Obsolete features in .NET 5+

Starting in .NET 5, some APIs that are newly marked as obsolete make use of two new properties on ObsoleteAttribute.

  • The ObsoleteAttribute.DiagnosticId property tells the compiler to generate build warnings using a custom diagnostic ID. The custom ID allows for obsoletion warning to be suppressed specifically and separately from one another. In the case of the .NET 5+ obsoletions, the format for the custom diagnostic ID is SYSLIB0XXX.

  • The ObsoleteAttribute.UrlFormat property tells the compiler to include a URL link to learn more about the obsoletion.

If you encounter build warnings or errors due to usage of an obsolete API, follow the specific guidance provided for the diagnostic ID listed in the Reference section. Warnings or errors for these obsoletions can't be suppressed using the standard diagnostic ID (CS0618) for obsolete types or members; use the custom SYSLIB0XXX diagnostic ID values instead. For more information, see Suppress warnings.


The following table provides an index to the SYSLIB0XXX obsoletions in .NET 5+.

Diagnostic ID Warning or error Description
SYSLIB0001 Warning The UTF-7 encoding is insecure and should not be used. Consider using UTF-8 instead.
SYSLIB0002 Error PrincipalPermissionAttribute is not honored by the runtime and must not be used.
SYSLIB0003 Warning Code access security (CAS) is not supported or honored by the runtime.
SYSLIB0004 Warning The constrained execution region (CER) feature is not supported.
SYSLIB0005 Warning The global assembly cache (GAC) is not supported.
SYSLIB0006 Warning Thread.Abort() is not supported and throws PlatformNotSupportedException.
SYSLIB0007 Warning The default implementation of this cryptography algorithm is not supported.
SYSLIB0008 Warning The CreatePdbGenerator() API is not supported and throws PlatformNotSupportedException.
SYSLIB0009 Warning The AuthenticationManager.Authenticate and AuthenticationManager.PreAuthenticate methods are not supported and throw PlatformNotSupportedException.
SYSLIB0010 Warning Some remoting APIs are not supported and throw PlatformNotSupportedException.
SYSLIB0011 Warning BinaryFormatter serialization is obsolete and should not be used.
SYSLIB0012 Warning Assembly.CodeBase and Assembly.EscapedCodeBase are only included for .NET Framework compatibility. Use Assembly.Location instead.
SYSLIB0013 Warning Uri.EscapeUriString(String) can corrupt the Uri string in some cases. Consider using Uri.EscapeDataString(String) for query string components instead.
SYSLIB0014 Warning WebRequest, HttpWebRequest, ServicePoint, and WebClient are obsolete. Use HttpClient instead.
SYSLIB0015 Warning DisablePrivateReflectionAttribute has no effect in .NET 6+.
SYSLIB0016 Warning Use the Graphics.GetContextInfo overloads that accept arguments for better performance and fewer allocations.
SYSLIB0017 Warning Strong-name signing is not supported and throws PlatformNotSupportedException.
SYSLIB0018 Warning Reflection-only loading is not supported and throws PlatformNotSupportedException.
SYSLIB0019 Warning The System.Runtime.InteropServices.RuntimeEnvironment members SystemConfigurationFile, GetRuntimeInterfaceAsIntPtr(Guid, Guid), and GetRuntimeInterfaceAsObject(Guid, Guid) are no longer supported and throw PlatformNotSupportedException.
SYSLIB0020 Warning JsonSerializerOptions.IgnoreNullValues is obsolete. To ignore null values when serializing, set DefaultIgnoreCondition to JsonIgnoreCondition.WhenWritingNull.
SYSLIB0021 Warning Derived cryptographic types are obsolete. Use the Create method on the base type instead.
SYSLIB0022 Warning The Rijndael and RijndaelManaged types are obsolete. Use Aes instead.
SYSLIB0023 Warning RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.
SYSLIB0024 Warning Creating and unloading AppDomains is not supported and throws an exception.
SYSLIB0025 Warning SuppressIldasmAttribute has no effect in .NET 6+.
SYSLIB0026 Warning X509Certificate and X509Certificate2 are immutable. Use the appropriate constructor to create a new certificate.
SYSLIB0027 Warning PublicKey.Key is obsolete. Use the appropriate method to get the public key, such as GetRSAPublicKey().
