ejohn20
commented
6 years ago I've seen this before as well. Seems very similar to #26. This appears to resolve itself by closing and reopening Visual Studio in some cases.
Closed serbentraut closed 5 years ago
ejohn20
commented
6 years ago I've seen this before as well. Seems very similar to #26. This appears to resolve itself by closing and reopening Visual Studio in some cases.
serbentraut
commented
6 years ago FYI - this is occurring on VS 2017 ... version 15.3.2 to be precise.
ejohn20
commented
6 years ago Can you tell me a little bit about the project being scanned? Web / API / Class project? What version of the framework are they targeting?
serbentraut
commented
6 years ago MVC Web project, .NET 4.6.1
CFlatWouldbeMinor
commented
6 years ago We have the same issues. Puma scan complains about requiering msbuild V14, but VS 2017 is built on msbuild V15. Our projects are .net standard, asp.net core Warning IDE1003 Analyzer assembly 'C:\.nuget\packages\puma.security.rules\1.0.6\analyzers\dotnet\cs\Microsoft.Build.dll' depends on 'Microsoft.Build.Engine, Version=14.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' but it was not found. Analyzers may not run correctly unless the missing assembly is added as an analyzer reference as well. xx.yy(netstandard2.0)
ejohn20
commented
6 years ago Thanks, this will need to be investigated. .NET Standard / Core may not function the same way as the traditional framework references.
oazabir
commented
6 years ago VS Community 2017, .net core 1.1 shows this error permanently. Tried restarting IDE, uninstall, reinstall - nothing works.
ejohn20
commented
6 years ago Thanks Omar, this is expected. .NET Core is not currently supported. The analyzer rules are currently targeting .NET 4.5 in order to complete the web.config transformation.
We are planning on supporting netstandard20 (.NET Core 2.0) eventually but will need to recompile the code and do some regression testing.
felickz
commented
6 years ago Config and markup file rules work in core! @ejohn20 , any timeline for .NET Core support?
ejohn20
commented
6 years ago Wow, I didn't expect that to work ;) Opening a separate issue for .NET Core testing and support. I'm open to suggestions if anyone wants to do some testing and let us know the right configuration / packages to reference for full .NET Core support.
felickz
commented
6 years ago 
hikeeba
commented
6 years ago We are getting this error also. Our project is targeting .NET 4.6.
Even though this error is logged we still get some analysis warnings.
I'm using v1.0.6 when I run this.
Is there something we need to do to remove this warning?
ejohn20
commented
6 years ago Updates in v2.0 will handle binding redirects and resolving the assemblies. New documentation will cover how to address these issues as well.
meadisu27
commented
6 years ago Workaround until the next release is to edit projects files to not include the Microsoft.Build.*.dll's as analyzer references.
Remove the following from project file.
`
<Analyzer Include="..\packages\Puma.Security.Rules.1.0.6\analyzers\dotnet\cs\Microsoft.Build.Framework.dll" />
<Analyzer Include="..\packages\Puma.Security.Rules.1.0.6\analyzers\dotnet\cs\Microsoft.Build.Tasks.Core.dll" />
<Analyzer Include="..\packages\Puma.Security.Rules.1.0.6\analyzers\dotnet\cs\Microsoft.Build.Utilities.Core.dll" />`Closing until after the 2.0 release. We'll see how the latest version of Roslyn handles this.
Receive an intermittent warning that says: Analyzer assembly\packages\Puma.Security.Rules.1.0.6\analyzers\dotnet\cs\Microsoft.Build.dll' depends on 'Microsoft.Build.Engine, Version=14.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' but it was not found. Analyzers may not run correctly unless the missing assembly is added as an analyzer reference as well.
If I uninstall and re-install the nuget - it goes away temporarily. Any ideas?