Workflow Analyzer Rule Deployment Paths: Confirming Assumptions for Custom Rules

Alexandru_Bizon · March 28, 2025, 5:47pm

Thank you for sharing your approach.
That said, I’d like to offer an alternative method that is more aligned with deployment needs in enterprise environments, particularly where security controls and scalability are a concern.

Recommended Approach: NuGet Package Deployment via Automation Ops

In large-scale environments, copying .dll files to local Rules folders introduces several challenges:

Security restrictions: Enterprise machines commonly enforce policies that block unsigned or externally downloaded .dll files. Microsoft Defender, for instance, may quarantine or prevent execution unless files are manually unblocked, which is not scalable or secure in managed IT environments.
Inconsistency and overhead: Manual steps create room for version drift or misconfiguration across teams, especially when onboarding new developers.

To streamline deployment and ensure consistency across all development environments, the recommended approach is to distribute custom rules as signed .nupkg packages and manage their availability and enforcement centrally via Automation Ops.

Deployment Procedure

1. Package Custom Rules into a NuGet Package (.nupkg)

Develop your custom Workflow Analyzer rules and compile them into a .dll file.
Create a .nuspec file containing metadata about your package and referencing the .dll.
Use the nuget pack command to generate the .nupkg file.

2. Host the NuGet Package on a Custom Feed

Upload the .nupkg file to a NuGet feed accessible to your development environments. This can be an internal NuGet server, Azure Artifacts, Artifactory, or a shared network location.
This feed will later be referenced from UiPath Studio via Automation Ops.

3. Configure Automation Ops to Deploy the Custom Rules

Access Automation Ops in UiPath Automation Cloud.
Create a new governance policy or edit an existing one targeting Studio.
Under Manage Sources, add the custom NuGet feed where the package is hosted.
Ensure the feed is enabled.
Assign the policy to the relevant tenants, user groups, or folders. Studio will now recognize the feed and the package in all governed environments.

4. Enforce the Use of the Custom Rule Using `ST-USG-027`

In the same Studio policy (in Automation Ops), go to the Workflow Analyzer section.
Enable and configure the rule ST-USG-027 - Required Packages.
Specify the required package ID and version to enforce the presence of your analyzer in all projects. Example: MyAnalyzerPackage>=1.0.0
Set the rule’s Action to determine whether a violation results in a warning or an error.

By using this approach, you ensure that:

Custom rules are distributed and versioned centrally.
Enterprise security requirements are respected.
Governance is consistent and scalable across all Studio environments.

For reference:

Thank you again for initiating this discussion — it’s a valuable contribution to the community. I hope this complements your guidance with an approach tailored to global policy enforcement scenarios.

Topic		Replies	Views
Can't install custom rule for workflow analyzer in Uipath Studio Studio	0	783	May 18, 2020
Deploying net461 and net6.0 Analyzer Rules Studio studio , feedback , workflow_analyzer	0	650	October 11, 2022
Adjust an existing project analyzer rule? Robot robot , question	3	895	November 29, 2021
Custom Workflow Analyzer rules for all developers Studio	4	1051	December 9, 2020
Workflow Analyzer Rules - Code Placement Help studio , question	1	1728	December 17, 2020