From fbcd26e5eeaefc7f4262ba7052ad9c12d262965f Mon Sep 17 00:00:00 2001 From: Manish Vasani Date: Mon, 3 Oct 2022 19:05:24 +0530 Subject: [PATCH] Replace docs.microsoft.com links with learn.microsoft.com --- GuidelinesForNewRules.md | 6 +- README.md | 20 +- docs/Analyzer Configuration.md | 280 ++++---- .../Proposed FxCop rule changes in Roslyn.md | 6 +- docs/NetCore_GettingStarted.md | 6 +- ...esetToEditorconfigConverter.Package.csproj | 2 +- ...criptorCreationAnalyzer_ReleaseTracking.cs | 2 +- .../UnitTests/SymbolIsBannedAnalyzerTests.cs | 2 +- .../Core/AnalyzerReleases.Shipped.md | 538 +++++++-------- .../Core/AnalyzerReleases.Unshipped.md | 34 +- ...CancellationTokenParametersMustComeLast.cs | 2 +- .../EnumShouldNotHaveDuplicatedValues.cs | 2 +- .../OperatorOverloadsHaveNamedAlternates.cs | 2 +- .../Runtime/SpecifyStringComparison.cs | 4 +- .../Helpers/XmlSerializationAttributeTypes.cs | 2 +- .../Microsoft.CodeAnalysis.NetAnalyzers.md | 568 ++++++++-------- .../Microsoft.CodeAnalysis.NetAnalyzers.sarif | 614 +++++++++--------- src/NetAnalyzers/RulesMissingDocumentation.md | 22 +- .../DisposeObjectsBeforeLosingScopeTests.cs | 2 +- ...oNotUseDeprecatedSecurityProtocolsTests.cs | 4 +- .../Security/SslProtocolsAnalyzerTests.cs | 4 +- .../VisualBasic/AnalyzerReleases.Shipped.md | 4 +- .../PublicApiAnalyzers.Help.md | 4 +- .../Core/AnalyzerReleases.Unshipped.md | 6 +- .../Core/CodeAnalysisDictionary.cs | 4 +- .../RulesMissingDocumentation.md | 2 +- src/Text.Analyzers/Text.Analyzers.md | 6 +- src/Text.Analyzers/Text.Analyzers.sarif | 6 +- .../CodeMetrics/CodeAnalysisMetricData.cs | 2 +- .../DiagnosticCategoryAndIdRanges.txt | 2 +- .../Compiler/DiagnosticDescriptorHelper.cs | 2 +- .../Options/EditorConfigOptionNames.cs | 36 +- ...nalysis.DisposeDataFlowOperationVisitor.cs | 2 +- 33 files changed, 1099 insertions(+), 1099 deletions(-) diff --git a/GuidelinesForNewRules.md b/GuidelinesForNewRules.md index efc5d401fe..43d1bbbd2f 100644 --- a/GuidelinesForNewRules.md +++ b/GuidelinesForNewRules.md @@ -16,16 +16,16 @@ 1. Choose `CA1830` as the rule ID for your rule. 2. Update the range for `Performance` in [DiagnosticCategoryAndIdRanges.txt](.//src//Utilities//Compiler//DiagnosticCategoryAndIdRanges.txt) to `CA1800-CA1830` - You can refer to the [official documentation](https://docs.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings) for all released CA rules by rule category. + You can refer to the [official documentation](https://learn.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings) for all released CA rules by rule category. 4. Documentation requirements: - 1. **New CA rule must be documented**: Each rule ID `CAxxxx` is automatically assigned the help link `https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/caxxxx`. The documentation for this page is populated from `caxxxx.md` file at [dotnet/docs quality-rules folder](https://github.com/dotnet/docs/tree/main/docs/fundamentals/code-analysis/quality-rules). For example, `CA1000` is documented at [ca1000.md](https://github.com/dotnet/docs/tree/main/docs/fundamentals/code-analysis/quality-rules/ca1000.md) file. Documenting a new rule is primarily ensuring a PR is sent to `dotnet/docs` repo to add `caxxxx.md` file for the new rule. Detailed steps are given below. + 1. **New CA rule must be documented**: Each rule ID `CAxxxx` is automatically assigned the help link `https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/caxxxx`. The documentation for this page is populated from `caxxxx.md` file at [dotnet/docs quality-rules folder](https://github.com/dotnet/docs/tree/main/docs/fundamentals/code-analysis/quality-rules). For example, `CA1000` is documented at [ca1000.md](https://github.com/dotnet/docs/tree/main/docs/fundamentals/code-analysis/quality-rules/ca1000.md) file. Documenting a new rule is primarily ensuring a PR is sent to `dotnet/docs` repo to add `caxxxx.md` file for the new rule. Detailed steps are given below. 2. **Documentation PR must be submitted within ONE WEEK of the rule implementation being merged**. Note that we will communicate this requirement on each PR contributing a new CA rule. We reserve the right to revert the rule implementation PR if this documentation requirement is not met. ## Guidelines for creating documentation PR 1. Documentation PR must be submitted to the [dotnet/docs](https://github.com/dotnet/docs) repo: - Please review [Contribute docs for .NET code analysis rules to the .NET docs repository](https://docs.microsoft.com/contribute/dotnet/dotnet-contribute-code-analysis) for guidelines. + Please review [Contribute docs for .NET code analysis rules to the .NET docs repository](https://learn.microsoft.com/contribute/dotnet/dotnet-contribute-code-analysis) for guidelines. If for some exceptional reason you are unable to submit a PR, please [file a documentation issue](https://github.com/dotnet/docs/issues) to add documentation for the rule in future. Please include all relevant information in the issue to allow the documentation experts to easily author the documentation. diff --git a/README.md b/README.md index b4c8508c26..b27bdab4f2 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,9 @@ Roslyn is the compiler platform for .NET. It consists of the compiler itself and ## What are Roslyn Analyzers? -Roslyn analyzers analyze your code for style, quality and maintainability, design and other issues. The documentation for Roslyn Analyzers can be found at [docs.microsoft.com/dotnet/fundamentals/code-analysis/overview](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/overview). +Roslyn analyzers analyze your code for style, quality and maintainability, design and other issues. The documentation for Roslyn Analyzers can be found at [docs.microsoft.com/dotnet/fundamentals/code-analysis/overview](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/overview). -Microsoft created a set of analyzers called [Microsoft.CodeAnalysis.NetAnalyzers](https://www.nuget.org/packages/Microsoft.CodeAnalysis.NetAnalyzers) that contains the most important "FxCop" rules from static code analysis, converted to Roslyn analyzers, in addition to more analyzers. These analyzers check your code for security, performance, and design issues, among others. The documentation for .NET analyzers can be found [here](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/overview#code-quality-analysis). +Microsoft created a set of analyzers called [Microsoft.CodeAnalysis.NetAnalyzers](https://www.nuget.org/packages/Microsoft.CodeAnalysis.NetAnalyzers) that contains the most important "FxCop" rules from static code analysis, converted to Roslyn analyzers, in addition to more analyzers. These analyzers check your code for security, performance, and design issues, among others. The documentation for .NET analyzers can be found [here](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/overview#code-quality-analysis). ## Main analyzers @@ -38,7 +38,7 @@ Recently the set of analyzer packages produced by this repository have been cons *Latest pre-release version (.NET7 analyzers):* [here](https://dev.azure.com/dnceng/public/_artifacts/feed/dotnet7/NuGet/Microsoft.CodeAnalysis.NetAnalyzers/versions) -This is the **primary analyzer package** for this repo that contains all **the .NET code analysis rules (CAxxxx)** that are built into the .NET SDK starting .NET5 release. The documentation for CA rules can be found at [docs.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings](https://docs.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings). +This is the **primary analyzer package** for this repo that contains all **the .NET code analysis rules (CAxxxx)** that are built into the .NET SDK starting .NET5 release. The documentation for CA rules can be found at [docs.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings](https://learn.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings). You do not need to manually install this NuGet package to your project if you are using .NET5 SDK or later. These analyzers are enabled by default for projects targeting .NET5 or later. For projects targeting earlier .NET frameworks, you can enable them in your MSBuild project file by setting one of the following properties: @@ -60,31 +60,31 @@ You do not need to manually install this NuGet package to your project if you ar ### Microsoft.CodeAnalysis.FxCopAnalyzers -**NOTE:** Starting version `3.3.2`, `Microsoft.CodeAnalysis.FxCopAnalyzers` has been **deprecated** in favor of `Microsoft.CodeAnalysis.NetAnalyzers`. Documentation to migrate from FxCopAnalyzers to NetAnalyzers is available [here](https://docs.microsoft.com/visualstudio/code-quality/migrate-from-fxcop-analyzers-to-net-analyzers). +**NOTE:** Starting version `3.3.2`, `Microsoft.CodeAnalysis.FxCopAnalyzers` has been **deprecated** in favor of `Microsoft.CodeAnalysis.NetAnalyzers`. Documentation to migrate from FxCopAnalyzers to NetAnalyzers is available [here](https://learn.microsoft.com/visualstudio/code-quality/migrate-from-fxcop-analyzers-to-net-analyzers). *Latest stable version:* [![NuGet](https://img.shields.io/nuget/v/Microsoft.CodeAnalysis.FxCopAnalyzers.svg)](https://www.nuget.org/packages/Microsoft.CodeAnalysis.FxCopAnalyzers) -This is a migration analyzer package for existing binary FxCop users. It contains all **the ported FxCop code analysis rules (CAxxxx)**. It's recommended to use Microsoft.CodeAnalysis.NetAnalyzers instead. The documentation for that can be found at [docs.microsoft.com/visualstudio/code-quality/install-net-analyzers](https://docs.microsoft.com/visualstudio/code-quality/install-net-analyzers). +This is a migration analyzer package for existing binary FxCop users. It contains all **the ported FxCop code analysis rules (CAxxxx)**. It's recommended to use Microsoft.CodeAnalysis.NetAnalyzers instead. The documentation for that can be found at [docs.microsoft.com/visualstudio/code-quality/install-net-analyzers](https://learn.microsoft.com/visualstudio/code-quality/install-net-analyzers). -The documentation for all the ported and unported FxCop rules can be found at [docs.microsoft.com/en-us/visualstudio/code-quality/fxcop-rule-port-status](https://docs.microsoft.com/visualstudio/code-quality/fxcop-rule-port-status). +The documentation for all the ported and unported FxCop rules can be found at [docs.microsoft.com/en-us/visualstudio/code-quality/fxcop-rule-port-status](https://learn.microsoft.com/visualstudio/code-quality/fxcop-rule-port-status). This analyzer package contains all the ported FxCop rules that are applicable for both *.NetCore/.NetStandard* and *Desktop .NetFramework* projects. You **do not need to install any separate analyzer package from this repo to get target-framework specific FxCop rules**. #### The following are subpackages or NuGet dependencies that are automatically installed when you install the Microsoft.CodeAnalysis.FxCopAnalyzers package: -**NOTE:** Starting version `3.3.2`, `Microsoft.CodeQuality.Analyzers`, `Microsoft.NetCore.Analyzers` and `Microsoft.NetFramework.Analyzers` have also been **deprecated** in favor of `Microsoft.CodeAnalysis.NetAnalyzers`. Documentation to migrate to NetAnalyzers is available [here](https://docs.microsoft.com/visualstudio/code-quality/migrate-from-fxcop-analyzers-to-net-analyzers). +**NOTE:** Starting version `3.3.2`, `Microsoft.CodeQuality.Analyzers`, `Microsoft.NetCore.Analyzers` and `Microsoft.NetFramework.Analyzers` have also been **deprecated** in favor of `Microsoft.CodeAnalysis.NetAnalyzers`. Documentation to migrate to NetAnalyzers is available [here](https://learn.microsoft.com/visualstudio/code-quality/migrate-from-fxcop-analyzers-to-net-analyzers). #### Microsoft.CodeQuality.Analyzers *Latest stable version:* [![NuGet](https://img.shields.io/nuget/v/Microsoft.CodeQuality.Analyzers.svg)](https://www.nuget.org/packages/Microsoft.CodeQuality.Analyzers) -This package contains common code quality improvement rules that are not specific to usage of any particular API. For example, [CA1801](https://docs.microsoft.com/visualstudio/code-quality/ca1801-review-unused-parameters) (ReviewUnusedParameters) flags parameters that are unused and is part of this package. +This package contains common code quality improvement rules that are not specific to usage of any particular API. For example, [CA1801](https://learn.microsoft.com/visualstudio/code-quality/ca1801-review-unused-parameters) (ReviewUnusedParameters) flags parameters that are unused and is part of this package. #### Microsoft.NetCore.Analyzers *Latest stable version:* [![NuGet](https://img.shields.io/nuget/v/Microsoft.NetCore.Analyzers.svg)](https://www.nuget.org/packages/Microsoft.NetCore.Analyzers) -This package contains rules for correct usage of APIs that are present in *.NetCore/.NetStandard* framework libraries. For example, [CA1309](https://docs.microsoft.com/visualstudio/code-quality/ca1309-use-ordinal-stringcomparison) (UseOrdinalStringComparison) flags usages of string compare APIs that don't specify a `StringComparison` argument. [Getting started with NetCore Analyzers](docs/NetCore_GettingStarted.md) +This package contains rules for correct usage of APIs that are present in *.NetCore/.NetStandard* framework libraries. For example, [CA1309](https://learn.microsoft.com/visualstudio/code-quality/ca1309-use-ordinal-stringcomparison) (UseOrdinalStringComparison) flags usages of string compare APIs that don't specify a `StringComparison` argument. [Getting started with NetCore Analyzers](docs/NetCore_GettingStarted.md) **NOTE:** This analyzer package is applicable for both *.NetCore/.NetStandard* and *Desktop .NetFramework* projects. If the API whose usage is being checked exists only in *.NetCore/.NetStandard* libraries, then the analyzer will bail out silently for *Desktop .NetFramework* projects. Otherwise, if the API exists in both *.NetCore/.NetStandard* and *Desktop .NetFramework* libraries, the analyzer will run correctly for both *.NetCore/.NetStandard* and *Desktop .NetFramework* projects. @@ -174,4 +174,4 @@ Required Visual Studio Version: **Visual Studio 2019 16.9 RTW or later** Required .NET SDK Version: **.NET 5.0 SDK or later** -The documentation for .NET SDK Analyzers can be found [here](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/overview#code-quality-analysis) +The documentation for .NET SDK Analyzers can be found [here](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/overview#code-quality-analysis) diff --git a/docs/Analyzer Configuration.md b/docs/Analyzer Configuration.md index 50b3a86088..5b555409e8 100644 --- a/docs/Analyzer Configuration.md +++ b/docs/Analyzer Configuration.md @@ -28,7 +28,7 @@ For example, end users can configure the analyzed API surface for analyzers usin ### VS2019 16.3 and later + Analyzer package version 3.3.x and later -End users can enable `.editorconfig` based configuration for individual documents, folders, projects, solution or entire repo by creating an `.editorconfig` file with the options in the corresponding directory. This file can also contain `.editorconfig` based diagnostic severity configuration entries. See [here](https://docs.microsoft.com/visualstudio/code-quality/use-roslyn-analyzers#rule-severity) for more details. +End users can enable `.editorconfig` based configuration for individual documents, folders, projects, solution or entire repo by creating an `.editorconfig` file with the options in the corresponding directory. This file can also contain `.editorconfig` based diagnostic severity configuration entries. See [here](https://learn.microsoft.com/visualstudio/code-quality/use-roslyn-analyzers#rule-severity) for more details. ### Prior to VS2019 16.3 or using an analyzer package version prior to 3.3.x @@ -46,7 +46,7 @@ End users can enable `.editorconfig` based configuration for individual document Note that this additional file based approach is also supported on VS2019 16.3 and later releases for backwards compatibility. -**The additional file based approach is no longer supported starting in Microsoft.CodeAnalysis.NetAnalyzers v5.0.4. It will be implicitly discovered (if the file is in the project's directory or any ancestor directory), or it should be converted into a 'globalconfig'. See [Configuration files for code analysis rules](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/configuration-files).** +**The additional file based approach is no longer supported starting in Microsoft.CodeAnalysis.NetAnalyzers v5.0.4. It will be implicitly discovered (if the file is in the project's directory or any ancestor directory), or it should be converted into a 'globalconfig'. See [Configuration files for code analysis rules](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/configuration-files).** ## Supported .editorconfig options @@ -57,66 +57,66 @@ This section documents the list of supported `.editorconfig` key-value options f Option Name: `api_surface` Configurable Rules: -[CA1000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000), -[CA1002](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002), -[CA1003](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003), -[CA1005](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005), -[CA1008](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008), -[CA1010](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010), -[CA1012](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012), -[CA1021](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021), -[CA1024](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024), -[CA1027](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027), -[CA1028](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028), -[CA1030](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030), -[CA1036](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036), -[CA1040](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040), -[CA1041](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041), -[CA1043](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043), -[CA1044](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044), -[CA1045](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045), -[CA1046](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046), -[CA1047](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047), -[CA1051](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051), -[CA1052](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052), -[CA1054](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054), -[CA1055](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055), -[CA1056](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056), -[CA1058](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058), -[CA1062](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062), -[CA1063](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063), -[CA1068](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068), -[CA1070](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070), -[CA1700](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700), -[CA1707](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707), -[CA1708](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708), -[CA1710](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710), -[CA1711](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711), -[CA1714](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714), -[CA1715](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715), -[CA1716](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716), -[CA1717](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717), -[CA1720](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720), -[CA1721](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721), -[CA1725](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725), -[CA1801](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1801), -[CA1802](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802), -[CA1815](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815), -[CA1819](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819), -[CA1822](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822), -[CA2208](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208), -[CA2217](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217), -[CA2225](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225), -[CA2226](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226), -[CA2231](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231), -[CA2234](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234) +[CA1000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000), +[CA1002](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002), +[CA1003](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003), +[CA1005](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005), +[CA1008](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008), +[CA1010](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010), +[CA1012](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012), +[CA1021](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021), +[CA1024](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024), +[CA1027](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027), +[CA1028](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028), +[CA1030](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030), +[CA1036](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036), +[CA1040](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040), +[CA1041](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041), +[CA1043](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043), +[CA1044](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044), +[CA1045](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045), +[CA1046](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046), +[CA1047](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047), +[CA1051](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051), +[CA1052](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052), +[CA1054](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054), +[CA1055](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055), +[CA1056](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056), +[CA1058](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058), +[CA1062](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062), +[CA1063](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063), +[CA1068](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068), +[CA1070](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070), +[CA1700](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700), +[CA1707](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707), +[CA1708](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708), +[CA1710](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710), +[CA1711](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711), +[CA1714](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714), +[CA1715](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715), +[CA1716](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716), +[CA1717](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717), +[CA1720](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720), +[CA1721](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721), +[CA1725](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725), +[CA1801](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1801), +[CA1802](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802), +[CA1815](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815), +[CA1819](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819), +[CA1822](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822), +[CA2208](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208), +[CA2217](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217), +[CA2225](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225), +[CA2226](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226), +[CA2231](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231), +[CA2234](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234) Option Values: | Option Value | Summary | | --- | --- | | `public` | Analyzes public APIs that are externally visible outside the assembly. | -| `internal` or `friend` | Analyzes internal APIs that are visible within the assembly and to assemblies with [InternalsVisibleToAttribute](https://docs.microsoft.com/dotnet/api/system.runtime.compilerservices.internalsvisibletoattribute) access. | +| `internal` or `friend` | Analyzes internal APIs that are visible within the assembly and to assemblies with [InternalsVisibleToAttribute](https://learn.microsoft.com/dotnet/api/system.runtime.compilerservices.internalsvisibletoattribute) access. | | `private` | Analyzes private APIs that are only visible within the containing type. | | `all` | Analyzes all APIs, regardless of the symbol visibility. | @@ -130,9 +130,9 @@ Users can also provide a comma separated list of above option values. For exampl Option Name: `output_kind` -Configurable Rules: [CA2007](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007) +Configurable Rules: [CA2007](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007) -Option Values: One or more fields of enum [Microsoft.CodeAnalysis.CompilationOptions.OutputKind](https://docs.microsoft.com/dotnet/api/microsoft.codeanalysis.outputkind) as a comma separated list. +Option Values: One or more fields of enum [Microsoft.CodeAnalysis.CompilationOptions.OutputKind](https://learn.microsoft.com/dotnet/api/microsoft.codeanalysis.outputkind) as a comma separated list. Default Value: _All output kinds_ @@ -142,7 +142,7 @@ Example: `dotnet_code_quality.CA2007.output_kind = ConsoleApplication, Dynamical Option Name: `required_modifiers` -Configurable Rules: [CA1802](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802) +Configurable Rules: [CA1802](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802) Option Values: Comma separated listed of one or more modifier values from the below table. Note that not all values are applicable for every configurable rule. @@ -169,7 +169,7 @@ Example: `dotnet_code_quality.CA1802.required_modifiers = none`. Option Name: `exclude_async_void_methods` -Configurable Rules: [CA2007](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007) +Configurable Rules: [CA2007](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007) Option Values: `true` or `false` @@ -181,7 +181,7 @@ Example: `dotnet_code_quality.CA2007.exclude_async_void_methods = true` Option Name: `exclude_single_letter_type_parameters` -Configurable Rules: [CA1715](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715) +Configurable Rules: [CA1715](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715) Option Values: `true` or `false` @@ -193,7 +193,7 @@ Example: `dotnet_code_quality.CA1715.exclude_single_letter_type_parameters = tru Option Name: `exclude_extension_method_this_parameter` -Configurable Rules: [CA1062](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062) +Configurable Rules: [CA1062](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062) Option Values: `true` or `false` @@ -205,7 +205,7 @@ Example: `dotnet_code_quality.CA1062.exclude_extension_method_this_parameter = t Option Name: `null_check_validation_methods` -Configurable Rules: [CA1062](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062) +Configurable Rules: [CA1062](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062) Option Values: Names of null check validation methods (separated by `|`) that validate arguments passed to the method are non-null. Allowed method name formats: @@ -229,7 +229,7 @@ Examples: Option Name: `additional_string_formatting_methods` -Configurable Rules: [CA2241](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241) +Configurable Rules: [CA2241](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241) Option Values: Names of additional string formatting methods (separated by `|`). Allowed method name formats: @@ -254,7 +254,7 @@ Option Name: `try_determine_additional_string_formatting_methods_automatically` Boolean option to enable heuristically detecting of additional string formatting methods A method is considered a string formatting method if it has a `string format` parameter followed by a `params object[]` parameter. -Configurable Rules: [CA2241](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241) +Configurable Rules: [CA2241](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241) Option Values: `true` or `false` @@ -265,52 +265,52 @@ Example: `dotnet_code_quality.try_determine_additional_string_formatting_methods ### Excluded symbols Configurable Rules: -[CA1001](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001), -[CA1054](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054), -[CA1055](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055), -[CA1056](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056), -[CA1062](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062), -[CA1068](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068), -[CA1303](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303), -[CA1304](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304), -[CA1508](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508), -[CA2000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000), -[CA2100](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100), -[CA2301](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301), -[CA2302](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302), -[CA2311](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311), -[CA2312](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312), -[CA2321](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321), -[CA2322](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322), -[CA2327](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327), -[CA2328](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328), -[CA2329](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329), -[CA2330](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330), -[CA3001](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001), -[CA3002](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002), -[CA3003](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003), -[CA3004](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004), -[CA3005](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005), -[CA3006](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006), -[CA3007](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007), -[CA3008](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008), -[CA3009](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009), -[CA3010](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010), -[CA3011](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011), -[CA3012](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012), -[CA5361](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361), -[CA5376](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376), -[CA5377](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377), -[CA5378](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378), -[CA5380](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380), -[CA5381](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381), -[CA5382](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382), -[CA5383](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383), -[CA5384](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384), -[CA5387](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387), -[CA5388](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388), -[CA5389](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389), -[CA5390](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390) +[CA1001](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001), +[CA1054](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054), +[CA1055](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055), +[CA1056](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056), +[CA1062](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062), +[CA1068](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068), +[CA1303](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303), +[CA1304](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304), +[CA1508](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508), +[CA2000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000), +[CA2100](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100), +[CA2301](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301), +[CA2302](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302), +[CA2311](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311), +[CA2312](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312), +[CA2321](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321), +[CA2322](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322), +[CA2327](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327), +[CA2328](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328), +[CA2329](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329), +[CA2330](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330), +[CA3001](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001), +[CA3002](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002), +[CA3003](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003), +[CA3004](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004), +[CA3005](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005), +[CA3006](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006), +[CA3007](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007), +[CA3008](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008), +[CA3009](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009), +[CA3010](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010), +[CA3011](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011), +[CA3012](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012), +[CA5361](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361), +[CA5376](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376), +[CA5377](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377), +[CA5378](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378), +[CA5380](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380), +[CA5381](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381), +[CA5382](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382), +[CA5383](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383), +[CA5384](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384), +[CA5387](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387), +[CA5388](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388), +[CA5389](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389), +[CA5390](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390) #### Excluded symbol names @@ -370,7 +370,7 @@ Examples: Option Name: `unsafe_DllImportSearchPath_bits` -Configurable Rules: [CA5393](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393) +Configurable Rules: [CA5393](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393) Option Values: Integer values of `System.Runtime.InteropServices.DllImportSearchPath` @@ -382,7 +382,7 @@ Example: `dotnet_code_quality.CA5393.unsafe_DllImportSearchPath_bits = 770` Option Name: `exclude_aspnet_core_mvc_controllerbase` -Configurable Rules: [CA5391](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391) +Configurable Rules: [CA5391](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391) Option Values: `true` or `false` @@ -394,7 +394,7 @@ Example: `dotnet_code_quality.CA5391.exclude_aspnet_core_mvc_controllerbase = fa Option Name: `disallowed_symbol_names` -Configurable Rules: [CA1031](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031) +Configurable Rules: [CA1031](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031) Option Values: Names of symbols (separated by `|`) that are disallowed in the context of the analysis. Allowed symbol name formats: @@ -418,12 +418,12 @@ Examples: ### Dataflow analysis Configurable Rules: -[CA1062](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062), -[CA1303](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303), -[CA1508](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508), -[CA2000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000), -[CA2100](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100), -[CA2213](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213), +[CA1062](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062), +[CA1303](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303), +[CA1508](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508), +[CA2000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000), +[CA2100](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100), +[CA2213](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213), Taint analysis rules #### Interprocedural analysis Kind @@ -466,7 +466,7 @@ Example: `dotnet_code_quality.max_interprocedural_lambda_or_local_function_call_ Option Name: `dispose_analysis_kind` -Configurable Rules: [CA2000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) +Configurable Rules: [CA2000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) Option Values: @@ -485,7 +485,7 @@ Example: `dotnet_code_quality.dispose_analysis_kind = AllPaths` Option Name: `dispose_ownership_transfer_at_constructor` -Configurable Rules: [CA2000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) +Configurable Rules: [CA2000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) Option Values: `true` or `false` @@ -521,7 +521,7 @@ class Test Option Name: `dispose_ownership_transfer_at_method_call` -Configurable Rules: [CA2000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) +Configurable Rules: [CA2000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) Option Values: `true` or `false` @@ -588,7 +588,7 @@ Example: `dotnet_code_quality.CA5387.sufficient_IterationCount_for_weak_KDF_algo Option Name: `enum_values_prefix_trigger` -Configurable Rules: [CA1712](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712) +Configurable Rules: [CA1712](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712) Option Values: @@ -606,7 +606,7 @@ Example: `dotnet_code_quality.CA1712.enum_values_prefix_trigger = AnyEnumValue` Option Name: `exclude_indirect_base_types` -Configurable Rules: [CA1710](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710) +Configurable Rules: [CA1710](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710) Option Values: `true` or `false` @@ -635,7 +635,7 @@ public class MyClass : MyBaseClass Option Name: `additional_required_suffixes` -Configurable Rules: [CA1710](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710) +Configurable Rules: [CA1710](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710) Option Values: List (separated by `|`) of type names with their required suffix (separated by `->`). Allowed type name formats: @@ -657,7 +657,7 @@ Examples: Option Name: `additional_required_generic_interfaces` -Configurable Rules: [CA1010](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010) +Configurable Rules: [CA1010](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010) Option Values: List (separated by `|`) of interface names with their required generic fully qualified interface (separated by `->`). Allowed interface formats: @@ -678,7 +678,7 @@ Examples: Option Name: `additional_inheritance_excluded_symbol_names` -Configurable Rules: [CA1501](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501) +Configurable Rules: [CA1501](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501) Option Values: Names of types or namespaces (separated by `|`), such that the type or type's namespace does not count in the inheritance hierarchy tree. Allowed symbol name formats: @@ -707,7 +707,7 @@ Examples: Option Name: `analyzed_symbol_kinds` -Configurable Rules: [CA1716](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716) +Configurable Rules: [CA1716](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716) Option Values: One or more fields of enum [Microsoft.CodeAnalysis.SymbolKind](https://roslynsourceindex.azurewebsites.net/#Microsoft.CodeAnalysis/Symbols/SymbolKind.cs,30fd9c0834bef6ff) as a comma separated list. @@ -719,7 +719,7 @@ Example: `dotnet_code_quality.CA1716.analyzed_symbol_kinds = Namespace, Property Option Name: `use_naming_heuristic` -Configurable Rules: [CA1303](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303) +Configurable Rules: [CA1303](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303) Option Values: `true` or `false` @@ -731,7 +731,7 @@ Example: `dotnet_code_quality.CA1303.use_naming_heuristic = true` Option Name: `additional_use_results_methods` -Configurable Rules: [CA1806](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806) +Configurable Rules: [CA1806](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806) Option Values: Names of additional methods (separated by `|`). Allowed method name formats: @@ -755,7 +755,7 @@ Examples: Option Name: `allowed_suffixes` -Configurable Rules: [CA1711](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711) +Configurable Rules: [CA1711](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711) Option Values: List (separated by `|`) of allowed suffixes @@ -765,7 +765,7 @@ Example: `dotnet_code_quality.CA1711.allowed_suffixes = Flag|Flags` Option Name: `enable_platform_analyzer_on_pre_net5_target` -Configurable Rules: [CA1416](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416) +Configurable Rules: [CA1416](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416) Option Values: `true` or `false` @@ -777,7 +777,7 @@ Example: `dotnet_code_quality.enable_platform_analyzer_on_pre_net5_target = true Option Name: `exclude_structs` -Configurable Rules: [CA1051](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051) +Configurable Rules: [CA1051](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051) Option Values: `true` or `false` @@ -789,7 +789,7 @@ Example: `dotnet_code_quality.CA1051.exclude_structs = true` Option Name: `exclude_ordefault_methods` -Configurable Rules: [CA1826](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826) +Configurable Rules: [CA1826](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826) Option Values: `true` or `false` @@ -801,7 +801,7 @@ Example: `dotnet_code_quality.CA1826.exclude_ordefault_methods = true` Option Name: `additional_enum_none_names` -Configurable Rules: [CA1008](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1008) +Configurable Rules: [CA1008](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1008) Option Values: Names of additional enum None names (separated by `|`). @@ -813,7 +813,7 @@ Example: `dotnet_code_quality.CA1008.additional_enum_none_names = Never` or `dot Option Name: `enumeration_methods` -Configurable Rules: [CA1851](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1851) +Configurable Rules: [CA1851](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1851) Option Values: [Fully qualified names](https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format) of additional methods enumerating all parameters with IEnumerable type (separated by `|`). @@ -825,13 +825,13 @@ Example: `dotnet_code_quality.CA1851.enumeration_methods = M:NS.Cls.SomeMethod(S Option Name: `linq_chain_methods` -Configurable Rules: [CA1851](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1851) +Configurable Rules: [CA1851](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1851) Option Values: [Fully qualified names](https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format) of additional methods accepting IEnumerable parameters and return a new IEnumerable type instance(separated by `|`). By default, the IEnumerable type parameters of the Linq Chain method are considered not enumerated. This behavior could be overridden by combining using the `enumeration_methods` option. Default Value: empty -This option is used to include customized methods like [Select](https://docs.microsoft.com/en-us/dotnet/api/system.linq.enumerable.select?view=net-6.0) into the analysis scope. +This option is used to include customized methods like [Select](https://learn.microsoft.com/en-us/dotnet/api/system.linq.enumerable.select?view=net-6.0) into the analysis scope. Consider the example: ```csharp @@ -863,7 +863,7 @@ In this example the options would be `dotnet_code_quality.CA1851.linq_chain_meth Option Name: `assume_method_enumerates_parameters` -Configurable Rules: [CA1851](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1851) +Configurable Rules: [CA1851](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/CA1851) Option Values: `true` or `false` If set to true, all IEnumerable type parameters would be assumed enumerated by the method invocation. This option does not affect methods specified in `linq_chain_methods`. diff --git a/docs/FxCopPort/Proposed FxCop rule changes in Roslyn.md b/docs/FxCopPort/Proposed FxCop rule changes in Roslyn.md index 2563f6f7d7..fdd159c1b5 100644 --- a/docs/FxCopPort/Proposed FxCop rule changes in Roslyn.md +++ b/docs/FxCopPort/Proposed FxCop rule changes in Roslyn.md @@ -15,11 +15,11 @@ In addition to implementation details of the analyzers we have decided to port, ## CA1034: Nested types should not be visible -The .NET Framework Design Guidelines for [nested types](https://docs.microsoft.com/dotnet/standard/design-guidelines/nested-types) specifically mentions enumerations: +The .NET Framework Design Guidelines for [nested types](https://learn.microsoft.com/dotnet/standard/design-guidelines/nested-types) specifically mentions enumerations: > For example, an enum passed to a method defined on a class should not be defined as a nested type in the class. -But the [documentation](https://docs.microsoft.com/visualstudio/code-quality/ca1034-nested-types-should-not-be-visible) for this rule says: +But the [documentation](https://learn.microsoft.com/visualstudio/code-quality/ca1034-nested-types-should-not-be-visible) for this rule says: > Nested enumerations ... are exempt from this rule @@ -47,7 +47,7 @@ and will discourage others from emulating it. These are good suggestions. -With regard to item #2, the [documentation](https://docs.microsoft.com/visualstudio/code-quality/ca1716-identifiers-should-not-match-keywords) for the rule actually does define the set of languages to which it applies: +With regard to item #2, the [documentation](https://learn.microsoft.com/visualstudio/code-quality/ca1716-identifiers-should-not-match-keywords) for the rule actually does define the set of languages to which it applies: > This rule checks against keywords in the following languages: > diff --git a/docs/NetCore_GettingStarted.md b/docs/NetCore_GettingStarted.md index 25ef179103..10f07794e9 100644 --- a/docs/NetCore_GettingStarted.md +++ b/docs/NetCore_GettingStarted.md @@ -1,7 +1,7 @@ # Getting started with .NetCore/.NetStandard Analyzers -1. Read through the [.NET Compiler Platform SDK](https://docs.microsoft.com/dotnet/csharp/roslyn-sdk/) for understanding the different Roslyn elements `(Syntax Nodes, Tokens, Trivia)`. The factory methods and APIs are super useful. -2. Learning this [tutorial](https://docs.microsoft.com/dotnet/csharp/roslyn-sdk/tutorials/how-to-write-csharp-analyzer-code-fix) for custom analyzer and trying it some level is very useful to get started. It is pretty easy step by step tutorial, it is time saving as it has a template generated for us (with analyzer, fixer and unit test), has good explanation, would give you pretty good understanding on how Roslyn analyzers work. +1. Read through the [.NET Compiler Platform SDK](https://learn.microsoft.com/dotnet/csharp/roslyn-sdk/) for understanding the different Roslyn elements `(Syntax Nodes, Tokens, Trivia)`. The factory methods and APIs are super useful. +2. Learning this [tutorial](https://learn.microsoft.com/dotnet/csharp/roslyn-sdk/tutorials/how-to-write-csharp-analyzer-code-fix) for custom analyzer and trying it some level is very useful to get started. It is pretty easy step by step tutorial, it is time saving as it has a template generated for us (with analyzer, fixer and unit test), has good explanation, would give you pretty good understanding on how Roslyn analyzers work. 3. Clone the `dotnet/roslyn-analyzers` repo, install all required dependencies and build the repo by the [instructions](https://github.com/dotnet/roslyn-analyzers#getting-started). 4. Follow the coding style of the `dotnet/roslyn-analyzers` repo. [Guidelines about new rule id and doc](https://github.com/dotnet/roslyn-analyzers/blob/main/GuidelinesForNewRules.md). 