From e93ee459eff323e735a44e8ebfa09396e8fa4df3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbyn=C4=9Bk=20Sailer=20=28Moravia=20IT=29?= Date: Fri, 30 Aug 2019 11:46:49 +0200 Subject: [PATCH] LOC CHECKIN | dotnet/roslyn-analyzers 3.x | 20190830 --- ...alysisVersionCheckAnalyzerResources.ja.xlf | 2 +- ...alysisVersionCheckAnalyzerResources.pl.xlf | 2 +- ...alysisVersionCheckAnalyzerResources.ru.xlf | 4 +- ...alysisVersionCheckAnalyzerResources.tr.xlf | 2 +- ...rosoftCodeQualityAnalyzersResources.cs.xlf | 2 +- ...rosoftCodeQualityAnalyzersResources.de.xlf | 2 +- ...rosoftCodeQualityAnalyzersResources.es.xlf | 4 +- ...rosoftCodeQualityAnalyzersResources.fr.xlf | 4 +- ...rosoftCodeQualityAnalyzersResources.it.xlf | 4 +- ...rosoftCodeQualityAnalyzersResources.ja.xlf | 2 +- ...rosoftCodeQualityAnalyzersResources.ko.xlf | 2 +- ...rosoftCodeQualityAnalyzersResources.pl.xlf | 2 +- ...oftCodeQualityAnalyzersResources.pt-BR.xlf | 2 +- ...rosoftCodeQualityAnalyzersResources.ru.xlf | 2 +- ...rosoftCodeQualityAnalyzersResources.tr.xlf | 2 +- ...tCodeQualityAnalyzersResources.zh-Hans.xlf | 2 +- ...tCodeQualityAnalyzersResources.zh-Hant.xlf | 2 +- .../MicrosoftNetCoreAnalyzersResources.cs.xlf | 102 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.de.xlf | 100 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.es.xlf | 104 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.fr.xlf | 102 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.it.xlf | 102 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.ja.xlf | 102 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.ko.xlf | 100 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.pl.xlf | 102 ++++++++-------- ...crosoftNetCoreAnalyzersResources.pt-BR.xlf | 104 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.ru.xlf | 100 ++++++++-------- .../MicrosoftNetCoreAnalyzersResources.tr.xlf | 106 ++++++++--------- ...osoftNetCoreAnalyzersResources.zh-Hans.xlf | 102 ++++++++-------- ...osoftNetCoreAnalyzersResources.zh-Hant.xlf | 112 +++++++++--------- ...osoftNetFrameworkAnalyzersResources.pl.xlf | 2 +- .../xlf/PublicApiAnalyzerResources.cs.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.de.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.es.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.fr.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.it.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.ja.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.ko.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.pl.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.pt-BR.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.ru.xlf | 4 +- .../xlf/PublicApiAnalyzerResources.tr.xlf | 4 +- .../PublicApiAnalyzerResources.zh-Hans.xlf | 6 +- .../PublicApiAnalyzerResources.zh-Hant.xlf | 4 +- 44 files changed, 718 insertions(+), 718 deletions(-) diff --git a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ja.xlf b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ja.xlf index b38c9c254b..7aa782bfa5 100644 --- a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ja.xlf +++ b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ja.xlf @@ -4,7 +4,7 @@ Analyzers in this package require a certain minimum version of Microsoft.CodeAnalysis to execute correctly. Refer to https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions to install the correct analyzer version. - このパッケージのアナライザーを正しく実行するには、特定のバージョン以上の Microsoft.CodeAnalysis が必要です。正しいアナライザー バージョンをインストールするには、https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions を参照してください。 + このパッケージのアナライザーを正しく実行するには、特定のバージョン以上の Microsoft.CodeAnalysis が必要です。正しいアナライザー バージョンをインストールするには、https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versionsを参照してください。 diff --git a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.pl.xlf b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.pl.xlf index f968d09030..34544ffca9 100644 --- a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.pl.xlf +++ b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.pl.xlf @@ -9,7 +9,7 @@ Version mismatch between the analyzer package '{0}' and Microsoft.CodeAnalysis '{1}'. Certain analyzers in this package will not run until the version mismatch is fixed. Refer to https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions to install the correct analyzer version. - Niezgodność wersji między pakietem analizatorów \x201e{0} i metodą Microsoft.CodeAnalysis \x201e{1}”. Niektóre analizatory w tym pakiecie nie uruchomią się, dopóki niezgodność wersji nie zostanie naprawiona. Skorzystaj ze strony https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions, aby zainstalować prawidłową wersję analizatora. + Niezgodność wersji między pakietem analizatorów „{0} i metodą Microsoft.CodeAnalysis „{1}”. Niektóre analizatory w tym pakiecie nie uruchomią się, dopóki niezgodność wersji nie zostanie naprawiona. Skorzystaj ze strony https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions, aby zainstalować prawidłową wersję analizatora. diff --git a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ru.xlf b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ru.xlf index b363f61792..5e5d533af9 100644 --- a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ru.xlf +++ b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.ru.xlf @@ -4,12 +4,12 @@ Analyzers in this package require a certain minimum version of Microsoft.CodeAnalysis to execute correctly. Refer to https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions to install the correct analyzer version. - Для правильной работы анализаторам в этом пакете требуется определенная минимальная версия Microsoft.CodeAnalysis. Сведения об установке подходящей версии анализатора см. на странице https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions + Для правильной работы анализаторам в этом пакете требуется определенная минимальная версия Microsoft.CodeAnalysis. Сведения об установке подходящей версии анализатора см. на странице https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions. Version mismatch between the analyzer package '{0}' and Microsoft.CodeAnalysis '{1}'. Certain analyzers in this package will not run until the version mismatch is fixed. Refer to https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions to install the correct analyzer version. - Несоответствие версий между пакетом анализатора "{0}" и Microsoft.CodeAnalysis "{1}". Отдельные анализаторы в этом пакете не будут работать до устранения этого несоответствия. Сведения об установке подходящей версии анализатора см. на странице https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions + Несоответствие версий между пакетом анализатора "{0}" и Microsoft.CodeAnalysis "{1}". Отдельные анализаторы в этом пакете не будут работать до устранения этого несоответствия. Сведения об установке подходящей версии анализатора см. на странице https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions. diff --git a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.tr.xlf b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.tr.xlf index b72f150b4d..76d2cfaac5 100644 --- a/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.tr.xlf +++ b/src/Microsoft.CodeAnalysis.VersionCheckAnalyzer/xlf/MicrosoftCodeAnalysisVersionCheckAnalyzerResources.tr.xlf @@ -4,7 +4,7 @@ Analyzers in this package require a certain minimum version of Microsoft.CodeAnalysis to execute correctly. Refer to https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions to install the correct analyzer version. - Bu paketteki çözümleyicilerin düzgün yürütme yapabilmesi için Microsoft.CodeAnalysis'in belirli bir en düşük sürümü gerekir. Doğru çözümleyici sürümünü yüklemek için https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versionsadresine başvurun. + Bu paketteki çözümleyicilerin düzgün yürütme yapabilmesi için Microsoft.CodeAnalysis'in belirli bir en düşük sürümü gerekir. Doğru çözümleyici sürümünü yüklemek için https://docs.microsoft.com/visualstudio/code-quality/install-fxcop-analyzers#fxcopanalyzers-package-versions adresine başvurun. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.cs.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.cs.xlf index 678c1e84bf..429a2e0ffc 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.cs.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.cs.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Podpis metody obsahuje parametr, který se nepoužívá v těle metody. + Vyhněte se v kódu nepoužitým parametrům. Pokud parametr nelze odebrat, změňte jeho název tak, aby začínal podtržítkem, za kterým volitelně následuje celé číslo, například _, _1, _2 atd. Tyto řetězce se považují za názvy speciálních symbolů pro vyřazení. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.de.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.de.xlf index 4e54818d8f..eee1e1abab 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.de.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.de.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Eine Methodensignatur enthält einen Parameter, der im Methodentext nicht verwendet wird. + Vermeiden Sie nicht verwendete Parameter in Ihrem Code. Wenn der Parameter nicht entfernt werden kann, ändern Sie dessen Namen so, dass er mit einem Unterstrich beginnt, dem optional eine Zahl angefügt wird. Beispiel: "_", "_1", "_2" usw. Diese werden als spezielle Symbolnamen für Ausschussparameter behandelt. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.es.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.es.xlf index e8a179017a..166e4cb384 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.es.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.es.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Una signatura de método incluye un parámetro que no se usa en el cuerpo del método. + Evite los parámetros sin usar en el código. Si el parámetro no se puede quitar, cámbielo de nombre para que empiece por un carácter de subrayado, seguido opcionalmente por un entero, como "_", "_1", "_2", etc. Estos se tratan como nombres de símbolos de descarte especiales. @@ -1804,7 +1804,7 @@ The property {0} should not be assigned to itself. - La propiedad {0} no debe asignarse a sí misma. + La propiedad {0} no debe asignarse a sí misma. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.fr.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.fr.xlf index c6fbc12d4b..dbf3088ede 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.fr.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.fr.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Une signature de méthode inclut un paramètre qui n'est pas utilisé dans le corps de la méthode. + Évitez les paramètres inutilisés dans votre code. Évitez les paramètres inutilisés dans votre code. Si vous ne pouvez pas supprimer un paramètre, changez son nom en le faisant commencer par un trait de soulignement éventuellement suivi d'un entier, par exemple '_', '_1', '_2', etc. Ces types d'élément sont traités en tant que noms de symboles discard spéciaux. @@ -1804,7 +1804,7 @@ The property {0} should not be assigned to itself. - La propriété {0} ne doit pas être assignée à elle-même. + La propriété {0} ne doit pas être assignée à elle-même. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.it.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.it.xlf index 126468ddf2..baf56acf31 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.it.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.it.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Una firma di metodo include un parametro non usato nel corpo del metodo. + Evitare parametri inutilizzati nel codice. Se non è possibile rimuovere il parametro, modificarne il nome in modo che inizi con un carattere di sottolineatura e, facoltativamente, sia seguito da un numero intero, seguito da un numero intero, ad esempio '_', '_1', '_1', '_2' e così via. Questi vengono considerati come nomi di simboli speciali di rimozione. @@ -1809,7 +1809,7 @@ Do not assign a property to itself. - Non assegnare una proprietà a se stessa. + Non assegnare una proprietà a se stessa. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ja.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ja.xlf index d6a413b0c3..6d732b023c 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ja.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ja.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - メソッドのシグネチャに、メソッドの本体で使用されていないパラメーターが含まれています。 + コード内に使用されないパラメーターを指定しないでください。パラメーターを削除できない場合は、パラメーターの名前をアンダースコアの後にオプションで整数が続く名前 ('_'、'_1'、'_2' など) に変更してください。これらは、特別なディスカード シンボル名として扱われます。 diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ko.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ko.xlf index 2d9f33f0ba..6479de034d 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ko.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ko.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - 메서드 시그니처가 메서드 본문에서 사용하지 않는 매개 변수를 포함합니다. + 코드에 사용되지 않는 매개 변수를 사용하지 않도록 합니다. 매개 변수를 제거할 수 없는 경우 이름을 변경하여 밑줄로 시작하고 필요에 따라 뒤에 정수가 있도록 합니다(예: '_', '_1', '_2' 등). 해당 이름은 특수 무시 기호 이름으로 처리됩니다. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pl.