In Source Suppression Overview
Collapse the table of content
Expand the table of content
This documentation is archived and is not being maintained.

In Source Suppression Overview

In-source suppression is the ability to suppress or ignore Code Analysis violations through the use of the SuppressMessageattribute. The SuppressMessageattribute is a conditional attribute, which is included in the IL metadata of your managed code assembly only if the CODE_ANALYSIS compilation symbol is defined at compile time. In C++, two macros, CA_SUPPRESS_MESSAGE and CA_GLOBAL_SUPPRESS_MESSAGE, achieve the same thing.

We recommend that you use in-source suppressions on debug or check-in builds, in order to eliminate the possibility of mistakenly shipping the in-source suppression metadata and compromising execution or performance because of the metadata bloat.

NoteNote:

You do not have to hand code these attributes yourself. For more information, see How to: Suppress Warnings Using Menu Item.

When you right-click a Code Analysis warning in the Error List and click Suppress Message(s), a SuppressMessage attribute is added either in your code or to the project's global suppressions file.

The SuppressMessage attribute has the following for format:

[Scope:SuppressMessage("Rule Category", "Rule Id", "Justification", "MessageId", Scope = "Scope", Target = "Target")]

Where:

  • Rule Category - The category in which the rule is defined.

  • Rule Id - The identifier for the rule. Support includes both a short and long name for the rule id. The short name is CAXXXX; the long name is CAXXXX:FriendlyTypeName.

  • Justification - The text that is used to document the reason for suppressing the message.

  • Message Id - Unique identifier of a problem for each message.

  • Scope - The target on which the warning is being suppressed. If the target is not specified, it is set to the target of the attribute. Supported scopes include the following:

    • Module

    • Namespace

    • Resource

    • Type

    • Member

    • Parameter

  • Target - An identifier that is used to specify the target on which the warning is being suppressed. It must contain a fully-qualified item name.

Code Analysis warnings are suppressed at the level to which an instance of the SuppressMessage attribute is applied. The purpose of this is to tightly couple the suppression information to the code where the violation occurs.

The general form of suppression includes the rule category and a rule identifier which contains an optional human-readable representation of the rule name. For example,

[SuppressMessage("Microsoft.Design", "CA1039:ListsAreStrongTyped")]

If there are strict performance reasons for minimizing in-source suppression metadata, the rule name itself can be left out. The rule category and its rule ID together constitute a sufficiently unique rule identifier. For example,

[SuppressMessage("Microsoft.Design", "CA1039")]

This format is not recommended because of maintainability issues.

Attributes can only be applied to a method and cannot be embedded within the method body. However, you can specify the identifier as the message ID to distinguish multiple occurrences of a violation within a method.

using System;

namespace InSourceSuppression
{
    public class Class1
    {
    [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Usage",
    "CA1806:DoNotIgnoreMethodResults", MessageId = "System.Guid")]
        public static bool IsValidGuid(string guid)
        {
            try
            {
              new Guid(guid); //Causes CA1806: DoNotIgnoreMethodResults 
              return true;
            }
            catch (ArgumentNullException) {}
            catch (OverflowException) {}
            catch (FormatException) {}
            return false;
        }
    }
}

Managed code compilers and some third-party tools generate code to facilitate rapid code development. Compiler-generated code that appears in source files is usually marked with the GenerateCodeAttribute attribute.

You can choose whether to suppress Code Analysis warnings and errors from generated code. For information about how to suppress such warnings and errors, see Code Analysis Properties for Managed Code.

Note that Code Analysis ignores GenerateCodeAttribute when it is applied to either an entire assembly or a single parameter. These situations occur rarely.

The managed code analysis tool examines SuppressMessage attributes that are applied at the assembly, module, type, member, or parameter level. It also fires violations against resources and namespaces. These violations must be applied at the global level and are scoped and targeted. For example, the following message suppresses a namespace violation:

[module: SuppressMessage("Microsoft.Design", "CA1020:AvoidNamespacesWithFewTypes", Scope = "namespace", Target = "MyNamespace")]

NoteNote:

When you suppression a warning with namespace scope, it suppresses the warning against the namespace itself. It does not suppress the warning against types within the namespace.

Any suppression can be expressed by specifying an explicit scope. These suppressions must live at the global level. You cannot specify member-level suppression by decorating a type.

Global-level suppressions are the only way to suppress messages that refer to compiler-generated code that does not map to explicitly provided user source. For example, the following code suppresses a violation against a compiler-emitted constructor:

[module: SuppressMessage("Microsoft.Design", "CA1055:AbstractTypesDoNotHavePublicConstructors", Scope="member", Target="Microsoft.Tools.FxCop.Type..ctor()")]

NoteNote:

Target always contains the fully-qualified item name.

The global suppression file maintains suppressions that are either global-level suppressions or suppressions that do not specify a target. For example, assembly level violations are stored in this file. Additionally, some ASP.NET suppressions are stored in this file because project level settings are not available for code behind a form.

Show:
© 2016 Microsoft