为什么#pragma warning disable S2068 不起作用？

Question

我在一个工具中有以下代码：

var o = new OptionSet()
    .Add("password=|pwd=|p=", "The database password. Only when using SQL authentication.", p => password = p.TrimQuotes())
    ...
;

我的 PR 构建将 Sonar 警告升级为编译错误，因此代码失败：

HashPasswordsArgs.cs(49,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]

好的，我知道这是误报并想在代码中抑制它（这是我的具体和有意识的愿望，请不要建议去 SonarQube 服务器做任何事情）。

我尝试添加//NOSONAR（在//之后有或没有空格），我还尝试在文件顶部添加#pragma warning disable S2068。没有任何帮助。

我错过了什么？

以下是运行示例：

//NOSONAR

C:\xyz\HashPasswords [master ≡]> cat .\src\HashPasswords\HashPasswordsArgs.cs |sls SONAR

                .Add("password=|pwd=|p=", "The database password. Only when using SQL authentication.", p => password = p.TrimQuotes()) //NOSONAR


C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]> dotnet build
Microsoft (R) Build Engine version 16.6.0+5ff7b0c9e for .NET Core
Copyright (C) Microsoft Corporation. All rights reserved.

  Determining projects to restore...
  All projects are up-to-date for restore.
HashPasswordsArgs.cs(49,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
  HashPasswords -> C:\xyz\HashPasswords\src\HashPasswords\bin\Debug\net472\HashPasswords.exe
  Sonar: (HashPasswords.csproj) Project processed successfully

Build succeeded.

HashPasswordsArgs.cs(49,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
    1 Warning(s)
    0 Error(s)

Time Elapsed 00:00:01.23
C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]>

#pragma warning disable S2068

C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]> dir .\src\HashPasswords\HashPasswordsArgs.cs |sls S2068

src\HashPasswords\HashPasswordsArgs.cs:6:#pragma warning disable S2068


C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]> dotnet build
Microsoft (R) Build Engine version 16.6.0+5ff7b0c9e for .NET Core
Copyright (C) Microsoft Corporation. All rights reserved.

  Determining projects to restore...
  All projects are up-to-date for restore.
HashPasswordsArgs.cs(51,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
  HashPasswords -> C:\xyz\HashPasswords\src\HashPasswords\bin\Debug\net472\HashPasswords.exe
  Sonar: (HashPasswords.csproj) Project processed successfully

Build succeeded.

HashPasswordsArgs.cs(51,22): warning S2068: "password" detected here, make sure this is not a hard-coded credential. [C:\xyz\HashPasswords\src\HashPasswords\HashPasswords.csproj]
    1 Warning(s)
    0 Error(s)

Time Elapsed 00:00:01.28
C:\xyz\HashPasswords [master ≡ +1 ~2 -0 !]>

我很想知道为什么#pragma 不起作用。欢迎任何其他基于代码的抑制。越集中越好，即理想情况下，我只想在特定行上抑制这一警告。

Answer 1

以下应该可以工作。

[System.Diagnostics.CodeAnalysis.SuppressMessage("Sonar Code Smell", "S2068:Credentials should not be hard-coded", Justification = "<Pending>")]

它也适用于我的以下属性 [SuppressMessage("Sonar Code Smell", "S2068:Credentials should not be hard-coded", Justification = "")]