SYSLIB0028 Warning X509Certificate2.PrivateKey is obsolete. Use the appropriate method to get the private key, such as RSACertificateExtensions.GetRSAPrivateKey(X509Certificate2), or use the X509Certificate2.CopyWithPrivateKey(ECDiffieHellman) method to create a new instance with a private key.
SYSLIB0029 Warning ProduceLegacyHmacValues is obsolete. Producing legacy HMAC values is no longer supported.
SYSLIB0030 Warning HMACSHA1 always uses the algorithm implementation provided by the platform. Use a constructor without the useManagedSha1 parameter.
SYSLIB0031 Warning CryptoConfig.EncodeOID(String) is obsolete. Use the ASN.1 functionality provided in System.Formats.Asn1.
SYSLIB0032 Warning Recovery from corrupted process state exceptions is not supported; HandleProcessCorruptedStateExceptionsAttribute is ignored.
SYSLIB0033 Warning Rfc2898DeriveBytes.CryptDeriveKey(String, String, Int32, Byte[]) is obsolete and is not supported. Use PasswordDeriveBytes.CryptDeriveKey(String, String, Int32, Byte[]) instead.
SYSLIB0034 Warning CmsSigner(CspParameters) is obsolete. Use an alternative constructor instead.
SYSLIB0035 Warning SignerInfo.ComputeCounterSignature() is obsolete. Use the overload that accepts a CmsSigner instead.
SYSLIB0036 Warning Regex.CompileToAssembly is obsolete and not supported. Use RegexGeneratorAttribute with the regular expression source generator instead.
SYSLIB0037 Warning AssemblyName members HashAlgorithm, ProcessorArchitecture, and VersionCompatibility are obsolete and not supported.
SYSLIB0038 Warning SerializationFormat.Binary is obsolete and should not be used.
SYSLIB0039 Warning TLS versions 1.0 and 1.1 have known vulnerabilities and are not recommended. Use a newer TLS version instead, or use SslProtocols.None to defer to OS defaults.
SYSLIB0040 Warning EncryptionPolicy.NoEncryption and EncryptionPolicy.AllowNoEncryption significantly reduce security and should not be used in production code.
SYSLIB0041 Warning The default hash algorithm and iteration counts in Rfc2898DeriveBytes constructors are outdated and insecure. Use a constructor that accepts the hash algorithm and the number of iterations.
SYSLIB0042 Warning ToXmlString and FromXmlString have no implementation for elliptic curve cryptography (ECC) types, and are obsolete. Use a standard import and export format such as ExportSubjectPublicKeyInfo or ImportSubjectPublicKeyInfo for public keys, and ExportPkcs8PrivateKey or ImportPkcs8PrivateKey for private keys.
SYSLIB0043 Warning ECDiffieHellmanPublicKey.ToByteArray() and the associated constructor do not have a consistent and interoperable implementation on all platforms. Use ECDiffieHellmanPublicKey.ExportSubjectPublicKeyInfo() instead.
SYSLIB0045 Warning Cryptographic factory methods accepting an algorithm name are obsolete. Use the parameterless Create factory method on the algorithm type instead.
SYSLIB0047 Warning XmlSecureResolver is obsolete. Use XmlResolver.ThrowingResolver instead when attempting to forbid XML external entity resolution.

Suppress warnings

It's recommended that you use an available workaround whenever possible. However, if you cannot change your code, you can suppress warnings through a #pragma directive or a <NoWarn> project setting. If you must use the obsolete APIs and the SYSLIB0XXX diagnostic does not surface as an error, you can suppress the warning in code or in your project file.

To suppress the warnings in code:

// Disable the warning.
#pragma warning disable SYSLIB0001

// Code that uses obsolete API.

// Re-enable the warning.
#pragma warning restore SYSLIB0001

To suppress the warnings in a project file:

<Project Sdk="Microsoft.NET.Sdk">
   <!-- NoWarn below suppresses SYSLIB0001 project-wide -->
   <!-- To suppress multiple warnings, you can use multiple NoWarn elements -->
   <!-- Alternatively, you can suppress multiple warnings by using a semicolon-delimited list -->


Suppressing warnings in this way only disables the obsoletion warnings you specify. It doesn't disable any other warnings, including obsoletion warnings with different diagnostic IDs.

See also