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pl.xlf index 3ed0f59895..aef0bba149 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pl.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pl.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Sygnatura metody zawiera parametr, który nie jest używany w treści metody. + Unikaj nieużywanych parametrów w kodzie. Jeśli nie można usunąć parametru, zmień jego nazwę, tak aby rozpoczynała się od znaku podkreślenia, a opcjonalnie następowała po niej liczba całkowita, taka jak „_”, „_1”, „_2” itp. Są one traktowane jako specjalne nazwy symboli odrzucenia. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pt-BR.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pt-BR.xlf index 1058e028d2..ea6ab6a1ce 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pt-BR.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.pt-BR.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Uma assinatura de método inclui um parâmetro não usado no corpo do método. + Evite parâmetros não usados no código. Se o parâmetro não puder ser removido, altere seu nome para que ele comece com um sublinhado e seja seguido opcionalmente por um inteiro, como '_', '_1', '_2' etc. Esses nomes são tratados como nomes de símbolo de descarte especiais. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ru.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ru.xlf index b98cb6e91c..7a18bac8fb 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ru.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.ru.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Сигнатура метода содержит параметр, который не используется в теле метода. + Избегайте неиспользуемых параметров в коде. Если параметр не может быть удален, измените его имя так, чтобы оно начиналось с символа подчеркивания, за которым при необходимости следует целое число, например, "_", "_1", "_2" и т. д. Эти имена рассматриваются как специальные имена для освобождаемых параметров. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.tr.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.tr.xlf index ad8c04c195..7b0d6f4647 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.tr.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.tr.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - Yöntem imzası yöntem gövdesinde kullanılmayan bir parametre içeriyor. + Kodunuzda, kullanılmayan parametrelerden kaçının. Parametre kaldırılamıyorsa adını, bir alt çizgiyle başlayan ve isteğe bağlı olarak ardından tamsayı gelen ('_', '_1', '_2' gibi) bir değerle değiştirin. Bu değerler özel atılabilir değişken sembolü olarak işlenir. diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hans.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hans.xlf index 572803d20c..bedc87ede3 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hans.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hans.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - 方法签名包括一个未在方法体中使用的参数。 + 请避免在代码中使用未使用的参数。如果无法删除该参数,请更改其名称,使其以下划线开头,也可在下划线后面跟一个整数(如 "_"、"_1"、"_2" 等)。这些被视为特殊丢弃符号名。 diff --git a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hant.xlf b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hant.xlf index 7442f2e73d..e4f37856e6 100644 --- a/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hant.xlf +++ b/src/Microsoft.CodeQuality.Analyzers/Core/xlf/MicrosoftCodeQualityAnalyzersResources.zh-Hant.xlf @@ -1709,7 +1709,7 @@ Avoid unused paramereters in your code. If the parameter cannot be removed, then change its name so it starts with an underscore and is optionally followed by an integer, such as '_', '_1', '_2', etc. These are treated as special discard symbol names. - 方法簽章包括並未用於方法主體中的參數。 + 請避免在您的程式碼中使用參數。如果無法移除參數,請變更其名稱,使其以底線開頭,並可選擇在後面接著整數,例如 '_'、'_1'、'_2' 等。這些會視為特殊的捨棄符號名稱。 diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf index 7b4fa3326f..ca12a57392 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Starší verze protokolu zabezpečení TLS (Transport Layer Security) jsou méně bezpečné než TLS 1.2 a TLS 1.3 a mají větší pravděpodobnost výskytu nových ohrožení zabezpečení. Nepoužívejte starší verze protokolu, aby se riziko minimalizovalo. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + Verze protokolu TLS (Transport Layer Security) {0} je zastaralá. Pokud chcete, aby operační systém mohl zvolit verzi, použijte možnost None. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + Nepoužívat zastaralé hodnoty SslProtocols @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Nepoužívat nezabezpečenou náhodnost {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} je nezabezpečený generátor náhodných čísel. Pokud se pro zabezpečení vyžaduje náhodnost, používejte kryptograficky zabezpečené generátory náhodných čísel. Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + Použití generátoru kryptograficky slabých pseudonáhodných čísel může útočníkovi umožnit předpovědět, jaká hodnota citlivá z hlediska bezpečnosti bude vygenerována. Použijte generátor kryptograficky silných náhodných čísel, pokud se vyžaduje nepředvídatelná hodnota, nebo zajistěte, aby se slabá pseudonáhodná čísla nepoužívala způsobem citlivým z hlediska bezpečnosti. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Nepoužívat nebezpečnou hodnotu DllImportSearchPath There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + Ve výchozích adresářích pro vyhledávání DLL se může nacházet škodlivá knihovna DLL. Anebo v závislosti na tom, odkud se aplikace spouští, se může škodlivá knihovna DLL nacházet v adresáři aplikace. Použijte hodnotu DllImportSearchPath, která místo toho určuje explicitní vyhledávací cestu. Příznaky DllImportSearchPath, které toto pravidlo hledá, se dají nakonfigurovat v .editorconfig. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Použití nebezpečné hodnoty DllImportSearchPath {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Po zjištění ohrožení zabezpečení můžou aktuální verze protokolu TLS (Transport Layer Security) zastarat. Aby aplikace zůstala zabezpečená, nepoužívejte pevně zakódované hodnoty SslProtocols. Pokud chcete, aby operační systém mohl zvolit verzi, použijte možnost None. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Abyste zajistili, že aplikace zůstane v budoucnu zabezpečená, nepoužívejte pevně zakódované hodnoty SslProtocols {0}. Pokud chcete, aby operační systém mohl zvolit verzi, použijte možnost None. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Nepoužívat pevně zakódované hodnoty SslProtocols When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud k deserializaci používáte JsonSerializer, použijte TypeNameHandling.None, nebo pro hodnoty jiné než None omezte deserializované typy pomocí SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + Nepoužívat při deserializaci JsonSerializer s nezabezpečenou konfigurací When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud k deserializaci používáte JsonSerializer, použijte TypeNameHandling.None, nebo pro hodnoty jiné než None omezte deserializované typy pomocí SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Zajistit, aby měl JsonSerializer při deserializaci zabezpečenou konfiguraci + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Chybějící atribut HttpVerb pro metody akce All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Všechny metody, které vytvářejí, upravují, odstraňují nebo jinak modifikují data, tak činí při přetížení metody [HttpPost], což vyžaduje ochranu pomocí atributu proti padělkům v požadavku. Provedení operace GET by mělo představovat bezpečnou operaci, která nemá žádné vedlejší účinky a neupravuje trvalá data. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + Metoda akce {0} musí explicitně určit druh požadavku HTTP. @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + Nastavit HttpOnly na hodnotu true pro HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + Jako opatření důkladné ochrany zajistěte, aby soubory cookie protokolu HTTP, které jsou citlivé na zabezpečení, byly označeny jako HttpOnly. Tím se indikuje, že webové prohlížeče by neměly povolovat přístup skriptů k těmto souborům cookie. Vložené škodlivé skripty představují běžný způsob krádeže souborů cookie. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + Při použití HttpCookie je HttpCookie.HttpOnly nastaveno na hodnotu false nebo není vůbec nastaveno. Zajistěte, aby soubory cookie, které jsou citlivé na zabezpečení, byly označeny jako HttpOnly. Zabráníte tak v krádeži těchto souborů cookie škodlivými skripty. @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Používat tokeny proti padělkům v kontrolerech MVC ASP.NET Core Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + Zpracování požadavku POST, PUT, PATCH nebo DELETE bez ověřování tokenu proti padělkům může představovat ohrožení zabezpečení vůči útokům CSRF. Útok CSRF může odesílat na váš kontroler MVC ASP.NET Core škodlivé požadavky od ověřeného uživatele. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + Metoda {0} zpracovává požadavek {1} bez ověřování tokenu proti padělkům. Je potřeba také zajistit, aby váš formulář HTML odesílal tokeny proti padělkům. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + Používat při voláních nespravovaného kódu atribut DefaultDllImportSearchPaths By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + Ve výchozím nastavení se při voláních nespravovaného kódu s atributem DllImportAttribute prohledává několik adresářů včetně aktuálního pracovního adresáře pro načtení knihovny. U určitých aplikací to představuje problém zabezpečení, který může vést k napadení DLL. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + Metoda {0} nepoužila při voláních nespravovaného kódu atribut DefaultDllImportSearchPaths. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda {0} není bezpečná při deserializaci nedůvěryhodných dat přes JavaScriptSerializer inicializovaný s nástrojem SimpleTypeResolver. Zajistěte, aby byl JavaScriptSerializer inicializovaný bez zadání nástroje JavaScriptTypeResolver nebo aby byl inicializovaný s nástrojem JavaScriptTypeResolver, který omezuje typy objektů v grafu deserializovaných objektů. + Metoda {0} není bezpečná při deserializaci nedůvěryhodných dat přes JavaScriptSerializer inicializovaný s nástrojem SimpleTypeResolver. Zajistěte, aby byl JavaScriptSerializer inicializovaný bez zadání nástroje JavaScriptTypeResolver nebo aby byl inicializovaný s nástrojem JavaScriptTypeResolver, který omezuje typy objektů v grafu deserializovaných objektů. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda {0} není bezpečná při deserializaci nedůvěryhodných dat přes JavaScriptSerializer inicializovaný s nástrojem SimpleTypeResolver. Inicializujte JavaScriptSerializer bez zadání nástroje JavaScriptTypeResolver nebo ho inicializujte s nástrojem JavaScriptTypeResolver, který omezuje typy objektů v grafu deserializovaných objektů. + Metoda {0} není bezpečná při deserializaci nedůvěryhodných dat přes JavaScriptSerializer inicializovaný s nástrojem SimpleTypeResolver. Inicializujte JavaScriptSerializer bez zadání nástroje JavaScriptTypeResolver nebo ho inicializujte s nástrojem JavaScriptTypeResolver, který omezuje typy objektů v grafu deserializovaných objektů. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud používáte JsonSerializerSettings, použijte TypeNameHandling.None, nebo pro hodnoty jiné než None omezte deserializované typy pomocí SerializationBinder. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + Nepoužívat nezabezpečená nastavení JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud používáte JsonSerializerSettings, ujistěte se, že je zadaná možnost TypeNameHandling.None, nebo pro hodnoty jiné než None se ujistěte, že se zadala možnost SerializationBinder, aby se omezily deserializované typy. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Ujistěte se, že nastavení JsonSerializerSettings jsou zabezpečená Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + Deserializace JSON při použití hodnoty TypeNameHandling jiné než None nemůže být nebezpečné. Pokud místo toho potřebujete zjistit deserializaci Json.NET, když není zadané SerializationBinder, zakažte pravidlo CA2326 a povolte pravidla CA2327, CA2328, CA2329 a CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + Deserializace JSON při použití hodnoty TypeNameHandling jiné než None nemůže být nebezpečné. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + Nepoužívat jiné hodnoty TypeNameHandling než None @@ -1319,7 +1319,7 @@ When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Při extrahování souborů z archivu a použití cesty k položce archivu zkontrolujte, jestli je cesta bezpečná. Cesta k archivu může být relativní a může umožnit přístup k systému souborů mimo očekávanou cílovou cestu k systému souborů, což může vést ke škodlivým změnám konfigurace a spouštění vzdáleného kódu prostřednictvím metody nastražení a čekání. + Při extrahování souborů z archivu a použití cesty k položce archivu zkontrolujte, jestli je cesta bezpečná. Cesta k archivu může být relativní a může umožnit přístup k systému souborů mimo očekávanou cílovou cestu k systému souborů, což může vést ke škodlivým změnám konfigurace a vzdálenému spuštění kódu prostřednictvím metody nastražení a čekání. @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Nepoužívat pevně zakódovaný šifrovací klíč SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + Vlastnost .Key objektu SymmetricAlgorithm ani parametr rgbKey metody by nikdy neměly mít pevně zakódované hodnoty. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + Našlo se potenciální ohrožení zabezpečení, kde {0} v metodě {1} je možné poškodit pevně zakódovaným klíčem z {2} v metodě {3}. diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf index cd316854a8..178c3aa0c1 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Ältere Protokollversionen von Transport Layer Security (TLS) sind weniger sicher als TLS 1.2 und TLS 1.3 und weisen eine höhere Wahrscheinlichkeit für neue Sicherheitsrisiken auf. Vermeiden Sie ältere Protokollversionen, um das Risiko zu minimieren. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + Die Transport Layer Security-Protokollversion {0} ist veraltet. Verwenden Sie "None", um dem Betriebssystem die Auswahl einer Version zu ermöglichen. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + Keine veralteten SslProtocols-Werte verwenden @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Keine unsichere Zufälligkeitsstufe verwenden {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} ist ein unsicherer Zufallszahlen-Generator. Verwenden Sie kryptografisch sichere Zufallszahlen-Generatoren, wenn Zufälligkeit für die Sicherheit erforderlich ist. Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + Bei Verwendung eines kryptografisch schwachen Pseudozufallszahlen-Generators kann ein Angreifer möglicherweise vorhersagen, welcher sicherheitsrelevante Wert generiert wird. Verwenden Sie einen kryptografisch starken Zufallszahlen-Generator, wenn ein nicht vorhersehbarer Wert erforderlich ist, oder stellen Sie sicher, dass schwache Pseudozufallszahlen nicht auf sicherheitsrelevante Weise verwendet werden. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Keinen unsicheren DllImportSearchPath-Wert verwenden There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + Die Standard-DLL-Suchverzeichnisse enthalten möglicherweise eine schädliche DLL. Je nachdem, von wo aus Ihre Anwendung ausgeführt wird, befindet sich möglicherweise auch eine schädliche DLL im Anwendungsverzeichnis. Verwenden Sie einen DllImportSearchPath-Wert, der stattdessen einen expliziten Suchpfad angibt. Die DllImportSearchPath-Flags, nach denen diese Regel sucht, können in .editorconfig konfiguriert werden. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Verwendung eines unsicheren DllImportSearchPath-Werts "{0}" Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Aktuelle Transport Layer Security-Protokollversionen werden möglicherweise als veraltet markiert, wenn Sicherheitsrisiken gefunden werden. Vermeiden Sie das Hartcodieren von SslProtocols-Werten, um Ihre Anwendung zu schützen. Verwenden Sie "None", um dem Betriebssystem die Auswahl einer Version zu ermöglichen. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Vermeiden Sie die Hartcodierung von SslProtocols "{0}", um sicherzustellen, dass Ihre Anwendung in Zukunft sicher bleibt. Verwenden Sie "None", um dem Betriebssystem die Auswahl einer Version zu ermöglichen. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Hartcodierte SslProtocols-Werte vermeiden When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializer zum Deserialisieren "TypeNameHandling.None" an, oder schränken Sie deserialisierte Typen für andere Werte als "None" mit einem SerializationBinder ein. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + JsonSerializer nicht zum Deserialisieren mit einer unsicheren Konfiguration verwenden When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializer zum Deserialisieren "TypeNameHandling.None" an, oder schränken Sie deserialisierte Typen für andere Werte als "None" mit einem SerializationBinder ein. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Bei der Deserialisierung mit JsonSerializer eine sichere Konfiguration sicherstellen + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Fehlendes HttpVerb-Attribut für Aktionsmethoden All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Alle Methoden, die Daten erstellen, bearbeiten, löschen oder anderweitig ändern, führen diese Vorgänge in der [HttpPost]-Überladung der Methode durch, die mit dem Fälschungssicherheitsattribut vor Anforderungsfälschung geschützt werden muss. Das Ausführen eines GET-Vorgangs muss ein sicherer Vorgang sein, der keine Nebenwirkungen hat und Ihre persistenten Daten nicht ändert. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + Die Aktionsmethode "{0}" muss die Art der HTTP-Anforderung explizit angeben. @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + HttpOnly für HttpCookie auf TRUE festlegen As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + Stellen Sie als effektive Abwehrmaßnahme sicher, dass die sicherheitsrelevanten HTTP-Cookies als "HttpOnly" gekennzeichnet sind. Dadurch werden Webbrowser angewiesen, Skripts den Zugriff auf die Cookies zu verwehren. Eingefügte schädliche Skripts sind eine gängige Methode zum Stehlen von Cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie.HttpOnly ist bei Verwendung eines HttpCookie auf FALSE oder gar nicht festgelegt. Stellen Sie sicher, dass sicherheitsrelevante Cookies als HttpOnly gekennzeichnet sind, um zu verhindern, dass sie von schädlichen Skripts gestohlen werden. @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Fälschungssicherheitstoken in ASP.NET Core MVC-Controllern verwenden Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + Die Verarbeitung einer POST-, PUT-, PATCH- oder DELETE-Anforderung ohne Überprüfung eines Fälschungssicherheitstokens ist möglicherweise anfällig für Angriffe durch websiteübergreifende Anforderungsfälschung. Bei einem Angriff durch websiteübergreifende Anforderungsfälschung können schädliche Anforderungen von einem authentifizierten Benutzer an den ASP.NET Core MVC-Controller gesendet werden. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + Die Methode "{0}" verarbeitet eine {1}-Anforderung ohne Überprüfung eines Fälschungssicherheitstokens. Sie müssen außerdem sicherstellen, dass Ihr HTML-Formular ein Fälschungssicherheitstoken sendet. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + DefaultDllImportSearchPaths-Attribut für P/Invokes verwenden By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + Standardmäßig wird von P/Invokes über DllImportAttribute eine Reihe von Verzeichnissen getestet, einschließlich des aktuellen Arbeitsverzeichnisses für die zu ladende Bibliothek. Dies kann für bestimmte Anwendungen ein Sicherheitsproblem darstellen, das zu DLL-Hijacking führt. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + Die Methode "{0}" hat das DefaultDllImportSearchPaths-Attribut für P/Invokes nicht verwendet. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten mit einem JavaScriptSerializer deserialisiert werden, der mit einem SimpleTypeResolver initialisiert wurde. Stellen Sie sicher, dass der JavaScriptSerializer ohne Angabe eines JavaScriptTypeResolver oder mit einem JavaScriptTypeResolver initialisiert wird, der die Objekttypen im deserialisierten Objektdiagramm einschränkt. + Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten mit einem JavaScriptSerializer deserialisiert werden, der mit einem SimpleTypeResolver initialisiert wurde. Stellen Sie sicher, dass der JavaScriptSerializer ohne Angabe eines JavaScriptTypeResolver oder mit einem JavaScriptTypeResolver initialisiert wird, der die Objekttypen im deserialisierten Objektgraphen einschränkt. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten mit einem JavaScriptSerializer deserialisiert werden, der mit einem SimpleTypeResolver initialisiert wurde. Initialisieren Sie den JavaScriptSerializer ohne Angabe eines JavaScriptTypeResolver oder mit einem JavaScriptTypeResolver, der die Objekttypen im deserialisierten Objektdiagramm einschränkt. + Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten mit einem JavaScriptSerializer deserialisiert werden, der mit einem SimpleTypeResolver initialisiert wurde. Initialisieren Sie den JavaScriptSerializer ohne Angabe eines JavaScriptTypeResolver oder mit einem JavaScriptTypeResolver, der die Objekttypen im deserialisierten Objektgraphen einschränkt. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializerSettings "TypeNameHandling.None" an, oder schränken Sie deserialisierte Typen für andere Werte als "None" mit einem SerializationBinder ein. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + Keine unsicheren JsonSerializerSettings verwenden When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializerSettings "TypeNameHandling.None" an, oder stellen Sie für andere Werte als "None" sicher, dass ein SerializationBinder zum Einschränken deserialisierter Typen angegeben wird. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Sicherheit von JsonSerializerSettings sicherstellen Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + Die Deserialisierung von JSON bei Verwendung eines anderen TypeNameHandling-Werts als "None" kann unsicher sein. Wenn Sie stattdessen die Json.NET-Deserialisierung ermitteln müssen, wenn kein SerializationBinder angegeben wird, deaktivieren Sie Regel CA2326, und aktivieren Sie die Regeln CA2327, CA2328, CA2329 und CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + Die Deserialisierung von JSON bei Verwendung eines anderen TypeNameHandling-Werts als "None" kann unsicher sein. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + Verwenden Sie keinen anderen TypeNameHandling-Wert als "None". @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Verschlüsselungsschlüssel nicht hartcodieren SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + Die .Key-Eigenschaft von SymmetricAlgorithm oder der rgbKey-Parameter einer Methode darf niemals ein hartcodierter Wert sein. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + Es wurde ein potenzielles Sicherheitsrisiko gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch einen hartcodierten Schlüssel aus "{2}" in Methode "{3}" erweitert. diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf index bf852e9bb3..0e4e4b1cdf 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Las versiones anteriores del protocolo Seguridad de la capa de transporte (TLS) son menos seguras que las versiones TLS 1.2 y TLS 1.3, y es más probable que tengan nuevas vulnerabilidades. Evite las versiones anteriores del protocolo para minimizar el riesgo. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + La versión "{0}" del protocolo Seguridad de la capa de transporte está en desuso. Utilice "None" para permitir que el sistema operativo elija una versión. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + No usar valores de SslProtocols en desuso @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + No usar aleatoriedad no segura {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} es un generador de números aleatorios no seguro. Use generadores de números aleatorios que sean criptográficamente seguros cuando se requiera aleatoriedad por seguridad. Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + El uso de un generador de números seudoaleatorios no seguro criptográficamente puede permitir a un atacante predecir el valor sensible a la seguridad que se va a generar. Use un generador de números aleatorios fuertemente cifrado si se requiere un valor impredecible, o bien asegúrese de que no se usan números seudoaleatorios poco seguros en una situación sensible a la seguridad. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + No usar un valor de DllImportSearchPath no seguro There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + Puede haber un archivo .dll malintencionado en los directorios de búsqueda de archivos .dll predeterminados. O bien, según desde dónde se ejecute la aplicación, puede haber un archivo .dll malintencionado en el directorio de la aplicación. Use un valor de DllImportSearchPath que especifique una ruta de acceso de búsqueda explícita. Las marcas de DllImportSearchPath que busca esta regla se pueden configurar en el archivo .editorconfig. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Se está usando un valor de DllImportSearchPath ({0}) que no es seguro Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Las versiones actuales del protocolo Seguridad de la capa de transporte pueden dejar de usarse si se encuentran vulnerabilidades. No codifique los valores de SslProtocols de forma rígida para mantener la aplicación segura. Use "None" para permitir que el sistema operativo elija una versión. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Evite codificar el valor "{0}" de SslProtocols de forma rígida para que la aplicación se mantenga segura en el futuro. Use "None" para permitir que el sistema operativo elija una versión. