Open vitek-karas opened 1 year ago
In this case the analyzer should probably always produce less warnings than trimmer, which is the better outcome.
The one place where this might be a problem is cases where expression trees are used as a performance optimization and as a convenient way to generate code at runtime. Where the code builds an expression tree which is then compiled and executed.
For example:
The difference is because linker sees
ldtoken
and not an actual call and doesn't perform true data flow, but analyzer sees this as a normal statement and processes it through data flow. The linker behavior is correct here, under the hood this creates expression tree with MethodInfo which is publicly accessible. And anybody with the expression tree can invoke the MethodInfo with any input. So this needs to warn always, regardless of data flow.