Interesting facts about #if Debug vs Conditional Debug attributes

#if Debug	[Conditional("Debug")]
1 2 3 4 #if DEBUG public void SetPrivateValue(int value) { ... } #endif	1 2 3 [System.Diagnostics.Conditional("DEBUG")] public void SetPrivateValue(int value) { ... }
#if DEBUG: The code won't even reach the IL(Common Intermediate Language) on release.	The code will reach the IL, however calls to the method will be omitted unless DEBUG is set when the caller is compiled.
1 2 3 4 5 #if DEBUG public const String ENDPOINT = "Localhost"; #else public const String ENDPOINT = "BasicHttpBinding"; #endif  the const ENDPOINT is set to "Localhost" or "BasicHttpBinding" depending on if DEBUG is set or not.	1 2 3 4 5 6 7 8 [Conditional("DEBUG")] public void DoSomething() { } public void Foo() { DoSomething(); //Code compiles and is cleaner, DoSomething always //exists, however this is only called during DEBUG. } The code all exists, but is just ignored unless DEBUG is on.
You can use this construct semantic/syntax to any method with return type or any code block	Whereas this is only works with void return value.
Penetration test/Security test code analysis will be give goahead as it is safe.	Whereas security assessment will flag it high severity in case when it is deployed to production environment.