Closed AndreyAspose closed 6 years ago
I've run from command line and it is also hanging:
"E:\DevTools\Microsoft Visual Studio\2017\Community\MSBuild\15.0\Bin\MSBuild.exe" WebGoat.NET.sln /t:Clean,Build /p:RunCodeAnalysis=true
Thanks for reporting this, I wasn't aware WebGoat.NET was even in the mix anymore. Thought that project died years ago. I suspect this is related to #38 as the code in that project looks very similar.
Fixed in 1.0.7
I have VS 2017 Community. I installed Puma Scan as extension and also performed NuGet command specified here (without this command analysis failed with CA0064: No analysis was performed because the specified rule set could not be loaded or did not contain any managed code analysis rules): PM > Get-Project -All | Install-Package Puma.Security.Rules
Now the analysis is hanging (that is, not returning for 3+ hours) on very simple project WebGoat. Looking at task manager, I see csc.exe and devenv.exe taking ~25% each all the time. I run analysis via Analyze -> Run Code ANalysis on Solution. WIthout Puma (default rules only) this works fine.
Please let me know what other info I need to provide if any to troubleshoot this.