5. Open `RoslynAnalyzers.sln` and open the package where you are creating your analyzer. In our case, it is mostly `Microsoft.CodeAnalysis.NetAnalyzers`->`Microsoft.NetCore.Analyzers`. Create your analyzer and/or fixer class in the corresponding folder. @@ -42,7 +42,7 @@ - All warnings and errors in these repos are addressed (to prevent build failures) - `Info` level diagnostics do not need to be fully resolved or suppressed as they do not cause build failures - Document for review: severity, default, categorization, numbering, titles, messages, and descriptions. -- Create the appropriate documentation for [docs.microsoft.com](https://github.com/dotnet/docs/tree/main/docs/fundamentals/code-analysis/quality-rules) within **ONE WEEK**, instructions available on [Contribute docs for .NET code analysis rules to the .NET docs repository](https://docs.microsoft.com/contribute/dotnet/dotnet-contribute-code-analysis). +- Create the appropriate documentation for [docs.microsoft.com](https://github.com/dotnet/docs/tree/main/docs/fundamentals/code-analysis/quality-rules) within **ONE WEEK**, instructions available on [Contribute docs for .NET code analysis rules to the .NET docs repository](https://learn.microsoft.com/contribute/dotnet/dotnet-contribute-code-analysis). - PR merged into `dotnet/roslyn-analyzers`. - Validate the analyzer's behavior with end-to-end testing using the command-line and Visual Studio: - Use `dotnet new console` and `dotnet build` from the command-line, updating the code to introduce diagnostics and ensuring warnings/errors are reported at the command-line diff --git a/nuget/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter.Package.csproj b/nuget/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter.Package.csproj index 3b6bdecfcf..b9f98c21b0 100644 --- a/nuget/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter.Package.csproj +++ b/nuget/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter/Microsoft.CodeAnalysis.RulesetToEditorconfigConverter.Package.csproj @@ -6,7 +6,7 @@ true false Microsoft.CodeAnalysis.RulesetToEditorconfigConverter - Utility to convert ruleset files to equivalent .editorconfig files. Editorconfig files are respected by C# and VB compilers on VS2019 16.3 or later. See https://docs.microsoft.com/visualstudio/code-quality/use-roslyn-analyzers#set-rule-severity-in-an-editorconfig-file for details. + Utility to convert ruleset files to equivalent .editorconfig files. Editorconfig files are respected by C# and VB compilers on VS2019 16.3 or later. See https://learn.microsoft.com/visualstudio/code-quality/use-roslyn-analyzers#set-rule-severity-in-an-editorconfig-file for details. Utility to convert ruleset files to equivalent .editorconfig files Utility to convert ruleset files to equivalent .editorconfig files Roslyn CodeAnalysis Ruleset EditorConfig Compiler FxCop CSharp VB VisualBasic Syntax Semantics diff --git a/src/Microsoft.CodeAnalysis.Analyzers/Core/MetaAnalyzers/DiagnosticDescriptorCreationAnalyzer_ReleaseTracking.cs b/src/Microsoft.CodeAnalysis.Analyzers/Core/MetaAnalyzers/DiagnosticDescriptorCreationAnalyzer_ReleaseTracking.cs index 9c1488877b..3f5dc6be53 100644 --- a/src/Microsoft.CodeAnalysis.Analyzers/Core/MetaAnalyzers/DiagnosticDescriptorCreationAnalyzer_ReleaseTracking.cs +++ b/src/Microsoft.CodeAnalysis.Analyzers/Core/MetaAnalyzers/DiagnosticDescriptorCreationAnalyzer_ReleaseTracking.cs @@ -368,7 +368,7 @@ static string GetSeverityText(bool? isEnabledByDefault, DiagnosticSeverity? defa long.TryParse(ruleId[2..], out _)) { #pragma warning disable CA1308 // Normalize strings to uppercase - use lower case ID in help link - return $"https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/{ruleId.ToLowerInvariant()}"; + return $"https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/{ruleId.ToLowerInvariant()}"; #pragma warning restore CA1308 // Normalize strings to uppercase } diff --git a/src/Microsoft.CodeAnalysis.BannedApiAnalyzers/UnitTests/SymbolIsBannedAnalyzerTests.cs b/src/Microsoft.CodeAnalysis.BannedApiAnalyzers/UnitTests/SymbolIsBannedAnalyzerTests.cs index e6e053c8f1..4183ff6cca 100644 --- a/src/Microsoft.CodeAnalysis.BannedApiAnalyzers/UnitTests/SymbolIsBannedAnalyzerTests.cs +++ b/src/Microsoft.CodeAnalysis.BannedApiAnalyzers/UnitTests/SymbolIsBannedAnalyzerTests.cs @@ -15,7 +15,7 @@ namespace Microsoft.CodeAnalysis.BannedApiAnalyzers.UnitTests { - // For specification of document comment IDs see https://docs.microsoft.com/en-us/dotnet/csharp/language-reference/language-specification/documentation-comments#processing-the-documentation-file + // For specification of document comment IDs see https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/language-specification/documentation-comments#processing-the-documentation-file public class SymbolIsBannedAnalyzerTests { diff --git a/src/NetAnalyzers/Core/AnalyzerReleases.Shipped.md b/src/NetAnalyzers/Core/AnalyzerReleases.Shipped.md index 1596bc3bbe..e5586b2214 100644 --- a/src/NetAnalyzers/Core/AnalyzerReleases.Shipped.md +++ b/src/NetAnalyzers/Core/AnalyzerReleases.Shipped.md @@ -4,250 +4,250 @@ Rule ID | Category | Severity | Notes --------|----------|----------|------- -CA1000 | Design | Hidden | DoNotDeclareStaticMembersOnGenericTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000) -CA1001 | Design | Hidden | TypesThatOwnDisposableFieldsShouldBeDisposableAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001) -CA1002 | Design | Disabled | DoNotExposeGenericLists, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002) -CA1003 | Design | Disabled | UseGenericEventHandlerInstancesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003) -CA1005 | Design | Disabled | AvoidExcessiveParametersOnGenericTypes, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005) -CA1008 | Design | Disabled | EnumsShouldHaveZeroValueAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008) -CA1010 | Design | Hidden | CollectionsShouldImplementGenericInterfaceAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010) -CA1012 | Design | Disabled | AbstractTypesShouldNotHaveConstructorsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012) -CA1014 | Design | Disabled | MarkAssembliesWithAttributesDiagnosticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1014) -CA1016 | Design | Info | MarkAssembliesWithAttributesDiagnosticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1016) -CA1017 | Design | Disabled | MarkAssembliesWithComVisibleAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1017) -CA1018 | Design | Info | MarkAttributesWithAttributeUsageAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1018) -CA1019 | Design | Disabled | DefineAccessorsForAttributeArgumentsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1019) -CA1021 | Design | Disabled | AvoidOutParameters, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021) -CA1024 | Design | Disabled | UsePropertiesWhereAppropriateAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024) -CA1027 | Design | Disabled | EnumWithFlagsAttributeAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027) -CA1028 | Design | Disabled | EnumStorageShouldBeInt32Analyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028) -CA1030 | Design | Disabled | UseEventsWhereAppropriateAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030) -CA1031 | Design | Disabled | DoNotCatchGeneralExceptionTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031) -CA1032 | Design | Disabled | ImplementStandardExceptionConstructorsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032) -CA1033 | Design | Disabled | InterfaceMethodsShouldBeCallableByChildTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1033) -CA1034 | Design | Disabled | NestedTypesShouldNotBeVisibleAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1034) -CA1036 | Design | Hidden | OverrideMethodsOnComparableTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036) -CA1040 | Design | Disabled | AvoidEmptyInterfacesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040) -CA1041 | Design | Info | ProvideObsoleteAttributeMessageAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041) -CA1043 | Design | Disabled | UseIntegralOrStringArgumentForIndexersAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043) -CA1044 | Design | Disabled | PropertiesShouldNotBeWriteOnlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044) -CA1045 | Design | Disabled | DoNotPassTypesByReference, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045) -CA1046 | Design | Disabled | DoNotOverloadOperatorEqualsOnReferenceTypes, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046) -CA1047 | Design | Info | DoNotDeclareProtectedMembersInSealedTypes, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047) -CA1050 | Design | Info | DeclareTypesInNamespacesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1050) -CA1051 | Design | Hidden | DoNotDeclareVisibleInstanceFieldsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051) -CA1052 | Design | Disabled | StaticHolderTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052) -CA1054 | Design | Disabled | UriParametersShouldNotBeStringsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054) -CA1055 | Design | Disabled | UriReturnValuesShouldNotBeStringsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055) -CA1056 | Design | Disabled | UriPropertiesShouldNotBeStringsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056) -CA1058 | Design | Disabled | TypesShouldNotExtendCertainBaseTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058) -CA1060 | Design | Disabled | MovePInvokesToNativeMethodsClassAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1060) -CA1061 | Design | Info | DoNotHideBaseClassMethodsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1061) -CA1062 | Design | Disabled | ValidateArgumentsOfPublicMethods, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062) -CA1063 | Design | Disabled | ImplementIDisposableCorrectlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063) -CA1064 | Design | Disabled | ExceptionsShouldBePublicAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1064) -CA1065 | Design | Disabled | DoNotRaiseExceptionsInUnexpectedLocationsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1065) -CA1066 | Design | Disabled | EquatableAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1066) -CA1067 | Design | Info | EquatableAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1067) -CA1068 | Design | Info | CancellationTokenParametersMustComeLastAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068) -CA1069 | Design | Info | EnumShouldNotHaveDuplicatedValues, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1069) -CA1070 | Design | Info | DoNotDeclareEventFieldsAsVirtual, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070) -CA1200 | Documentation | Hidden | AvoidUsingCrefTagsWithAPrefixAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200) -CA1303 | Globalization | Disabled | DoNotPassLiteralsAsLocalizedParameters, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303) -CA1304 | Globalization | Hidden | SpecifyCultureInfoAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304) -CA1305 | Globalization | Hidden | SpecifyIFormatProviderAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1305) -CA1307 | Globalization | Disabled | SpecifyStringComparisonAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307) -CA1308 | Globalization | Disabled | NormalizeStringsToUppercaseAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1308) -CA1309 | Globalization | Hidden | UseOrdinalStringComparisonAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309) -CA1310 | Globalization | Hidden | SpecifyStringComparisonAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1310) -CA1401 | Interoperability | Info | PInvokeDiagnosticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1401) -CA1416 | Interoperability | Warning | PlatformCompatibilityAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416) -CA1417 | Interoperability | Warning | DoNotUseOutAttributeStringPInvokeParametersAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1417) -CA1501 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501) -CA1502 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1502) -CA1505 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1505) -CA1506 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1506) -CA1507 | Maintainability | Info | UseNameofInPlaceOfStringAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507) -CA1508 | Maintainability | Disabled | AvoidDeadConditionalCode, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508) -CA1509 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1509) -CA1700 | Naming | Disabled | DoNotNameEnumValuesReserved, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700) -CA1707 | Naming | Hidden | IdentifiersShouldNotContainUnderscoresAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707) -CA1708 | Naming | Hidden | IdentifiersShouldDifferByMoreThanCaseAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708) -CA1710 | Naming | Hidden | IdentifiersShouldHaveCorrectSuffixAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710) -CA1711 | Naming | Hidden | IdentifiersShouldNotHaveIncorrectSuffixAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711) -CA1712 | Naming | Hidden | DoNotPrefixEnumValuesWithTypeNameAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712) -CA1713 | Naming | Disabled | EventsShouldNotHaveBeforeOrAfterPrefix, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1713) -CA1715 | Naming | Hidden | IdentifiersShouldHaveCorrectPrefixAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715) -CA1716 | Naming | Hidden | IdentifiersShouldNotMatchKeywordsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716) -CA1720 | Naming | Hidden | IdentifiersShouldNotContainTypeNames, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720) -CA1721 | Naming | Disabled | PropertyNamesShouldNotMatchGetMethodsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721) -CA1724 | Naming | Disabled | TypeNamesShouldNotMatchNamespacesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1724) -CA1725 | Naming | Hidden | ParameterNamesShouldMatchBaseDeclarationAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725) -CA1801 | Usage | Disabled | ReviewUnusedParametersAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1801) -CA1802 | Performance | Disabled | UseLiteralsWhereAppropriateAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802) -CA1805 | Performance | Hidden | DoNotInitializeUnnecessarilyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805) -CA1806 | Performance | Info | DoNotIgnoreMethodResultsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806) -CA1810 | Performance | Disabled | InitializeStaticFieldsInlineAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1810) -CA1812 | Performance | Disabled | AvoidUninstantiatedInternalClassesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812) -CA1813 | Performance | Disabled | AvoidUnsealedAttributesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1813) -CA1814 | Performance | Disabled | PreferJaggedArraysOverMultidimensionalAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1814) -CA1815 | Performance | Disabled | OverrideEqualsAndOperatorEqualsOnValueTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815) -CA1816 | Usage | Info | CallGCSuppressFinalizeCorrectlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1816) -CA1819 | Performance | Disabled | PropertiesShouldNotReturnArraysAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819) -CA1820 | Performance | Disabled | TestForEmptyStringsUsingStringLengthAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1820) -CA1821 | Performance | Info | RemoveEmptyFinalizersAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1821) -CA1822 | Performance | Info | MarkMembersAsStaticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822) -CA1823 | Performance | Disabled | AvoidUnusedPrivateFieldsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1823) -CA1824 | Performance | Info | MarkAssembliesWithNeutralResourcesLanguageAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824) -CA1825 | Performance | Info | AvoidZeroLengthArrayAllocationsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825) -CA1826 | Performance | Info | DoNotUseEnumerableMethodsOnIndexableCollectionsInsteadUseTheCollectionDirectlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826) -CA1827 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1827) -CA1828 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1828) -CA1829 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1829) -CA1830 | Performance | Info | PreferTypedStringBuilderAppendOverloads, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1830) -CA1831 | Performance | Warning | UseAsSpanInsteadOfRangeIndexerAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1831) -CA1832 | Performance | Info | UseAsSpanInsteadOfRangeIndexerAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1832) -CA1833 | Performance | Info | UseAsSpanInsteadOfRangeIndexerAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1833) -CA1834 | Performance | Info | PreferConstCharOverConstUnitStringAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1834) -CA1835 | Performance | Info | PreferStreamAsyncMemoryOverloads, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1835) -CA1836 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1836) -CA1837 | Performance | Info | UseEnvironmentProcessId, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1837) -CA1838 | Performance | Hidden | AvoidStringBuilderPInvokeParametersAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1838) -CA2000 | Reliability | Disabled | DisposeObjectsBeforeLosingScope, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) -CA2002 | Reliability | Disabled | DoNotLockOnObjectsWithWeakIdentityAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2002) -CA2007 | Reliability | Disabled | DoNotDirectlyAwaitATaskAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007) -CA2008 | Reliability | Disabled | DoNotCreateTasksWithoutPassingATaskSchedulerAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2008) -CA2009 | Reliability | Info | DoNotCallToImmutableCollectionOnAnImmutableCollectionValueAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2009) -CA2011 | Reliability | Info | AvoidInfiniteRecursion, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2011) -CA2012 | Reliability | Info | UseValueTasksCorrectlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2012) -CA2013 | Reliability | Warning | DoNotUseReferenceEqualsWithValueTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2013) -CA2014 | Reliability | Warning | CSharpDoNotUseStackallocInLoopsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2014) -CA2015 | Reliability | Warning | DoNotDefineFinalizersForTypesDerivedFromMemoryManager, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2015) -CA2016 | Reliability | Info | ForwardCancellationTokenToInvocationsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016) -CA2100 | Security | Disabled | ReviewSqlQueriesForSecurityVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100) -CA2101 | Globalization | Info | PInvokeDiagnosticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2101) -CA2109 | Security | Disabled | ReviewVisibleEventHandlersAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2109) -CA2119 | Security | Disabled | SealMethodsThatSatisfyPrivateInterfacesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2119) -CA2153 | Security | Disabled | DoNotCatchCorruptedStateExceptionsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2153) -CA2200 | Usage | Warning | RethrowToPreserveStackDetailsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2200) -CA2201 | Usage | Hidden | DoNotRaiseReservedExceptionTypesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2201) -CA2207 | Usage | Disabled | InitializeStaticFieldsInlineAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2207) -CA2208 | Usage | Info | InstantiateArgumentExceptionsCorrectlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208) -CA2211 | Usage | Info | NonConstantFieldsShouldNotBeVisibleAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2211) -CA2213 | Usage | Disabled | DisposableFieldsShouldBeDisposed, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213) -CA2214 | Usage | Disabled | DoNotCallOverridableMethodsInConstructorsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214) -CA2215 | Usage | Hidden | DisposeMethodsShouldCallBaseClassDispose, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2215) -CA2216 | Usage | Disabled | DisposableTypesShouldDeclareFinalizerAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2216) -CA2217 | Usage | Disabled | EnumWithFlagsAttributeAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217) -CA2219 | Usage | Info | DoNotRaiseExceptionsInExceptionClausesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2219) -CA2225 | Usage | Disabled | OperatorOverloadsHaveNamedAlternatesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225) -CA2226 | Usage | Disabled | OperatorsShouldHaveSymmetricalOverloadsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226) -CA2227 | Usage | Disabled | CollectionPropertiesShouldBeReadOnlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227) -CA2229 | Usage | Hidden | SerializationRulesDiagnosticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2229) -CA2231 | Usage | Info | OverloadOperatorEqualsOnOverridingValueTypeEqualsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231) -CA2234 | Usage | Disabled | PassSystemUriObjectsInsteadOfStringsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234) -CA2235 | Usage | Disabled | SerializationRulesDiagnosticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2235) -CA2237 | Usage | Disabled | SerializationRulesDiagnosticAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2237) -CA2241 | Usage | Info | ProvideCorrectArgumentsToFormattingMethodsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241) -CA2242 | Usage | Info | TestForNaNCorrectlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2242) -CA2243 | Usage | Disabled | AttributeStringLiteralsShouldParseCorrectlyAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2243) -CA2244 | Usage | Info | AvoidDuplicateElementInitialization, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2244) -CA2245 | Usage | Info | AvoidPropertySelfAssignment, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2245) -CA2246 | Usage | Info | AssigningSymbolAndItsMemberInSameStatement, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2246) -CA2247 | Usage | Warning | DoNotCreateTaskCompletionSourceWithWrongArguments, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2247) -CA2248 | Usage | Info | ProvideCorrectArgumentToEnumHasFlag, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2248) -CA2249 | Usage | Info | PreferStringContainsOverIndexOfAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2249) -CA2300 | Security | Disabled | DoNotUseInsecureDeserializerBinaryFormatterMethods, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300) -CA2301 | Security | Disabled | DoNotUseInsecureDeserializerBinaryFormatterWithoutBinder, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301) -CA2302 | Security | Disabled | DoNotUseInsecureDeserializerBinaryFormatterWithoutBinder, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302) -CA2305 | Security | Disabled | DoNotUseInsecureDeserializerLosFormatter, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2305) -CA2310 | Security | Disabled | DoNotUseInsecureDeserializerNetDataContractSerializerMethods, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2310) -CA2311 | Security | Disabled | DoNotUseInsecureDeserializerNetDataContractSerializerWithoutBinder, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311) -CA2312 | Security | Disabled | DoNotUseInsecureDeserializerNetDataContractSerializerWithoutBinder, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312) -CA2315 | Security | Disabled | DoNotUseInsecureDeserializerObjectStateFormatter, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2315) -CA2321 | Security | Disabled | DoNotUseInsecureDeserializerJavaScriptSerializerWithSimpleTypeResolver, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321) -CA2322 | Security | Disabled | DoNotUseInsecureDeserializerJavaScriptSerializerWithSimpleTypeResolver, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322) -CA2326 | Security | Disabled | JsonNetTypeNameHandling, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2326) -CA2327 | Security | Disabled | DoNotUseInsecureSettingsForJsonNet, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327) -CA2328 | Security | Disabled | DoNotUseInsecureSettingsForJsonNet, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328) -CA2329 | Security | Disabled | DoNotUseInsecureDeserializerJsonNetWithoutBinder, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329) -CA2330 | Security | Disabled | DoNotUseInsecureDeserializerJsonNetWithoutBinder, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330) -CA2350 | Security | Disabled | DoNotUseDataTableReadXml, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2350) -CA2351 | Security | Disabled | DoNotUseDataSetReadXml, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2351) -CA2352 | Security | Disabled | DataSetDataTableInSerializableTypeAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352) -CA2353 | Security | Disabled | DataSetDataTableInSerializableTypeAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353) -CA2354 | Security | Disabled | DataSetDataTableInIFormatterSerializableObjectGraphAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354) -CA2355 | Security | Disabled | DataSetDataTableInSerializableObjectGraphAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355) -CA2356 | Security | Disabled | DataSetDataTableInWebSerializableObjectGraphAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356) -CA2361 | Security | Disabled | DoNotUseDataSetReadXml, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2361) -CA2362 | Security | Disabled | DataSetDataTableInSerializableTypeAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362) -CA3001 | Security | Disabled | ReviewCodeForSqlInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001) -CA3002 | Security | Disabled | ReviewCodeForXssVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002) -CA3003 | Security | Disabled | ReviewCodeForFilePathInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003) -CA3004 | Security | Disabled | ReviewCodeForInformationDisclosureVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004) -CA3005 | Security | Disabled | ReviewCodeForLdapInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005) -CA3006 | Security | Disabled | ReviewCodeForCommandExecutionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006) -CA3007 | Security | Disabled | ReviewCodeForOpenRedirectVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007) -CA3008 | Security | Disabled | ReviewCodeForXPathInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008) -CA3009 | Security | Disabled | ReviewCodeForXmlInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009) -CA3010 | Security | Disabled | ReviewCodeForXamlInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010) -CA3011 | Security | Disabled | ReviewCodeForDllInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011) -CA3012 | Security | Disabled | ReviewCodeForRegexInjectionVulnerabilities, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012) -CA3061 | Security | Hidden | DoNotAddSchemaByURL, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3061) -CA3075 | Security | Hidden | DoNotUseInsecureDtdProcessingAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3075) -CA3076 | Security | Hidden | DoNotUseInsecureXSLTScriptExecutionAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3076) -CA3077 | Security | Hidden | DoNotUseInsecureDtdProcessingInApiDesignAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3077) -CA3147 | Security | Hidden | MarkVerbHandlersWithValidateAntiforgeryTokenAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3147) -CA5350 | Security | Hidden | DoNotUseInsecureCryptographicAlgorithmsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5350) -CA5351 | Security | Hidden | DoNotUseInsecureCryptographicAlgorithmsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5351) -CA5358 | Security | Disabled | ApprovedCipherModeAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5358) -CA5359 | Security | Hidden | DoNotDisableCertificateValidation, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5359) -CA5360 | Security | Hidden | DoNotCallDangerousMethodsInDeserialization, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5360) -CA5361 | Security | Disabled | DoNotSetSwitch, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361) -CA5362 | Security | Disabled | PotentialReferenceCycleInDeserializedObjectGraph, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5362) -CA5363 | Security | Hidden | DoNotDisableRequestValidation, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5363) -CA5364 | Security | Hidden | DoNotUseDeprecatedSecurityProtocols, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5364) -CA5365 | Security | Hidden | DoNotDisableHTTPHeaderChecking, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5365) -CA5366 | Security | Hidden | UseXmlReaderForDataSetReadXml, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5366) -CA5367 | Security | Disabled | DoNotSerializeTypeWithPointerFields, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5367) -CA5368 | Security | Hidden | SetViewStateUserKey, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5368) -CA5369 | Security | Hidden | UseXmlReaderForDeserialize, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5369) -CA5370 | Security | Hidden | UseXmlReaderForValidatingReader, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5370) -CA5371 | Security | Hidden | UseXmlReaderForSchemaRead, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5371) -CA5372 | Security | Hidden | UseXmlReaderForXPathDocument, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5372) -CA5373 | Security | Hidden | DoNotUseObsoleteKDFAlgorithm, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5373) -CA5374 | Security | Hidden | DoNotUseXslTransform, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5374) -CA5375 | Security | Disabled | DoNotUseAccountSAS, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5375) -CA5376 | Security | Disabled | UseSharedAccessProtocolHttpsOnly, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376) -CA5377 | Security | Disabled | UseContainerLevelAccessPolicy, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377) -CA5378 | Security | Disabled | DoNotSetSwitch, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378) -CA5379 | Security | Hidden | DoNotUseWeakKDFAlgorithm, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5379) -CA5380 | Security | Disabled | DoNotInstallRootCert, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380) -CA5381 | Security | Disabled | DoNotInstallRootCert, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381) -CA5382 | Security | Disabled | UseSecureCookiesASPNetCore, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382) -CA5383 | Security | Disabled | UseSecureCookiesASPNetCore, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383) -CA5384 | Security | Hidden | DoNotUseDSA, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384) -CA5385 | Security | Hidden | UseRSAWithSufficientKeySize, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5385) -CA5386 | Security | Disabled | DoNotUseDeprecatedSecurityProtocols, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5386) -CA5387 | Security | Disabled | DoNotUseWeakKDFInsufficientIterationCount, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387) -CA5388 | Security | Disabled | DoNotUseWeakKDFInsufficientIterationCount, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388) -CA5389 | Security | Disabled | DoNotAddArchiveItemPathToTheTargetFileSystemPath, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389) -CA5390 | Security | Disabled | DoNotHardCodeEncryptionKey, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390) -CA5391 | Security | Disabled | UseAutoValidateAntiforgeryToken, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391) -CA5392 | Security | Disabled | UseDefaultDllImportSearchPathsAttribute, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5392) -CA5393 | Security | Disabled | UseDefaultDllImportSearchPathsAttribute, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393) -CA5394 | Security | Disabled | DoNotUseInsecureRandomness, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5394) -CA5395 | Security | Disabled | UseAutoValidateAntiforgeryToken, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5395) -CA5396 | Security | Disabled | SetHttpOnlyForHttpCookie, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5396) -CA5397 | Security | Hidden | SslProtocolsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5397) -CA5398 | Security | Disabled | SslProtocolsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5398) -CA5399 | Security | Disabled | DoNotDisableHttpClientCRLCheck, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5399) -CA5400 | Security | Disabled | DoNotDisableHttpClientCRLCheck, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5400) -CA5401 | Security | Disabled | DoNotUseCreateEncryptorWithNonDefaultIV, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5401) -CA5402 | Security | Disabled | DoNotUseCreateEncryptorWithNonDefaultIV, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5402) -CA5403 | Security | Disabled | DoNotHardCodeCertificate, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5403) -IL3000 | Publish | Warning | AvoidAssemblyLocationInSingleFile, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/il3000) -IL3001 | Publish | Warning | AvoidAssemblyLocationInSingleFile, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/il3001) +CA1000 | Design | Hidden | DoNotDeclareStaticMembersOnGenericTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000) +CA1001 | Design | Hidden | TypesThatOwnDisposableFieldsShouldBeDisposableAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001) +CA1002 | Design | Disabled | DoNotExposeGenericLists, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002) +CA1003 | Design | Disabled | UseGenericEventHandlerInstancesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003) +CA1005 | Design | Disabled | AvoidExcessiveParametersOnGenericTypes, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005) +CA1008 | Design | Disabled | EnumsShouldHaveZeroValueAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008) +CA1010 | Design | Hidden | CollectionsShouldImplementGenericInterfaceAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010) +CA1012 | Design | Disabled | AbstractTypesShouldNotHaveConstructorsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012) +CA1014 | Design | Disabled | MarkAssembliesWithAttributesDiagnosticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1014) +CA1016 | Design | Info | MarkAssembliesWithAttributesDiagnosticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1016) +CA1017 | Design | Disabled | MarkAssembliesWithComVisibleAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1017) +CA1018 | Design | Info | MarkAttributesWithAttributeUsageAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1018) +CA1019 | Design | Disabled | DefineAccessorsForAttributeArgumentsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1019) +CA1021 | Design | Disabled | AvoidOutParameters, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021) +CA1024 | Design | Disabled | UsePropertiesWhereAppropriateAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024) +CA1027 | Design | Disabled | EnumWithFlagsAttributeAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027) +CA1028 | Design | Disabled | EnumStorageShouldBeInt32Analyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028) +CA1030 | Design | Disabled | UseEventsWhereAppropriateAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030) +CA1031 | Design | Disabled | DoNotCatchGeneralExceptionTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031) +CA1032 | Design | Disabled | ImplementStandardExceptionConstructorsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032) +CA1033 | Design | Disabled | InterfaceMethodsShouldBeCallableByChildTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1033) +CA1034 | Design | Disabled | NestedTypesShouldNotBeVisibleAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1034) +CA1036 | Design | Hidden | OverrideMethodsOnComparableTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036) +CA1040 | Design | Disabled | AvoidEmptyInterfacesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040) +CA1041 | Design | Info | ProvideObsoleteAttributeMessageAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041) +CA1043 | Design | Disabled | UseIntegralOrStringArgumentForIndexersAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043) +CA1044 | Design | Disabled | PropertiesShouldNotBeWriteOnlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044) +CA1045 | Design | Disabled | DoNotPassTypesByReference, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045) +CA1046 | Design | Disabled | DoNotOverloadOperatorEqualsOnReferenceTypes, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046) +CA1047 | Design | Info | DoNotDeclareProtectedMembersInSealedTypes, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047) +CA1050 | Design | Info | DeclareTypesInNamespacesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1050) +CA1051 | Design | Hidden | DoNotDeclareVisibleInstanceFieldsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051) +CA1052 | Design | Disabled | StaticHolderTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052) +CA1054 | Design | Disabled | UriParametersShouldNotBeStringsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054) +CA1055 | Design | Disabled | UriReturnValuesShouldNotBeStringsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055) +CA1056 | Design | Disabled | UriPropertiesShouldNotBeStringsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056) +CA1058 | Design | Disabled | TypesShouldNotExtendCertainBaseTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058) +CA1060 | Design | Disabled | MovePInvokesToNativeMethodsClassAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1060) +CA1061 | Design | Info | DoNotHideBaseClassMethodsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1061) +CA1062 | Design | Disabled | ValidateArgumentsOfPublicMethods, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062) +CA1063 | Design | Disabled | ImplementIDisposableCorrectlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063) +CA1064 | Design | Disabled | ExceptionsShouldBePublicAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1064) +CA1065 | Design | Disabled | DoNotRaiseExceptionsInUnexpectedLocationsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1065) +CA1066 | Design | Disabled | EquatableAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1066) +CA1067 | Design | Info | EquatableAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1067) +CA1068 | Design | Info | CancellationTokenParametersMustComeLastAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068) +CA1069 | Design | Info | EnumShouldNotHaveDuplicatedValues, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1069) +CA1070 | Design | Info | DoNotDeclareEventFieldsAsVirtual, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070) +CA1200 | Documentation | Hidden | AvoidUsingCrefTagsWithAPrefixAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200) +CA1303 | Globalization | Disabled | DoNotPassLiteralsAsLocalizedParameters, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303) +CA1304 | Globalization | Hidden | SpecifyCultureInfoAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304) +CA1305 | Globalization | Hidden | SpecifyIFormatProviderAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1305) +CA1307 | Globalization | Disabled | SpecifyStringComparisonAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307) +CA1308 | Globalization | Disabled | NormalizeStringsToUppercaseAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1308) +CA1309 | Globalization | Hidden | UseOrdinalStringComparisonAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309) +CA1310 | Globalization | Hidden | SpecifyStringComparisonAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1310) +CA1401 | Interoperability | Info | PInvokeDiagnosticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1401) +CA1416 | Interoperability | Warning | PlatformCompatibilityAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416) +CA1417 | Interoperability | Warning | DoNotUseOutAttributeStringPInvokeParametersAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1417) +CA1501 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501) +CA1502 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1502) +CA1505 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1505) +CA1506 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1506) +CA1507 | Maintainability | Info | UseNameofInPlaceOfStringAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507) +CA1508 | Maintainability | Disabled | AvoidDeadConditionalCode, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508) +CA1509 | Maintainability | Disabled | CodeMetricsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1509) +CA1700 | Naming | Disabled | DoNotNameEnumValuesReserved, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700) +CA1707 | Naming | Hidden | IdentifiersShouldNotContainUnderscoresAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707) +CA1708 | Naming | Hidden | IdentifiersShouldDifferByMoreThanCaseAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708) +CA1710 | Naming | Hidden | IdentifiersShouldHaveCorrectSuffixAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710) +CA1711 | Naming | Hidden | IdentifiersShouldNotHaveIncorrectSuffixAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711) +CA1712 | Naming | Hidden | DoNotPrefixEnumValuesWithTypeNameAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712) +CA1713 | Naming | Disabled | EventsShouldNotHaveBeforeOrAfterPrefix, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1713) +CA1715 | Naming | Hidden | IdentifiersShouldHaveCorrectPrefixAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715) +CA1716 | Naming | Hidden | IdentifiersShouldNotMatchKeywordsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716) +CA1720 | Naming | Hidden | IdentifiersShouldNotContainTypeNames, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720) +CA1721 | Naming | Disabled | PropertyNamesShouldNotMatchGetMethodsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721) +CA1724 | Naming | Disabled | TypeNamesShouldNotMatchNamespacesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1724) +CA1725 | Naming | Hidden | ParameterNamesShouldMatchBaseDeclarationAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725) +CA1801 | Usage | Disabled | ReviewUnusedParametersAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1801) +CA1802 | Performance | Disabled | UseLiteralsWhereAppropriateAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802) +CA1805 | Performance | Hidden | DoNotInitializeUnnecessarilyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805) +CA1806 | Performance | Info | DoNotIgnoreMethodResultsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806) +CA1810 | Performance | Disabled | InitializeStaticFieldsInlineAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1810) +CA1812 | Performance | Disabled | AvoidUninstantiatedInternalClassesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812) +CA1813 | Performance | Disabled | AvoidUnsealedAttributesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1813) +CA1814 | Performance | Disabled | PreferJaggedArraysOverMultidimensionalAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1814) +CA1815 | Performance | Disabled | OverrideEqualsAndOperatorEqualsOnValueTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815) +CA1816 | Usage | Info | CallGCSuppressFinalizeCorrectlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1816) +CA1819 | Performance | Disabled | PropertiesShouldNotReturnArraysAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819) +CA1820 | Performance | Disabled | TestForEmptyStringsUsingStringLengthAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1820) +CA1821 | Performance | Info | RemoveEmptyFinalizersAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1821) +CA1822 | Performance | Info | MarkMembersAsStaticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822) +CA1823 | Performance | Disabled | AvoidUnusedPrivateFieldsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1823) +CA1824 | Performance | Info | MarkAssembliesWithNeutralResourcesLanguageAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824) +CA1825 | Performance | Info | AvoidZeroLengthArrayAllocationsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825) +CA1826 | Performance | Info | DoNotUseEnumerableMethodsOnIndexableCollectionsInsteadUseTheCollectionDirectlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826) +CA1827 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1827) +CA1828 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1828) +CA1829 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1829) +CA1830 | Performance | Info | PreferTypedStringBuilderAppendOverloads, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1830) +CA1831 | Performance | Warning | UseAsSpanInsteadOfRangeIndexerAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1831) +CA1832 | Performance | Info | UseAsSpanInsteadOfRangeIndexerAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1832) +CA1833 | Performance | Info | UseAsSpanInsteadOfRangeIndexerAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1833) +CA1834 | Performance | Info | PreferConstCharOverConstUnitStringAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1834) +CA1835 | Performance | Info | PreferStreamAsyncMemoryOverloads, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1835) +CA1836 | Performance | Info | UseCountProperlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1836) +CA1837 | Performance | Info | UseEnvironmentProcessId, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1837) +CA1838 | Performance | Hidden | AvoidStringBuilderPInvokeParametersAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1838) +CA2000 | Reliability | Disabled | DisposeObjectsBeforeLosingScope, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000) +CA2002 | Reliability | Disabled | DoNotLockOnObjectsWithWeakIdentityAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2002) +CA2007 | Reliability | Disabled | DoNotDirectlyAwaitATaskAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007) +CA2008 | Reliability | Disabled | DoNotCreateTasksWithoutPassingATaskSchedulerAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2008) +CA2009 | Reliability | Info | DoNotCallToImmutableCollectionOnAnImmutableCollectionValueAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2009) +CA2011 | Reliability | Info | AvoidInfiniteRecursion, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2011) +CA2012 | Reliability | Info | UseValueTasksCorrectlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2012) +CA2013 | Reliability | Warning | DoNotUseReferenceEqualsWithValueTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2013) +CA2014 | Reliability | Warning | CSharpDoNotUseStackallocInLoopsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2014) +CA2015 | Reliability | Warning | DoNotDefineFinalizersForTypesDerivedFromMemoryManager, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2015) +CA2016 | Reliability | Info | ForwardCancellationTokenToInvocationsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016) +CA2100 | Security | Disabled | ReviewSqlQueriesForSecurityVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100) +CA2101 | Globalization | Info | PInvokeDiagnosticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2101) +CA2109 | Security | Disabled | ReviewVisibleEventHandlersAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2109) +CA2119 | Security | Disabled | SealMethodsThatSatisfyPrivateInterfacesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2119) +CA2153 | Security | Disabled | DoNotCatchCorruptedStateExceptionsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2153) +CA2200 | Usage | Warning | RethrowToPreserveStackDetailsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2200) +CA2201 | Usage | Hidden | DoNotRaiseReservedExceptionTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2201) +CA2207 | Usage | Disabled | InitializeStaticFieldsInlineAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2207) +CA2208 | Usage | Info | InstantiateArgumentExceptionsCorrectlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208) +CA2211 | Usage | Info | NonConstantFieldsShouldNotBeVisibleAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2211) +CA2213 | Usage | Disabled | DisposableFieldsShouldBeDisposed, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213) +CA2214 | Usage | Disabled | DoNotCallOverridableMethodsInConstructorsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214) +CA2215 | Usage | Hidden | DisposeMethodsShouldCallBaseClassDispose, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2215) +CA2216 | Usage | Disabled | DisposableTypesShouldDeclareFinalizerAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2216) +CA2217 | Usage | Disabled | EnumWithFlagsAttributeAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217) +CA2219 | Usage | Info | DoNotRaiseExceptionsInExceptionClausesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2219) +CA2225 | Usage | Disabled | OperatorOverloadsHaveNamedAlternatesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225) +CA2226 | Usage | Disabled | OperatorsShouldHaveSymmetricalOverloadsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226) +CA2227 | Usage | Disabled | CollectionPropertiesShouldBeReadOnlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227) +CA2229 | Usage | Hidden | SerializationRulesDiagnosticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2229) +CA2231 | Usage | Info | OverloadOperatorEqualsOnOverridingValueTypeEqualsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231) +CA2234 | Usage | Disabled | PassSystemUriObjectsInsteadOfStringsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234) +CA2235 | Usage | Disabled | SerializationRulesDiagnosticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2235) +CA2237 | Usage | Disabled | SerializationRulesDiagnosticAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2237) +CA2241 | Usage | Info | ProvideCorrectArgumentsToFormattingMethodsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241) +CA2242 | Usage | Info | TestForNaNCorrectlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2242) +CA2243 | Usage | Disabled | AttributeStringLiteralsShouldParseCorrectlyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2243) +CA2244 | Usage | Info | AvoidDuplicateElementInitialization, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2244) +CA2245 | Usage | Info | AvoidPropertySelfAssignment, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2245) +CA2246 | Usage | Info | AssigningSymbolAndItsMemberInSameStatement, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2246) +CA2247 | Usage | Warning | DoNotCreateTaskCompletionSourceWithWrongArguments, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2247) +CA2248 | Usage | Info | ProvideCorrectArgumentToEnumHasFlag, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2248) +CA2249 | Usage | Info | PreferStringContainsOverIndexOfAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2249) +CA2300 | Security | Disabled | DoNotUseInsecureDeserializerBinaryFormatterMethods, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300) +CA2301 | Security | Disabled | DoNotUseInsecureDeserializerBinaryFormatterWithoutBinder, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301) +CA2302 | Security | Disabled | DoNotUseInsecureDeserializerBinaryFormatterWithoutBinder, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302) +CA2305 | Security | Disabled | DoNotUseInsecureDeserializerLosFormatter, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2305) +CA2310 | Security | Disabled | DoNotUseInsecureDeserializerNetDataContractSerializerMethods, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2310) +CA2311 | Security | Disabled | DoNotUseInsecureDeserializerNetDataContractSerializerWithoutBinder, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311) +CA2312 | Security | Disabled | DoNotUseInsecureDeserializerNetDataContractSerializerWithoutBinder, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312) +CA2315 | Security | Disabled | DoNotUseInsecureDeserializerObjectStateFormatter, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2315) +CA2321 | Security | Disabled | DoNotUseInsecureDeserializerJavaScriptSerializerWithSimpleTypeResolver, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321) +CA2322 | Security | Disabled | DoNotUseInsecureDeserializerJavaScriptSerializerWithSimpleTypeResolver, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322) +CA2326 | Security | Disabled | JsonNetTypeNameHandling, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2326) +CA2327 | Security | Disabled | DoNotUseInsecureSettingsForJsonNet, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327) +CA2328 | Security | Disabled | DoNotUseInsecureSettingsForJsonNet, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328) +CA2329 | Security | Disabled | DoNotUseInsecureDeserializerJsonNetWithoutBinder, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329) +CA2330 | Security | Disabled | DoNotUseInsecureDeserializerJsonNetWithoutBinder, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330) +CA2350 | Security | Disabled | DoNotUseDataTableReadXml, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2350) +CA2351 | Security | Disabled | DoNotUseDataSetReadXml, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2351) +CA2352 | Security | Disabled | DataSetDataTableInSerializableTypeAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352) +CA2353 | Security | Disabled | DataSetDataTableInSerializableTypeAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353) +CA2354 | Security | Disabled | DataSetDataTableInIFormatterSerializableObjectGraphAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354) +CA2355 | Security | Disabled | DataSetDataTableInSerializableObjectGraphAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355) +CA2356 | Security | Disabled | DataSetDataTableInWebSerializableObjectGraphAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356) +CA2361 | Security | Disabled | DoNotUseDataSetReadXml, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2361) +CA2362 | Security | Disabled | DataSetDataTableInSerializableTypeAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362) +CA3001 | Security | Disabled | ReviewCodeForSqlInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001) +CA3002 | Security | Disabled | ReviewCodeForXssVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002) +CA3003 | Security | Disabled | ReviewCodeForFilePathInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003) +CA3004 | Security | Disabled | ReviewCodeForInformationDisclosureVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004) +CA3005 | Security | Disabled | ReviewCodeForLdapInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005) +CA3006 | Security | Disabled | ReviewCodeForCommandExecutionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006) +CA3007 | Security | Disabled | ReviewCodeForOpenRedirectVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007) +CA3008 | Security | Disabled | ReviewCodeForXPathInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008) +CA3009 | Security | Disabled | ReviewCodeForXmlInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009) +CA3010 | Security | Disabled | ReviewCodeForXamlInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010) +CA3011 | Security | Disabled | ReviewCodeForDllInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011) +CA3012 | Security | Disabled | ReviewCodeForRegexInjectionVulnerabilities, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012) +CA3061 | Security | Hidden | DoNotAddSchemaByURL, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3061) +CA3075 | Security | Hidden | DoNotUseInsecureDtdProcessingAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3075) +CA3076 | Security | Hidden | DoNotUseInsecureXSLTScriptExecutionAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3076) +CA3077 | Security | Hidden | DoNotUseInsecureDtdProcessingInApiDesignAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3077) +CA3147 | Security | Hidden | MarkVerbHandlersWithValidateAntiforgeryTokenAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3147) +CA5350 | Security | Hidden | DoNotUseInsecureCryptographicAlgorithmsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5350) +CA5351 | Security | Hidden | DoNotUseInsecureCryptographicAlgorithmsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5351) +CA5358 | Security | Disabled | ApprovedCipherModeAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5358) +CA5359 | Security | Hidden | DoNotDisableCertificateValidation, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5359) +CA5360 | Security | Hidden | DoNotCallDangerousMethodsInDeserialization, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5360) +CA5361 | Security | Disabled | DoNotSetSwitch, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361) +CA5362 | Security | Disabled | PotentialReferenceCycleInDeserializedObjectGraph, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5362) +CA5363 | Security | Hidden | DoNotDisableRequestValidation, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5363) +CA5364 | Security | Hidden | DoNotUseDeprecatedSecurityProtocols, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5364) +CA5365 | Security | Hidden | DoNotDisableHTTPHeaderChecking, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5365) +CA5366 | Security | Hidden | UseXmlReaderForDataSetReadXml, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5366) +CA5367 | Security | Disabled | DoNotSerializeTypeWithPointerFields, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5367) +CA5368 | Security | Hidden | SetViewStateUserKey, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5368) +CA5369 | Security | Hidden | UseXmlReaderForDeserialize, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5369) +CA5370 | Security | Hidden | UseXmlReaderForValidatingReader, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5370) +CA5371 | Security | Hidden | UseXmlReaderForSchemaRead, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5371) +CA5372 | Security | Hidden | UseXmlReaderForXPathDocument, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5372) +CA5373 | Security | Hidden | DoNotUseObsoleteKDFAlgorithm, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5373) +CA5374 | Security | Hidden | DoNotUseXslTransform, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5374) +CA5375 | Security | Disabled | DoNotUseAccountSAS, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5375) +CA5376 | Security | Disabled | UseSharedAccessProtocolHttpsOnly, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376) +CA5377 | Security | Disabled | UseContainerLevelAccessPolicy, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377) +CA5378 | Security | Disabled | DoNotSetSwitch, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378) +CA5379 | Security | Hidden | DoNotUseWeakKDFAlgorithm, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5379) +CA5380 | Security | Disabled | DoNotInstallRootCert, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380) +CA5381 | Security | Disabled | DoNotInstallRootCert, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381) +CA5382 | Security | Disabled | UseSecureCookiesASPNetCore, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382) +CA5383 | Security | Disabled | UseSecureCookiesASPNetCore, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383) +CA5384 | Security | Hidden | DoNotUseDSA, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384) +CA5385 | Security | Hidden | UseRSAWithSufficientKeySize, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5385) +CA5386 | Security | Disabled | DoNotUseDeprecatedSecurityProtocols, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5386) +CA5387 | Security | Disabled | DoNotUseWeakKDFInsufficientIterationCount, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387) +CA5388 | Security | Disabled | DoNotUseWeakKDFInsufficientIterationCount, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388) +CA5389 | Security | Disabled | DoNotAddArchiveItemPathToTheTargetFileSystemPath, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389) +CA5390 | Security | Disabled | DoNotHardCodeEncryptionKey, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390) +CA5391 | Security | Disabled | UseAutoValidateAntiforgeryToken, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391) +CA5392 | Security | Disabled | UseDefaultDllImportSearchPathsAttribute, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5392) +CA5393 | Security | Disabled | UseDefaultDllImportSearchPathsAttribute, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393) +CA5394 | Security | Disabled | DoNotUseInsecureRandomness, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5394) +CA5395 | Security | Disabled | UseAutoValidateAntiforgeryToken, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5395) +CA5396 | Security | Disabled | SetHttpOnlyForHttpCookie, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5396) +CA5397 | Security | Hidden | SslProtocolsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5397) +CA5398 | Security | Disabled | SslProtocolsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5398) +CA5399 | Security | Disabled | DoNotDisableHttpClientCRLCheck, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5399) +CA5400 | Security | Disabled | DoNotDisableHttpClientCRLCheck, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5400) +CA5401 | Security | Disabled | DoNotUseCreateEncryptorWithNonDefaultIV, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5401) +CA5402 | Security | Disabled | DoNotUseCreateEncryptorWithNonDefaultIV, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5402) +CA5403 | Security | Disabled | DoNotHardCodeCertificate, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5403) +IL3000 | Publish | Warning | AvoidAssemblyLocationInSingleFile, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/il3000) +IL3001 | Publish | Warning | AvoidAssemblyLocationInSingleFile, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/il3001) ## Release 6.0 @@ -255,35 +255,35 @@ IL3001 | Publish | Warning | AvoidAssemblyLocationInSingleFile, [Documentation]( Rule ID | Category | Severity | Notes --------|----------|----------|------- -CA1418 | Interoperability | Warning | UseValidPlatformString, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1418) -CA1419 | Interoperability | Info | ProvidePublicParameterlessSafeHandleConstructor, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1419) -CA1727 | Naming | Hidden | LoggerMessageDefineAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1727) -CA1839 | Performance | Info | UseEnvironmentMembers, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1839) -CA1840 | Performance | Info | UseEnvironmentMembers, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1840) -CA1841 | Performance | Info | PreferDictionaryContainsMethods, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841) -CA1842 | Performance | Info | DoNotUseWhenAllOrWaitAllWithSingleArgument, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1842) -CA1843 | Performance | Info | DoNotUseWhenAllOrWaitAllWithSingleArgument, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1843) -CA1844 | Performance | Info | ProvideStreamMemoryBasedAsyncOverrides, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1844) -CA1845 | Performance | Info | UseSpanBasedStringConcat, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845) -CA1846 | Performance | Info | PreferAsSpanOverSubstring, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1846) -CA1847 | Performance | Info | UseStringContainsCharOverloadWithSingleCharactersAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1847) -CA1848 | Performance | Hidden | LoggerMessageDefineAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1848) -CA2017 | Reliability | Warning | LoggerMessageDefineAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2017) -CA2018 | Reliability | Warning | BufferBlockCopyLengthAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2018) -CA2250 | Usage | Info | UseCancellationTokenThrowIfCancellationRequested, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2250) -CA2251 | Usage | Hidden | UseStringEqualsOverStringCompare, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2251) -CA2252 | Usage | Error | DetectPreviewFeatureAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252) -CA2253 | Usage | Info | LoggerMessageDefineAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2253) -CA2254 | Usage | Info | LoggerMessageDefineAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2254) -CA2255 | Usage | Warning | ModuleInitializerAttributeShouldNotBeUsedInLibraries, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2255) -CA2256 | Usage | Warning | InterfaceMembersMissingImplementation, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2256) -CA2257 | Usage | Warning | MembersDeclaredOnImplementationTypeMustBeStatic, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2257) -CA2258 | Usage | Warning | DynamicInterfaceCastableImplementationUnsupported, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2258) +CA1418 | Interoperability | Warning | UseValidPlatformString, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1418) +CA1419 | Interoperability | Info | ProvidePublicParameterlessSafeHandleConstructor, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1419) +CA1727 | Naming | Hidden | LoggerMessageDefineAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1727) +CA1839 | Performance | Info | UseEnvironmentMembers, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1839) +CA1840 | Performance | Info | UseEnvironmentMembers, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1840) +CA1841 | Performance | Info | PreferDictionaryContainsMethods, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841) +CA1842 | Performance | Info | DoNotUseWhenAllOrWaitAllWithSingleArgument, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1842) +CA1843 | Performance | Info | DoNotUseWhenAllOrWaitAllWithSingleArgument, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1843) +CA1844 | Performance | Info | ProvideStreamMemoryBasedAsyncOverrides, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1844) +CA1845 | Performance | Info | UseSpanBasedStringConcat, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845) +CA1846 | Performance | Info | PreferAsSpanOverSubstring, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1846) +CA1847 | Performance | Info | UseStringContainsCharOverloadWithSingleCharactersAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1847) +CA1848 | Performance | Hidden | LoggerMessageDefineAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1848) +CA2017 | Reliability | Warning | LoggerMessageDefineAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2017) +CA2018 | Reliability | Warning | BufferBlockCopyLengthAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2018) +CA2250 | Usage | Info | UseCancellationTokenThrowIfCancellationRequested, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2250) +CA2251 | Usage | Hidden | UseStringEqualsOverStringCompare, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2251) +CA2252 | Usage | Error | DetectPreviewFeatureAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252) +CA2253 | Usage | Info | LoggerMessageDefineAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2253) +CA2254 | Usage | Info | LoggerMessageDefineAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2254) +CA2255 | Usage | Warning | ModuleInitializerAttributeShouldNotBeUsedInLibraries, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2255) +CA2256 | Usage | Warning | InterfaceMembersMissingImplementation, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2256) +CA2257 | Usage | Warning | MembersDeclaredOnImplementationTypeMustBeStatic, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2257) +CA2258 | Usage | Warning | DynamicInterfaceCastableImplementationUnsupported, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2258) ### Removed Rules Rule ID | Category | Severity | Notes --------|----------|----------|------- -CA1801 | Usage | Disabled | ReviewUnusedParametersAnalyzer, [Documentation](https://docs.microsoft.com/visualstudio/code-quality/ca1801) +CA1801 | Usage | Disabled | ReviewUnusedParametersAnalyzer, [Documentation](https://learn.microsoft.com/visualstudio/code-quality/ca1801) IL3000 | Publish | Disabled | Moved analyzer to mono/linker IL3001 | Publish | Disabled | Moved analyzer to mono/linker diff --git a/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md b/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md index 635ffa77db..43032124eb 100644 --- a/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md +++ b/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md @@ -4,20 +4,20 @@ Rule ID | Category | Severity | Notes --------|----------|----------|------- -CA1311 | Globalization | Hidden | SpecifyCultureForToLowerAndToUpper, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311) -CA1420 | Interoperability | Warning | FeatureUnsupportedWhenRuntimeMarshallingDisabled, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1420) -CA1421 | Interoperability | Info | MethodUsesRuntimeMarshallingEvenWhenMarshallingDisabled, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1421) -CA1422 | Interoperability | Warning | PlatformCompatibilityAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1422) -CA1849 | Performance | Disabled | UseAsyncMethodInAsyncContext, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1849) -CA1850 | Performance | Info | PreferHashDataOverComputeHashAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1850) -CA1851 | Performance | Disabled | AvoidMultipleEnumerations, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851) -CA1852 | Performance | Hidden | SealInternalTypes, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1852) -CA1853 | Performance | Info | DoNotGuardDictionaryRemoveByContainsKey, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1853) -CA1854 | Performance | Info | PreferDictionaryTryGetValueAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1854) -CA1855 | Performance | Info | UseSpanClearInsteadOfFillAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1855) -CA2019 | Reliability | Info | UseThreadStaticCorrectly, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2019) -CA2020 | Reliability | Info | PreventNumericIntPtrUIntPtrBehavioralChanges, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2020) -CA2259 | Usage | Warning | UseThreadStaticCorrectly, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2259) -CA2260 | Usage | Warning | ImplementGenericMathInterfacesCorrectly, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2260) -CA5404 | Security | Disabled | DoNotDisableTokenValidationChecks, [Documentation](https://docs.microsoft.com/visualstudio/code-quality/ca5404) -CA5405 | Security | Disabled | DoNotAlwaysSkipTokenValidationInDelegates, [Documentation](https://docs.microsoft.com/visualstudio/code-quality/ca5405) +CA1311 | Globalization | Hidden | SpecifyCultureForToLowerAndToUpper, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311) +CA1420 | Interoperability | Warning | FeatureUnsupportedWhenRuntimeMarshallingDisabled, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1420) +CA1421 | Interoperability | Info | MethodUsesRuntimeMarshallingEvenWhenMarshallingDisabled, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1421) +CA1422 | Interoperability | Warning | PlatformCompatibilityAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1422) +CA1849 | Performance | Disabled | UseAsyncMethodInAsyncContext, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1849) +CA1850 | Performance | Info | PreferHashDataOverComputeHashAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1850) +CA1851 | Performance | Disabled | AvoidMultipleEnumerations, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851) +CA1852 | Performance | Hidden | SealInternalTypes, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1852) +CA1853 | Performance | Info | DoNotGuardDictionaryRemoveByContainsKey, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1853) +CA1854 | Performance | Info | PreferDictionaryTryGetValueAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1854) +CA1855 | Performance | Info | UseSpanClearInsteadOfFillAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1855) +CA2019 | Reliability | Info | UseThreadStaticCorrectly, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2019) +CA2020 | Reliability | Info | PreventNumericIntPtrUIntPtrBehavioralChanges, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2020) +CA2259 | Usage | Warning | UseThreadStaticCorrectly, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2259) +CA2260 | Usage | Warning | ImplementGenericMathInterfacesCorrectly, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2260) +CA5404 | Security | Disabled | DoNotDisableTokenValidationChecks, [Documentation](https://learn.microsoft.com/visualstudio/code-quality/ca5404) +CA5405 | Security | Disabled | DoNotAlwaysSkipTokenValidationInDelegates, [Documentation](https://learn.microsoft.com/visualstudio/code-quality/ca5405) diff --git a/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/CancellationTokenParametersMustComeLast.cs b/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/CancellationTokenParametersMustComeLast.cs index 918b0c1e3e..a1279286a7 100644 --- a/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/CancellationTokenParametersMustComeLast.cs +++ b/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/CancellationTokenParametersMustComeLast.cs @@ -87,7 +87,7 @@ public override void Initialize(AnalysisContext context) } // Ignore parameters that have any of these attributes. - // C# reserved attributes: https://docs.microsoft.com/dotnet/csharp/language-reference/attributes/caller-information + // C# reserved attributes: https://learn.microsoft.com/dotnet/csharp/language-reference/attributes/caller-information while (last >= 0 && HasCallerInformationAttribute(methodSymbol.Parameters[last], callerInformationAttributes)) { diff --git a/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/EnumShouldNotHaveDuplicatedValues.cs b/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/EnumShouldNotHaveDuplicatedValues.cs index 53242469f2..2cad74e4d1 100644 --- a/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/EnumShouldNotHaveDuplicatedValues.cs +++ b/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/EnumShouldNotHaveDuplicatedValues.cs @@ -57,7 +57,7 @@ void visitEnumSymbol(SymbolStartAnalysisContext context) } // This dictionary is populated by this thread and then read concurrently. - // https://docs.microsoft.com/en-us/dotnet/api/system.collections.generic.dictionary-2?view=net-5.0#thread-safety + // https://learn.microsoft.com/en-us/dotnet/api/system.collections.generic.dictionary-2?view=net-5.0#thread-safety var membersByValue = PooledDictionary.GetInstance(); var duplicates = PooledConcurrentSet.GetInstance(SymbolEqualityComparer.Default); foreach (var member in enumSymbol.GetMembers()) diff --git a/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/OperatorOverloadsHaveNamedAlternates.cs b/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/OperatorOverloadsHaveNamedAlternates.cs index 6dd564734d..0a729fbb05 100644 --- a/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/OperatorOverloadsHaveNamedAlternates.cs +++ b/src/NetAnalyzers/Core/Microsoft.CodeQuality.Analyzers/ApiDesignGuidelines/OperatorOverloadsHaveNamedAlternates.cs @@ -189,7 +189,7 @@ internal static bool IsPropertyExpected(string operatorName) internal static ExpectedAlternateMethodGroup? GetExpectedAlternateMethodGroup(string operatorName, ITypeSymbol returnType, ITypeSymbol? parameterType) { - // list of operator alternate names: https://docs.microsoft.com/visualstudio/code-quality/ca2225 + // list of operator alternate names: https://learn.microsoft.com/visualstudio/code-quality/ca2225 // the most common case; create a static method with the already specified types static ExpectedAlternateMethodGroup createSingle(string methodName) => new(methodName); diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Runtime/SpecifyStringComparison.cs b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Runtime/SpecifyStringComparison.cs index 3eb393cd5c..8f5562026f 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Runtime/SpecifyStringComparison.cs +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Runtime/SpecifyStringComparison.cs @@ -83,7 +83,7 @@ protected override void InitializeWorker(CompilationStartAnalysisContext context } // Report correctness issue CA1310 for known string comparison methods that default to culture specific string comparison: - // https://docs.microsoft.com/dotnet/standard/base-types/best-practices-strings#string-comparisons-that-use-the-current-culture + // https://learn.microsoft.com/dotnet/standard/base-types/best-practices-strings#string-comparisons-that-use-the-current-culture if (targetMethod.ContainingType.SpecialType == SpecialType.System_String && !overloadMap.IsEmpty && overloadMap.ContainsKey(targetMethod)) @@ -101,7 +101,7 @@ protected override void InitializeWorker(CompilationStartAnalysisContext context // Report maintainability issue CA1307 for any method that has an additional overload with the exact same parameter list, // plus as additional StringComparison parameter. Default StringComparison may or may not match user's intent, // but it is recommended to explicitly specify it for clarity and readability: - // https://docs.microsoft.com/dotnet/standard/base-types/best-practices-strings#recommendations-for-string-usage + // https://learn.microsoft.com/dotnet/standard/base-types/best-practices-strings#recommendations-for-string-usage IEnumerable methodsWithSameNameAsTargetMethod = targetMethod.ContainingType.GetMembers(targetMethod.Name).OfType(); if (methodsWithSameNameAsTargetMethod.HasMoreThan(1)) { diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Security/Helpers/XmlSerializationAttributeTypes.cs b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Security/Helpers/XmlSerializationAttributeTypes.cs index 8f553b577c..3e10a5abfd 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Security/Helpers/XmlSerializationAttributeTypes.cs +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Security/Helpers/XmlSerializationAttributeTypes.cs @@ -10,7 +10,7 @@ namespace Microsoft.NetCore.Analyzers.Security.Helpers /// Just a common way to get s for attributes that affect XML serialization. /// /// - /// https://docs.microsoft.com/en-us/dotnet/standard/serialization/attributes-that-control-xml-serialization + /// https://learn.microsoft.com/en-us/dotnet/standard/serialization/attributes-that-control-xml-serialization /// public class XmlSerializationAttributeTypes { diff --git a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md index 8c93b8faef..b5fcad02fd 100644 --- a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md +++ b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md @@ -1,6 +1,6 @@ # Microsoft.CodeAnalysis.NetAnalyzers -## [CA1000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000): Do not declare static members on generic types +## [CA1000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000): Do not declare static members on generic types When a static member of a generic type is called, the type argument must be specified for the type. When a generic instance member that does not support inference is called, the type argument must be specified for the member. In these two cases, the syntax for specifying the type argument is different and easily confused. @@ -12,7 +12,7 @@ When a static member of a generic type is called, the type argument must be spec |CodeFix|False| --- -## [CA1001](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001): Types that own disposable fields should be disposable +## [CA1001](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001): Types that own disposable fields should be disposable A class declares and implements an instance field that is a System.IDisposable type, and the class does not implement IDisposable. A class that declares an IDisposable field indirectly owns an unmanaged resource and should implement the IDisposable interface. @@ -24,7 +24,7 @@ A class declares and implements an instance field that is a System.IDisposable t |CodeFix|True| --- -## [CA1002](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002): Do not expose generic lists +## [CA1002](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002): Do not expose generic lists System.Collections.Generic.List\ is a generic collection that's designed for performance and not inheritance. List\ does not contain virtual members that make it easier to change the behavior of an inherited class. @@ -36,7 +36,7 @@ System.Collections.Generic.List\ is a generic collection that's designed for |CodeFix|False| --- -## [CA1003](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003): Use generic event handler instances +## [CA1003](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003): Use generic event handler instances A type contains an event that declares an EventHandler delegate that returns void, whose signature contains two parameters (the first an object and the second a type that is assignable to EventArgs), and the containing assembly targets Microsoft .NET Framework?2.0. @@ -48,7 +48,7 @@ A type contains an event that declares an EventHandler delegate that returns voi |CodeFix|False| --- -## [CA1005](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005): Avoid excessive parameters on generic types +## [CA1005](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005): Avoid excessive parameters on generic types The more type parameters a generic type contains, the more difficult it is to know and remember what each type parameter represents. @@ -60,7 +60,7 @@ The more type parameters a generic type contains, the more difficult it is to kn |CodeFix|False| --- -## [CA1008](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008): Enums should have zero value +## [CA1008](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008): Enums should have zero value The default value of an uninitialized enumeration, just as other value types, is zero. A nonflags-attributed enumeration should define a member by using the value of zero so that the default value is a valid value of the enumeration. If an enumeration that has the FlagsAttribute attribute applied defines a zero-valued member, its name should be ""None"" to indicate that no values have been set in the enumeration. @@ -72,7 +72,7 @@ The default value of an uninitialized enumeration, just as other value types, is |CodeFix|True| --- -## [CA1010](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010): Generic interface should also be implemented +## [CA1010](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010): Generic interface should also be implemented To broaden the usability of a type, implement one of the generic interfaces. This is especially true for collections as they can then be used to populate generic collection types. @@ -84,7 +84,7 @@ To broaden the usability of a type, implement one of the generic interfaces. Thi |CodeFix|False| --- -## [CA1012](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012): Abstract types should not have public constructors +## [CA1012](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012): Abstract types should not have public constructors Constructors on abstract types can be called only by derived types. Because public constructors create instances of a type, and you cannot create instances of an abstract type, an abstract type that has a public constructor is incorrectly designed. @@ -96,7 +96,7 @@ Constructors on abstract types can be called only by derived types. Because publ |CodeFix|True| --- -## [CA1014](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1014): Mark assemblies with CLSCompliant +## [CA1014](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1014): Mark assemblies with CLSCompliant The Common Language Specification (CLS) defines naming restrictions, data types, and rules to which assemblies must conform if they will be used across programming languages. Good design dictates that all assemblies explicitly indicate CLS compliance by using CLSCompliantAttribute . If this attribute is not present on an assembly, the assembly is not compliant. @@ -108,7 +108,7 @@ The Common Language Specification (CLS) defines naming restrictions, data types, |CodeFix|False| --- -## [CA1016](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1016): Mark assemblies with assembly version +## [CA1016](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1016): Mark assemblies with assembly version The .NET Framework uses the version number to uniquely identify an assembly, and to bind to types in strongly named assemblies. The version number is used together with version and publisher policy. By default, applications run only with the assembly version with which they were built. @@ -120,7 +120,7 @@ The .NET Framework uses the version number to uniquely identify an assembly, and |CodeFix|False| --- -## [CA1017](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1017): Mark assemblies with ComVisible +## [CA1017](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1017): Mark assemblies with ComVisible ComVisibleAttribute determines how COM clients access managed code. Good design dictates that assemblies explicitly indicate COM visibility. COM visibility can be set for the whole assembly and then overridden for individual types and type members. If this attribute is not present, the contents of the assembly are visible to COM clients. @@ -132,7 +132,7 @@ ComVisibleAttribute determines how COM clients access managed code. Good design |CodeFix|False| --- -## [CA1018](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1018): Mark attributes with AttributeUsageAttribute +## [CA1018](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1018): Mark attributes with AttributeUsageAttribute Specify AttributeUsage on {0} @@ -144,7 +144,7 @@ Specify AttributeUsage on {0} |CodeFix|True| --- -## [CA1019](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1019): Define accessors for attribute arguments +## [CA1019](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1019): Define accessors for attribute arguments Remove the property setter from {0} or reduce its accessibility because it corresponds to positional argument {1} @@ -156,7 +156,7 @@ Remove the property setter from {0} or reduce its accessibility because it corre |CodeFix|True| --- -## [CA1021](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021): Avoid out parameters +## [CA1021](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021): Avoid out parameters Passing types by reference (using 'out' or 'ref') requires experience with pointers, understanding how value types and reference types differ, and handling methods with multiple return values. Also, the difference between 'out' and 'ref' parameters is not widely understood. @@ -168,7 +168,7 @@ Passing types by reference (using 'out' or 'ref') requires experience with point |CodeFix|False| --- -## [CA1024](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024): Use properties where appropriate +## [CA1024](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024): Use properties where appropriate A public or protected method has a name that starts with ""Get"", takes no parameters, and returns a value that is not an array. The method might be a good candidate to become a property. @@ -180,7 +180,7 @@ A public or protected method has a name that starts with ""Get"", takes no param |CodeFix|False| --- -## [CA1027](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027): Mark enums with FlagsAttribute +## [CA1027](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027): Mark enums with FlagsAttribute An enumeration is a value type that defines a set of related named constants. Apply FlagsAttribute to an enumeration when its named constants can be meaningfully combined. @@ -192,7 +192,7 @@ An enumeration is a value type that defines a set of related named constants. Ap |CodeFix|True| --- -## [CA1028](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028): Enum Storage should be Int32 +## [CA1028](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028): Enum Storage should be Int32 An enumeration is a value type that defines a set of related named constants. By default, the System.Int32 data type is used to store the constant value. Although you can change this underlying type, it is not required or recommended for most scenarios. @@ -204,7 +204,7 @@ An enumeration is a value type that defines a set of related named constants. By |CodeFix|True| --- -## [CA1030](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030): Use events where appropriate +## [CA1030](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030): Use events where appropriate This rule detects methods that have names that ordinarily would be used for events. If a method is called in response to a clearly defined state change, the method should be invoked by an event handler. Objects that call the method should raise events instead of calling the method directly. @@ -216,7 +216,7 @@ This rule detects methods that have names that ordinarily would be used for even |CodeFix|False| --- -## [CA1031](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031): Do not catch general exception types +## [CA1031](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031): Do not catch general exception types A general exception such as System.Exception or System.SystemException or a disallowed exception type is caught in a catch statement, or a general catch clause is used. General and disallowed exceptions should not be caught. @@ -228,7 +228,7 @@ A general exception such as System.Exception or System.SystemException or a disa |CodeFix|False| --- -## [CA1032](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032): Implement standard exception constructors +## [CA1032](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032): Implement standard exception constructors Failure to provide the full set of constructors can make it difficult to correctly handle exceptions. @@ -240,7 +240,7 @@ Failure to provide the full set of constructors can make it difficult to correct |CodeFix|True| --- -## [CA1033](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1033): Interface methods should be callable by child types +## [CA1033](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1033): Interface methods should be callable by child types An unsealed externally visible type provides an explicit method implementation of a public interface and does not provide an alternative externally visible method that has the same name. @@ -252,7 +252,7 @@ An unsealed externally visible type provides an explicit method implementation o |CodeFix|True| --- -## [CA1034](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1034): Nested types should not be visible +## [CA1034](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1034): Nested types should not be visible A nested type is a type that is declared in the scope of another type. Nested types are useful to encapsulate private implementation details of the containing type. Used for this purpose, nested types should not be externally visible. @@ -264,7 +264,7 @@ A nested type is a type that is declared in the scope of another type. Nested ty |CodeFix|False| --- -## [CA1036](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036): Override methods on comparable types +## [CA1036](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036): Override methods on comparable types A public or protected type implements the System.IComparable interface. It does not override Object.Equals nor does it overload the language-specific operator for equality, inequality, less than, less than or equal, greater than or greater than or equal. @@ -276,7 +276,7 @@ A public or protected type implements the System.IComparable interface. It does |CodeFix|True| --- -## [CA1040](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040): Avoid empty interfaces +## [CA1040](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040): Avoid empty interfaces Interfaces define members that provide a behavior or usage contract. The functionality that is described by the interface can be adopted by any type, regardless of where the type appears in the inheritance hierarchy. A type implements an interface by providing implementations for the members of the interface. An empty interface does not define any members; therefore, it does not define a contract that can be implemented. @@ -288,7 +288,7 @@ Interfaces define members that provide a behavior or usage contract. The functio |CodeFix|False| --- -## [CA1041](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041): Provide ObsoleteAttribute message +## [CA1041](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041): Provide ObsoleteAttribute message A type or member is marked by using a System.ObsoleteAttribute attribute that does not have its ObsoleteAttribute.Message property specified. When a type or member that is marked by using ObsoleteAttribute is compiled, the Message property of the attribute is displayed. This gives the user information about the obsolete type or member. @@ -300,7 +300,7 @@ A type or member is marked by using a System.ObsoleteAttribute attribute that do |CodeFix|False| --- -## [CA1043](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043): Use Integral Or String Argument For Indexers +## [CA1043](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043): Use Integral Or String Argument For Indexers Indexers, that is, indexed properties, should use integer or string types for the index. These types are typically used for indexing data structures and increase the usability of the library. Use of the Object type should be restricted to those cases where the specific integer or string type cannot be specified at design time. If the design requires other types for the index, reconsider whether the type represents a logical data store. If it does not represent a logical data store, use a method. @@ -312,7 +312,7 @@ Indexers, that is, indexed properties, should use integer or string types for th |CodeFix|False| --- -## [CA1044](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044): Properties should not be write only +## [CA1044](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044): Properties should not be write only Although it is acceptable and often necessary to have a read-only property, the design guidelines prohibit the use of write-only properties. This is because letting a user set a value, and then preventing the user from viewing that value, does not provide any security. Also, without read access, the state of shared objects cannot be viewed, which limits their usefulness. @@ -324,7 +324,7 @@ Although it is acceptable and often necessary to have a read-only property, the |CodeFix|False| --- -## [CA1045](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045): Do not pass types by reference +## [CA1045](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045): Do not pass types by reference Passing types by reference (using out or ref) requires experience with pointers, understanding how value types and reference types differ, and handling methods that have multiple return values. Also, the difference between out and ref parameters is not widely understood. @@ -336,7 +336,7 @@ Passing types by reference (using out or ref) requires experience with pointers, |CodeFix|False| --- -## [CA1046](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046): Do not overload equality operator on reference types +## [CA1046](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046): Do not overload equality operator on reference types For reference types, the default implementation of the equality operator is almost always correct. By default, two references are equal only if they point to the same object. If the operator is providing meaningful value equality, the type should implement the generic 'System.IEquatable' interface. @@ -348,7 +348,7 @@ For reference types, the default implementation of the equality operator is almo |CodeFix|False| --- -## [CA1047](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047): Do not declare protected member in sealed type +## [CA1047](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047): Do not declare protected member in sealed type Types declare protected members so that inheriting types can access or override the member. By definition, you cannot inherit from a sealed type, which means that protected methods on sealed types cannot be called. @@ -360,7 +360,7 @@ Types declare protected members so that inheriting types can access or override |CodeFix|False| --- -## [CA1050](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1050): Declare types in namespaces +## [CA1050](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1050): Declare types in namespaces Types are declared in namespaces to prevent name collisions and as a way to organize related types in an object hierarchy. @@ -372,7 +372,7 @@ Types are declared in namespaces to prevent name collisions and as a way to orga |CodeFix|False| --- -## [CA1051](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051): Do not declare visible instance fields +## [CA1051](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051): Do not declare visible instance fields The primary use of a field should be as an implementation detail. Fields should be private or internal and should be exposed by using properties. @@ -384,7 +384,7 @@ The primary use of a field should be as an implementation detail. Fields should |CodeFix|False| --- -## [CA1052](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052): Static holder types should be Static or NotInheritable +## [CA1052](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052): Static holder types should be Static or NotInheritable Type '{0}' is a static holder type but is neither static nor NotInheritable @@ -396,7 +396,7 @@ Type '{0}' is a static holder type but is neither static nor NotInheritable |CodeFix|True| --- -## [CA1054](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054): URI-like parameters should not be strings +## [CA1054](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054): URI-like parameters should not be strings This rule assumes that the parameter represents a Uniform Resource Identifier (URI). A string representation or a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. 