duncanp-lseg

FYI this isn't an issue with roslyn-security-guard. It affects all Roslyn analysis rules that are installed in a VSIX, and it's down to how VS/MSBuild work. See the linked SonarLint...

cc @tom-howlett-sonarsource (our .NET ecosystem PM) Thanks for the suggestion @tgolden-andplus. > I realize that's a pretty steep ask, due to how this tool leverages pre-existing code, but I think...

That's sort of what I had in mind, although it would be better if it wasn't necessary to copy the files. > Is the "end" step doing anything other than...

@89trillion-feiyang the [MS docs](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-sln) should help.

@PhilippCh How is this different from #424? 424 says relative paths don't work, which seems to be what this ticket is saying too.

This came up in the community again recently: https://community.sonarsource.com/t/c-do-not-display-the-found-violations-as-a-warning-in-the-compiler/61459 @tom-howlett-sonarsource, what do you think?

MSBuild properties can only have a single value. If you set it the property multiple times then the last setting wins. However, you can specify multiple rules to ignore by...

> This should be safe in terms of dependency confusion because we filter based on authors. The filtering is done in the `nuget.config` file, isn't it? It looks like `NuGetToolInstaller`...

https://community.sonarsource.com/t/scanning-service-fabric-solutions-in-azure-devops/60984/5 @tom-howlett-sonarsource do we have lots of users asking about Service Fabric projects?

Potentially related community issue: https://community.sonarsource.com/t/scanner-for-msbuild-via-jenkins-not-analyzing-cs-files/21872/3