C# 为什么#pragma警告禁用S2068不起作用?
我在工具中有以下代码:C# 为什么#pragma警告禁用S2068不起作用?,c#,sonarqube,C#,Sonarqube,我在工具中有以下代码: var o = new OptionSet() .Add("password=|pwd=|p=", "The database password. Only when using SQL authentication.", p => password = p.TrimQuotes()) ... ; 我的PR build将Sonar警告升级为编译错误,因此代码失败: HashPasswordsArgs.cs(4
var o = new OptionSet()
.Add("password=|pwd=|p=", "The database password. Only when using SQL authentication.", p => password = p.TrimQuotes())
...
;
我的PR build将Sonar警告升级为编译错误,因此代码失败:
HashPasswordsArgs.cs(49,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
好的,我知道这是一个假阳性,希望在代码中抑制它(这是我的具体和有意识的愿望,请不要建议去SonarQube服务器做任何事情)
我尝试添加//NOSONAR
(在//之后有或没有空格),我还尝试在文件顶部添加#pragma warning disable S2068
。没什么帮助
我错过了什么
以下是运行示例:
//NOSONAR
C:\xyz\HashPasswords [master ≡]> cat .\src\HashPasswords\HashPasswordsArgs.cs |sls SONAR
.Add("password=|pwd=|p=", "The database password. Only when using SQL authentication.", p => password = p.TrimQuotes()) //NOSONAR
C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]> dotnet build
Microsoft (R) Build Engine version 16.6.0+5ff7b0c9e for .NET Core
Copyright (C) Microsoft Corporation. All rights reserved.
Determining projects to restore...
All projects are up-to-date for restore.
HashPasswordsArgs.cs(49,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
HashPasswords -> C:\xyz\HashPasswords\src\HashPasswords\bin\Debug\net472\HashPasswords.exe
Sonar: (HashPasswords.csproj) Project processed successfully
Build succeeded.
HashPasswordsArgs.cs(49,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
1 Warning(s)
0 Error(s)
Time Elapsed 00:00:01.23
C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]>
#杂注警告禁用S2068
C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]> dir .\src\HashPasswords\HashPasswordsArgs.cs |sls S2068
src\HashPasswords\HashPasswordsArgs.cs:6:#pragma warning disable S2068
C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]> dotnet build
Microsoft (R) Build Engine version 16.6.0+5ff7b0c9e for .NET Core
Copyright (C) Microsoft Corporation. All rights reserved.
Determining projects to restore...
All projects are up-to-date for restore.
HashPasswordsArgs.cs(51,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
HashPasswords -> C:\xyz\HashPasswords\src\HashPasswords\bin\Debug\net472\HashPasswords.exe
Sonar: (HashPasswords.csproj) Project processed successfully
Build succeeded.
HashPasswordsArgs.cs(51,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
1 Warning(s)
0 Error(s)
Time Elapsed 00:00:01.28
C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]>
我很想知道为什么布拉格语不起作用。欢迎使用任何其他基于代码的抑制。越集中越好,也就是说,理想情况下,我只想在特定行上抑制这一警告。下面的内容应该会起作用
[系统.诊断.代码分析.抑制消息(“声纳代码气味”,“S2068:凭证不应硬编码”,对正=”)]
它对我来说也适用于以下属性
[SuppressMessage(“声纳代码气味”,“S2068:凭证不应硬编码”,Justification=“”)]它确实有效。尽管#pragma
和//NOSONAR
看起来更有希望,因为它们可以对代码中的特定行禁用它,而该属性应用于整个函数。但如果没有更好的选择,我会选择。