'System.Uri' class provides these services in a safe and secure manner. @@ -408,7 +408,7 @@ This rule assumes that the parameter represents a Uniform Resource Identifier (U |CodeFix|True| --- -## [CA1055](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055): URI-like return values should not be strings +## [CA1055](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055): URI-like return values should not be strings This rule assumes that the method returns a URI. A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The System.Uri class provides these services in a safe and secure manner. @@ -420,7 +420,7 @@ This rule assumes that the method returns a URI. A string representation of a UR |CodeFix|False| --- -## [CA1056](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056): URI-like properties should not be strings +## [CA1056](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056): URI-like properties should not be strings This rule assumes that the property represents a Uniform Resource Identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The System.Uri class provides these services in a safe and secure manner. @@ -432,7 +432,7 @@ This rule assumes that the property represents a Uniform Resource Identifier (UR |CodeFix|False| --- -## [CA1058](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058): Types should not extend certain base types +## [CA1058](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058): Types should not extend certain base types An externally visible type extends certain base types. Use one of the alternatives. @@ -444,7 +444,7 @@ An externally visible type extends certain base types. Use one of the alternativ |CodeFix|False| --- -## [CA1060](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1060): Move pinvokes to native methods class +## [CA1060](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1060): Move pinvokes to native methods class Platform Invocation methods, such as those that are marked by using the System.Runtime.InteropServices.DllImportAttribute attribute, or methods that are defined by using the Declare keyword in Visual Basic, access unmanaged code. These methods should be of the NativeMethods, SafeNativeMethods, or UnsafeNativeMethods class. @@ -456,7 +456,7 @@ Platform Invocation methods, such as those that are marked by using the System.R |CodeFix|False| --- -## [CA1061](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1061): Do not hide base class methods +## [CA1061](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1061): Do not hide base class methods A method in a base type is hidden by an identically named method in a derived type when the parameter signature of the derived method differs only by types that are more weakly derived than the corresponding types in the parameter signature of the base method. @@ -468,7 +468,7 @@ A method in a base type is hidden by an identically named method in a derived ty |CodeFix|False| --- -## [CA1062](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062): Validate arguments of public methods +## [CA1062](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062): Validate arguments of public methods An externally visible method dereferences one of its reference arguments without verifying whether that argument is null (Nothing in Visual Basic). All reference arguments that are passed to externally visible methods should be checked against null. If appropriate, throw an ArgumentNullException when the argument is null or add a Code Contract precondition asserting non-null argument. If the method is designed to be called only by known assemblies, you should make the method internal. @@ -480,7 +480,7 @@ An externally visible method dereferences one of its reference arguments without |CodeFix|False| --- -## [CA1063](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063): Implement IDisposable Correctly +## [CA1063](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063): Implement IDisposable Correctly All IDisposable types should implement the Dispose pattern correctly. @@ -492,7 +492,7 @@ All IDisposable types should implement the Dispose pattern correctly. |CodeFix|False| --- -## [CA1064](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1064): Exceptions should be public +## [CA1064](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1064): Exceptions should be public An internal exception is visible only inside its own internal scope. After the exception falls outside the internal scope, only the base exception can be used to catch the exception. If the internal exception is inherited from T:System.Exception, T:System.SystemException, or T:System.ApplicationException, the external code will not have sufficient information to know what to do with the exception. @@ -504,7 +504,7 @@ An internal exception is visible only inside its own internal scope. After the e |CodeFix|True| --- -## [CA1065](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1065): Do not raise exceptions in unexpected locations +## [CA1065](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1065): Do not raise exceptions in unexpected locations A method that is not expected to throw exceptions throws an exception. @@ -516,7 +516,7 @@ A method that is not expected to throw exceptions throws an exception. |CodeFix|False| --- -## [CA1066](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1066): Implement IEquatable when overriding Object.Equals +## [CA1066](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1066): Implement IEquatable when overriding Object.Equals When a type T overrides Object.Equals(object), the implementation must cast the object argument to the correct type T before performing the comparison. If the type implements IEquatable\, and therefore offers the method T.Equals(T), and if the argument is known at compile time to be of type T, then the compiler can call IEquatable\.Equals(T) instead of Object.Equals(object), and no cast is necessary, improving performance. @@ -528,7 +528,7 @@ When a type T overrides Object.Equals(object), the implementation must cast the |CodeFix|True| --- -## [CA1067](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1067): Override Object.Equals(object) when implementing IEquatable\ +## [CA1067](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1067): Override Object.Equals(object) when implementing IEquatable\ When a type T implements the interface IEquatable\, it suggests to a user who sees a call to the Equals method in source code that an instance of the type can be equated with an instance of any other type. The user might be confused if their attempt to equate the type with an instance of another type fails to compile. This violates the "principle of least surprise". @@ -540,7 +540,7 @@ When a type T implements the interface IEquatable\, it suggests to a user who |CodeFix|True| --- -## [CA1068](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068): CancellationToken parameters must come last +## [CA1068](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068): CancellationToken parameters must come last Method '{0}' should take CancellationToken as the last parameter @@ -552,7 +552,7 @@ Method '{0}' should take CancellationToken as the last parameter |CodeFix|False| --- -## [CA1069](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1069): Enums values should not be duplicated +## [CA1069](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1069): Enums values should not be duplicated The field reference '{0}' is duplicated in this bitwise initialization @@ -564,7 +564,7 @@ The field reference '{0}' is duplicated in this bitwise initialization |CodeFix|False| --- -## [CA1070](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070): Do not declare event fields as virtual +## [CA1070](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070): Do not declare event fields as virtual Do not declare virtual events in a base class. Overridden events in a derived class have undefined behavior. The C# compiler does not handle this correctly and it is unpredictable whether a subscriber to the derived event will actually be subscribing to the base class event. @@ -576,7 +576,7 @@ Do not declare virtual events in a base class. Overridden events in a derived cl |CodeFix|False| --- -## [CA1200](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200): Avoid using cref tags with a prefix +## [CA1200](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200): Avoid using cref tags with a prefix Use of cref tags with prefixes should be avoided, since it prevents the compiler from verifying references and the IDE from updating references during refactorings. It is permissible to suppress this error at a single documentation site if the cref must use a prefix because the type being mentioned is not findable by the compiler. For example, if a cref is mentioning a special attribute in the full framework but you're in a file that compiles against the portable framework, or if you want to reference a type at higher layer of Roslyn, you should suppress the error. You should not suppress the error just because you want to take a shortcut and avoid using the full syntax. @@ -588,7 +588,7 @@ Use of cref tags with prefixes should be avoided, since it prevents the compiler |CodeFix|False| --- -## [CA1303](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303): Do not pass literals as localized parameters +## [CA1303](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303): Do not pass literals as localized parameters A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. @@ -600,7 +600,7 @@ A method passes a string literal as a parameter to a constructor or method in th |CodeFix|False| --- -## [CA1304](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304): Specify CultureInfo +## [CA1304](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304): Specify CultureInfo A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. @@ -612,7 +612,7 @@ A method or constructor calls a member that has an overload that accepts a Syste |CodeFix|False| --- -## [CA1305](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1305): Specify IFormatProvider +## [CA1305](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1305): Specify IFormatProvider A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. @@ -624,7 +624,7 @@ A method or constructor calls one or more members that have overloads that accep |CodeFix|False| --- -## [CA1307](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307): Specify StringComparison for clarity +## [CA1307](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307): Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. @@ -636,7 +636,7 @@ A string comparison operation uses a method overload that does not set a StringC |CodeFix|False| --- -## [CA1308](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1308): Normalize strings to uppercase +## [CA1308](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1308): Normalize strings to uppercase Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. @@ -648,7 +648,7 @@ Strings should be normalized to uppercase. A small group of characters cannot ma |CodeFix|False| --- -## [CA1309](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309): Use ordinal string comparison +## [CA1309](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309): Use ordinal string comparison A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. @@ -660,7 +660,7 @@ A string comparison operation that is nonlinguistic does not set the StringCompa |CodeFix|True| --- -## [CA1310](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1310): Specify StringComparison for correctness +## [CA1310](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1310): Specify StringComparison for correctness A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. @@ -672,7 +672,7 @@ A string comparison operation uses a method overload that does not set a StringC |CodeFix|False| --- -## [CA1311](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311): Specify a culture or use an invariant version +## [CA1311](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311): Specify a culture or use an invariant version Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. @@ -684,7 +684,7 @@ Specify culture to help avoid accidental implicit dependency on current culture. |CodeFix|True| --- -## [CA1401](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1401): P/Invokes should not be visible +## [CA1401](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1401): P/Invokes should not be visible A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. @@ -696,7 +696,7 @@ A public or protected method in a public type has the System.Runtime.InteropServ |CodeFix|False| --- -## [CA1416](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416): Validate platform compatibility +## [CA1416](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416): Validate platform compatibility Using platform dependent API on a component makes the code no longer work across all platforms. @@ -708,7 +708,7 @@ Using platform dependent API on a component makes the code no longer work across |CodeFix|False| --- -## [CA1417](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1417): Do not use 'OutAttribute' on string parameters for P/Invokes +## [CA1417](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1417): Do not use 'OutAttribute' on string parameters for P/Invokes String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. @@ -720,7 +720,7 @@ String parameters passed by value with the 'OutAttribute' can destabilize the ru |CodeFix|False| --- -## [CA1418](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1418): Use valid platform string +## [CA1418](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1418): Use valid platform string Platform compatibility analyzer requires a valid platform name and version. @@ -732,7 +732,7 @@ Platform compatibility analyzer requires a valid platform name and version. |CodeFix|False| --- -## [CA1419](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1419): Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' +## [CA1419](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1419): Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. @@ -744,7 +744,7 @@ Providing a parameterless constructor that is as visible as the containing type |CodeFix|True| --- -## [CA1420](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1420): Property, type, or attribute requires runtime marshalling +## [CA1420](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1420): Property, type, or attribute requires runtime marshalling Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. @@ -756,7 +756,7 @@ Using features that require runtime marshalling when runtime marshalling is disa |CodeFix|False| --- -## [CA1421](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1421): This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied +## [CA1421](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1421): This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. @@ -768,7 +768,7 @@ This method uses runtime marshalling even when runtime marshalling is disabled, |CodeFix|True| --- -## [CA1422](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1422): Validate platform compatibility +## [CA1422](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1422): Validate platform compatibility Using platform dependent API on a component makes the code no longer work across all platforms. @@ -780,7 +780,7 @@ Using platform dependent API on a component makes the code no longer work across |CodeFix|False| --- -## [CA1501](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501): Avoid excessive inheritance +## [CA1501](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501): Avoid excessive inheritance Deeply nested type hierarchies can be difficult to follow, understand, and maintain. This rule limits analysis to hierarchies in the same module. To fix a violation of this rule, derive the type from a base type that is less deep in the inheritance hierarchy or eliminate some of the intermediate base types. @@ -792,7 +792,7 @@ Deeply nested type hierarchies can be difficult to follow, understand, and maint |CodeFix|False| --- -## [CA1502](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1502): Avoid excessive complexity +## [CA1502](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1502): Avoid excessive complexity Cyclomatic complexity measures the number of linearly independent paths through the method, which is determined by the number and complexity of conditional branches. A low cyclomatic complexity generally indicates a method that is easy to understand, test, and maintain. The cyclomatic complexity is calculated from a control flow graph of the method and is given as follows: `cyclomatic complexity = the number of edges - the number of nodes + 1`, where a node represents a logic branch point and an edge represents a line between nodes. @@ -804,7 +804,7 @@ Cyclomatic complexity measures the number of linearly independent paths through |CodeFix|False| --- -## [CA1505](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1505): Avoid unmaintainable code +## [CA1505](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1505): Avoid unmaintainable code The maintainability index is calculated by using the following metrics: lines of code, program volume, and cyclomatic complexity. Program volume is a measure of the difficulty of understanding of a symbol that is based on the number of operators and operands in the code. Cyclomatic complexity is a measure of the structural complexity of the type or method. A low maintainability index indicates that code is probably difficult to maintain and would be a good candidate to redesign. @@ -816,7 +816,7 @@ The maintainability index is calculated by using the following metrics: lines of |CodeFix|False| --- -## [CA1506](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1506): Avoid excessive class coupling +## [CA1506](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1506): Avoid excessive class coupling This rule measures class coupling by counting the number of unique type references that a symbol contains. Symbols that have a high degree of class coupling can be difficult to maintain. It is a good practice to have types and methods that exhibit low coupling and high cohesion. To fix this violation, try to redesign the code to reduce the number of types to which it is coupled. @@ -828,7 +828,7 @@ This rule measures class coupling by counting the number of unique type referenc |CodeFix|False| --- -## [CA1507](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507): Use nameof to express symbol names +## [CA1507](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507): Use nameof to express symbol names Using nameof helps keep your code valid when refactoring. @@ -840,7 +840,7 @@ Using nameof helps keep your code valid when refactoring. |CodeFix|True| --- -## [CA1508](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508): Avoid dead conditional code +## [CA1508](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508): Avoid dead conditional code '{0}' is never '{1}'. Remove or refactor the condition(s) to avoid dead code. @@ -852,7 +852,7 @@ Using nameof helps keep your code valid when refactoring. |CodeFix|False| --- -## [CA1509](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1509): Invalid entry in code metrics rule specification file +## [CA1509](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1509): Invalid entry in code metrics rule specification file Invalid entry in code metrics rule specification file. @@ -864,7 +864,7 @@ Invalid entry in code metrics rule specification file. |CodeFix|False| --- -## [CA1700](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700): Do not name enum values 'Reserved' +## [CA1700](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700): Do not name enum values 'Reserved' This rule assumes that an enumeration member that has a name that contains "reserved" is not currently used but is a placeholder to be renamed or removed in a future version. Renaming or removing a member is a breaking change. @@ -876,7 +876,7 @@ This rule assumes that an enumeration member that has a name that contains "rese |CodeFix|False| --- -## [CA1707](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707): Identifiers should not contain underscores +## [CA1707](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707): Identifiers should not contain underscores By convention, identifier names do not contain the underscore (_) character. This rule checks namespaces, types, members, and parameters. @@ -888,7 +888,7 @@ By convention, identifier names do not contain the underscore (_) character. Thi |CodeFix|True| --- -## [CA1708](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708): Identifiers should differ by more than case +## [CA1708](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708): Identifiers should differ by more than case Identifiers for namespaces, types, members, and parameters cannot differ only by case because languages that target the common language runtime are not required to be case-sensitive. @@ -900,7 +900,7 @@ Identifiers for namespaces, types, members, and parameters cannot differ only by |CodeFix|False| --- -## [CA1710](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710): Identifiers should have correct suffix +## [CA1710](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710): Identifiers should have correct suffix By convention, the names of types that extend certain base types or that implement certain interfaces, or types that are derived from these types, have a suffix that is associated with the base type or interface. @@ -912,7 +912,7 @@ By convention, the names of types that extend certain base types or that impleme |CodeFix|False| --- -## [CA1711](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711): Identifiers should not have incorrect suffix +## [CA1711](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711): Identifiers should not have incorrect suffix By convention, only the names of types that extend certain base types or that implement certain interfaces, or types that are derived from these types, should end with specific reserved suffixes. Other type names should not use these reserved suffixes. @@ -924,7 +924,7 @@ By convention, only the names of types that extend certain base types or that im |CodeFix|False| --- -## [CA1712](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712): Do not prefix enum values with type name +## [CA1712](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712): Do not prefix enum values with type name An enumeration's values should not start with the type name of the enumeration. @@ -936,7 +936,7 @@ An enumeration's values should not start with the type name of the enumeration. |CodeFix|False| --- -## [CA1713](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1713): Events should not have 'Before' or 'After' prefix +## [CA1713](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1713): Events should not have 'Before' or 'After' prefix Event names should describe the action that raises the event. To name related events that are raised in a specific sequence, use the present or past tense to indicate the relative position in the sequence of actions. For example, when naming a pair of events that is raised when closing a resource, you might name it 'Closing' and 'Closed', instead of 'BeforeClose' and 'AfterClose'. @@ -948,7 +948,7 @@ Event names should describe the action that raises the event. To name related ev |CodeFix|False| --- -## [CA1715](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715): Identifiers should have correct prefix +## [CA1715](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715): Identifiers should have correct prefix The name of an externally visible interface does not start with an uppercase ""I"". The name of a generic type parameter on an externally visible type or method does not start with an uppercase ""T"". @@ -960,7 +960,7 @@ The name of an externally visible interface does not start with an uppercase ""I |CodeFix|False| --- -## [CA1716](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716): Identifiers should not match keywords +## [CA1716](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716): Identifiers should not match keywords A namespace name or a type name matches a reserved keyword in a programming language. Identifiers for namespaces and types should not match keywords that are defined by languages that target the common language runtime. @@ -972,7 +972,7 @@ A namespace name or a type name matches a reserved keyword in a programming lang |CodeFix|False| --- -## [CA1720](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720): Identifier contains type name +## [CA1720](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720): Identifier contains type name Names of parameters and members are better used to communicate their meaning than to describe their type, which is expected to be provided by development tools. For names of members, if a data type name must be used, use a language-independent name instead of a language-specific one. @@ -984,7 +984,7 @@ Names of parameters and members are better used to communicate their meaning tha |CodeFix|False| --- -## [CA1721](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721): Property names should not match get methods +## [CA1721](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721): Property names should not match get methods The name of a public or protected member starts with ""Get"" and otherwise matches the name of a public or protected property. ""Get"" methods and properties should have names that clearly distinguish their function. @@ -996,7 +996,7 @@ The name of a public or protected member starts with ""Get"" and otherwise match |CodeFix|False| --- -## [CA1724](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1724): Type names should not match namespaces +## [CA1724](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1724): Type names should not match namespaces Type names should not match the names of namespaces that are defined in the .NET Framework class library. Violating this rule can reduce the usability of the library. @@ -1008,7 +1008,7 @@ Type names should not match the names of namespaces that are defined in the .NET |CodeFix|False| --- -## [CA1725](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725): Parameter names should match base declaration +## [CA1725](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725): Parameter names should match base declaration Consistent naming of parameters in an override hierarchy increases the usability of the method overrides. A parameter name in a derived method that differs from the name in the base declaration can cause confusion about whether the method is an override of the base method or a new overload of the method. @@ -1020,7 +1020,7 @@ Consistent naming of parameters in an override hierarchy increases the usability |CodeFix|True| --- -## [CA1727](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1727): Use PascalCase for named placeholders +## [CA1727](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1727): Use PascalCase for named placeholders Use PascalCase for named placeholders in the logging message template. @@ -1032,7 +1032,7 @@ Use PascalCase for named placeholders in the logging message template. |CodeFix|False| --- -## [CA1802](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802): Use literals where appropriate +## [CA1802](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802): Use literals where appropriate A field is declared static and read-only (Shared and ReadOnly in Visual Basic), and is initialized by using a value that is computable at compile time. Because the value that is assigned to the targeted field is computable at compile time, change the declaration to a const (Const in Visual Basic) field so that the value is computed at compile time instead of at run?time. @@ -1044,7 +1044,7 @@ A field is declared static and read-only (Shared and ReadOnly in Visual Basic), |CodeFix|True| --- -## [CA1805](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805): Do not initialize unnecessarily +## [CA1805](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805): Do not initialize unnecessarily The .NET runtime initializes all fields of reference types to their default values before running the constructor. In most cases, explicitly initializing a field to its default value in a constructor is redundant, adding maintenance costs and potentially degrading performance (such as with increased assembly size), and the explicit initialization can be removed. In some cases, such as with static readonly fields that permanently retain their default value, consider instead changing them to be constants or properties. @@ -1056,7 +1056,7 @@ The .NET runtime initializes all fields of reference types to their default valu |CodeFix|True| --- -## [CA1806](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806): Do not ignore method results +## [CA1806](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806): Do not ignore method results A new object is created but never used; or a method that creates and returns a new string is called and the new string is never used; or a COM or P/Invoke method returns an HRESULT or error code that is never used. @@ -1068,7 +1068,7 @@ A new object is created but never used; or a method that creates and returns a n |CodeFix|False| --- -## [CA1810](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1810): Initialize reference type static fields inline +## [CA1810](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1810): Initialize reference type static fields inline A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. @@ -1080,7 +1080,7 @@ A reference type declares an explicit static constructor. To fix a violation of |CodeFix|False| --- -## [CA1812](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812): Avoid uninstantiated internal classes +## [CA1812](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812): Avoid uninstantiated internal classes An instance of an assembly-level type is not created by code in the assembly. @@ -1092,7 +1092,7 @@ An instance of an assembly-level type is not created by code in the assembly. |CodeFix|False| --- -## [CA1813](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1813): Avoid unsealed attributes +## [CA1813](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1813): Avoid unsealed attributes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. @@ -1104,7 +1104,7 @@ The .NET Framework class library provides methods for retrieving custom attribut |CodeFix|True| --- -## [CA1814](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1814): Prefer jagged arrays over multidimensional +## [CA1814](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1814): Prefer jagged arrays over multidimensional A jagged array is an array whose elements are arrays. The arrays that make up the elements can be of different sizes, leading to less wasted space for some sets of data. @@ -1116,7 +1116,7 @@ A jagged array is an array whose elements are arrays. The arrays that make up th |CodeFix|False| --- -## [CA1815](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815): Override equals and operator equals on value types +## [CA1815](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815): Override equals and operator equals on value types For value types, the inherited implementation of Equals uses the Reflection library and compares the contents of all fields. Reflection is computationally expensive, and comparing every field for equality might be unnecessary. If you expect users to compare or sort instances, or to use instances as hash table keys, your value type should implement Equals. @@ -1128,7 +1128,7 @@ For value types, the inherited implementation of Equals uses the Reflection libr |CodeFix|True| --- -## [CA1816](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1816): Dispose methods should call SuppressFinalize +## [CA1816](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1816): Dispose methods should call SuppressFinalize A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). @@ -1140,7 +1140,7 @@ A method that is an implementation of Dispose does not call GC.SuppressFinalize; |CodeFix|False| --- -## [CA1819](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819): Properties should not return arrays +## [CA1819](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819): Properties should not return arrays Arrays that are returned by properties are not write-protected, even when the property is read-only. To keep the array tamper-proof, the property must return a copy of the array. Typically, users will not understand the adverse performance implications of calling such a property. @@ -1152,7 +1152,7 @@ Arrays that are returned by properties are not write-protected, even when the pr |CodeFix|False| --- -## [CA1820](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1820): Test for empty strings using string length +## [CA1820](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1820): Test for empty strings using string length Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. @@ -1164,7 +1164,7 @@ Comparing strings by using the String.Length property or the String.IsNullOrEmpt |CodeFix|True| --- -## [CA1821](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1821): Remove empty Finalizers +## [CA1821](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1821): Remove empty Finalizers Finalizers should be avoided where possible, to avoid the additional performance overhead involved in tracking object lifetime. @@ -1176,7 +1176,7 @@ Finalizers should be avoided where possible, to avoid the additional performance |CodeFix|True| --- -## [CA1822](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822): Mark members as static +## [CA1822](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822): Mark members as static Members that do not access instance data or call instance methods can be marked as static. After you mark the methods as static, the compiler will emit nonvirtual call sites to these members. This can give you a measurable performance gain for performance-sensitive code. @@ -1188,7 +1188,7 @@ Members that do not access instance data or call instance methods can be marked |CodeFix|True| --- -## [CA1823](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1823): Avoid unused private fields +## [CA1823](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1823): Avoid unused private fields Private fields were detected that do not appear to be accessed in the assembly. @@ -1200,7 +1200,7 @@ Private fields were detected that do not appear to be accessed in the assembly. |CodeFix|True| --- -## [CA1824](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824): Mark assemblies with NeutralResourcesLanguageAttribute +## [CA1824](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824): Mark assemblies with NeutralResourcesLanguageAttribute The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. @@ -1212,7 +1212,7 @@ The NeutralResourcesLanguage attribute informs the ResourceManager of the langua |CodeFix|False| --- -## [CA1825](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825): Avoid zero-length array allocations +## [CA1825](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825): Avoid zero-length array allocations Avoid unnecessary zero-length array allocations. Use {0} instead. @@ -1224,7 +1224,7 @@ Avoid unnecessary zero-length array allocations. Use {0} instead. |CodeFix|True| --- -## [CA1826](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826): Do not use Enumerable methods on indexable collections +## [CA1826](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826): Do not use Enumerable methods on indexable collections This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. @@ -1236,7 +1236,7 @@ This collection is directly indexable. Going through LINQ here causes unnecessar |CodeFix|True| --- -## [CA1827](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1827): Do not use Count() or LongCount() when Any() can be used +## [CA1827](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1827): Do not use Count() or LongCount() when Any() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. @@ -1248,7 +1248,7 @@ For non-empty collections, Count() and LongCount() enumerate the entire sequence |CodeFix|True| --- -## [CA1828](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1828): Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used +## [CA1828](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1828): Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. @@ -1260,7 +1260,7 @@ For non-empty collections, CountAsync() and LongCountAsync() enumerate the entir |CodeFix|True| --- -## [CA1829](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1829): Use Length/Count property instead of Count() when available +## [CA1829](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1829): Use Length/Count property instead of Count() when available Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. @@ -1272,7 +1272,7 @@ Enumerable.Count() potentially enumerates the sequence while a Length/Count prop |CodeFix|True| --- -## [CA1830](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1830): Prefer strongly-typed Append and Insert method overloads on StringBuilder +## [CA1830](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1830): Prefer strongly-typed Append and Insert method overloads on StringBuilder StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. @@ -1284,7 +1284,7 @@ StringBuilder.Append and StringBuilder.Insert provide overloads for multiple typ |CodeFix|True| --- -## [CA1831](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1831): Use AsSpan or AsMemory instead of Range-based indexers when appropriate +## [CA1831](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1831): Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. @@ -1296,7 +1296,7 @@ The Range-based indexer on string values produces a copy of requested portion of |CodeFix|True| --- -## [CA1832](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1832): Use AsSpan or AsMemory instead of Range-based indexers when appropriate +## [CA1832](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1832): Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. @@ -1308,7 +1308,7 @@ The Range-based indexer on array values produces a copy of requested portion of |CodeFix|True| --- -## [CA1833](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1833): Use AsSpan or AsMemory instead of Range-based indexers when appropriate +## [CA1833](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1833): Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. @@ -1320,7 +1320,7 @@ The Range-based indexer on array values produces a copy of requested portion of |CodeFix|True| --- -## [CA1834](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1834): Consider using 'StringBuilder.Append(char)' when applicable +## [CA1834](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1834): Consider using 'StringBuilder.Append(char)' when applicable 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. @@ -1332,7 +1332,7 @@ The Range-based indexer on array values produces a copy of requested portion of |CodeFix|True| --- -## [CA1835](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1835): Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' +## [CA1835](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1835): Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' 'Stream' has a 'ReadAsync' overload that takes a 'Memory\' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory\' as the first argument. Prefer calling the memory based overloads, which are more efficient. @@ -1344,7 +1344,7 @@ The Range-based indexer on array values produces a copy of requested portion of |CodeFix|True| --- -## [CA1836](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1836): Prefer IsEmpty over Count +## [CA1836](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1836): Prefer IsEmpty over Count For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. @@ -1356,7 +1356,7 @@ For determining whether the object contains or not any items, prefer using 'IsEm |CodeFix|True| --- -## [CA1837](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1837): Use 'Environment.ProcessId' +## [CA1837](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1837): Use 'Environment.ProcessId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. @@ -1368,7 +1368,7 @@ For determining whether the object contains or not any items, prefer using 'IsEm |CodeFix|True| --- -## [CA1838](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1838): Avoid 'StringBuilder' parameters for P/Invokes +## [CA1838](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1838): Avoid 'StringBuilder' parameters for P/Invokes Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. @@ -1380,7 +1380,7 @@ Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in |CodeFix|False| --- -## [CA1839](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1839): Use 'Environment.ProcessPath' +## [CA1839](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1839): Use 'Environment.ProcessPath' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. @@ -1392,7 +1392,7 @@ Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in |CodeFix|True| --- -## [CA1840](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1840): Use 'Environment.CurrentManagedThreadId' +## [CA1840](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1840): Use 'Environment.CurrentManagedThreadId' 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. @@ -1404,7 +1404,7 @@ Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in |CodeFix|True| --- -## [CA1841](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841): Prefer Dictionary.Contains methods +## [CA1841](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841): Prefer Dictionary.Contains methods Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. @@ -1416,7 +1416,7 @@ Many dictionary implementations lazily initialize the Values collection. To avoi |CodeFix|True| --- -## [CA1842](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1842): Do not use 'WhenAll' with a single task +## [CA1842](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1842): Do not use 'WhenAll' with a single task Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. @@ -1428,7 +1428,7 @@ Using 'WhenAll' with a single task may result in performance loss, await or retu |CodeFix|True| --- -## [CA1843](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1843): Do not use 'WaitAll' with a single task +## [CA1843](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1843): Do not use 'WaitAll' with a single task Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. @@ -1440,7 +1440,7 @@ Using 'WaitAll' with a single task may result in performance loss, await or retu |CodeFix|True| --- -## [CA1844](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1844): Provide memory-based overrides of async methods when subclassing 'Stream' +## [CA1844](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1844): Provide memory-based overrides of async methods when subclassing 'Stream' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. @@ -1452,7 +1452,7 @@ To improve performance, override the memory-based async methods when subclassing |CodeFix|False| --- -## [CA1845](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845): Use span-based 'string.Concat' +## [CA1845](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845): Use span-based 'string.Concat' It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. @@ -1464,7 +1464,7 @@ It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' |CodeFix|True| --- -## [CA1846](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1846): Prefer 'AsSpan' over 'Substring' +## [CA1846](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1846): Prefer 'AsSpan' over 'Substring' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. @@ -1476,7 +1476,7 @@ It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' |CodeFix|True| --- -## [CA1847](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1847): Use char literal for a single character lookup +## [CA1847](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1847): Use char literal for a single character lookup 'string.Contains(char)' is available as a better performing overload for single char lookup. @@ -1488,7 +1488,7 @@ It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' |CodeFix|True| --- -## [CA1848](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1848): Use the LoggerMessage delegates +## [CA1848](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1848): Use the LoggerMessage delegates For improved performance, use the LoggerMessage delegates. @@ -1500,7 +1500,7 @@ For improved performance, use the LoggerMessage delegates. |CodeFix|False| --- -## [CA1849](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1849): Call async methods when in an async method +## [CA1849](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1849): Call async methods when in an async method When inside a Task-returning method, use the async version of methods, if they exist. @@ -1512,7 +1512,7 @@ When inside a Task-returning method, use the async version of methods, if they e |CodeFix|False| --- -## [CA1850](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1850): Prefer static 'HashData' method over 'ComputeHash' +## [CA1850](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1850): Prefer static 'HashData' method over 'ComputeHash' It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. @@ -1524,7 +1524,7 @@ It is more efficient to use the static 'HashData' method over creating and manag |CodeFix|True| --- -## [CA1851](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851): Possible multiple enumerations of 'IEnumerable' collection +## [CA1851](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851): Possible multiple enumerations of 'IEnumerable' collection Possible multiple enumerations of 'IEnumerable' collection. Consider using an implementation that avoids multiple enumerations. @@ -1536,7 +1536,7 @@ Possible multiple enumerations of 'IEnumerable' collection. Consider using an im |CodeFix|False| --- -## [CA1852](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1852): Seal internal types +## [CA1852](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1852): Seal internal types When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. @@ -1548,7 +1548,7 @@ When a type is not accessible outside its assembly and has no subtypes within it |CodeFix|True| --- -## [CA1853](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1853): Unnecessary call to 'Dictionary.ContainsKey(key)' +## [CA1853](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1853): Unnecessary call to 'Dictionary.ContainsKey(key)' Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. @@ -1560,7 +1560,7 @@ Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The fo |CodeFix|True| --- -## [CA1854](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1854): Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method +## [CA1854](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1854): Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. @@ -1572,7 +1572,7 @@ Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'Conta |CodeFix|True| --- -## [CA1855](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1855): Prefer 'Clear' over 'Fill' +## [CA1855](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1855): Prefer 'Clear' over 'Fill' It is more efficient to use 'Clear', instead of 'Fill' with default value. @@ -1584,7 +1584,7 @@ It is more efficient to use 'Clear', instead of 'Fill' with default value. |CodeFix|True| --- -## [CA2000](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000): Dispose objects before losing scope +## [CA2000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000): Dispose objects before losing scope If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. @@ -1596,7 +1596,7 @@ If a disposable object is not explicitly disposed before all references to it ar |CodeFix|False| --- -## [CA2002](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2002): Do not lock on objects with weak identity +## [CA2002](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2002): Do not lock on objects with weak identity An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. @@ -1608,7 +1608,7 @@ An object is said to have a weak identity when it can be directly accessed acros |CodeFix|False| --- -## [CA2007](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007): Consider calling ConfigureAwait on the awaited task +## [CA2007](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007): Consider calling ConfigureAwait on the awaited task When an asynchronous method awaits a Task directly, continuation occurs in the same thread that created the task. Consider calling Task.ConfigureAwait(Boolean) to signal your intention for continuation. Call ConfigureAwait(false) on the task to schedule continuations to the thread pool, thereby avoiding a deadlock on the UI thread. Passing false is a good option for app-independent libraries. Calling ConfigureAwait(true) on the task has the same behavior as not explicitly calling ConfigureAwait. By explicitly calling this method, you're letting readers know you intentionally want to perform the continuation on the original synchronization context. @@ -1620,7 +1620,7 @@ When an asynchronous method awaits a Task directly, continuation occurs in the s |CodeFix|True| --- -## [CA2008](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2008): Do not create tasks without passing a TaskScheduler +## [CA2008](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2008): Do not create tasks without passing a TaskScheduler Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. @@ -1632,7 +1632,7 @@ Do not create tasks unless you are using one of the overloads that takes a TaskS |CodeFix|False| --- -## [CA2009](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2009): Do not call ToImmutableCollection on an ImmutableCollection value +## [CA2009](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2009): Do not call ToImmutableCollection on an ImmutableCollection value Do not call {0} on an {1} value @@ -1644,7 +1644,7 @@ Do not call {0} on an {1} value |CodeFix|True| --- -## [CA2011](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2011): Avoid infinite recursion +## [CA2011](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2011): Avoid infinite recursion Do not assign the property within its setter. This call might result in an infinite recursion. @@ -1656,7 +1656,7 @@ Do not assign the property within its setter. This call might result in an infin |CodeFix|False| --- -## [CA2012](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2012): Use ValueTasks correctly +## [CA2012](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2012): Use ValueTasks correctly ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. @@ -1668,7 +1668,7 @@ ValueTasks returned from member invocations are intended to be directly awaited. |CodeFix|False| --- -## [CA2013](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2013): Do not use ReferenceEquals with value types +## [CA2013](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2013): Do not use ReferenceEquals with value types Value type typed arguments are uniquely boxed for each call to this method, therefore the result is always false. @@ -1680,7 +1680,7 @@ Value type typed arguments are uniquely boxed for each call to this method, ther |CodeFix|False| --- -## [CA2014](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2014): Do not use stackalloc in loops +## [CA2014](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2014): Do not use stackalloc in loops Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. @@ -1692,7 +1692,7 @@ Stack space allocated by a stackalloc is only released at the end of the current |CodeFix|False| --- -## [CA2015](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2015): Do not define finalizers for types derived from MemoryManager\ +## [CA2015](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2015): Do not define finalizers for types derived from MemoryManager\ Adding a finalizer to a type derived from MemoryManager\ may permit memory to be freed while it is still in use by a Span\. @@ -1704,7 +1704,7 @@ Adding a finalizer to a type derived from MemoryManager\ may permit memory to |CodeFix|False| --- -## [CA2016](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016): Forward the 'CancellationToken' parameter to methods +## [CA2016](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016): Forward the 'CancellationToken' parameter to methods Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. @@ -1716,7 +1716,7 @@ Forward the 'CancellationToken' parameter to methods to ensure the operation can |CodeFix|True| --- -## [CA2017](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2017): Parameter count mismatch +## [CA2017](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2017): Parameter count mismatch Number of parameters supplied in the logging message template do not match the number of named placeholders. @@ -1728,7 +1728,7 @@ Number of parameters supplied in the logging message template do not match the n |CodeFix|False| --- -## [CA2018](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2018): 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument +## [CA2018](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2018): 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. @@ -1740,7 +1740,7 @@ Number of parameters supplied in the logging message template do not match the n |CodeFix|False| --- -## [CA2019](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2019): Improper 'ThreadStatic' field initialization +## [CA2019](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2019): Improper 'ThreadStatic' field initialization 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. @@ -1752,7 +1752,7 @@ Number of parameters supplied in the logging message template do not match the n |CodeFix|False| --- -## [CA2020](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2020): Prevent from behavioral change +## [CA2020](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2020): Prevent from behavioral change Some built in operators added in .NET 7 behave differently than the user defined operatorsi in .NET 6 and below. Some operators that used to throw in unchecked context while overflowing will not throw anymore unless wrapped within checked context, and some operators that not used to throw in checked context now would throw unless wrapped within unchecked context. @@ -1764,7 +1764,7 @@ Some built in operators added in .NET 7 behave differently than the user defined |CodeFix|False| --- -## [CA2100](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100): Review SQL queries for security vulnerabilities +## [CA2100](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100): Review SQL queries for security vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. @@ -1776,7 +1776,7 @@ SQL queries that directly use user input can be vulnerable to SQL injection atta |CodeFix|False| --- -## [CA2101](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2101): Specify marshaling for P/Invoke string arguments +## [CA2101](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2101): Specify marshaling for P/Invoke string arguments A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. @@ -1788,7 +1788,7 @@ A platform invoke member allows partially trusted callers, has a string paramete |CodeFix|True| --- -## [CA2109](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2109): Review visible event handlers +## [CA2109](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2109): Review visible event handlers A public or protected event-handling method was detected. Event-handling methods should not be exposed unless absolutely necessary. @@ -1800,7 +1800,7 @@ A public or protected event-handling method was detected. Event-handling methods |CodeFix|False| --- -## [CA2119](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2119): Seal methods that satisfy private interfaces +## [CA2119](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2119): Seal methods that satisfy private interfaces An inheritable public type provides an overridable method implementation of an internal (Friend in Visual Basic) interface. To fix a violation of this rule, prevent the method from being overridden outside the assembly. @@ -1812,7 +1812,7 @@ An inheritable public type provides an overridable method implementation of an i |CodeFix|True| --- -## [CA2153](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2153): Do Not Catch Corrupted State Exceptions +## [CA2153](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2153): Do Not Catch Corrupted State Exceptions Catching corrupted state exceptions could mask errors (such as access violations), resulting in inconsistent state of execution or making it easier for attackers to compromise system. Instead, catch and handle a more specific set of exception type(s) or re-throw the exception. @@ -1824,7 +1824,7 @@ Catching corrupted state exceptions could mask errors (such as access violations |CodeFix|False| --- -## [CA2200](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2200): Rethrow to preserve stack details +## [CA2200](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2200): Rethrow to preserve stack details Re-throwing caught exception changes stack information @@ -1836,7 +1836,7 @@ Re-throwing caught exception changes stack information |CodeFix|True| --- -## [CA2201](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2201): Do not raise reserved exception types +## [CA2201](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2201): Do not raise reserved exception types An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. @@ -1848,7 +1848,7 @@ An exception of type that is not sufficiently specific or reserved by the runtim |CodeFix|False| --- -## [CA2207](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2207): Initialize value type static fields inline +## [CA2207](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2207): Initialize value type static fields inline A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. @@ -1860,7 +1860,7 @@ A value type declares an explicit static constructor. To fix a violation of this |CodeFix|False| --- -## [CA2208](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208): Instantiate argument exceptions correctly +## [CA2208](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208): Instantiate argument exceptions correctly A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. @@ -1872,7 +1872,7 @@ A call is made to the default (parameterless) constructor of an exception type t |CodeFix|True| --- -## [CA2211](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2211): Non-constant fields should not be visible +## [CA2211](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2211): Non-constant fields should not be visible Static fields that are neither constants nor read-only are not thread-safe. Access to such a field must be carefully controlled and requires advanced programming techniques to synchronize access to the class object. @@ -1884,7 +1884,7 @@ Static fields that are neither constants nor read-only are not thread-safe. Acce |CodeFix|False| --- -## [CA2213](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213): Disposable fields should be disposed +## [CA2213](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213): Disposable fields should be disposed A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. @@ -1896,7 +1896,7 @@ A type that implements System.IDisposable declares fields that are of types that |CodeFix|False| --- -## [CA2214](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214): Do not call overridable methods in constructors +## [CA2214](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214): Do not call overridable methods in constructors Virtual methods defined on the class should not be called from constructors. If a derived class has overridden the method, the derived class version will be called (before the derived class constructor is called). @@ -1908,7 +1908,7 @@ Virtual methods defined on the class should not be called from constructors. If |CodeFix|False| --- -## [CA2215](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2215): Dispose methods should call base class dispose +## [CA2215](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2215): Dispose methods should call base class dispose A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. @@ -1920,7 +1920,7 @@ A type that implements System.IDisposable inherits from a type that also impleme |CodeFix|True| --- -## [CA2216](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2216): Disposable types should declare finalizer +## [CA2216](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2216): Disposable types should declare finalizer A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. @@ -1932,7 +1932,7 @@ A type that implements System.IDisposable and has fields that suggest the use of |CodeFix|False| --- -## [CA2217](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217): Do not mark enums with FlagsAttribute +## [CA2217](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217): Do not mark enums with FlagsAttribute An externally visible enumeration is marked by using FlagsAttribute, and it has one or more values that are not powers of two or a combination of the other defined values on the enumeration. @@ -1944,7 +1944,7 @@ An externally visible enumeration is marked by using FlagsAttribute, and it has |CodeFix|True| --- -## [CA2218](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2218): Override GetHashCode on overriding Equals +## [CA2218](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2218): Override GetHashCode on overriding Equals GetHashCode returns a value, based on the current instance, that is suited for hashing algorithms and data structures such as a hash table. Two objects that are the same type and are equal must return the same hash code. @@ -1956,7 +1956,7 @@ GetHashCode returns a value, based on the current instance, that is suited for h |CodeFix|True| --- -## [CA2219](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2219): Do not raise exceptions in finally clauses +## [CA2219](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2219): Do not raise exceptions in finally clauses When an exception is raised in a finally clause, the new exception hides the active exception. This makes the original error difficult to detect and debug. @@ -1968,7 +1968,7 @@ When an exception is raised in a finally clause, the new exception hides the act |CodeFix|False| --- -## [CA2224](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2224): Override Equals on overloading operator equals +## [CA2224](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2224): Override Equals on overloading operator equals A public type implements the equality operator but does not override Object.Equals. @@ -1980,7 +1980,7 @@ A public type implements the equality operator but does not override Object.Equa |CodeFix|True| --- -## [CA2225](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225): Operator overloads have named alternates +## [CA2225](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225): Operator overloads have named alternates An operator overload was detected, and the expected named alternative method was not found. The named alternative member provides access to the same functionality as the operator and is provided for developers who program in languages that do not support overloaded operators. @@ -1992,7 +1992,7 @@ An operator overload was detected, and the expected named alternative method was |CodeFix|True| --- -## [CA2226](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226): Operators should have symmetrical overloads +## [CA2226](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226): Operators should have symmetrical overloads A type implements the equality or inequality operator and does not implement the opposite operator. @@ -2004,7 +2004,7 @@ A type implements the equality or inequality operator and does not implement the |CodeFix|True| --- -## [CA2227](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227): Collection properties should be read only +## [CA2227](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227): Collection properties should be read only A writable collection property allows a user to replace the collection with a different collection. A read-only property stops the collection from being replaced but still allows the individual members to be set. @@ -2016,7 +2016,7 @@ A writable collection property allows a user to replace the collection with a di |CodeFix|False| --- -## [CA2229](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2229): Implement serialization constructors +## [CA2229](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2229): Implement serialization constructors To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. @@ -2028,7 +2028,7 @@ To fix a violation of this rule, implement the serialization constructor. For a |CodeFix|True| --- -## [CA2231](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231): Overload operator equals on overriding value type Equals +## [CA2231](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231): Overload operator equals on overriding value type Equals In most programming languages there is no default implementation of the equality operator (==) for value types. If your programming language supports operator overloads, you should consider implementing the equality operator. Its behavior should be identical to that of Equals. @@ -2040,7 +2040,7 @@ In most programming languages there is no default implementation of the equality |CodeFix|True| --- -## [CA2234](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234): Pass system uri objects instead of strings +## [CA2234](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234): Pass system uri objects instead of strings A call is made to a method that has a string parameter whose name contains "uri", "URI", "urn", "URN", "url", or "URL". The declaring type of the method contains a corresponding method overload that has a System.Uri parameter. @@ -2052,7 +2052,7 @@ A call is made to a method that has a string parameter whose name contains "uri" |CodeFix|False| --- -## [CA2235](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2235): Mark all non-serializable fields +## [CA2235](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2235): Mark all non-serializable fields An instance field of a type that is not serializable is declared in a type that is serializable. @@ -2064,7 +2064,7 @@ An instance field of a type that is not serializable is declared in a type that |CodeFix|True| --- -## [CA2237](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2237): Mark ISerializable types with serializable +## [CA2237](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2237): Mark ISerializable types with serializable To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. @@ -2076,7 +2076,7 @@ To be recognized by the common language runtime as serializable, types must be m |CodeFix|True| --- -## [CA2241](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241): Provide correct arguments to formatting methods +## [CA2241](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241): Provide correct arguments to formatting methods The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. @@ -2088,7 +2088,7 @@ The format argument that is passed to System.String.Format does not contain a fo |CodeFix|False| --- -## [CA2242](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2242): Test for NaN correctly +## [CA2242](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2242): Test for NaN correctly This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. @@ -2100,7 +2100,7 @@ This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan |CodeFix|True| --- -## [CA2243](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2243): Attribute string literals should parse correctly +## [CA2243](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2243): Attribute string literals should parse correctly The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. @@ -2112,7 +2112,7 @@ The string literal parameter of an attribute does not parse correctly for a URL, |CodeFix|False| --- -## [CA2244](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2244): Do not duplicate indexed element initializations +## [CA2244](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2244): Do not duplicate indexed element initializations Indexed elements in objects initializers must initialize unique elements. A duplicate index might overwrite a previous element initialization. @@ -2124,7 +2124,7 @@ Indexed elements in objects initializers must initialize unique elements. A dupl |CodeFix|True| --- -## [CA2245](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2245): Do not assign a property to itself +## [CA2245](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2245): Do not assign a property to itself The property {0} should not be assigned to itself @@ -2136,7 +2136,7 @@ The property {0} should not be assigned to itself |CodeFix|False| --- -## [CA2246](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2246): Assigning symbol and its member in the same statement +## [CA2246](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2246): Assigning symbol and its member in the same statement Assigning to a symbol and its member (field/property) in the same statement is not recommended. It is not clear if the member access was intended to use symbol's old value prior to the assignment or new value from the assignment in this statement. For clarity, consider splitting the assignments into separate statements. @@ -2148,7 +2148,7 @@ Assigning to a symbol and its member (field/property) in the same statement is n |CodeFix|False| --- -## [CA2247](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2247): Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum +## [CA2247](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2247): Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. @@ -2160,7 +2160,7 @@ TaskCompletionSource has constructors that take TaskCreationOptions that control |CodeFix|True| --- -## [CA2248](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2248): Provide correct 'enum' argument to 'Enum.HasFlag' +## [CA2248](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2248): Provide correct 'enum' argument to 'Enum.HasFlag' 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. @@ -2172,7 +2172,7 @@ TaskCompletionSource has constructors that take TaskCreationOptions that control |CodeFix|False| --- -## [CA2249](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2249): Consider using 'string.Contains' instead of 'string.IndexOf' +## [CA2249](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2249): Consider using 'string.Contains' instead of 'string.IndexOf' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. @@ -2184,7 +2184,7 @@ Calls to 'string.IndexOf' where the result is used to check for the presence/abs |CodeFix|True| --- -## [CA2250](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2250): Use 'ThrowIfCancellationRequested' +## [CA2250](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2250): Use 'ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. @@ -2196,7 +2196,7 @@ Calls to 'string.IndexOf' where the result is used to check for the presence/abs |CodeFix|True| --- -## [CA2251](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2251): Use 'string.Equals' +## [CA2251](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2251): Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. @@ -2208,7 +2208,7 @@ It is both clearer and likely faster to use 'string.Equals' instead of comparing |CodeFix|True| --- -## [CA2252](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252): This API requires opting into preview features +## [CA2252](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252): This API requires opting into preview features An assembly has to opt into preview features before using them. @@ -2220,7 +2220,7 @@ An assembly has to opt into preview features before using them. |CodeFix|False| --- -## [CA2253](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2253): Named placeholders should not be numeric values +## [CA2253](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2253): Named placeholders should not be numeric values Named placeholders in the logging message template should not be comprised of only numeric characters. @@ -2232,7 +2232,7 @@ Named placeholders in the logging message template should not be comprised of on |CodeFix|False| --- -## [CA2254](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2254): Template should be a static expression +## [CA2254](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2254): Template should be a static expression The logging message template should not vary between calls. @@ -2244,7 +2244,7 @@ The logging message template should not vary between calls. |CodeFix|False| --- -## [CA2255](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2255): The 'ModuleInitializer' attribute should not be used in libraries +## [CA2255](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2255): The 'ModuleInitializer' attribute should not be used in libraries Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. @@ -2256,7 +2256,7 @@ Module initializers are intended to be used by application code to ensure an app |CodeFix|False| --- -## [CA2256](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2256): All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface +## [CA2256](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2256): All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. @@ -2268,7 +2268,7 @@ Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as a |CodeFix|True| --- -## [CA2257](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2257): Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' +## [CA2257](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2257): Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. @@ -2280,7 +2280,7 @@ Since a type that implements 'IDynamicInterfaceCastable' may not implement a dyn |CodeFix|True| --- -## [CA2258](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2258): Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported +## [CA2258](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2258): Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. @@ -2292,7 +2292,7 @@ Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attribu |CodeFix|False| --- -## [CA2259](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2259): 'ThreadStatic' only affects static fields +## [CA2259](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2259): 'ThreadStatic' only affects static fields 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. @@ -2304,7 +2304,7 @@ Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attribu |CodeFix|False| --- -## [CA2260](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2260): Use correct type parameter +## [CA2260](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2260): Use correct type parameter Generic math interfaces require the derived type itself to be used for the self recurring type parameter. @@ -2316,7 +2316,7 @@ Generic math interfaces require the derived type itself to be used for the self |CodeFix|False| --- -## [CA2300](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300): Do not use insecure deserializer BinaryFormatter +## [CA2300](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300): Do not use insecure deserializer BinaryFormatter The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. @@ -2328,7 +2328,7 @@ The method '{0}' is insecure when deserializing untrusted data. If you need to |CodeFix|False| --- -## [CA2301](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301): Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder +## [CA2301](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301): Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. @@ -2340,7 +2340,7 @@ The method '{0}' is insecure when deserializing untrusted data without a Seriali |CodeFix|False| --- -## [CA2302](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302): Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize +## [CA2302](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302): Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. @@ -2352,7 +2352,7 @@ The method '{0}' is insecure when deserializing untrusted data without a Seriali |CodeFix|False| --- -## [CA2305](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2305): Do not use insecure deserializer LosFormatter +## [CA2305](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2305): Do not use insecure deserializer LosFormatter The method '{0}' is insecure when deserializing untrusted data. @@ -2364,7 +2364,7 @@ The method '{0}' is insecure when deserializing untrusted data. |CodeFix|False| --- -## [CA2310](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2310): Do not use insecure deserializer NetDataContractSerializer +## [CA2310](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2310): Do not use insecure deserializer NetDataContractSerializer The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. @@ -2376,7 +2376,7 @@ The method '{0}' is insecure when deserializing untrusted data. If you need to |CodeFix|False| --- -## [CA2311](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311): Do not deserialize without first setting NetDataContractSerializer.Binder +## [CA2311](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311): Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. @@ -2388,7 +2388,7 @@ The method '{0}' is insecure when deserializing untrusted data without a Seriali |CodeFix|False| --- -## [CA2312](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312): Ensure NetDataContractSerializer.Binder is set before deserializing +## [CA2312](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312): Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. @@ -2400,7 +2400,7 @@ The method '{0}' is insecure when deserializing untrusted data without a Seriali |CodeFix|False| --- -## [CA2315](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2315): Do not use insecure deserializer ObjectStateFormatter +## [CA2315](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2315): Do not use insecure deserializer ObjectStateFormatter The method '{0}' is insecure when deserializing untrusted data. @@ -2412,7 +2412,7 @@ The method '{0}' is insecure when deserializing untrusted data. |CodeFix|False| --- -## [CA2321](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321): Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver +## [CA2321](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321): Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. @@ -2424,7 +2424,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScript |CodeFix|False| --- -## [CA2322](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322): Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing +## [CA2322](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322): Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. @@ -2436,7 +2436,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScript |CodeFix|False| --- -## [CA2326](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2326): Do not use TypeNameHandling values other than None +## [CA2326](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2326): Do not use TypeNameHandling values other than None Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. @@ -2448,7 +2448,7 @@ Deserializing JSON when using a TypeNameHandling value other than None can be in |CodeFix|False| --- -## [CA2327](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327): Do not use insecure JsonSerializerSettings +## [CA2327](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327): Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. @@ -2460,7 +2460,7 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized |CodeFix|False| --- -## [CA2328](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328): Ensure that JsonSerializerSettings are secure +## [CA2328](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328): Ensure that JsonSerializerSettings are secure When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. @@ -2472,7 +2472,7 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized |CodeFix|False| --- -## [CA2329](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329): Do not deserialize with JsonSerializer using an insecure configuration +## [CA2329](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329): Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. @@ -2484,7 +2484,7 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized |CodeFix|False| --- -## [CA2330](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330): Ensure that JsonSerializer has a secure configuration when deserializing +## [CA2330](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330): Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. @@ -2496,7 +2496,7 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized |CodeFix|False| --- -## [CA2350](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2350): Do not use DataTable.ReadXml() with untrusted data +## [CA2350](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2350): Do not use DataTable.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data @@ -2508,7 +2508,7 @@ The method '{0}' is insecure when deserializing untrusted data |CodeFix|False| --- -## [CA2351](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2351): Do not use DataSet.ReadXml() with untrusted data +## [CA2351](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2351): Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data @@ -2520,7 +2520,7 @@ The method '{0}' is insecure when deserializing untrusted data |CodeFix|False| --- -## [CA2352](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352): Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks +## [CA2352](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352): Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. @@ -2532,7 +2532,7 @@ When deserializing untrusted input with an IFormatter-based serializer, deserial |CodeFix|False| --- -## [CA2353](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353): Unsafe DataSet or DataTable in serializable type +## [CA2353](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353): Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} @@ -2544,7 +2544,7 @@ When deserializing untrusted input, deserializing a {0} object is insecure. '{1} |CodeFix|False| --- -## [CA2354](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354): Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks +## [CA2354](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354): Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} @@ -2556,7 +2556,7 @@ When deserializing untrusted input, deserializing a {0} object is insecure. '{1} |CodeFix|False| --- -## [CA2355](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355): Unsafe DataSet or DataTable type found in deserializable object graph +## [CA2355](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355): Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} @@ -2568,7 +2568,7 @@ When deserializing untrusted input, deserializing a {0} object is insecure. '{1} |CodeFix|False| --- -## [CA2356](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356): Unsafe DataSet or DataTable type in web deserializable object graph +## [CA2356](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356): Unsafe DataSet or DataTable type in web deserializable object graph When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} @@ -2580,7 +2580,7 @@ When deserializing untrusted input, deserializing a {0} object is insecure. '{1} |CodeFix|False| --- -## [CA2361](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2361): Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data +## [CA2361](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2361): Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. @@ -2592,7 +2592,7 @@ The method '{0}' is insecure when deserializing untrusted data. Make sure that a |CodeFix|False| --- -## [CA2362](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362): Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks +## [CA2362](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362): Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. @@ -2604,7 +2604,7 @@ When deserializing untrusted input with an IFormatter-based serializer, deserial |CodeFix|False| --- -## [CA3001](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001): Review code for SQL injection vulnerabilities +## [CA3001](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001): Review code for SQL injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2616,7 +2616,7 @@ Potential SQL injection vulnerability was found where '{0}' in method '{1}' may |CodeFix|False| --- -## [CA3002](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002): Review code for XSS vulnerabilities +## [CA3002](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002): Review code for XSS vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2628,7 +2628,7 @@ Potential cross-site scripting (XSS) vulnerability was found where '{0}' in meth |CodeFix|False| --- -## [CA3003](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003): Review code for file path injection vulnerabilities +## [CA3003](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003): Review code for file path injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2640,7 +2640,7 @@ Potential file path injection vulnerability was found where '{0}' in method '{1} |CodeFix|False| --- -## [CA3004](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004): Review code for information disclosure vulnerabilities +## [CA3004](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004): Review code for information disclosure vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. @@ -2652,7 +2652,7 @@ Potential information disclosure vulnerability was found where '{0}' in method ' |CodeFix|False| --- -## [CA3005](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005): Review code for LDAP injection vulnerabilities +## [CA3005](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005): Review code for LDAP injection vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2664,7 +2664,7 @@ Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may |CodeFix|False| --- -## [CA3006](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006): Review code for process command injection vulnerabilities +## [CA3006](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006): Review code for process command injection vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2676,7 +2676,7 @@ Potential process command injection vulnerability was found where '{0}' in metho |CodeFix|False| --- -## [CA3007](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007): Review code for open redirect vulnerabilities +## [CA3007](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007): Review code for open redirect vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2688,7 +2688,7 @@ Potential open redirect vulnerability was found where '{0}' in method '{1}' may |CodeFix|False| --- -## [CA3008](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008): Review code for XPath injection vulnerabilities +## [CA3008](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008): Review code for XPath injection vulnerabilities Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2700,7 +2700,7 @@ Potential XPath injection vulnerability was found where '{0}' in method '{1}' ma |CodeFix|False| --- -## [CA3009](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009): Review code for XML injection vulnerabilities +## [CA3009](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009): Review code for XML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2712,7 +2712,7 @@ Potential XML injection vulnerability was found where '{0}' in method '{1}' may |CodeFix|False| --- -## [CA3010](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010): Review code for XAML injection vulnerabilities +## [CA3010](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010): Review code for XAML injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2724,7 +2724,7 @@ Potential XAML injection vulnerability was found where '{0}' in method '{1}' may |CodeFix|False| --- -## [CA3011](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011): Review code for DLL injection vulnerabilities +## [CA3011](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011): Review code for DLL injection vulnerabilities Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2736,7 +2736,7 @@ Potential DLL injection vulnerability was found where '{0}' in method '{1}' may |CodeFix|False| --- -## [CA3012](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012): Review code for regex injection vulnerabilities +## [CA3012](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012): Review code for regex injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. @@ -2748,7 +2748,7 @@ Potential regex injection vulnerability was found where '{0}' in method '{1}' ma |CodeFix|False| --- -## [CA3061](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3061): Do Not Add Schema By URL +## [CA3061](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3061): Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. @@ -2760,7 +2760,7 @@ This overload of XmlSchemaCollection.Add method internally enables DTD processin |CodeFix|False| --- -## [CA3075](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3075): Insecure DTD processing in XML +## [CA3075](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3075): Insecure DTD processing in XML Using XmlTextReader.Load(), creating an insecure XmlReaderSettings instance when invoking XmlReader.Create(), setting the InnerXml property of the XmlDocument and enabling DTD processing using XmlUrlResolver insecurely can lead to information disclosure. Replace it with a call to the Load() method overload that takes an XmlReader instance, use XmlReader.Create() to accept XmlReaderSettings arguments or consider explicitly setting secure values. The DataViewSettingCollectionString property of DataViewManager should always be assigned from a trusted source, the DtdProcessing property should be set to false, and the XmlResolver property should be changed to XmlSecureResolver or null. @@ -2772,7 +2772,7 @@ Using XmlTextReader.Load(), creating an insecure XmlReaderSettings instance when |CodeFix|False| --- -## [CA3076](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3076): Insecure XSLT script processing +## [CA3076](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3076): Insecure XSLT script processing Providing an insecure XsltSettings instance and an insecure XmlResolver instance to XslCompiledTransform.Load method is potentially unsafe as it allows processing script within XSL, which on an untrusted XSL input may lead to malicious code execution. Either replace the insecure XsltSettings argument with XsltSettings.Default or an instance that has disabled document function and script execution, or replace the XmlResolver argument with null or an XmlSecureResolver instance. This message may be suppressed if the input is known to be from a trusted source and external resource resolution from locations that are not known in advance must be supported. @@ -2784,7 +2784,7 @@ Providing an insecure XsltSettings instance and an insecure XmlResolver instance |CodeFix|False| --- -## [CA3077](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3077): Insecure Processing in API Design, XmlDocument and XmlTextReader +## [CA3077](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3077): Insecure Processing in API Design, XmlDocument and XmlTextReader Enabling DTD processing on all instances derived from XmlTextReader or  XmlDocument and using XmlUrlResolver for resolving external XML entities may lead to information disclosure. Ensure to set the XmlResolver property to null, create an instance of XmlSecureResolver when processing untrusted input, or use XmlReader.Create method with a secure XmlReaderSettings argument. Unless you need to enable it, ensure the DtdProcessing property is set to false. @@ -2796,7 +2796,7 @@ Enabling DTD processing on all instances derived from XmlTextReader or  XmlDocu |CodeFix|False| --- -## [CA3147](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3147): Mark Verb Handlers With Validate Antiforgery Token +## [CA3147](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3147): Mark Verb Handlers With Validate Antiforgery Token Missing ValidateAntiForgeryTokenAttribute on controller action {0} @@ -2808,7 +2808,7 @@ Missing ValidateAntiForgeryTokenAttribute on controller action {0} |CodeFix|False| --- -## [CA5350](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5350): Do Not Use Weak Cryptographic Algorithms +## [CA5350](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5350): Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. @@ -2820,7 +2820,7 @@ Cryptographic algorithms degrade over time as attacks become for advances to att |CodeFix|False| --- -## [CA5351](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5351): Do Not Use Broken Cryptographic Algorithms +## [CA5351](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5351): Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. @@ -2832,7 +2832,7 @@ An attack making it computationally feasible to break this algorithm exists. Thi |CodeFix|False| --- -## [CA5358](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5358): Review cipher mode usage with cryptography experts +## [CA5358](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5358): Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). @@ -2844,7 +2844,7 @@ These cipher modes might be vulnerable to attacks. Consider using recommended mo |CodeFix|False| --- -## [CA5359](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5359): Do Not Disable Certificate Validation +## [CA5359](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5359): Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. @@ -2856,7 +2856,7 @@ A certificate can help authenticate the identity of the server. Clients should v |CodeFix|False| --- -## [CA5360](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5360): Do Not Call Dangerous Methods In Deserialization +## [CA5360](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5360): Do Not Call Dangerous Methods In Deserialization Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. @@ -2868,7 +2868,7 @@ Insecure Deserialization is a vulnerability which occurs when untrusted data is |CodeFix|False| --- -## [CA5361](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361): Do Not Disable SChannel Use of Strong Crypto +## [CA5361](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361): Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. @@ -2880,7 +2880,7 @@ Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and Sys |CodeFix|False| --- -## [CA5362](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5362): Potential reference cycle in deserialized object graph +## [CA5362](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5362): Potential reference cycle in deserialized object graph Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. @@ -2892,7 +2892,7 @@ Review code that processes untrusted deserialized data for handling of unexpecte |CodeFix|False| --- -## [CA5363](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5363): Do Not Disable Request Validation +## [CA5363](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5363): Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. @@ -2904,7 +2904,7 @@ Request validation is a feature in ASP.NET that examines HTTP requests and deter |CodeFix|False| --- -## [CA5364](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5364): Do Not Use Deprecated Security Protocols +## [CA5364](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5364): Do Not Use Deprecated Security Protocols Using a deprecated security protocol rather than the system default is risky. @@ -2916,7 +2916,7 @@ Using a deprecated security protocol