pumasecurity / puma-scan

Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications.
https://www.pumascan.com
Mozilla Public License 2.0
446 stars 79 forks source link

error when added as nuget package to some vulnerable application #57

Closed projectrvce closed 5 years ago

projectrvce commented 5 years ago

I have edited some part of the project and then added this nuget package created out of it to package source. I added this nuget package to some vulnerable application through 'manage nuget package option' and built that vulnerable app. usually it is supposed to give me the list of vulnerabilities in the application but I am getting the following warning. can you please help me in resolving it.

error - CSC : warning CS8032: An instance of analyzer Puma.Security.Rules.Suites.PumaDiagnosticSuite cannot be created from C:\Users\meghanar\source\repos\sqlapp\packages\Puma.Security.Rules.2.0.0.1\analyzers\dotnet\cs\Puma.Security.Rules.dll : Could not load file or assembly 'Microsoft.CodeAnalysis, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified..