We have a custom ruleset (created from an earlier .net framework project)
I added the ruleset to our new project's file:
<PropertyGroup>
<CodeAnalysisRuleSet>c:\CodeAnalysis\CustomCodeAnalysisRules.ruleset</CodeAnalysisRuleSet>
</PropertyGroup>
I installed Microsoft.CodeAnalysis.FxCopAnalysers nuget package on the project.
When running code analysis, I found that some rules from our custom ruleset were checked while some others were not. I discovered there was a list of rules under Dependencies > Analysers > Microsoft.CodeQuality.Analysers in solution explorer. Those seems to be the ones that are checked because the rules that were not verified by the analyser are not listed there.
At first I thought that our ruleset was completely ignored, but if I modify the severity state of one of the "working" rule in our ruleset (one that is also listed under Analysers in solution explorer), the severity also change at the other location, so there is a "link" between these two rules' locations.
Why some rules (for example CA1062, CA1031 and CA1047) in our ruleset are not listed under Dependencies > Analysers > Microsoft.CodeQuality.Analysers while others are (ex.: CA1061, CA1063, CA1064, etc.) ?
And most importantly, how can I be sure that all rules in our custom ruleset are verified ?
Microsoft documentation (https://learn.microsoft.com/en-us/visualstudio/code-quality/install-roslyn-analyzers?view=vs-2017) says:
Find the analyzer package you want to install on www.nuget.org. For example, you may want to install the Microsoft FxCop analyzers to check your code for security and performance issues, among others.
From what I understand (and observed when I search "code analysis" in nuget package manager), there are many analysers available (only from Microsoft but from other providers too), but Microsoft seems to always refer to FxCopAnalysers as example.
But still I don't know if, and which one, I have to install to have all our custom rules checked.