rather than the system default is risky. |CodeFix|False| --- -## [CA5365](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5365): Do Not Disable HTTP Header Checking +## [CA5365](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5365): Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. @@ -2928,7 +2928,7 @@ HTTP header checking enables encoding of the carriage return and newline charact |CodeFix|False| --- -## [CA5366](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5366): Use XmlReader for 'DataSet.ReadXml()' +## [CA5366](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5366): Use XmlReader for 'DataSet.ReadXml()' Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. @@ -2940,7 +2940,7 @@ Processing XML from untrusted data may load dangerous external references, which |CodeFix|False| --- -## [CA5367](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5367): Do Not Serialize Types With Pointer Fields +## [CA5367](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5367): Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. @@ -2952,7 +2952,7 @@ Pointers are not "type safe" in the sense that you cannot guarantee the correctn |CodeFix|False| --- -## [CA5368](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5368): Set ViewStateUserKey For Classes Derived From Page +## [CA5368](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5368): Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. @@ -2964,7 +2964,7 @@ Setting the ViewStateUserKey property can help you prevent attacks on your appli |CodeFix|False| --- -## [CA5369](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5369): Use XmlReader for 'XmlSerializer.Deserialize()' +## [CA5369](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5369): Use XmlReader for 'XmlSerializer.Deserialize()' Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. @@ -2976,7 +2976,7 @@ Processing XML from untrusted data may load dangerous external references, which |CodeFix|False| --- -## [CA5370](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5370): Use XmlReader for XmlValidatingReader constructor +## [CA5370](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5370): Use XmlReader for XmlValidatingReader constructor Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. @@ -2988,7 +2988,7 @@ Processing XML from untrusted data may load dangerous external references, which |CodeFix|False| --- -## [CA5371](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5371): Use XmlReader for 'XmlSchema.Read()' +## [CA5371](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5371): Use XmlReader for 'XmlSchema.Read()' Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. @@ -3000,7 +3000,7 @@ Processing XML from untrusted data may load dangerous external references, which |CodeFix|False| --- -## [CA5372](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5372): Use XmlReader for XPathDocument constructor +## [CA5372](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5372): Use XmlReader for XPathDocument constructor Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. @@ -3012,7 +3012,7 @@ Processing XML from untrusted data may load dangerous external references, which |CodeFix|False| --- -## [CA5373](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5373): Do not use obsolete key derivation function +## [CA5373](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5373): Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. @@ -3024,7 +3024,7 @@ Password-based key derivation should use PBKDF2 with SHA-2. Avoid using Password |CodeFix|False| --- -## [CA5374](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5374): Do Not Use XslTransform +## [CA5374](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5374): Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. @@ -3036,7 +3036,7 @@ Do not use XslTransform. It does not restrict potentially dangerous external ref |CodeFix|False| --- -## [CA5375](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5375): Do Not Use Account Shared Access Signature +## [CA5375](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5375): Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. @@ -3048,7 +3048,7 @@ Shared Access Signatures(SAS) are a vital part of the security model for any app |CodeFix|False| --- -## [CA5376](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376): Use SharedAccessProtocol HttpsOnly +## [CA5376](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376): Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. @@ -3060,7 +3060,7 @@ HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensur |CodeFix|False| --- -## [CA5377](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377): Use Container Level Access Policy +## [CA5377](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377): Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. @@ -3072,7 +3072,7 @@ No access policy identifier is specified, making tokens non-revocable. |CodeFix|False| --- -## [CA5378](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378): Do not disable ServicePointManagerSecurityProtocols +## [CA5378](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378): Do not disable ServicePointManagerSecurityProtocols Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. @@ -3084,7 +3084,7 @@ Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityPro |CodeFix|False| --- -## [CA5379](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5379): Ensure Key Derivation Function algorithm is sufficiently strong +## [CA5379](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5379): Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. @@ -3096,7 +3096,7 @@ Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm |CodeFix|False| --- -## [CA5380](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380): Do Not Add Certificates To Root Store +## [CA5380](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380): Do Not Add Certificates To Root Store By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. @@ -3108,7 +3108,7 @@ By default, the Trusted Root Certification Authorities certificate store is conf |CodeFix|False| --- -## [CA5381](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381): Ensure Certificates Are Not Added To Root Store +## [CA5381](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381): Ensure Certificates Are Not Added To Root Store By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. @@ -3120,7 +3120,7 @@ By default, the Trusted Root Certification Authorities certificate store is conf |CodeFix|False| --- -## [CA5382](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382): Use Secure Cookies In ASP.NET Core +## [CA5382](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382): Use Secure Cookies In ASP.NET Core Applications available over HTTPS must use secure cookies. @@ -3132,7 +3132,7 @@ Applications available over HTTPS must use secure cookies. |CodeFix|False| --- -## [CA5383](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383): Ensure Use Secure Cookies In ASP.NET Core +## [CA5383](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383): Ensure Use Secure Cookies In ASP.NET Core Applications available over HTTPS must use secure cookies. @@ -3144,7 +3144,7 @@ Applications available over HTTPS must use secure cookies. |CodeFix|False| --- -## [CA5384](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384): Do Not Use Digital Signature Algorithm (DSA) +## [CA5384](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384): Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. @@ -3156,7 +3156,7 @@ DSA is too weak to use. |CodeFix|False| --- -## [CA5385](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5385): Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size +## [CA5385](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5385): Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. @@ -3168,7 +3168,7 @@ Encryption algorithms are vulnerable to brute force attacks when too small a key |CodeFix|False| --- -## [CA5386](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5386): Avoid hardcoding SecurityProtocolType value +## [CA5386](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5386): Avoid hardcoding SecurityProtocolType value Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. @@ -3180,7 +3180,7 @@ Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType. |CodeFix|False| --- -## [CA5387](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387): Do Not Use Weak Key Derivation Function With Insufficient Iteration Count +## [CA5387](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387): Do Not Use Weak Key Derivation Function With Insufficient Iteration Count When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). @@ -3192,7 +3192,7 @@ When deriving cryptographic keys from user-provided inputs such as password, use |CodeFix|False| --- -## [CA5388](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388): Ensure Sufficient Iteration Count When Using Weak Key Derivation Function +## [CA5388](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388): Ensure Sufficient Iteration Count When Using Weak Key Derivation Function When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). @@ -3204,7 +3204,7 @@ When deriving cryptographic keys from user-provided inputs such as password, use |CodeFix|False| --- -## [CA5389](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389): Do Not Add Archive Item's Path To The Target File System Path +## [CA5389](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389): Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. @@ -3216,7 +3216,7 @@ When extracting files from an archive and using the archive item's path, check i |CodeFix|False| --- -## [CA5390](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390): Do not hard-code encryption key +## [CA5390](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390): Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. @@ -3228,7 +3228,7 @@ SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never |CodeFix|False| --- -## [CA5391](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391): Use antiforgery tokens in ASP.NET Core MVC controllers +## [CA5391](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391): Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. @@ -3240,7 +3240,7 @@ Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery |CodeFix|False| --- -## [CA5392](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5392): Use DefaultDllImportSearchPaths attribute for P/Invokes +## [CA5392](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5392): Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. @@ -3252,7 +3252,7 @@ By default, P/Invokes using DllImportAttribute probe a number of directories, in |CodeFix|False| --- -## [CA5393](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393): Do not use unsafe DllImportSearchPath value +## [CA5393](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393): Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. @@ -3264,7 +3264,7 @@ There could be a malicious DLL in the default DLL search directories. Or, depend |CodeFix|False| --- -## [CA5394](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5394): Do not use insecure randomness +## [CA5394](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5394): Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. @@ -3276,7 +3276,7 @@ Using a cryptographically weak pseudo-random number generator may allow an attac |CodeFix|False| --- -## [CA5395](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5395): Miss HttpVerb attribute for action methods +## [CA5395](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5395): Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. @@ -3288,7 +3288,7 @@ All the methods that create, edit, delete, or otherwise modify data do so in the |CodeFix|False| --- -## [CA5396](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5396): Set HttpOnly to true for HttpCookie +## [CA5396](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5396): Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. @@ -3300,7 +3300,7 @@ As a defense in depth measure, ensure security sensitive HTTP cookies are marked |CodeFix|False| --- -## [CA5397](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5397): Do not use deprecated SslProtocols values +## [CA5397](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5397): Do not use deprecated SslProtocols values Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. @@ -3312,7 +3312,7 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than T |CodeFix|False| --- -## [CA5398](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5398): Avoid hardcoded SslProtocols values +## [CA5398](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5398): Avoid hardcoded SslProtocols values Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. @@ -3324,7 +3324,7 @@ Current Transport Layer Security protocol versions may become deprecated if vuln |CodeFix|False| --- -## [CA5399](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5399): HttpClients should enable certificate revocation list checks +## [CA5399](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5399): HttpClients should enable certificate revocation list checks Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. @@ -3336,7 +3336,7 @@ Using HttpClient without providing a platform specific handler (WinHttpHandler o |CodeFix|False| --- -## [CA5400](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5400): Ensure HttpClient certificate revocation list check is not disabled +## [CA5400](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5400): Ensure HttpClient certificate revocation list check is not disabled Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. @@ -3348,7 +3348,7 @@ Using HttpClient without providing a platform specific handler (WinHttpHandler o |CodeFix|False| --- -## [CA5401](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5401): Do not use CreateEncryptor with non-default IV +## [CA5401](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5401): Do not use CreateEncryptor with non-default IV Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. @@ -3360,7 +3360,7 @@ Symmetric encryption should always use a non-repeatable initialization vector to |CodeFix|False| --- -## [CA5402](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5402): Use CreateEncryptor with the default IV +## [CA5402](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5402): Use CreateEncryptor with the default IV Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. @@ -3372,7 +3372,7 @@ Symmetric encryption should always use a non-repeatable initialization vector to |CodeFix|False| --- -## [CA5403](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5403): Do not hard-code certificate +## [CA5403](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5403): Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. @@ -3384,7 +3384,7 @@ Hard-coded certificates in source code are vulnerable to being exploited. |CodeFix|False| --- -## [CA5404](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5404): Do not disable token validation checks +## [CA5404](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5404): Do not disable token validation checks Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. @@ -3396,7 +3396,7 @@ Token validation checks ensure that while validating tokens, all aspects are ana |CodeFix|False| --- -## [CA5405](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5405): Do not always skip token validation in delegates +## [CA5405](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5405): Do not always skip token validation in delegates By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. diff --git a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif index 53cce87f63..09d8fc98a0 100644 --- a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif +++ b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif @@ -14,7 +14,7 @@ "shortDescription": "Types that own disposable fields should be disposable", "fullDescription": "A class declares and implements an instance field that is a System.IDisposable type, and the class does not implement IDisposable. A class that declares an IDisposable field indirectly owns an unmanaged resource and should implement the IDisposable interface.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -34,7 +34,7 @@ "shortDescription": "Implement standard exception constructors", "fullDescription": "Failure to provide the full set of constructors can make it difficult to correctly handle exceptions.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -54,7 +54,7 @@ "shortDescription": "Avoid using cref tags with a prefix", "fullDescription": "Use of cref tags with prefixes should be avoided, since it prevents the compiler from verifying references and the IDE from updating references during refactorings. It is permissible to suppress this error at a single documentation site if the cref must use a prefix because the type being mentioned is not findable by the compiler. For example, if a cref is mentioning a special attribute in the full framework but you're in a file that compiles against the portable framework, or if you want to reference a type at higher layer of Roslyn, you should suppress the error. You should not suppress the error just because you want to take a shortcut and avoid using the full syntax.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200", "properties": { "category": "Documentation", "isEnabledByDefault": true, @@ -73,7 +73,7 @@ "shortDescription": "Use ordinal string comparison", "fullDescription": "A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -93,7 +93,7 @@ "shortDescription": "Specify a culture or use an invariant version", "fullDescription": "Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -112,7 +112,7 @@ "shortDescription": "Use nameof to express symbol names", "fullDescription": "Using nameof helps keep your code valid when refactoring.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507", "properties": { "category": "Maintainability", "isEnabledByDefault": true, @@ -131,7 +131,7 @@ "shortDescription": "Use literals where appropriate", "fullDescription": "A field is declared static and read-only (Shared and ReadOnly in Visual Basic), and is initialized by using a value that is computable at compile time. Because the value that is assigned to the targeted field is computable at compile time, change the declaration to a const (Const in Visual Basic) field so that the value is computed at compile time instead of at run?time.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -151,7 +151,7 @@ "shortDescription": "Do not initialize unnecessarily", "fullDescription": "The .NET runtime initializes all fields of reference types to their default values before running the constructor. In most cases, explicitly initializing a field to its default value in a constructor is redundant, adding maintenance costs and potentially degrading performance (such as with increased assembly size), and the explicit initialization can be removed. In some cases, such as with static readonly fields that permanently retain their default value, consider instead changing them to be constants or properties.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -171,7 +171,7 @@ "shortDescription": "Avoid uninstantiated internal classes", "fullDescription": "An instance of an assembly-level type is not created by code in the assembly.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -192,7 +192,7 @@ "shortDescription": "Mark assemblies with NeutralResourcesLanguageAttribute", "fullDescription": "The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -213,7 +213,7 @@ "shortDescription": "Avoid zero-length array allocations", "fullDescription": "Avoid unnecessary zero-length array allocations. Use {0} instead.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -232,7 +232,7 @@ "shortDescription": "Prefer Dictionary.Contains methods", "fullDescription": "Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -251,7 +251,7 @@ "shortDescription": "Use span-based 'string.Concat'", "fullDescription": "It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -270,7 +270,7 @@ "shortDescription": "Possible multiple enumerations of 'IEnumerable' collection", "fullDescription": "Possible multiple enumerations of 'IEnumerable' collection. Consider using an implementation that avoids multiple enumerations.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -290,7 +290,7 @@ "shortDescription": "Prefer 'Clear' over 'Fill'", "fullDescription": "It is more efficient to use 'Clear', instead of 'Fill' with default value.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1855", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1855", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -309,7 +309,7 @@ "shortDescription": "Do not use stackalloc in loops", "fullDescription": "Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2014", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2014", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -328,7 +328,7 @@ "shortDescription": "Forward the 'CancellationToken' parameter to methods", "fullDescription": "Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -347,7 +347,7 @@ "shortDescription": "Prevent from behavioral change", "fullDescription": "Some built in operators added in .NET 7 behave differently than the user defined operatorsi in .NET 6 and below. Some operators that used to throw in unchecked context while overflowing will not throw anymore unless wrapped within checked context, and some operators that not used to throw in checked context now would throw unless wrapped within unchecked context.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2020", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2020", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -366,7 +366,7 @@ "shortDescription": "Pass system uri objects instead of strings", "fullDescription": "A call is made to a method that has a string parameter whose name contains \"uri\", \"URI\", \"urn\", \"URN\", \"url\", or \"URL\". The declaring type of the method contains a corresponding method overload that has a System.Uri parameter.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -386,7 +386,7 @@ "shortDescription": "This API requires opting into preview features", "fullDescription": "An assembly has to opt into preview features before using them.", "defaultLevel": "error", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -405,7 +405,7 @@ "shortDescription": "Use correct type parameter", "fullDescription": "Generic math interfaces require the derived type itself to be used for the self recurring type parameter.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2260", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2260", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -424,7 +424,7 @@ "shortDescription": "Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks", "fullDescription": "When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -443,7 +443,7 @@ "shortDescription": "Unsafe DataSet or DataTable in serializable type", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -462,7 +462,7 @@ "shortDescription": "Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -481,7 +481,7 @@ "shortDescription": "Unsafe DataSet or DataTable type found in deserializable object graph", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -500,7 +500,7 @@ "shortDescription": "Unsafe DataSet or DataTable type in web deserializable object graph", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -519,7 +519,7 @@ "shortDescription": "Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks", "fullDescription": "When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -547,7 +547,7 @@ "shortDescription": "Do not declare static members on generic types", "fullDescription": "When a static member of a generic type is called, the type argument must be specified for the type. When a generic instance member that does not support inference is called, the type argument must be specified for the member. In these two cases, the syntax for specifying the type argument is different and easily confused.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1000", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -568,7 +568,7 @@ "shortDescription": "Do not expose generic lists", "fullDescription": "System.Collections.Generic.List is a generic collection that's designed for performance and not inheritance. List does not contain virtual members that make it easier to change the behavior of an inherited class.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1002", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -589,7 +589,7 @@ "shortDescription": "Use generic event handler instances", "fullDescription": "A type contains an event that declares an EventHandler delegate that returns void, whose signature contains two parameters (the first an object and the second a type that is assignable to EventArgs), and the containing assembly targets Microsoft .NET Framework?2.0.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1003", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -610,7 +610,7 @@ "shortDescription": "Avoid excessive parameters on generic types", "fullDescription": "The more type parameters a generic type contains, the more difficult it is to know and remember what each type parameter represents.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1005", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -630,7 +630,7 @@ "shortDescription": "Enums should have zero value", "fullDescription": "The default value of an uninitialized enumeration, just as other value types, is zero. A nonflags-attributed enumeration should define a member by using the value of zero so that the default value is a valid value of the enumeration. If an enumeration that has the FlagsAttribute attribute applied defines a zero-valued member, its name should be \"\"None\"\" to indicate that no values have been set in the enumeration.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1008", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -652,7 +652,7 @@ "shortDescription": "Generic interface should also be implemented", "fullDescription": "To broaden the usability of a type, implement one of the generic interfaces. This is especially true for collections as they can then be used to populate generic collection types.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1010", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -673,7 +673,7 @@ "shortDescription": "Abstract types should not have public constructors", "fullDescription": "Constructors on abstract types can be called only by derived types. Because public constructors create instances of a type, and you cannot create instances of an abstract type, an abstract type that has a public constructor is incorrectly designed.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1012", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -694,7 +694,7 @@ "shortDescription": "Mark assemblies with CLSCompliant", "fullDescription": "The Common Language Specification (CLS) defines naming restrictions, data types, and rules to which assemblies must conform if they will be used across programming languages. Good design dictates that all assemblies explicitly indicate CLS compliance by using CLSCompliantAttribute . If this attribute is not present on an assembly, the assembly is not compliant.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1014", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1014", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -715,7 +715,7 @@ "shortDescription": "Mark assemblies with assembly version", "fullDescription": "The .NET Framework uses the version number to uniquely identify an assembly, and to bind to types in strongly named assemblies. The version number is used together with version and publisher policy. By default, applications run only with the assembly version with which they were built.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1016", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1016", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -737,7 +737,7 @@ "shortDescription": "Mark assemblies with ComVisible", "fullDescription": "ComVisibleAttribute determines how COM clients access managed code. Good design dictates that assemblies explicitly indicate COM visibility. COM visibility can be set for the whole assembly and then overridden for individual types and type members. If this attribute is not present, the contents of the assembly are visible to COM clients.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1017", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1017", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -758,7 +758,7 @@ "shortDescription": "Mark attributes with AttributeUsageAttribute", "fullDescription": "Specify AttributeUsage on {0}", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1018", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1018", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -779,7 +779,7 @@ "shortDescription": "Define accessors for attribute arguments", "fullDescription": "Remove the property setter from {0} or reduce its accessibility because it corresponds to positional argument {1}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1019", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1019", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -800,7 +800,7 @@ "shortDescription": "Avoid out parameters", "fullDescription": "Passing types by reference (using 'out' or 'ref') requires experience with pointers, understanding how value types and reference types differ, and handling methods with multiple return values. Also, the difference between 'out' and 'ref' parameters is not widely understood.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1021", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -820,7 +820,7 @@ "shortDescription": "Use properties where appropriate", "fullDescription": "A public or protected method has a name that starts with \"\"Get\"\", takes no parameters, and returns a value that is not an array. The method might be a good candidate to become a property.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1024", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -841,7 +841,7 @@ "shortDescription": "Mark enums with FlagsAttribute", "fullDescription": "An enumeration is a value type that defines a set of related named constants. Apply FlagsAttribute to an enumeration when its named constants can be meaningfully combined.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -862,7 +862,7 @@ "shortDescription": "Enum Storage should be Int32", "fullDescription": "An enumeration is a value type that defines a set of related named constants. By default, the System.Int32 data type is used to store the constant value. Although you can change this underlying type, it is not required or recommended for most scenarios.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1028", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -883,7 +883,7 @@ "shortDescription": "Use events where appropriate", "fullDescription": "This rule detects methods that have names that ordinarily would be used for events. If a method is called in response to a clearly defined state change, the method should be invoked by an event handler. Objects that call the method should raise events instead of calling the method directly.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1030", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -904,7 +904,7 @@ "shortDescription": "Do not catch general exception types", "fullDescription": "A general exception such as System.Exception or System.SystemException or a disallowed exception type is caught in a catch statement, or a general catch clause is used. General and disallowed exceptions should not be caught.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -925,7 +925,7 @@ "shortDescription": "Interface methods should be callable by child types", "fullDescription": "An unsealed externally visible type provides an explicit method implementation of a public interface and does not provide an alternative externally visible method that has the same name.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1033", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1033", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -946,7 +946,7 @@ "shortDescription": "Nested types should not be visible", "fullDescription": "A nested type is a type that is declared in the scope of another type. Nested types are useful to encapsulate private implementation details of the containing type. Used for this purpose, nested types should not be externally visible.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1034", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1034", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -967,7 +967,7 @@ "shortDescription": "Override methods on comparable types", "fullDescription": "A public or protected type implements the System.IComparable interface. It does not override Object.Equals nor does it overload the language-specific operator for equality, inequality, less than, less than or equal, greater than or greater than or equal.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1036", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -988,7 +988,7 @@ "shortDescription": "Avoid empty interfaces", "fullDescription": "Interfaces define members that provide a behavior or usage contract. The functionality that is described by the interface can be adopted by any type, regardless of where the type appears in the inheritance hierarchy. A type implements an interface by providing implementations for the members of the interface. An empty interface does not define any members; therefore, it does not define a contract that can be implemented.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1040", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1009,7 +1009,7 @@ "shortDescription": "Provide ObsoleteAttribute message", "fullDescription": "A type or member is marked by using a System.ObsoleteAttribute attribute that does not have its ObsoleteAttribute.Message property specified. When a type or member that is marked by using ObsoleteAttribute is compiled, the Message property of the attribute is displayed. This gives the user information about the obsolete type or member.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1041", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1030,7 +1030,7 @@ "shortDescription": "Use Integral Or String Argument For Indexers", "fullDescription": "Indexers, that is, indexed properties, should use integer or string types for the index. These types are typically used for indexing data structures and increase the usability of the library. Use of the Object type should be restricted to those cases where the specific integer or string type cannot be specified at design time. If the design requires other types for the index, reconsider whether the type represents a logical data store. If it does not represent a logical data store, use a method.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1043", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1051,7 +1051,7 @@ "shortDescription": "Properties should not be write only", "fullDescription": "Although it is acceptable and often necessary to have a read-only property, the design guidelines prohibit the use of write-only properties. This is because letting a user set a value, and then preventing the user from viewing that value, does not provide any security. Also, without read access, the state of shared objects cannot be viewed, which limits their usefulness.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1044", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1072,7 +1072,7 @@ "shortDescription": "Do not pass types by reference", "fullDescription": "Passing types by reference (using out or ref) requires experience with pointers, understanding how value types and reference types differ, and handling methods that have multiple return values. Also, the difference between out and ref parameters is not widely understood.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1045", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1092,7 +1092,7 @@ "shortDescription": "Do not overload equality operator on reference types", "fullDescription": "For reference types, the default implementation of the equality operator is almost always correct. By default, two references are equal only if they point to the same object. If the operator is providing meaningful value equality, the type should implement the generic 'System.IEquatable' interface.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1046", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1113,7 +1113,7 @@ "shortDescription": "Do not declare protected member in sealed type", "fullDescription": "Types declare protected members so that inheriting types can access or override the member. By definition, you cannot inherit from a sealed type, which means that protected methods on sealed types cannot be called.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1047", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1133,7 +1133,7 @@ "shortDescription": "Declare types in namespaces", "fullDescription": "Types are declared in namespaces to prevent name collisions and as a way to organize related types in an object hierarchy.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1050", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1050", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1154,7 +1154,7 @@ "shortDescription": "Do not declare visible instance fields", "fullDescription": "The primary use of a field should be as an implementation detail. Fields should be private or internal and should be exposed by using properties.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1051", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1175,7 +1175,7 @@ "shortDescription": "Static holder types should be Static or NotInheritable", "fullDescription": "Type '{0}' is a static holder type but is neither static nor NotInheritable", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1052", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1196,7 +1196,7 @@ "shortDescription": "URI-like parameters should not be strings", "fullDescription": "This rule assumes that the parameter represents a Uniform Resource Identifier (URI). A string representation or a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. 'System.Uri' class provides these services in a safe and secure manner.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1217,7 +1217,7 @@ "shortDescription": "URI-like return values should not be strings", "fullDescription": "This rule assumes that the method returns a URI. A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The System.Uri class provides these services in a safe and secure manner.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1055", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1238,7 +1238,7 @@ "shortDescription": "URI-like properties should not be strings", "fullDescription": "This rule assumes that the property represents a Uniform Resource Identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The System.Uri class provides these services in a safe and secure manner.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1056", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1259,7 +1259,7 @@ "shortDescription": "Types should not extend certain base types", "fullDescription": "An externally visible type extends certain base types. Use one of the alternatives.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1058", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1280,7 +1280,7 @@ "shortDescription": "Move pinvokes to native methods class", "fullDescription": "Platform Invocation methods, such as those that are marked by using the System.Runtime.InteropServices.DllImportAttribute attribute, or methods that are defined by using the Declare keyword in Visual Basic, access unmanaged code. These methods should be of the NativeMethods, SafeNativeMethods, or UnsafeNativeMethods class.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1060", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1060", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1300,7 +1300,7 @@ "shortDescription": "Do not hide base class methods", "fullDescription": "A method in a base type is hidden by an identically named method in a derived type when the parameter signature of the derived method differs only by types that are more weakly derived than the corresponding types in the parameter signature of the base method.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1061", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1061", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1321,7 +1321,7 @@ "shortDescription": "Validate arguments of public methods", "fullDescription": "An externally visible method dereferences one of its reference arguments without verifying whether that argument is null (Nothing in Visual Basic). All reference arguments that are passed to externally visible methods should be checked against null. If appropriate, throw an ArgumentNullException when the argument is null or add a Code Contract precondition asserting non-null argument. If the method is designed to be called only by known assemblies, you should make the method internal.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1343,7 +1343,7 @@ "shortDescription": "Implement IDisposable Correctly", "fullDescription": "All IDisposable types should implement the Dispose pattern correctly.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1063", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1364,7 +1364,7 @@ "shortDescription": "Exceptions should be public", "fullDescription": "An internal exception is visible only inside its own internal scope. After the exception falls outside the internal scope, only the base exception can be used to catch the exception. If the internal exception is inherited from T:System.Exception, T:System.SystemException, or T:System.ApplicationException, the external code will not have sufficient information to know what to do with the exception.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1064", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1064", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1385,7 +1385,7 @@ "shortDescription": "Do not raise exceptions in unexpected locations", "fullDescription": "A method that is not expected to throw exceptions throws an exception.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1065", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1065", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1406,7 +1406,7 @@ "shortDescription": "Implement IEquatable when overriding Object.Equals", "fullDescription": "When a type T overrides Object.Equals(object), the implementation must cast the object argument to the correct type T before performing the comparison. If the type implements IEquatable, and therefore offers the method T.Equals(T), and if the argument is known at compile time to be of type T, then the compiler can call IEquatable.Equals(T) instead of Object.Equals(object), and no cast is necessary, improving performance.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1066", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1066", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -1426,7 +1426,7 @@ "shortDescription": "Override Object.Equals(object) when implementing IEquatable", "fullDescription": "When a type T implements the interface IEquatable, it suggests to a user who sees a call to the Equals method in source code that an instance of the type can be equated with an instance of any other type. The user might be confused if their attempt to equate the type with an instance of another type fails to compile. This violates the \"principle of least surprise\".", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1067", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1067", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1446,7 +1446,7 @@ "shortDescription": "CancellationToken parameters must come last", "fullDescription": "Method '{0}' should take CancellationToken as the last parameter", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1068", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1466,7 +1466,7 @@ "shortDescription": "Enums values should not be duplicated", "fullDescription": "The field reference '{0}' is duplicated in this bitwise initialization", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1069", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1069", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1486,7 +1486,7 @@ "shortDescription": "Do not declare event fields as virtual", "fullDescription": "Do not declare virtual events in a base class. Overridden events in a derived class have undefined behavior. The C# compiler does not handle this correctly and it is unpredictable whether a subscriber to the derived event will actually be subscribing to the base class event.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1070", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -1505,7 +1505,7 @@ "shortDescription": "Do not pass literals as localized parameters", "fullDescription": "A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1303", "properties": { "category": "Globalization", "isEnabledByDefault": false, @@ -1527,7 +1527,7 @@ "shortDescription": "Specify CultureInfo", "fullDescription": "A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1304", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -1548,7 +1548,7 @@ "shortDescription": "Specify IFormatProvider", "fullDescription": "A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1305", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1305", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -1569,7 +1569,7 @@ "shortDescription": "Specify StringComparison for clarity", "fullDescription": "A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307", "properties": { "category": "Globalization", "isEnabledByDefault": false, @@ -1590,7 +1590,7 @@ "shortDescription": "Normalize strings to uppercase", "fullDescription": "Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1308", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1308", "properties": { "category": "Globalization", "isEnabledByDefault": false, @@ -1611,7 +1611,7 @@ "shortDescription": "Specify StringComparison for correctness", "fullDescription": "A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1310", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1310", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -1631,7 +1631,7 @@ "shortDescription": "P/Invokes should not be visible", "fullDescription": "A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1401", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1401", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1652,7 +1652,7 @@ "shortDescription": "Validate platform compatibility", "fullDescription": "Using platform dependent API on a component makes the code no longer work across all platforms.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1416", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1672,7 +1672,7 @@ "shortDescription": "Do not use 'OutAttribute' on string parameters for P/Invokes", "fullDescription": "String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1417", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1417", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1692,7 +1692,7 @@ "shortDescription": "Use valid platform string", "fullDescription": "Platform compatibility analyzer requires a valid platform name and version.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1418", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1418", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1712,7 +1712,7 @@ "shortDescription": "Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle'", "fullDescription": "Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1419", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1419", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1732,7 +1732,7 @@ "shortDescription": "Property, type, or attribute requires runtime marshalling", "fullDescription": "Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1420", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1420", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1752,7 +1752,7 @@ "shortDescription": "This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied", "fullDescription": "This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1421", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1421", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1772,7 +1772,7 @@ "shortDescription": "Validate platform compatibility", "fullDescription": "Using platform dependent API on a component makes the code no longer work across all platforms.