CA2235: Mark all non-serializable fields
| Property | Value |
|---|---|
| Rule ID | CA2235 |
| Title | Mark all non-serializable fields |
| Category | Usage |
| Fix is breaking or non-breaking | Non-breaking |
| Enabled by default in .NET 8 | No |
Cause
An instance field of a type that is not serializable is declared in a type that is serializable.
Rule description
A serializable type is one that is marked with the System.SerializableAttribute attribute. When the type is serialized, a System.Runtime.Serialization.SerializationException exception is thrown if the type contains an instance field of a type that's not serializable and doesn't implement the System.Runtime.Serialization.ISerializable interface.
Tip
CA2235 does not fire for instance fields of types that implement ISerializable because they provide their own serialization logic.
How to fix violations
To fix a violation of this rule, apply the System.NonSerializedAttribute attribute to the field that is not serializable.
When to suppress warnings
Only suppress a warning from this rule if a System.Runtime.Serialization.ISerializationSurrogate type is declared that allows instances of the field to be serialized and deserialized.
Suppress a warning
If you just want to suppress a single violation, add preprocessor directives to your source file to disable and then re-enable the rule.
#pragma warning disable CA2235
// The code that's violating the rule is on this line.
#pragma warning restore CA2235
To disable the rule for a file, folder, or project, set its severity to none in the configuration file.
[*.{cs,vb}]
dotnet_diagnostic.CA2235.severity = none
For more information, see How to suppress code analysis warnings.
Example
The following example shows two types: one that violates the rule and one that satisfies the rule.
public class Mouse
{
int buttons;
string scanTypeValue;
public int NumberOfButtons
{
get { return buttons; }
}
public string ScanType
{
get { return scanTypeValue; }
}
public Mouse(int numberOfButtons, string scanType)
{
buttons = numberOfButtons;
scanTypeValue = scanType;
}
}
[Serializable]
public class InputDevices1
{
// Violates MarkAllNonSerializableFields.
Mouse opticalMouse;
public InputDevices1()
{
opticalMouse = new Mouse(5, "optical");
}
}
[Serializable]
public class InputDevices2
{
// Satisfies MarkAllNonSerializableFields.
[NonSerialized]
Mouse opticalMouse;
public InputDevices2()
{
opticalMouse = new Mouse(5, "optical");
}
}
Imports System
Imports System.Runtime.Serialization
Namespace ca2235
Public Class Mouse
ReadOnly Property NumberOfButtons As Integer
ReadOnly Property ScanType As String
Sub New(numberOfButtons As Integer, scanType As String)
Me.NumberOfButtons = numberOfButtons
Me.ScanType = scanType
End Sub
End Class
<SerializableAttribute>
Public Class InputDevices1
' Violates MarkAllNonSerializableFields.
Dim opticalMouse As Mouse
Sub New()
opticalMouse = New Mouse(5, "optical")
End Sub
End Class
<SerializableAttribute>
Public Class InputDevices2
' Satisfies MarkAllNonSerializableFields.
<NonSerializedAttribute>
Dim opticalMouse As Mouse
Sub New()
opticalMouse = New Mouse(5, "optical")
End Sub
End Class
End Namespace
Remarks
Rule CA2235 does not analyze types that implement the ISerializable interface (unless they are also marked with the SerializableAttribute attribute). This is because rule CA2237 already recommends marking types that implement the ISerializable interface with the SerializableAttribute attribute.
