CA2136: Members should not have conflicting transparency annotations
TypeName |
TransparencyAnnotationsShouldNotConflict |
CheckId |
CA2136 |
Category |
Microsoft.Security |
Breaking Change |
Breaking |
Cause
This rule fires when a type member is marked with a System.Security security attribute that has a different transparency than the security attribute of a container of the member.
Rule Description
Transparency attributes are applied from code elements of larger scope to elements of smaller scope. The transparency attributes of code elements with larger scope take precedence over transparency attributes of code elements that are contained in the first element. For example, a class that is marked with the SecurityCriticalAttribute attribute cannot contain a method that is marked with the SecuritySafeCriticalAttribute attribute.
How to Fix Violations
To fix this violation, remove the security attribute from the code element that has lower scope, or change its attribute to be the same as the containing code element.
When to Suppress Warnings
Do not suppress warnings from this rule.
Example
In the following example, a method is marked with the SecuritySafeCriticalAttribute attribute and it is a member of a class that is marked with the SecurityCriticalAttribute attribute. The security safe attribute should be removed.
using System;
using System.Security;
namespace TransparencyWarningsDemo
{
[SecurityCritical]
public class CriticalClass
{
// CA2136 violation - this method is not really safe critical, since the larger scoped type annotation
// has precidence over the smaller scoped method annotation. This can be fixed by removing the
// SecuritySafeCritical attribute on this method
[SecuritySafeCritical]
public void SafeCriticalMethod()
{
}
}
}