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1422", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1422", "properties": { "category": "Interoperability", "isEnabledByDefault": true, @@ -1792,7 +1792,7 @@ "shortDescription": "Avoid excessive inheritance", "fullDescription": "Deeply nested type hierarchies can be difficult to follow, understand, and maintain. This rule limits analysis to hierarchies in the same module. To fix a violation of this rule, derive the type from a base type that is less deep in the inheritance hierarchy or eliminate some of the intermediate base types.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1501", "properties": { "category": "Maintainability", "isEnabledByDefault": false, @@ -1813,7 +1813,7 @@ "shortDescription": "Avoid excessive complexity", "fullDescription": "Cyclomatic complexity measures the number of linearly independent paths through the method, which is determined by the number and complexity of conditional branches. A low cyclomatic complexity generally indicates a method that is easy to understand, test, and maintain. The cyclomatic complexity is calculated from a control flow graph of the method and is given as follows: `cyclomatic complexity = the number of edges - the number of nodes + 1`, where a node represents a logic branch point and an edge represents a line between nodes.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1502", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1502", "properties": { "category": "Maintainability", "isEnabledByDefault": false, @@ -1834,7 +1834,7 @@ "shortDescription": "Avoid unmaintainable code", "fullDescription": "The maintainability index is calculated by using the following metrics: lines of code, program volume, and cyclomatic complexity. Program volume is a measure of the difficulty of understanding of a symbol that is based on the number of operators and operands in the code. Cyclomatic complexity is a measure of the structural complexity of the type or method. A low maintainability index indicates that code is probably difficult to maintain and would be a good candidate to redesign.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1505", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1505", "properties": { "category": "Maintainability", "isEnabledByDefault": false, @@ -1855,7 +1855,7 @@ "shortDescription": "Avoid excessive class coupling", "fullDescription": "This rule measures class coupling by counting the number of unique type references that a symbol contains. Symbols that have a high degree of class coupling can be difficult to maintain. It is a good practice to have types and methods that exhibit low coupling and high cohesion. To fix this violation, try to redesign the code to reduce the number of types to which it is coupled.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1506", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1506", "properties": { "category": "Maintainability", "isEnabledByDefault": false, @@ -1876,7 +1876,7 @@ "shortDescription": "Avoid dead conditional code", "fullDescription": "'{0}' is never '{1}'. Remove or refactor the condition(s) to avoid dead code.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508", "properties": { "category": "Maintainability", "isEnabledByDefault": false, @@ -1897,7 +1897,7 @@ "shortDescription": "Invalid entry in code metrics rule specification file", "fullDescription": "Invalid entry in code metrics rule specification file.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1509", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1509", "properties": { "category": "Maintainability", "isEnabledByDefault": false, @@ -1917,7 +1917,7 @@ "shortDescription": "Do not name enum values 'Reserved'", "fullDescription": "This rule assumes that an enumeration member that has a name that contains \"reserved\" is not currently used but is a placeholder to be renamed or removed in a future version. Renaming or removing a member is a breaking change.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700", "properties": { "category": "Naming", "isEnabledByDefault": false, @@ -1938,7 +1938,7 @@ "shortDescription": "Identifiers should not contain underscores", "fullDescription": "By convention, identifier names do not contain the underscore (_) character. This rule checks namespaces, types, members, and parameters.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1707", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -1959,7 +1959,7 @@ "shortDescription": "Identifiers should differ by more than case", "fullDescription": "Identifiers for namespaces, types, members, and parameters cannot differ only by case because languages that target the common language runtime are not required to be case-sensitive.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1708", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -1980,7 +1980,7 @@ "shortDescription": "Identifiers should have correct suffix", "fullDescription": "By convention, the names of types that extend certain base types or that implement certain interfaces, or types that are derived from these types, have a suffix that is associated with the base type or interface.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1710", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2001,7 +2001,7 @@ "shortDescription": "Identifiers should not have incorrect suffix", "fullDescription": "By convention, only the names of types that extend certain base types or that implement certain interfaces, or types that are derived from these types, should end with specific reserved suffixes. Other type names should not use these reserved suffixes.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1711", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2022,7 +2022,7 @@ "shortDescription": "Do not prefix enum values with type name", "fullDescription": "An enumeration's values should not start with the type name of the enumeration.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1712", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2043,7 +2043,7 @@ "shortDescription": "Events should not have 'Before' or 'After' prefix", "fullDescription": "Event names should describe the action that raises the event. To name related events that are raised in a specific sequence, use the present or past tense to indicate the relative position in the sequence of actions. For example, when naming a pair of events that is raised when closing a resource, you might name it 'Closing' and 'Closed', instead of 'BeforeClose' and 'AfterClose'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1713", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1713", "properties": { "category": "Naming", "isEnabledByDefault": false, @@ -2064,7 +2064,7 @@ "shortDescription": "Identifiers should have correct prefix", "fullDescription": "The name of an externally visible interface does not start with an uppercase \"\"I\"\". The name of a generic type parameter on an externally visible type or method does not start with an uppercase \"\"T\"\".", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1715", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2085,7 +2085,7 @@ "shortDescription": "Identifiers should not match keywords", "fullDescription": "A namespace name or a type name matches a reserved keyword in a programming language. Identifiers for namespaces and types should not match keywords that are defined by languages that target the common language runtime.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1716", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2106,7 +2106,7 @@ "shortDescription": "Identifier contains type name", "fullDescription": "Names of parameters and members are better used to communicate their meaning than to describe their type, which is expected to be provided by development tools. For names of members, if a data type name must be used, use a language-independent name instead of a language-specific one.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1720", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2127,7 +2127,7 @@ "shortDescription": "Property names should not match get methods", "fullDescription": "The name of a public or protected member starts with \"\"Get\"\" and otherwise matches the name of a public or protected property. \"\"Get\"\" methods and properties should have names that clearly distinguish their function.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1721", "properties": { "category": "Naming", "isEnabledByDefault": false, @@ -2148,7 +2148,7 @@ "shortDescription": "Type names should not match namespaces", "fullDescription": "Type names should not match the names of namespaces that are defined in the .NET Framework class library. Violating this rule can reduce the usability of the library.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1724", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1724", "properties": { "category": "Naming", "isEnabledByDefault": false, @@ -2170,7 +2170,7 @@ "shortDescription": "Parameter names should match base declaration", "fullDescription": "Consistent naming of parameters in an override hierarchy increases the usability of the method overrides. A parameter name in a derived method that differs from the name in the base declaration can cause confusion about whether the method is an override of the base method or a new overload of the method.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1725", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2191,7 +2191,7 @@ "shortDescription": "Use PascalCase for named placeholders", "fullDescription": "Use PascalCase for named placeholders in the logging message template.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1727", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1727", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -2211,7 +2211,7 @@ "shortDescription": "Do not ignore method results", "fullDescription": "A new object is created but never used; or a method that creates and returns a new string is called and the new string is never used; or a COM or P/Invoke method returns an HRESULT or error code that is never used.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1806", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2232,7 +2232,7 @@ "shortDescription": "Initialize reference type static fields inline", "fullDescription": "A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1810", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1810", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2253,7 +2253,7 @@ "shortDescription": "Avoid unsealed attributes", "fullDescription": "The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1813", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1813", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2274,7 +2274,7 @@ "shortDescription": "Prefer jagged arrays over multidimensional", "fullDescription": "A jagged array is an array whose elements are arrays. The arrays that make up the elements can be of different sizes, leading to less wasted space for some sets of data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1814", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1814", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2295,7 +2295,7 @@ "shortDescription": "Override equals and operator equals on value types", "fullDescription": "For value types, the inherited implementation of Equals uses the Reflection library and compares the contents of all fields. Reflection is computationally expensive, and comparing every field for equality might be unnecessary. If you expect users to compare or sort instances, or to use instances as hash table keys, your value type should implement Equals.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1815", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2316,7 +2316,7 @@ "shortDescription": "Dispose methods should call SuppressFinalize", "fullDescription": "A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic).", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1816", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1816", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -2337,7 +2337,7 @@ "shortDescription": "Properties should not return arrays", "fullDescription": "Arrays that are returned by properties are not write-protected, even when the property is read-only. To keep the array tamper-proof, the property must return a copy of the array. Typically, users will not understand the adverse performance implications of calling such a property.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1819", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2358,7 +2358,7 @@ "shortDescription": "Test for empty strings using string length", "fullDescription": "Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1820", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1820", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2378,7 +2378,7 @@ "shortDescription": "Remove empty Finalizers", "fullDescription": "Finalizers should be avoided where possible, to avoid the additional performance overhead involved in tracking object lifetime.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1821", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1821", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2399,7 +2399,7 @@ "shortDescription": "Mark members as static", "fullDescription": "Members that do not access instance data or call instance methods can be marked as static. After you mark the methods as static, the compiler will emit nonvirtual call sites to these members. This can give you a measurable performance gain for performance-sensitive code.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1822", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2420,7 +2420,7 @@ "shortDescription": "Avoid unused private fields", "fullDescription": "Private fields were detected that do not appear to be accessed in the assembly.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1823", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1823", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2441,7 +2441,7 @@ "shortDescription": "Do not use Enumerable methods on indexable collections", "fullDescription": "This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1826", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2461,7 +2461,7 @@ "shortDescription": "Do not use Count() or LongCount() when Any() can be used", "fullDescription": "For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1827", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1827", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2481,7 +2481,7 @@ "shortDescription": "Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used", "fullDescription": "For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1828", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1828", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2501,7 +2501,7 @@ "shortDescription": "Use Length/Count property instead of Count() when available", "fullDescription": "Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1829", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1829", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2521,7 +2521,7 @@ "shortDescription": "Prefer strongly-typed Append and Insert method overloads on StringBuilder", "fullDescription": "StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1830", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1830", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2541,7 +2541,7 @@ "shortDescription": "Use AsSpan or AsMemory instead of Range-based indexers when appropriate", "fullDescription": "The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1831", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1831", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2561,7 +2561,7 @@ "shortDescription": "Use AsSpan or AsMemory instead of Range-based indexers when appropriate", "fullDescription": "The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1832", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1832", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2581,7 +2581,7 @@ "shortDescription": "Use AsSpan or AsMemory instead of Range-based indexers when appropriate", "fullDescription": "The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1833", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1833", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2601,7 +2601,7 @@ "shortDescription": "Consider using 'StringBuilder.Append(char)' when applicable", "fullDescription": "'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1834", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1834", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2621,7 +2621,7 @@ "shortDescription": "Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync'", "fullDescription": "'Stream' has a 'ReadAsync' overload that takes a 'Memory' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory' as the first argument. Prefer calling the memory based overloads, which are more efficient.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1835", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1835", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2641,7 +2641,7 @@ "shortDescription": "Prefer IsEmpty over Count", "fullDescription": "For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1836", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1836", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2661,7 +2661,7 @@ "shortDescription": "Use 'Environment.ProcessId'", "fullDescription": "'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1837", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1837", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2681,7 +2681,7 @@ "shortDescription": "Avoid 'StringBuilder' parameters for P/Invokes", "fullDescription": "Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1838", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1838", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2701,7 +2701,7 @@ "shortDescription": "Use 'Environment.ProcessPath'", "fullDescription": "'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1839", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1839", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2721,7 +2721,7 @@ "shortDescription": "Use 'Environment.CurrentManagedThreadId'", "fullDescription": "'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1840", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1840", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2741,7 +2741,7 @@ "shortDescription": "Do not use 'WhenAll' with a single task", "fullDescription": "Using 'WhenAll' with a single task may result in performance loss, await or return the task instead.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1842", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1842", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2761,7 +2761,7 @@ "shortDescription": "Do not use 'WaitAll' with a single task", "fullDescription": "Using 'WaitAll' with a single task may result in performance loss, await or return the task instead.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1843", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1843", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2781,7 +2781,7 @@ "shortDescription": "Provide memory-based overrides of async methods when subclassing 'Stream'", "fullDescription": "To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1844", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1844", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2801,7 +2801,7 @@ "shortDescription": "Prefer 'AsSpan' over 'Substring'", "fullDescription": "'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1846", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1846", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2821,7 +2821,7 @@ "shortDescription": "Use char literal for a single character lookup", "fullDescription": "'string.Contains(char)' is available as a better performing overload for single char lookup.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1847", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1847", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2841,7 +2841,7 @@ "shortDescription": "Use the LoggerMessage delegates", "fullDescription": "For improved performance, use the LoggerMessage delegates.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1848", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1848", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2861,7 +2861,7 @@ "shortDescription": "Call async methods when in an async method", "fullDescription": "When inside a Task-returning method, use the async version of methods, if they exist.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1849", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1849", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -2881,7 +2881,7 @@ "shortDescription": "Prefer static 'HashData' method over 'ComputeHash'", "fullDescription": "It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1850", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1850", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2901,7 +2901,7 @@ "shortDescription": "Seal internal types", "fullDescription": "When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1852", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1852", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2922,7 +2922,7 @@ "shortDescription": "Unnecessary call to 'Dictionary.ContainsKey(key)'", "fullDescription": "Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1853", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1853", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2942,7 +2942,7 @@ "shortDescription": "Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method", "fullDescription": "Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1854", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1854", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -2962,7 +2962,7 @@ "shortDescription": "Dispose objects before losing scope", "fullDescription": "If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000", "properties": { "category": "Reliability", "isEnabledByDefault": false, @@ -2984,7 +2984,7 @@ "shortDescription": "Do not lock on objects with weak identity", "fullDescription": "An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2002", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2002", "properties": { "category": "Reliability", "isEnabledByDefault": false, @@ -3005,7 +3005,7 @@ "shortDescription": "Consider calling ConfigureAwait on the awaited task", "fullDescription": "When an asynchronous method awaits a Task directly, continuation occurs in the same thread that created the task. Consider calling Task.ConfigureAwait(Boolean) to signal your intention for continuation. Call ConfigureAwait(false) on the task to schedule continuations to the thread pool, thereby avoiding a deadlock on the UI thread. Passing false is a good option for app-independent libraries. Calling ConfigureAwait(true) on the task has the same behavior as not explicitly calling ConfigureAwait. By explicitly calling this method, you're letting readers know you intentionally want to perform the continuation on the original synchronization context.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2007", "properties": { "category": "Reliability", "isEnabledByDefault": false, @@ -3025,7 +3025,7 @@ "shortDescription": "Do not create tasks without passing a TaskScheduler", "fullDescription": "Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2008", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2008", "properties": { "category": "Reliability", "isEnabledByDefault": false, @@ -3045,7 +3045,7 @@ "shortDescription": "Do not call ToImmutableCollection on an ImmutableCollection value", "fullDescription": "Do not call {0} on an {1} value", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2009", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2009", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3065,7 +3065,7 @@ "shortDescription": "Avoid infinite recursion", "fullDescription": "Do not assign the property within its setter. This call might result in an infinite recursion.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2011", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2011", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3085,7 +3085,7 @@ "shortDescription": "Use ValueTasks correctly", "fullDescription": "ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2012", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2012", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3105,7 +3105,7 @@ "shortDescription": "Do not use ReferenceEquals with value types", "fullDescription": "Value type typed arguments are uniquely boxed for each call to this method, therefore the result is always false.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2013", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2013", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3125,7 +3125,7 @@ "shortDescription": "Do not define finalizers for types derived from MemoryManager", "fullDescription": "Adding a finalizer to a type derived from MemoryManager may permit memory to be freed while it is still in use by a Span.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2015", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2015", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3145,7 +3145,7 @@ "shortDescription": "Parameter count mismatch", "fullDescription": "Number of parameters supplied in the logging message template do not match the number of named placeholders.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2017", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2017", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3165,7 +3165,7 @@ "shortDescription": "'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument", "fullDescription": "'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2018", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2018", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3185,7 +3185,7 @@ "shortDescription": "Improper 'ThreadStatic' field initialization", "fullDescription": "'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2019", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2019", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -3205,7 +3205,7 @@ "shortDescription": "Review SQL queries for security vulnerabilities", "fullDescription": "SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -3227,7 +3227,7 @@ "shortDescription": "Specify marshaling for P/Invoke string arguments", "fullDescription": "A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2101", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2101", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -3248,7 +3248,7 @@ "shortDescription": "Review visible event handlers", "fullDescription": "A public or protected event-handling method was detected. Event-handling methods should not be exposed unless absolutely necessary.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2109", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2109", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -3269,7 +3269,7 @@ "shortDescription": "Seal methods that satisfy private interfaces", "fullDescription": "An inheritable public type provides an overridable method implementation of an internal (Friend in Visual Basic) interface. To fix a violation of this rule, prevent the method from being overridden outside the assembly.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2119", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2119", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -3290,7 +3290,7 @@ "shortDescription": "Do Not Catch Corrupted State Exceptions", "fullDescription": "Catching corrupted state exceptions could mask errors (such as access violations), resulting in inconsistent state of execution or making it easier for attackers to compromise system. Instead, catch and handle a more specific set of exception type(s) or re-throw the exception.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2153", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2153", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -3310,7 +3310,7 @@ "shortDescription": "Rethrow to preserve stack details", "fullDescription": "Re-throwing caught exception changes stack information", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2200", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2200", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3331,7 +3331,7 @@ "shortDescription": "Do not raise reserved exception types", "fullDescription": "An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2201", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2201", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3352,7 +3352,7 @@ "shortDescription": "Initialize value type static fields inline", "fullDescription": "A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2207", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2207", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3373,7 +3373,7 @@ "shortDescription": "Instantiate argument exceptions correctly", "fullDescription": "A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2208", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3394,7 +3394,7 @@ "shortDescription": "Non-constant fields should not be visible", "fullDescription": "Static fields that are neither constants nor read-only are not thread-safe. Access to such a field must be carefully controlled and requires advanced programming techniques to synchronize access to the class object.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2211", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2211", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3415,7 +3415,7 @@ "shortDescription": "Disposable fields should be disposed", "fullDescription": "A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2213", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3437,7 +3437,7 @@ "shortDescription": "Do not call overridable methods in constructors", "fullDescription": "Virtual methods defined on the class should not be called from constructors. If a derived class has overridden the method, the derived class version will be called (before the derived class constructor is called).", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3458,7 +3458,7 @@ "shortDescription": "Dispose methods should call base class dispose", "fullDescription": "A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2215", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2215", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3479,7 +3479,7 @@ "shortDescription": "Disposable types should declare finalizer", "fullDescription": "A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2216", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2216", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3500,7 +3500,7 @@ "shortDescription": "Do not mark enums with FlagsAttribute", "fullDescription": "An externally visible enumeration is marked by using FlagsAttribute, and it has one or more values that are not powers of two or a combination of the other defined values on the enumeration.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2217", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3521,7 +3521,7 @@ "shortDescription": "Do not raise exceptions in finally clauses", "fullDescription": "When an exception is raised in a finally clause, the new exception hides the active exception. This makes the original error difficult to detect and debug.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2219", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2219", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3542,7 +3542,7 @@ "shortDescription": "Operator overloads have named alternates", "fullDescription": "An operator overload was detected, and the expected named alternative method was not found. The named alternative member provides access to the same functionality as the operator and is provided for developers who program in languages that do not support overloaded operators.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2225", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3563,7 +3563,7 @@ "shortDescription": "Operators should have symmetrical overloads", "fullDescription": "A type implements the equality or inequality operator and does not implement the opposite operator.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2226", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3584,7 +3584,7 @@ "shortDescription": "Collection properties should be read only", "fullDescription": "A writable collection property allows a user to replace the collection with a different collection. A read-only property stops the collection from being replaced but still allows the individual members to be set.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3605,7 +3605,7 @@ "shortDescription": "Implement serialization constructors", "fullDescription": "To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2229", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2229", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3626,7 +3626,7 @@ "shortDescription": "Overload operator equals on overriding value type Equals", "fullDescription": "In most programming languages there is no default implementation of the equality operator (==) for value types. If your programming language supports operator overloads, you should consider implementing the equality operator. Its behavior should be identical to that of Equals.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2231", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3647,7 +3647,7 @@ "shortDescription": "Mark all non-serializable fields", "fullDescription": "An instance field of a type that is not serializable is declared in a type that is serializable.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2235", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2235", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3668,7 +3668,7 @@ "shortDescription": "Mark ISerializable types with serializable", "fullDescription": "To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2237", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2237", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3689,7 +3689,7 @@ "shortDescription": "Provide correct arguments to formatting methods", "fullDescription": "The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2241", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3710,7 +3710,7 @@ "shortDescription": "Test for NaN correctly", "fullDescription": "This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2242", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2242", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3731,7 +3731,7 @@ "shortDescription": "Attribute string literals should parse correctly", "fullDescription": "The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2243", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2243", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -3752,7 +3752,7 @@ "shortDescription": "Do not duplicate indexed element initializations", "fullDescription": "Indexed elements in objects initializers must initialize unique elements. A duplicate index might overwrite a previous element initialization.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2244", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2244", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3771,7 +3771,7 @@ "shortDescription": "Do not assign a property to itself", "fullDescription": "The property {0} should not be assigned to itself", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2245", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2245", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3791,7 +3791,7 @@ "shortDescription": "Assigning symbol and its member in the same statement", "fullDescription": "Assigning to a symbol and its member (field/property) in the same statement is not recommended. It is not clear if the member access was intended to use symbol's old value prior to the assignment or new value from the assignment in this statement. For clarity, consider splitting the assignments into separate statements.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2246", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2246", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3810,7 +3810,7 @@ "shortDescription": "Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum", "fullDescription": "TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2247", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2247", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3830,7 +3830,7 @@ "shortDescription": "Provide correct 'enum' argument to 'Enum.HasFlag'", "fullDescription": "'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2248", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2248", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3850,7 +3850,7 @@ "shortDescription": "Consider using 'string.Contains' instead of 'string.IndexOf'", "fullDescription": "Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2249", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2249", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3870,7 +3870,7 @@ "shortDescription": "Use 'ThrowIfCancellationRequested'", "fullDescription": "'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2250", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2250", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3890,7 +3890,7 @@ "shortDescription": "Use 'string.Equals'", "fullDescription": "It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2251", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2251", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3910,7 +3910,7 @@ "shortDescription": "Named placeholders should not be numeric values", "fullDescription": "Named placeholders in the logging message template should not be comprised of only numeric characters.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2253", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2253", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3930,7 +3930,7 @@ "shortDescription": "Template should be a static expression", "fullDescription": "The logging message template should not vary between calls.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2254", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2254", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3950,7 +3950,7 @@ "shortDescription": "The 'ModuleInitializer' attribute should not be used in libraries", "fullDescription": "Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2255", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2255", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3969,7 +3969,7 @@ "shortDescription": "All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface", "fullDescription": "Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2256", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2256", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -3989,7 +3989,7 @@ "shortDescription": "Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static'", "fullDescription": "Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2257", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2257", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -4009,7 +4009,7 @@ "shortDescription": "Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported", "fullDescription": "Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2258", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2258", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -4029,7 +4029,7 @@ "shortDescription": "'ThreadStatic' only affects static fields", "fullDescription": "'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2259", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2259", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -4049,7 +4049,7 @@ "shortDescription": "Do not use insecure deserializer BinaryFormatter", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4069,7 +4069,7 @@ "shortDescription": "Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2301", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4091,7 +4091,7 @@ "shortDescription": "Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2302", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4113,7 +4113,7 @@ "shortDescription": "Do not use insecure deserializer LosFormatter", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2305", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2305", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4133,7 +4133,7 @@ "shortDescription": "Do not use insecure deserializer NetDataContractSerializer", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2310", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2310", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4153,7 +4153,7 @@ "shortDescription": "Do not deserialize without first setting NetDataContractSerializer.Binder", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2311", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4175,7 +4175,7 @@ "shortDescription": "Ensure NetDataContractSerializer.Binder is set before deserializing", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2312", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4197,7 +4197,7 @@ "shortDescription": "Do not use insecure deserializer ObjectStateFormatter", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2315", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2315", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4217,7 +4217,7 @@ "shortDescription": "Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2321", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4239,7 +4239,7 @@ "shortDescription": "Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2322", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4261,7 +4261,7 @@ "shortDescription": "Do not use TypeNameHandling values other than None", "fullDescription": "Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2326", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2326", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4281,7 +4281,7 @@ "shortDescription": "Do not use insecure JsonSerializerSettings", "fullDescription": "When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2327", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4303,7 +4303,7 @@ "shortDescription": "Ensure that JsonSerializerSettings are secure", "fullDescription": "When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2328", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4325,7 +4325,7 @@ "shortDescription": "Do not deserialize with JsonSerializer using an insecure configuration", "fullDescription": "When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2329", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4347,7 +4347,7 @@ "shortDescription": "Ensure that JsonSerializer has a secure configuration when deserializing", "fullDescription": "When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2330", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4369,7 +4369,7 @@ "shortDescription": "Do not use DataTable.ReadXml() with untrusted data", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2350", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2350", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4389,7 +4389,7 @@ "shortDescription": "Do not use DataSet.ReadXml() with untrusted data", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2351", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2351", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4409,7 +4409,7 @@ "shortDescription": "Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data", "fullDescription": "The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2361", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2361", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4429,7 +4429,7 @@ "shortDescription": "Review code for SQL injection vulnerabilities", "fullDescription": "Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3001", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4450,7 +4450,7 @@ "shortDescription": "Review code for XSS vulnerabilities", "fullDescription": "Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3002", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4471,7 +4471,7 @@ "shortDescription": "Review code for file path injection vulnerabilities", "fullDescription": "Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3003", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4492,7 +4492,7 @@ "shortDescription": "Review code for information disclosure vulnerabilities", "fullDescription": "Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3004", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4513,7 +4513,7 @@ "shortDescription": "Review code for LDAP injection vulnerabilities", "fullDescription": "Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3005", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4534,7 +4534,7 @@ "shortDescription": "Review code for process command injection vulnerabilities", "fullDescription": "Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3006", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4555,7 +4555,7 @@ "shortDescription": "Review code for open redirect vulnerabilities", "fullDescription": "Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3007", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4576,7 +4576,7 @@ "shortDescription": "Review code for XPath injection vulnerabilities", "fullDescription": "Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3008", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4597,7 +4597,7 @@ "shortDescription": "Review code for XML injection vulnerabilities", "fullDescription": "Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3009", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4618,7 +4618,7 @@ "shortDescription": "Review code for XAML injection vulnerabilities", "fullDescription": "Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3010", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4639,7 +4639,7 @@ "shortDescription": "Review code for DLL injection vulnerabilities", "fullDescription": "Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3011", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4660,7 +4660,7 @@ "shortDescription": "Review code for regex injection vulnerabilities", "fullDescription": "Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3012", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4681,7 +4681,7 @@ "shortDescription": "Do Not Add Schema By URL", "fullDescription": "This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3061", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3061", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4701,7 +4701,7 @@ "shortDescription": "Insecure DTD processing in XML", "fullDescription": "Using XmlTextReader.Load(), creating an insecure XmlReaderSettings instance when invoking XmlReader.Create(), setting the InnerXml property of the XmlDocument and enabling DTD processing using XmlUrlResolver insecurely can lead to information disclosure. Replace it with a call to the Load() method overload that takes an XmlReader instance, use XmlReader.Create() to accept XmlReaderSettings arguments or consider explicitly setting secure values. The DataViewSettingCollectionString property of DataViewManager should always be assigned from a trusted source, the DtdProcessing property should be set to false, and the XmlResolver property should be changed to XmlSecureResolver or null.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3075", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3075", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4721,7 +4721,7 @@ "shortDescription": "Insecure XSLT script processing", "fullDescription": "Providing an insecure XsltSettings instance and an insecure XmlResolver instance to XslCompiledTransform.Load method is potentially unsafe as it allows processing script within XSL, which on an untrusted XSL input may lead to malicious code execution. Either replace the insecure XsltSettings argument with XsltSettings.Default or an instance that has disabled document function and script execution, or replace the XmlResolver argument with null or an XmlSecureResolver instance. This message may be suppressed if the input is known to be from a trusted source and external resource resolution from locations that are not known in advance must be supported.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3076", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3076", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4741,7 +4741,7 @@ "shortDescription": "Insecure Processing in API Design, XmlDocument and XmlTextReader", "fullDescription": "Enabling DTD processing on all instances derived from XmlTextReader or  XmlDocument and using XmlUrlResolver for resolving external XML entities may lead to information disclosure. Ensure to set the XmlResolver property to null, create an instance of XmlSecureResolver when processing untrusted input, or use XmlReader.Create method with a secure XmlReaderSettings argument. Unless you need to enable it, ensure the DtdProcessing property is set to false.