Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MSBuildWorkspace reports warnings as errors/failures #75182

Open
svick opened this issue Sep 20, 2024 · 1 comment · May be fixed by #75183
Open

MSBuildWorkspace reports warnings as errors/failures #75182

svick opened this issue Sep 20, 2024 · 1 comment · May be fixed by #75183
Labels
Area-IDE Bug IDE-MSBuildWorkspace MSBuildWorkspace untriaged Issues and PRs which have not yet been triaged by a lead

Comments

@svick
Copy link
Contributor

svick commented Sep 20, 2024
edited
Loading

Version Used: Roslyn 4.11.0

Steps to Reproduce:

Run this code:

using Microsoft.CodeAnalysis.MSBuild;

var workspace = MSBuildWorkspace.Create();

var project = await workspace.OpenProjectAsync(@"..\..\..\..\project\project.csproj");

foreach (var diagnostic in workspace.Diagnostics)
{
    Console.WriteLine($"{diagnostic.Kind}: {diagnostic.Message}");
}

Where project.csproj is:

<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
    <ImplicitUsings>enable</ImplicitUsings>
    <Nullable>enable</Nullable>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
  </ItemGroup>

</Project>

Expected Behavior:

The workspace reports the NU1903 warning about a vulnerability as a warning, i.e. the output should be:

Warning: Msbuild failed when processing the file 'C:\src\tmp\roslynworkspaceapp\project\project.csproj' with message: Package 'Newtonsoft.Json' 12.0.3 has a known high severity vulnerability, https://github.com/advisories/GHSA-5crp-9r3c-p9vr

Actual Behavior:

The warning is reported as a failure:

Failure: Msbuild failed when processing the file 'C:\src\tmp\roslynworkspaceapp\project\project.csproj' with message: Package 'Newtonsoft.Json' 12.0.3 has a known high severity vulnerability, https://github.com/advisories/GHSA-5crp-9r3c-p9vr

The problem is in Microsoft.CodeAnalysis.MSBuild.DiagnosticReporter, whose Report(DiagnosticLog log) method ignores DiagnosticLogItem.Kind.
@dotnet-issue-labeler dotnet-issue-labeler bot added Area-IDE untriaged Issues and PRs which have not yet been triaged by a lead labels Sep 20, 2024
@svick svick added the Bug label Sep 20, 2024
@svick svick linked a pull request Sep 20, 2024 that will close this issue
Open
@svick svick added the IDE-MSBuildWorkspace MSBuildWorkspace label Sep 20, 2024
@tmat
Copy link
Member

tmat commented Sep 21, 2024

Related: #75170

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Area-IDE Bug IDE-MSBuildWorkspace MSBuildWorkspace untriaged Issues and PRs which have not yet been triaged by a lead
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix reporting of MSBuild warnings in MSBuildWorkspace postsharp/Metalama.Compiler
2 participants
@tmat @svick