Lesson 31 of 40
Best Practices
Intermediate
30 min
Code Quality & Static Analysis
Enforce code quality with Roslyn analyzers, SonarQube, EditorConfig, nullable reference types, and the VS 2026 code review tools.
Part 1: Nullable Reference Types
<!-- Enable in .csproj -->
<Nullable>enable</Nullable>
// Now the compiler catches null dereferences
string name = GetName(); // non-nullable
string? optName = TryGetName(); // nullable
// optName.Length — CS8602 warning!
<Nullable>enable</Nullable>
// Now the compiler catches null dereferences
string name = GetName(); // non-nullable
string? optName = TryGetName(); // nullable
// optName.Length — CS8602 warning!
Part 2: EditorConfig Standards
# .editorconfig
[*.cs]
indent_style = space
indent_size = 4
dotnet_sort_system_directives_first = true
csharp_prefer_braces = true
# Treat IDE0001 as error in CI
dotnet_diagnostic.IDE0001.severity = error
[*.cs]
indent_style = space
indent_size = 4
dotnet_sort_system_directives_first = true
csharp_prefer_braces = true
# Treat IDE0001 as error in CI
dotnet_diagnostic.IDE0001.severity = error
Part 3: Custom Roslyn Analyzers
public class NoStringConcatAnalyzer : DiagnosticAnalyzer
{
public override void Initialize(AnalysisContext context)
{
context.RegisterSyntaxNodeAction(
AnalyzeBinaryExpression, SyntaxKind.AddExpression);
}
}
{
public override void Initialize(AnalysisContext context)
{
context.RegisterSyntaxNodeAction(
AnalyzeBinaryExpression, SyntaxKind.AddExpression);
}
}
Part 4: VS 2026 AI Code Review
VS 2026 introduces Copilot Code Review — AI analysis before you commit:
- Security vulnerability detection
- Performance anti-pattern identification
- Naming convention violations
- Documentation gaps for public APIs