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3077", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3077", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4761,7 +4761,7 @@ "shortDescription": "Mark Verb Handlers With Validate Antiforgery Token", "fullDescription": "Missing ValidateAntiForgeryTokenAttribute on controller action {0}", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3147", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca3147", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4781,7 +4781,7 @@ "shortDescription": "Do Not Use Weak Cryptographic Algorithms", "fullDescription": "Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5350", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5350", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4801,7 +4801,7 @@ "shortDescription": "Do Not Use Broken Cryptographic Algorithms", "fullDescription": "An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5351", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5351", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4821,7 +4821,7 @@ "shortDescription": "Review cipher mode usage with cryptography experts", "fullDescription": "These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS).", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5358", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5358", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4841,7 +4841,7 @@ "shortDescription": "Do Not Disable Certificate Validation", "fullDescription": "A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5359", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5359", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4861,7 +4861,7 @@ "shortDescription": "Do Not Call Dangerous Methods In Deserialization", "fullDescription": "Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5360", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5360", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4882,7 +4882,7 @@ "shortDescription": "Do Not Disable SChannel Use of Strong Crypto", "fullDescription": "Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5361", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4903,7 +4903,7 @@ "shortDescription": "Potential reference cycle in deserialized object graph", "fullDescription": "Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5362", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5362", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -4924,7 +4924,7 @@ "shortDescription": "Do Not Disable Request Validation", "fullDescription": "Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5363", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5363", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4944,7 +4944,7 @@ "shortDescription": "Do Not Use Deprecated Security Protocols", "fullDescription": "Using a deprecated security protocol rather than the system default is risky.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5364", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5364", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4964,7 +4964,7 @@ "shortDescription": "Do Not Disable HTTP Header Checking", "fullDescription": "HTTP header checking enables encoding of the carriage return and newline characters, \\r and \\n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5365", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5365", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -4984,7 +4984,7 @@ "shortDescription": "Use XmlReader for 'DataSet.ReadXml()'", "fullDescription": "Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5366", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5366", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5004,7 +5004,7 @@ "shortDescription": "Do Not Serialize Types With Pointer Fields", "fullDescription": "Pointers are not \"type safe\" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5367", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5367", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5025,7 +5025,7 @@ "shortDescription": "Set ViewStateUserKey For Classes Derived From Page", "fullDescription": "Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5368", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5368", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5045,7 +5045,7 @@ "shortDescription": "Use XmlReader for 'XmlSerializer.Deserialize()'", "fullDescription": "Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5369", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5369", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5065,7 +5065,7 @@ "shortDescription": "Use XmlReader for XmlValidatingReader constructor", "fullDescription": "Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5370", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5370", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5085,7 +5085,7 @@ "shortDescription": "Use XmlReader for 'XmlSchema.Read()'", "fullDescription": "Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5371", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5371", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5105,7 +5105,7 @@ "shortDescription": "Use XmlReader for XPathDocument constructor", "fullDescription": "Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5372", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5372", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5125,7 +5125,7 @@ "shortDescription": "Do not use obsolete key derivation function", "fullDescription": "Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5373", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5373", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5145,7 +5145,7 @@ "shortDescription": "Do Not Use XslTransform", "fullDescription": "Do not use XslTransform. It does not restrict potentially dangerous external references.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5374", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5374", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5165,7 +5165,7 @@ "shortDescription": "Do Not Use Account Shared Access Signature", "fullDescription": "Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5375", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5375", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5185,7 +5185,7 @@ "shortDescription": "Use SharedAccessProtocol HttpsOnly", "fullDescription": "HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5376", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5206,7 +5206,7 @@ "shortDescription": "Use Container Level Access Policy", "fullDescription": "No access policy identifier is specified, making tokens non-revocable.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5377", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5227,7 +5227,7 @@ "shortDescription": "Do not disable ServicePointManagerSecurityProtocols", "fullDescription": "Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5378", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5248,7 +5248,7 @@ "shortDescription": "Ensure Key Derivation Function algorithm is sufficiently strong", "fullDescription": "Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5379", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5379", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5268,7 +5268,7 @@ "shortDescription": "Do Not Add Certificates To Root Store", "fullDescription": "By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5380", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5290,7 +5290,7 @@ "shortDescription": "Ensure Certificates Are Not Added To Root Store", "fullDescription": "By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5381", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5312,7 +5312,7 @@ "shortDescription": "Use Secure Cookies In ASP.NET Core", "fullDescription": "Applications available over HTTPS must use secure cookies.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5382", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5334,7 +5334,7 @@ "shortDescription": "Ensure Use Secure Cookies In ASP.NET Core", "fullDescription": "Applications available over HTTPS must use secure cookies.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5383", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5356,7 +5356,7 @@ "shortDescription": "Do Not Use Digital Signature Algorithm (DSA)", "fullDescription": "DSA is too weak to use.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5384", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5376,7 +5376,7 @@ "shortDescription": "Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size", "fullDescription": "Encryption algorithms are vulnerable to brute force attacks when too small a key size is used.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5385", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5385", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5396,7 +5396,7 @@ "shortDescription": "Avoid hardcoding SecurityProtocolType value", "fullDescription": "Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5386", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5386", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5416,7 +5416,7 @@ "shortDescription": "Do Not Use Weak Key Derivation Function With Insufficient Iteration Count", "fullDescription": "When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k).", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5387", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5438,7 +5438,7 @@ "shortDescription": "Ensure Sufficient Iteration Count When Using Weak Key Derivation Function", "fullDescription": "When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k).", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5388", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5460,7 +5460,7 @@ "shortDescription": "Do Not Add Archive Item's Path To The Target File System Path", "fullDescription": "When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5389", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5481,7 +5481,7 @@ "shortDescription": "Do not hard-code encryption key", "fullDescription": "SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5390", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5502,7 +5502,7 @@ "shortDescription": "Use antiforgery tokens in ASP.NET Core MVC controllers", "fullDescription": "Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5391", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5523,7 +5523,7 @@ "shortDescription": "Use DefaultDllImportSearchPaths attribute for P/Invokes", "fullDescription": "By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5392", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5392", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5543,7 +5543,7 @@ "shortDescription": "Do not use unsafe DllImportSearchPath value", "fullDescription": "There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5393", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5563,7 +5563,7 @@ "shortDescription": "Do not use insecure randomness", "fullDescription": "Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5394", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5394", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5583,7 +5583,7 @@ "shortDescription": "Miss HttpVerb attribute for action methods", "fullDescription": "All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5395", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5395", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5604,7 +5604,7 @@ "shortDescription": "Set HttpOnly to true for HttpCookie", "fullDescription": "As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5396", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5396", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5626,7 +5626,7 @@ "shortDescription": "Do not use deprecated SslProtocols values", "fullDescription": "Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5397", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5397", "properties": { "category": "Security", "isEnabledByDefault": true, @@ -5646,7 +5646,7 @@ "shortDescription": "Avoid hardcoded SslProtocols values", "fullDescription": "Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5398", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5398", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5666,7 +5666,7 @@ "shortDescription": "HttpClients should enable certificate revocation list checks", "fullDescription": "Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5399", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5399", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5688,7 +5688,7 @@ "shortDescription": "Ensure HttpClient certificate revocation list check is not disabled", "fullDescription": "Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5400", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5400", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5710,7 +5710,7 @@ "shortDescription": "Do not use CreateEncryptor with non-default IV", "fullDescription": "Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5401", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5401", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5732,7 +5732,7 @@ "shortDescription": "Use CreateEncryptor with the default IV ", "fullDescription": "Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5402", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5402", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5754,7 +5754,7 @@ "shortDescription": "Do not hard-code certificate", "fullDescription": "Hard-coded certificates in source code are vulnerable to being exploited.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5403", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5403", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5775,7 +5775,7 @@ "shortDescription": "Do not disable token validation checks", "fullDescription": "Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5404", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5404", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5795,7 +5795,7 @@ "shortDescription": "Do not always skip token validation in delegates", "fullDescription": "By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5405", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca5405", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -5824,7 +5824,7 @@ "shortDescription": "Types that own disposable fields should be disposable", "fullDescription": "A class declares and implements an instance field that is a System.IDisposable type, and the class does not implement IDisposable. A class that declares an IDisposable field indirectly owns an unmanaged resource and should implement the IDisposable interface.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1001", "properties": { "category": "Design", "isEnabledByDefault": true, @@ -5844,7 +5844,7 @@ "shortDescription": "Implement standard exception constructors", "fullDescription": "Failure to provide the full set of constructors can make it difficult to correctly handle exceptions.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1032", "properties": { "category": "Design", "isEnabledByDefault": false, @@ -5864,7 +5864,7 @@ "shortDescription": "Avoid using cref tags with a prefix", "fullDescription": "Use of cref tags with prefixes should be avoided, since it prevents the compiler from verifying references and the IDE from updating references during refactorings. It is permissible to suppress this error at a single documentation site if the cref must use a prefix because the type being mentioned is not findable by the compiler. For example, if a cref is mentioning a special attribute in the full framework but you're in a file that compiles against the portable framework, or if you want to reference a type at higher layer of Roslyn, you should suppress the error. You should not suppress the error just because you want to take a shortcut and avoid using the full syntax.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1200", "properties": { "category": "Documentation", "isEnabledByDefault": true, @@ -5883,7 +5883,7 @@ "shortDescription": "Use ordinal string comparison", "fullDescription": "A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1309", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -5903,7 +5903,7 @@ "shortDescription": "Specify a culture or use an invariant version", "fullDescription": "Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1311", "properties": { "category": "Globalization", "isEnabledByDefault": true, @@ -5922,7 +5922,7 @@ "shortDescription": "Use nameof to express symbol names", "fullDescription": "Using nameof helps keep your code valid when refactoring.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1507", "properties": { "category": "Maintainability", "isEnabledByDefault": true, @@ -5941,7 +5941,7 @@ "shortDescription": "Use literals where appropriate", "fullDescription": "A field is declared static and read-only (Shared and ReadOnly in Visual Basic), and is initialized by using a value that is computable at compile time. Because the value that is assigned to the targeted field is computable at compile time, change the declaration to a const (Const in Visual Basic) field so that the value is computed at compile time instead of at run?time.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1802", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -5961,7 +5961,7 @@ "shortDescription": "Do not initialize unnecessarily", "fullDescription": "The .NET runtime initializes all fields of reference types to their default values before running the constructor. In most cases, explicitly initializing a field to its default value in a constructor is redundant, adding maintenance costs and potentially degrading performance (such as with increased assembly size), and the explicit initialization can be removed. In some cases, such as with static readonly fields that permanently retain their default value, consider instead changing them to be constants or properties.", "defaultLevel": "hidden", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1805", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -5981,7 +5981,7 @@ "shortDescription": "Avoid uninstantiated internal classes", "fullDescription": "An instance of an assembly-level type is not created by code in the assembly.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1812", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -6002,7 +6002,7 @@ "shortDescription": "Mark assemblies with NeutralResourcesLanguageAttribute", "fullDescription": "The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1824", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -6023,7 +6023,7 @@ "shortDescription": "Avoid zero-length array allocations", "fullDescription": "Avoid unnecessary zero-length array allocations. Use {0} instead.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1825", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -6042,7 +6042,7 @@ "shortDescription": "Prefer Dictionary.Contains methods", "fullDescription": "Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1841", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -6061,7 +6061,7 @@ "shortDescription": "Use span-based 'string.Concat'", "fullDescription": "It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1845", "properties": { "category": "Performance", "isEnabledByDefault": true, @@ -6080,7 +6080,7 @@ "shortDescription": "Possible multiple enumerations of 'IEnumerable' collection", "fullDescription": "Possible multiple enumerations of 'IEnumerable' collection. Consider using an implementation that avoids multiple enumerations.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1851", "properties": { "category": "Performance", "isEnabledByDefault": false, @@ -6100,7 +6100,7 @@ "shortDescription": "Forward the 'CancellationToken' parameter to methods", "fullDescription": "Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2016", "properties": { "category": "Reliability", "isEnabledByDefault": true, @@ -6119,7 +6119,7 @@ "shortDescription": "Override GetHashCode on overriding Equals", "fullDescription": "GetHashCode returns a value, based on the current instance, that is suited for hashing algorithms and data structures such as a hash table. Two objects that are the same type and are equal must return the same hash code.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2218", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2218", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -6139,7 +6139,7 @@ "shortDescription": "Override Equals on overloading operator equals", "fullDescription": "A public type implements the equality operator but does not override Object.Equals.", "defaultLevel": "note", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2224", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2224", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -6159,7 +6159,7 @@ "shortDescription": "Pass system uri objects instead of strings", "fullDescription": "A call is made to a method that has a string parameter whose name contains \"uri\", \"URI\", \"urn\", \"URN\", \"url\", or \"URL\". The declaring type of the method contains a corresponding method overload that has a System.Uri parameter.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2234", "properties": { "category": "Usage", "isEnabledByDefault": false, @@ -6179,7 +6179,7 @@ "shortDescription": "This API requires opting into preview features", "fullDescription": "An assembly has to opt into preview features before using them.", "defaultLevel": "error", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2252", "properties": { "category": "Usage", "isEnabledByDefault": true, @@ -6198,7 +6198,7 @@ "shortDescription": "Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks", "fullDescription": "When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2352", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -6217,7 +6217,7 @@ "shortDescription": "Unsafe DataSet or DataTable in serializable type", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2353", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -6236,7 +6236,7 @@ "shortDescription": "Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2354", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -6255,7 +6255,7 @@ "shortDescription": "Unsafe DataSet or DataTable type found in deserializable object graph", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2355", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -6274,7 +6274,7 @@ "shortDescription": "Unsafe DataSet or DataTable type in web deserializable object graph", "fullDescription": "When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0}", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2356", "properties": { "category": "Security", "isEnabledByDefault": false, @@ -6293,7 +6293,7 @@ "shortDescription": "Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks", "fullDescription": "When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2362", "properties": { "category": "Security", "isEnabledByDefault": false, diff --git a/src/NetAnalyzers/RulesMissingDocumentation.md b/src/NetAnalyzers/RulesMissingDocumentation.md index f0f1d7447e..477e5b9b53 100644 --- a/src/NetAnalyzers/RulesMissingDocumentation.md +++ b/src/NetAnalyzers/RulesMissingDocumentation.md @@ -2,14 +2,14 @@ Rule ID | Missing Help Link | Title | --------|-------------------|-------| -CA1311 | | Specify a culture or use an invariant version | -CA1420 | | Property, type, or attribute requires runtime marshalling | -CA1421 | | This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied | -CA1422 | | Validate platform compatibility | -CA1852 | | Seal internal types | -CA1853 | | Unnecessary call to 'Dictionary.ContainsKey(key)' | -CA1855 | | Prefer 'Clear' over 'Fill' | -CA2019 | | Improper 'ThreadStatic' field initialization | -CA2020 | | Prevent from behavioral change | -CA2259 | | 'ThreadStatic' only affects static fields | -CA2260 | | Use correct type parameter | +CA1311 | | Specify a culture or use an invariant version | +CA1420 | | Property, type, or attribute requires runtime marshalling | +CA1421 | | This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied | +CA1422 | | Validate platform compatibility | +CA1852 | | Seal internal types | +CA1853 | | Unnecessary call to 'Dictionary.ContainsKey(key)' | +CA1855 | | Prefer 'Clear' over 'Fill' | +CA2019 | | Improper 'ThreadStatic' field initialization | +CA2020 | | Prevent from behavioral change | +CA2259 | | 'ThreadStatic' only affects static fields | +CA2260 | | Use correct type parameter | diff --git a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Runtime/DisposeObjectsBeforeLosingScopeTests.cs b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Runtime/DisposeObjectsBeforeLosingScopeTests.cs index 181d2d9f6a..a10d6580fc 100644 --- a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Runtime/DisposeObjectsBeforeLosingScopeTests.cs +++ b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Runtime/DisposeObjectsBeforeLosingScopeTests.cs @@ -1467,7 +1467,7 @@ End Class [InlineData(DisposeAnalysisKind.NonExceptionPathsOnlyNotDisposed)] internal async Task DocsMicrosoft_SampleAsync(DisposeAnalysisKind disposeAnalysisKind) { - // See https://docs.microsoft.com/en-us/visualstudio/code-quality/ca2000 + // See https://learn.microsoft.com/en-us/visualstudio/code-quality/ca2000 var editorConfigFile = GetEditorConfigContent(disposeAnalysisKind); diff --git a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/DoNotUseDeprecatedSecurityProtocolsTests.cs b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/DoNotUseDeprecatedSecurityProtocolsTests.cs index 3f028ea1d8..241b5d73ee 100644 --- a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/DoNotUseDeprecatedSecurityProtocolsTests.cs +++ b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/DoNotUseDeprecatedSecurityProtocolsTests.cs @@ -99,7 +99,7 @@ public class TestClass public void TestMethod() { // Let the operating system decide what TLS protocol version to use. - // See https://docs.microsoft.com/dotnet/framework/network-programming/tls + // See https://learn.microsoft.com/dotnet/framework/network-programming/tls } }"); } @@ -114,7 +114,7 @@ Imports System.Net Public Class TestClass Public Sub ExampleMethod() ' Let the operating system decide what TLS protocol version to use. - ' See https://docs.microsoft.com/dotnet/framework/network-programming/tls + ' See https://learn.microsoft.com/dotnet/framework/network-programming/tls End Sub End Class "); diff --git a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/SslProtocolsAnalyzerTests.cs b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/SslProtocolsAnalyzerTests.cs index 481ae30e8a..ba61f3b5d7 100644 --- a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/SslProtocolsAnalyzerTests.cs +++ b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Security/SslProtocolsAnalyzerTests.cs @@ -99,7 +99,7 @@ public class TestClass public void Method() { // Let the operating system decide what TLS protocol version to use. - // See https://docs.microsoft.com/dotnet/framework/network-programming/tls + // See https://learn.microsoft.com/dotnet/framework/network-programming/tls SslProtocols sslProtocols = SslProtocols.None; } }"); @@ -115,7 +115,7 @@ Imports System.Security.Authentication Public Class TestClass Public Sub ExampleMethod() ' Let the operating system decide what TLS protocol version to use. - ' See https://docs.microsoft.com/dotnet/framework/network-programming/tls + ' See https://learn.microsoft.com/dotnet/framework/network-programming/tls Dim sslProtocols As SslProtocols = SslProtocols.None End Sub End Class diff --git a/src/NetAnalyzers/VisualBasic/AnalyzerReleases.Shipped.md b/src/NetAnalyzers/VisualBasic/AnalyzerReleases.Shipped.md index 5dafc4953a..8f43fdea89 100644 --- a/src/NetAnalyzers/VisualBasic/AnalyzerReleases.Shipped.md +++ b/src/NetAnalyzers/VisualBasic/AnalyzerReleases.Shipped.md @@ -4,5 +4,5 @@ Rule ID | Category | Severity | Notes --------|----------|----------|------- -CA2218 | Usage | Info | BasicOverrideGetHashCodeOnOverridingEqualsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2218) -CA2224 | Usage | Info | BasicOverrideEqualsOnOverloadingOperatorEqualsAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2224) +CA2218 | Usage | Info | BasicOverrideGetHashCodeOnOverridingEqualsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2218) +CA2224 | Usage | Info | BasicOverrideEqualsOnOverloadingOperatorEqualsAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2224) diff --git a/src/PublicApiAnalyzers/PublicApiAnalyzers.Help.md b/src/PublicApiAnalyzers/PublicApiAnalyzers.Help.md index 267b17021e..626dfba468 100644 --- a/src/PublicApiAnalyzers/PublicApiAnalyzers.Help.md +++ b/src/PublicApiAnalyzers/PublicApiAnalyzers.Help.md @@ -36,7 +36,7 @@ This can be done by: ## Nullable reference type support -To enable support for [nullable reference types](https://docs.microsoft.com/dotnet/csharp/nullable-references), make sure that you are using a Roslyn compiler version 3.5 (or newer) in your build process and then add the following at the top of each `PublicAPI.*.txt` file: +To enable support for [nullable reference types](https://learn.microsoft.com/dotnet/csharp/nullable-references), make sure that you are using a Roslyn compiler version 3.5 (or newer) in your build process and then add the following at the top of each `PublicAPI.*.txt` file: ```xml #nullable enable @@ -55,7 +55,7 @@ If you are in the process of annotating an existing project, we recommended to d Sometimes APIs vary by compilation symbol such as target framework. -For example when using the [`#if` preprocessor directive](https://docs.microsoft.com/en-us/dotnet/csharp/language-reference/preprocessor-directives/preprocessor-if): +For example when using the [`#if` preprocessor directive](https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/preprocessor-directives/preprocessor-if): ```c# public void Foo(string s) diff --git a/src/Text.Analyzers/Core/AnalyzerReleases.Unshipped.md b/src/Text.Analyzers/Core/AnalyzerReleases.Unshipped.md index 97bb6e71fa..5925857f73 100644 --- a/src/Text.Analyzers/Core/AnalyzerReleases.Unshipped.md +++ b/src/Text.Analyzers/Core/AnalyzerReleases.Unshipped.md @@ -4,6 +4,6 @@ Rule ID | Category | Severity | Notes --------|----------|----------|------- -CA1704 | Naming | Warning | IdentifiersShouldBeSpelledCorrectlyAnalyzer, [Documentation](https://docs.microsoft.com/visualstudio/code-quality/ca1704) -CA1714 | Naming | Disabled | EnumsShouldHavePluralNamesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714) -CA1717 | Naming | Disabled | EnumsShouldHavePluralNamesAnalyzer, [Documentation](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717) +CA1704 | Naming | Warning | IdentifiersShouldBeSpelledCorrectlyAnalyzer, [Documentation](https://learn.microsoft.com/visualstudio/code-quality/ca1704) +CA1714 | Naming | Disabled | EnumsShouldHavePluralNamesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714) +CA1717 | Naming | Disabled | EnumsShouldHavePluralNamesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717) diff --git a/src/Text.Analyzers/Core/CodeAnalysisDictionary.cs b/src/Text.Analyzers/Core/CodeAnalysisDictionary.cs index 923512ae58..a030ac4c2e 100644 --- a/src/Text.Analyzers/Core/CodeAnalysisDictionary.cs +++ b/src/Text.Analyzers/Core/CodeAnalysisDictionary.cs @@ -14,7 +14,7 @@ namespace Text.Analyzers /// XML or DIC code analysis dictionaries. /// /// - /// + /// /// internal sealed class CodeAnalysisDictionary { @@ -63,7 +63,7 @@ public static CodeAnalysisDictionary CreateFromXml(StreamReader streamReader) { var document = XDocument.Load(streamReader); // TODO: Include Deprecated/Compound terms as noted here: - // https://docs.microsoft.com/visualstudio/code-quality/how-to-customize-the-code-analysis-dictionary + // https://learn.microsoft.com/visualstudio/code-quality/how-to-customize-the-code-analysis-dictionary // Tracked by: // https://github.com/dotnet/roslyn-analyzers/issues/4693 return new CodeAnalysisDictionary( diff --git a/src/Text.Analyzers/RulesMissingDocumentation.md b/src/Text.Analyzers/RulesMissingDocumentation.md index 81be42a187..ef2efcc7ef 100644 --- a/src/Text.Analyzers/RulesMissingDocumentation.md +++ b/src/Text.Analyzers/RulesMissingDocumentation.md @@ -2,4 +2,4 @@ Rule ID | Missing Help Link | Title | --------|-------------------|-------| -CA1704 | | Identifiers should be spelled correctly | +CA1704 | | Identifiers should be spelled correctly | diff --git a/src/Text.Analyzers/Text.Analyzers.md b/src/Text.Analyzers/Text.Analyzers.md index 0dae295fc3..60554e56d4 100644 --- a/src/Text.Analyzers/Text.Analyzers.md +++ b/src/Text.Analyzers/Text.Analyzers.md @@ -1,6 +1,6 @@ # Text.Analyzers -## [CA1704](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1704): Identifiers should be spelled correctly +## [CA1704](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1704): Identifiers should be spelled correctly The name of an externally visible identifier contains one or more words that are not recognized by the Microsoft spelling checker library. @@ -12,7 +12,7 @@ The name of an externally visible identifier contains one or more words that are |CodeFix|False| --- -## [CA1714](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714): Flags enums should have plural names +## [CA1714](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714): Flags enums should have plural names A public enumeration has the System.FlagsAttribute attribute, and its name does not end in ""s"". Types that are marked by using FlagsAttribute have names that are plural because the attribute indicates that more than one value can be specified. @@ -24,7 +24,7 @@ A public enumeration has the System.FlagsAttribute attribute, and its name does |CodeFix|False| --- -## [CA1717](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717): Only FlagsAttribute enums should have plural names +## [CA1717](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717): Only FlagsAttribute enums should have plural names Naming conventions dictate that a plural name for an enumeration indicates that more than one value of the enumeration can be specified at the same time. diff --git a/src/Text.Analyzers/Text.Analyzers.sarif b/src/Text.Analyzers/Text.Analyzers.sarif index 88f26b6ed3..a40445f0ea 100644 --- a/src/Text.Analyzers/Text.Analyzers.sarif +++ b/src/Text.Analyzers/Text.Analyzers.sarif @@ -23,7 +23,7 @@ "shortDescription": "Identifiers should be spelled correctly", "fullDescription": "The name of an externally visible identifier contains one or more words that are not recognized by the Microsoft spelling checker library.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1704", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1704", "properties": { "category": "Naming", "isEnabledByDefault": true, @@ -44,7 +44,7 @@ "shortDescription": "Flags enums should have plural names", "fullDescription": "A public enumeration has the System.FlagsAttribute attribute, and its name does not end in \"\"s\"\". Types that are marked by using FlagsAttribute have names that are plural because the attribute indicates that more than one value can be specified.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1714", "properties": { "category": "Naming", "isEnabledByDefault": false, @@ -65,7 +65,7 @@ "shortDescription": "Only FlagsAttribute enums should have plural names", "fullDescription": "Naming conventions dictate that a plural name for an enumeration indicates that more than one value of the enumeration can be specified at the same time.", "defaultLevel": "warning", - "helpUri": "https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1717", "properties": { "category": "Naming", "isEnabledByDefault": false, diff --git a/src/Utilities/Compiler/CodeMetrics/CodeAnalysisMetricData.cs b/src/Utilities/Compiler/CodeMetrics/CodeAnalysisMetricData.cs index 5caaddf1a1..e6c2ca1592 100644 --- a/src/Utilities/Compiler/CodeMetrics/CodeAnalysisMetricData.cs +++ b/src/Utilities/Compiler/CodeMetrics/CodeAnalysisMetricData.cs @@ -18,7 +18,7 @@ namespace Microsoft.CodeAnalysis.CodeMetrics { /// /// Code analysis metrics data. - /// See https://docs.microsoft.com/visualstudio/code-quality/code-metrics-values for more details + /// See https://learn.microsoft.com/visualstudio/code-quality/code-metrics-values for more details /// public abstract partial class CodeAnalysisMetricData { diff --git a/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt b/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt index aa60f44137..cca82ee27c 100644 --- a/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt +++ b/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt @@ -2,7 +2,7 @@ # FORMAT: # 'Category': Comma separate list of 'StartId-EndId' or 'Id' or 'Prefix' -# Code Analysis (CA) rules - https://docs.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings +# Code Analysis (CA) rules - https://learn.microsoft.com/visualstudio/code-quality/code-analysis-for-managed-code-warnings # # The ranges below represent the **currently used IDs** for the corresponding category. # When implementing a new rule for the category: diff --git a/src/Utilities/Compiler/DiagnosticDescriptorHelper.cs b/src/Utilities/Compiler/DiagnosticDescriptorHelper.cs index a487699d2a..5525edc776 100644 --- a/src/Utilities/Compiler/DiagnosticDescriptorHelper.cs +++ b/src/Utilities/Compiler/DiagnosticDescriptorHelper.cs @@ -33,7 +33,7 @@ public static DiagnosticDescriptor Create( var (defaultSeverity, enabledByDefault) = GetDefaultSeverityAndEnabledByDefault(ruleLevel); #pragma warning disable CA1308 // Normalize strings to uppercase - use lower case ID in help link - var helpLink = $"https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/{id.ToLowerInvariant()}"; + var helpLink = $"https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/{id.ToLowerInvariant()}"; #pragma warning restore CA1308 // Normalize strings to uppercase var customTags = GetDefaultCustomTags(isPortedFxCopRule, isDataflowRule, isEnabledByDefaultInAggressiveMode); diff --git a/src/Utilities/Compiler/Options/EditorConfigOptionNames.cs b/src/Utilities/Compiler/Options/EditorConfigOptionNames.cs index 7399539350..2943e6f946 100644 --- a/src/Utilities/Compiler/Options/EditorConfigOptionNames.cs +++ b/src/Utilities/Compiler/Options/EditorConfigOptionNames.cs @@ -29,7 +29,7 @@ internal static partial class EditorConfigOptionNames public const string ExcludeAsyncVoidMethods = "exclude_async_void_methods"; /// - /// Boolean option to enable platform compatibility analyzer for TFMs with lower version than net5.0 (https://docs.microsoft.com/visualstudio/code-quality/ca1416). + /// Boolean option to enable platform compatibility analyzer for TFMs with lower version than net5.0 (https://learn.microsoft.com/visualstudio/code-quality/ca1416). /// public const string EnablePlatformAnalyzerOnPreNet5Target = "enable_platform_analyzer_on_pre_net5_target"; @@ -40,7 +40,7 @@ internal static partial class EditorConfigOptionNames public const string OutputKind = "output_kind"; /// - /// Boolean option to configure if single letter type parameter names are not flagged for CA1715 (https://docs.microsoft.com/visualstudio/code-quality/ca1715). + /// Boolean option to configure if single letter type parameter names are not flagged for CA1715 (https://learn.microsoft.com/visualstudio/code-quality/ca1715). /// public const string ExcludeSingleLetterTypeParameters = "exclude_single_letter_type_parameters"; @@ -55,7 +55,7 @@ internal static partial class EditorConfigOptionNames public const string ExcludeExtensionMethodThisParameter = "exclude_extension_method_this_parameter"; /// - /// String option to configure names of null check validation methods (separated by '|') that validate arguments passed to the method are non-null for CA1062 (https://docs.microsoft.com/visualstudio/code-quality/ca1062). + /// String option to configure names of null check validation methods (separated by '|') that validate arguments passed to the method are non-null for CA1062 (https://learn.microsoft.com/visualstudio/code-quality/ca1062). /// Allowed method name formats: /// 1. Method name only (includes all methods with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format @@ -64,7 +64,7 @@ internal static partial class EditorConfigOptionNames public const string NullCheckValidationMethods = "null_check_validation_methods"; /// - /// String option to configure names of additional string formatting methods (separated by '|') for CA2241 (https://docs.microsoft.com/visualstudio/code-quality/ca2241). + /// String option to configure names of additional string formatting methods (separated by '|') for CA2241 (https://learn.microsoft.com/visualstudio/code-quality/ca2241). /// Allowed method name formats: /// 1. Method name only (includes all methods with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format @@ -73,7 +73,7 @@ internal static partial class EditorConfigOptionNames public const string AdditionalStringFormattingMethods = "additional_string_formatting_methods"; /// - /// Boolean option to enable heuristically detecting of additional string formatting methods for CA2241 (https://docs.microsoft.com/visualstudio/code-quality/ca2241). + /// Boolean option to enable heuristically detecting of additional string formatting methods for CA2241 (https://learn.microsoft.com/visualstudio/code-quality/ca2241). /// A method is considered a string formatting method if it has a ' format' parameter followed by a []' parameter. /// The default value of this is false. /// @@ -81,7 +81,7 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure names of symbols (separated by '|') that are excluded for analysis. - /// Configurable rules: CA1303 (https://docs.microsoft.com/visualstudio/code-quality/ca1303). + /// Configurable rules: CA1303 (https://learn.microsoft.com/visualstudio/code-quality/ca1303). /// Allowed method name formats: /// 1. Symbol name only (includes all symbols with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format. @@ -92,7 +92,7 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure names of types (separated by '|'), so that the type and all its derived types are excluded for analysis. - /// Configurable rules: CA1303 (https://docs.microsoft.com/visualstudio/code-quality/ca1303). + /// Configurable rules: CA1303 (https://learn.microsoft.com/visualstudio/code-quality/ca1303). /// Allowed method name formats: /// 1. Type name only (includes all types with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format @@ -102,7 +102,7 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure names of symbols (separated by '|') that are disallowed in analysis. - /// Configurable rules: CA1031 (https://docs.microsoft.com/visualstudio/code-quality/ca1031). + /// Configurable rules: CA1031 (https://learn.microsoft.com/visualstudio/code-quality/ca1031). /// Allowed method name formats: /// 1. Symbol name only (includes all symbols with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format. @@ -124,7 +124,7 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure how many enum values should be prefixed by the enum type name to trigger the rule. - /// Configurable rules: CA1712 (https://docs.microsoft.com/en-us/visualstudio/code-quality/ca1712) + /// Configurable rules: CA1712 (https://learn.microsoft.com/en-us/visualstudio/code-quality/ca1712) /// Allowed method name formats: /// 1. Any of the enum values starts with the enum type name /// 2. All of the enum values starts with the enum type name @@ -134,7 +134,7 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure names of types (separated by '|'), with their suffixes (separated by '->'). - /// Configurable rules: CA1710 (https://docs.microsoft.com/visualstudio/code-quality/ca1710). + /// Configurable rules: CA1710 (https://learn.microsoft.com/visualstudio/code-quality/ca1710). /// Allowed type name formats: /// 1. Type name only (includes all types with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format @@ -149,7 +149,7 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure names of interfaces (separated by '|'), with their required generic interfaces (separated by '->'). - /// Configurable rules: CA1010 (https://docs.microsoft.com/visualstudio/code-quality/ca1010) + /// Configurable rules: CA1010 (https://learn.microsoft.com/visualstudio/code-quality/ca1010) /// Allowed interface formats: /// 1. Interface name only(includes all interfaces with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format with an optional "T:" prefix. @@ -158,7 +158,7 @@ internal static partial class EditorConfigOptionNames /// /// Names of types or namespaces (separated by '|'), such that the type or type's namespace doesn't count in the inheritance hierarchy tree. - /// Configurable rules: CA1501 (https://docs.microsoft.com/en-us/visualstudio/code-quality/ca1501) + /// Configurable rules: CA1501 (https://learn.microsoft.com/en-us/visualstudio/code-quality/ca1501) /// Allowed name formats: /// 1. Type or namespace name (includes all types with the name, regardless of the containing type or namespace and all types whose namespace contains the name) /// 2. Type or namespace name ending with a wildcard symbol (includes all types whose name starts with the given name, regardless of the containing type or namespace @@ -175,12 +175,12 @@ internal static partial class EditorConfigOptionNames public const string AnalyzedSymbolKinds = "analyzed_symbol_kinds"; /// - /// Boolean option to configure if the naming heuristic should be used for CA1303 (https://docs.microsoft.com/en-us/visualstudio/code-quality/ca1303). + /// Boolean option to configure if the naming heuristic should be used for CA1303 (https://learn.microsoft.com/en-us/visualstudio/code-quality/ca1303). /// public const string UseNamingHeuristic = "use_naming_heuristic"; /// - /// String option to configure names of additional methods (separated by '|') for CA1806 (https://docs.microsoft.com/visualstudio/code-quality/ca1806). + /// String option to configure names of additional methods (separated by '|') for CA1806 (https://learn.microsoft.com/visualstudio/code-quality/ca1806). /// Allowed method name formats: /// 1. Method name only (includes all methods with the name, regardless of the containing type or namespace) /// 2. Fully qualified names in the symbol's documentation ID format: https://github.com/dotnet/csharplang/blob/main/spec/documentation-comments.md#id-string-format @@ -190,7 +190,7 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure allowed suffixed (separated by '|'). - /// Configurable rule: CA1711 (https://docs.microsoft.com/visualstudio/code-quality/ca1711). + /// Configurable rule: CA1711 (https://learn.microsoft.com/visualstudio/code-quality/ca1711). /// public const string AllowedSuffixes = "allowed_suffixes"; @@ -208,20 +208,20 @@ internal static partial class EditorConfigOptionNames /// /// String option to configure names of method symbols (separated by '|') that marks all of the parameters with IEnumerable type /// would be enumerated. - /// Configurable rule: CA1851 (https://docs.microsoft.com/visualstudio/code-quality/ca1851). + /// Configurable rule: CA1851 (https://learn.microsoft.com/visualstudio/code-quality/ca1851). /// public const string EnumerationMethods = "enumeration_methods"; /// /// String option to configure names of method symbols (separated by '|') that accepting parameter with IEnumerable type and return a new IEnumerable type, like 'Select' and 'Where'. - /// Configurable rule: CA1851 (https://docs.microsoft.com/visualstudio/code-quality/ca1851). + /// Configurable rule: CA1851 (https://learn.microsoft.com/visualstudio/code-quality/ca1851). /// public const string LinqChainMethods = "linq_chain_methods"; /// /// Boolean option to configure the assumption that IEnumerable type parameters would be enumerated by method invocation or not. /// It does not affect linq_chain_methods. - /// Configurable rule: CA1851 (https://docs.microsoft.com/visualstudio/code-quality/ca1851). + /// Configurable rule: CA1851 (https://learn.microsoft.com/visualstudio/code-quality/ca1851). /// public const string AssumeMethodEnumeratesParameters = "assume_method_enumerates_parameters"; diff --git a/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/DisposeAnalysis/DisposeAnalysis.DisposeDataFlowOperationVisitor.cs b/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/DisposeAnalysis/DisposeAnalysis.DisposeDataFlowOperationVisitor.cs index 8b5a91099e..3ac48ff7ce 100644 --- a/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/DisposeAnalysis/DisposeAnalysis.DisposeDataFlowOperationVisitor.cs +++ b/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/DisposeAnalysis/DisposeAnalysis.DisposeDataFlowOperationVisitor.cs @@ -97,7 +97,7 @@ protected override DisposeAbstractValue HandleInstanceCreation(IOperation creati return defaultValue; } - // StringReader doesn't need to be disposed: https://docs.microsoft.com/en-us/dotnet/api/system.io.stringreader?view=netframework-4.8 + // StringReader doesn't need to be disposed: https://learn.microsoft.com/en-us/dotnet/api/system.io.stringreader?view=netframework-4.8 if (StringReaderType != null && instanceType.Equals(StringReaderType)) {