analysis for managed code. Many of the static code analysis rules have already been rewritten as Roslyn analyzer diagnostics.
Like static code analysis rule violations, Roslyn analyzer violations appear in Error List. In addition, Roslyn analyzer violations also show up in the code editor as squiggles under the offending code. The color of the squiggle depends on the severity setting of the rule. The following screenshot shows three violations—one red, one green, and one gray:
Roslyn analyzers analyze code at build time, like static code analysis if it's enabled, but also live as you type. If you enable full solution analysis, Roslyn analyzers also provide design-time analysis of code files that aren't open in the editor.
Build-time errors and warnings from Roslyn analyzers are shown only if the analyzers are installed as a NuGet package.
Not only do Roslyn analyzers report the same types of problems that static code analysis does, but they make it easy for you to fix one, or all, occurrences of the violation in your file or project. These actions are called code fixes. Code fixes are IDE-specific; in Visual Studio, they are implemented as Quick Actions. Not all analyzer diagnostics have an associated code fix.
The following UI options apply only to static code analysis:
- The Analyze > Run Code Analysis menu option.
- The Enable Code Analysis on Build and Suppress results from generated code checkboxes on the Code Analysis tab of a project's property pages (these options have no effect on Roslyn analyzers).
To differentiate between violations from Roslyn analyzers and static code analysis in the Error List, look at the Tool column. If the Tool value matches one of the analyzer assemblies in Solution Explorer, for example Microsoft.CodeQuality.Analyzers, the violation comes from a Roslyn analyzer. Otherwise, the violation originates from static code analysis.
The RunCodeAnalysis msbuild property in a project file applies only to static code analysis. If you install analyzers, set RunCodeAnalysis to false in your project file to prevent static code analysis from running after build.
NuGet package versus VSIX extension
.NET Compiler Platform analyzers can be installed per-project via a NuGet package, or Visual Studio-wide as a Visual Studio extension. There are some key behavior differences between these two methods of installing analyzers.
If you install analyzers as a Visual Studio extension, they apply at the solution level, to all instances of Visual Studio. If you install the analyzers as a NuGet package, which is the preferred method, they apply only to the project where the NuGet package was installed. In team environments, analyzers installed as NuGet packages are in scope for all developers that work on that project.
To have rules enforced at build time, including through the command line or as part of a continuous integration (CI) build, install the analyzers as a NuGet package. Analyzer warnings and errors don't show up in the build report if you install the analyzers as an extension.
The following screenshot shows the command-line build output from building a project that contains an analyzer rule violation:
You cannot set the severity of rules from analyzers that were installed as a Visual Studio extension. To configure rule severity, install the analyzers as a NuGet package.
Below are the different types of analyzers that help analyze your code.
- Microsoft's recommended analyzers: FxCop Analyzers
- Visual Studio IDE analyzers: EditorConfig
- Third party analyzers: StyleCop, Roslynator, XUnit Analyzers, Sonar Analyzer