CS.SV.TRANSP.CONFLICT

Members should not have conflicting transparency annotations.

Transparency attributes are applied from code elements of larger scope to elements of smaller scope. The transparency attributes of code elements with larger scope take precedence over transparency attributes of code elements that are contained in the first element. For example, a class that is marked with the SecurityCriticalAttribute attribute cannot contain a method that is marked with the SecuritySafeCriticalAttribute attribute.

Mitigation and prevention

To fix this violation, remove the security attribute from the code element that has lower scope, or change its attribute to be the same as the containing code element.

Vulnerable code example

Copy
  using System;
  using System.Security;
  
  namespace TransparencyWarningsDemo
  {
  
      [SecurityCritical]
      public class CriticalClass
     {
         // CA2136 violation - this method is not really safe critical, since the larger scoped type annotation 
         // has precidence over the smaller scoped method annotation.  This can be fixed by removing the 
         // SecuritySafeCritical attribute on this method
         [SecuritySafeCritical]
         public void SafeCriticalMethod()
         {
         }
     }
 }

In the example, the LinkDemand should be removed and the method marked with the SecurityCriticalAttribute attribute.