Enable MSBuildTask0004 task-authoring analyzer at error severity#55060
Open
baronfel wants to merge 1 commit into
Open
Enable MSBuildTask0004 task-authoring analyzer at error severity#55060baronfel wants to merge 1 commit into
baronfel wants to merge 1 commit into
Conversation
MSBuildTask0004 ('API may cause issues in multithreaded tasks') flags
Assembly.Load*/Activator.CreateInstance*/AppDomain.* calls that can cause
version conflicts in a shared task host. Unlike MSBuildTask0002/0003, its
concerns do not depend on the IMultiThreadableTask/TaskEnvironment migration,
so it can be enforced today. The codebase already has zero violations across
all 12 IsMSBuildTaskProject projects (verified by build). This continues the
incremental ratcheting started in #55053 (MSBuildTask0001).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR ratchets up enforcement of the MSBuild thread-safe task-authoring analyzer by promoting MSBuildTask0004 (“API may cause issues in multithreaded tasks”) from suggestion to error, ensuring banned assembly-loading/reflection APIs are blocked in MSBuild task projects.
Changes:
- Set
dotnet_diagnostic.MSBuildTask0004.severity = errorin the repo-root.editorconfig. - Mirror the same severity update in
src/StaticWebAssetsSdk/.editorconfig(which isroot = true), and update the explanatory comments in both locations.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
.editorconfig |
Promotes MSBuildTask0004 to error and updates ratcheting guidance/comments. |
src/StaticWebAssetsSdk/.editorconfig |
Keeps the duplicated analyzer severity block in sync (root-scoped editorconfig) and updates comments accordingly. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Re-enables MSBuildTask0004 (Microsoft.Build.TaskAuthoring.Analyzer) at its natural
errorseverity, continuing the incremental "ratcheting" of the MSBuild thread-safe task-authoring analyzer started in #55053 (which enabled MSBuildTask0001).What the rule is
MSBuildTask0004 — "API may cause issues in multithreaded tasks" (Warning by default). It flags APIs that can cause assembly version conflicts in a shared/multithreaded task host:
Assembly.Load/LoadFrom/LoadFile/LoadWithPartialNameActivator.CreateInstance(string, string)/Activator.CreateInstanceFromAppDomain.Load/CreateInstance/CreateInstanceFromWhy it can be enabled now
Unlike MSBuildTask0002/0003, the concerns of 0004 do not require the
IMultiThreadableTask/TaskEnvironmentmigration — they are about avoiding problematic reflection/assembly-loading APIs, which can be enforced today. MSBuildTask0001/0002/0003/0005 remain atsuggestionpending that migration (0002/0003 need TaskEnvironment; 0005 is transitive on the others).The codebase already complies
There are zero direct MSBuildTask0004 violations. Verified by building all 12
IsMSBuildTaskProjectprojects with the repo-local SDK aterrorseverity — every project reportedBuild succeeded(and because the repo builds warn-as-error, any violation would have broken the build):The rule was also confirmed active by temporarily injecting
Assembly.LoadFrom("x")into a realITask.Execute()and observingerror MSBuildTask0004fire (then reverted).Changes
Only the two
.editorconfigfiles (repo-root andsrc/StaticWebAssetsSdk/which setsroot = trueand keeps its own in-sync copy):MSBuildTask0004suggestion→error, with updated comments. No source fixes were needed.