Add some guardrails to MSBuild Locator

microsoft / MSBuildLocator

An API to locate MSBuild assemblies from an installed Visual Studio location. Use this to ensure that calling the MSBuild API will use the same toolset that a build from Visual Studio or msbuild.exe would.

Other

221 stars 86 forks source link

Add some guardrails to MSBuild Locator #254

Open YuliiaKovalova opened 1 year ago

YuliiaKovalova commented 1 year ago

Add guardrails that can notify a customer that some of the deployed assemblies in a project can break MSBuild stuff.

rainersigwald commented 1 year ago

This would be beyond the "check for explicit MSBuild package references" we have:

https://github.com/microsoft/MSBuildLocator/blob/1c7a1092bec4b57c37a2f54e8db091073724c342/src/MSBuildLocator/build/Microsoft.Build.Locator.targets#L4-L21

We'd want something like a list of assemblies that shouldn't be deployed next to the final application, because they're expected to be found from the MSBuild installation.

AArnott commented 1 year ago

+1 to searching actual assemblies being deployed rather than looking at PackageReference items. Problematic assemblies like these (or System.CodeDom.dll) can be deployed without any PackageReference, including by transitive dependency.