parent	ancestor
Licensing	Rules

Proj0507: Third-party license registry must be unconditional

Using a NuGet package implies that you and/or your company explicitly agree with the legally binding conditions of the license and the copyright of the owner of the package.

The .NET project file analyzers can not execute all conditions while interpreting the MS-Build files. Therefor, this is explicitly disallowed.

Non-compliant

<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="SonarAnalyzer.CSharp" Version="10.6.0.109712" />
  </ItemGroup>
  
  <ItemGroup Label="Approved licenses" Condition="'$(Configuration)' == 'Release'>
    <ThirdPartyLicense Include="SonarAnalyzer.CSharp" Hash="ZOAgZmx18wSWq5KpOpWd2bB9123" />
  </ItemGroup>

</Project>

Compliant

<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="SonarAnalyzer.CSharp" Version="10.6.0.109712" />
  </ItemGroup>

  <ItemGroup Label="Approved licenses">
    <ThirdPartyLicense Include="SonarAnalyzer.CSharp" Hash="ZOAgZmx18wSWq5KpOpWd2bB9123" />
  </ItemGroup>

</Project>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Proj0507.md

Proj0507.md

Proj0507: Third-party license registry must be unconditional

Non-compliant

Compliant

Files

Proj0507.md

Latest commit

History

Proj0507.md

File metadata and controls

Proj0507: Third-party license registry must be unconditional

Non-compliant

Compliant