Why does Microsoft Code Analysis check for arguments being null only publicly accessible methods?

Question

Microsoft Code Analysis’s CA1062 rule checks that reference-type arguments are not passed with null.

Why does this check only publicly accessible methods? Should not internal and private methods also be checked? How can one guarantee for internal methods that a null argument will not be passed?

I am asking because I noticed with Reflector/ILSpy that in the Roslyn September 2012 CTP, the internal constructors for the various syntax nodes (see the SyntaxList class) do not check for null arguments, whereas the public factory methods for the syntax nodes do check for null arguments. In this case, how would Microsoft guarantee that the internal usages of the SyntaxList constructor do not pass null?

Answer 1

In this case, how would Microsoft guarantee that the internal usages of the SyntaxList constructor do not pass null?

Presumably because they have tests which mean they're confident in their own code. If you validate all of your input, and you have confidence that your own code is correct, then you can be confident that your calls to your internal APIs have valid input.

Of course it's possible that there's a bug in the implementation, and that it would either generate or allow the pass-through of invalid input to some internal method. If you want to put more validation on internal calls, that's fine. But it's at the public API level that validation is most essential.