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Evitar valores de SslProtocols codificados de forma rígida When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice la deserialización de JsonSerializer, use TypeNameHandling.None, o bien, para valores distintos de None, restrinja los tipos deserializados con SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + No deserializar con JsonSerializer usando una configuración no segura When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice la deserialización de JsonSerializer, use TypeNameHandling.None, o bien, para valores distintos de None, restrinja los tipos deserializados con SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Asegurarse de que JsonSerializer tiene una configuración segura al deserializar + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Falta el atributo HttpVerb para los métodos de acción All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Todos los métodos que crean, editan, eliminan o modifican de otro modo los datos, lo hacen en la sobrecarga de [HttpPost] del método, que debe protegerse de la falsificación de solicitudes con el atributo antifalsificación. La ejecución de GET debe ser una operación segura que no tenga efectos secundarios y no modifique los datos guardados. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + El método de acción {0} debe especificar el tipo de solicitud HTTP de forma explícita. @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + Establecer HttpOnly en true para HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + Como medida de defensa exhaustiva, asegúrese de que las cookies HTTP sensibles a la seguridad estén marcadas como HttpOnly. Esto indica que los exploradores web deben impedir que posibles scripts tengan acceso a las cookies. Los scripts malintencionados insertados son una forma habitual de robar cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie.HttpOnly se establece en false o no se establece cuando se usa HttpCookie. Asegúrese de que las cookies sensibles a la seguridad se marcan como HttpOnly para evitar que posibles scripts malintencionados roben las cookies @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Usar tokens antifalsificación en los controladores de ASP.NET Core MVC Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + Controlar una solicitud POST, PUT, PATCH o DELETE sin validar un token antifalsificación puede suponer una vulnerabilidad a los ataques de falsificación de solicitudes entre sitios. En este tipo de ataques, se pueden enviar solicitudes malintencionadas de un usuario autenticado al controlador de ASP.NET Core MVC. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + El método {0} controla una solicitud de {1} sin validar un token antifalsificación. También debe asegurarse de que el formulario HTML envíe un token antifalsificación. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + Usar el atributo DefaultDllImportSearchPaths para P/Invoke By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + De forma predeterminada, los métodos de P/Invoke que usan DllImportAttribute sondean una serie de directorios, incluido el directorio de trabajo actual para cargar la biblioteca. Esto puede suponer un problema de seguridad para algunas aplicaciones y dar lugar a que se intercepten archivos .dll. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + El método {0} no ha usado el atributo DefaultDllImportSearchPaths para P/Invoke. @@ -589,7 +589,7 @@ Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Una actividad periódica más frecuente hará que la CPU no esté disponible e interferirá con los temporizadores de inactividad para ahorro de energía que apagan el monitor y los discos duros. + Una actividad periódica más frecuente ocupará la CPU e interferirá con los temporizadores de inactividad para ahorro de energía que apagan el monitor y los discos duros. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - El método "{0}" no es seguro al deserializar datos que no son de confianza con JavaScriptSerializer inicializado con SimpleTypeResolver. Asegúrese de que se ha inicializado JavaScriptSerializer sin especificar JavaScriptTypeResolver, o de que se ha inicializado con JavaScriptTypeResolver que limita los tipos de objetos en el grafo de objetos deserializados. + El método "{0}" no es seguro cuando se deserializan datos que no son de confianza con JavaScriptSerializer inicializado con SimpleTypeResolver. Asegúrese de que se ha inicializado JavaScriptSerializer sin especificar JavaScriptTypeResolver o de que se ha inicializado con un JavaScriptTypeResolver que limite los tipos de objeto en el grafo de objetos deserializados. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - El método "{0}" no es seguro al deserializar datos que no son de confianza con JavaScriptSerializer inicializado con SimpleTypeResolver. Inicialice JavaScriptSerializer sin JavaScriptTypeResolver especificado o inicialice con JavaScriptTypeResolver que limita los tipos de objetos en el grafo de objetos deserializados. + El método "{0}" no es seguro cuando se deserializan datos que no son de confianza con JavaScriptSerializer inicializado con SimpleTypeResolver. Inicialice JavaScriptSerializer sin especificar JavaScriptTypeResolver, o bien inicialícelo con un JavaScriptTypeResolver que limite los tipos de objeto en el grafo de objetos deserializados. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice JsonSerializerSettings, utilice TypeNameHandling.None, o bien, para valores distintos de None, restrinja los tipos deserializados con SerializationBinder. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + No use clases JsonSerializerSettings no seguras When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice JsonSerializerSettings, asegúrese de que se especifica TypeNameHandling.None, o bien, para valores distintos de None, asegúrese de que se especifica un SerializationBinder que restrinja los tipos deserializados. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Asegúrese de que las clases JsonSerializerSettings son seguras Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + La deserialización de JSON cuando se usa un valor TypeNameHandling distinto de None puede no ser segura. Si necesita detectar la deserialización de Json.NET cuando no se especifica un objeto SerializationBinder, deshabilite la regla CA2326 y habilite las reglas CA2327, CA2328, CA2329 y CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + La deserialización de JSON cuando se usa un valor TypeNameHandling distinto de None puede no ser segura. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + No usar valores TypeNameHandling distintos de None @@ -1319,7 +1319,7 @@ When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Al extraer archivos de un elemento de archivo y usar la ruta de acceso de dicho elemento, compruebe si la ruta es segura. La ruta de acceso de archivo puede ser relativa y dirigir el acceso del sistema de archivos fuera de la ruta de destino esperada del sistema de archivos, lo que provoca cambios malintencionados de la configuración y la ejecución remota de código mediante la técnica de "lay-and-wait". + Al extraer archivos de un elemento de archivo y usar la ruta de acceso de dicho elemento, compruebe si la ruta es segura. La ruta de acceso de archivo puede ser relativa y dirigir el acceso del sistema de archivos fuera de la ruta de destino esperada del sistema de archivos, lo que provoca cambios malintencionados de la configuración y la ejecución remota de código mediante la técnica que consiste en establecer y esperar. @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + No codificar la clave de cifrado de forma rígida SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + La propiedad Key de SymmetricAlgorithm o el parámetro rgbKey de un método no deben ser nunca un valor codificado de forma rígida. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + Se encontró una posible vulnerabilidad de seguridad por la que podría contaminarse "{0}" en el método "{1}" con una clave codificada de forma rígida de "{2}" en el método "{3}". diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf index 9d8d999d0e..479ce0883e 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Les anciennes versions du protocole TLS (Transport Layer Security) sont moins sécurisées que TLS 1.2 et TLS 1.3, et sont plus susceptibles de comporter de nouvelles vulnérabilités. Évitez les anciennes versions de protocole pour réduire les risques. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + La version '{0}' du protocole TLS (Transport Layer Security) est dépréciée. Utilisez 'None' pour laisser le système d'exploitation choisir une version. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + N'utilisez pas de valeurs dépréciées pour SslProtocols @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Ne pas utiliser de sélection aléatoire non sécurisée {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} est un générateur de nombres aléatoires non sécurisé. Utilisez des générateurs de nombres aléatoires sécurisés de manière chiffrée quand une sélection aléatoire est nécessaire pour la sécurité Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + L'utilisation d'un générateur de nombres pseudo-aléatoires faible au niveau du chiffrement peut permettre à un attaquant de prédire la génération d'une valeur dont la sécurité est critique. Utilisez un générateur de nombres aléatoires fort au niveau du chiffrement si une valeur imprévisible est nécessaire, ou vérifiez qu'aucun nombre pseudo-aléatoire faible n'est utilisé dans le cadre d'opérations dont la sécurité est critique. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Ne pas utiliser de valeur non sécurisée pour DllImportSearchPath There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + Il existe peut-être une DLL malveillante dans les répertoires de recherche de DLL par défaut. De même, en fonction de l'emplacement d'exécution de votre application, il peut exister une DLL malveillante dans le répertoire de l'application. Utilisez une valeur pour DllImportSearchPath qui spécifie un chemin de recherche explicite à la place. Vous pouvez configurer les indicateurs DllImportSearchPath que cette règle recherche dans .editorconfig. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Utilisation d'une valeur de DllImportSearchPath non sécurisée {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Les versions actuelles du protocole TLS (Transport Layer Security) peuvent être dépréciées si des vulnérabilités sont détectées. Évitez de coder en dur les valeurs de SslProtocols pour que votre application reste sécurisée. Utilisez 'None' pour laisser le système d'exploitation choisir une version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Évitez de coder en dur les valeurs '{0}' de SslProtocols pour que votre application reste sécurisée de manière durable. Utilisez 'None' pour laisser le système d'exploitation choisir une version. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Évitez de coder en dur les valeurs de SslProtocols When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous désérialisez JsonSerializer, utilisez TypeNameHandling.None, ou pour les valeurs autres que None, restreignez les types désérialisés avec SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + N'effectuez pas de désérialisation avec JsonSerializer à l'aide d'une configuration non sécurisée When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous désérialisez JsonSerializer, utilisez TypeNameHandling.None, ou pour les valeurs autres que None, restreignez les types désérialisés avec SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Vérifiez que JsonSerializer a une configuration sécurisée au moment de la désérialisation + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Attribut HttpVerb manquant pour les méthodes d'action All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Toutes les méthodes permettant de créer, modifier ou supprimer des données, ou de les changer de quelque façon que ce soit, le font dans la surcharge [HttpPost] de la méthode, laquelle doit être protégée avec l'attribut antifalsification relatif à la falsification de requête. L'exécution d'une opération GET doit être une opération sécurisée qui n'a aucun effet secondaire et ne modifie pas vos données persistantes. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + La méthode d'action {0} doit spécifier explicitement le genre de requête HTTP @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + Affectez la valeur true à HttpOnly pour HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + En tant que mesure de défense renforcée, vérifiez que les cookies HTTP dont la sécurité est critique sont marqués avec HttpOnly. Cela indique aux navigateurs web qu'ils doivent interdire aux scripts d'accéder aux cookies. L'injection de scripts malveillants est un moyen courant de voler des cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie.HttpOnly a la valeur false ou n'est pas défini du tout durant l'utilisation d'un HttpCookie. Vérifiez que les cookies dont la sécurité est critique sont marqués avec HttpOnly pour empêcher les scripts malveillants de les voler @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Utilisez des jetons antifalsification dans les contrôleurs ASP.NET Core MVC Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + Le traitement d'une requête POST, PUT, PATCH ou DELETE sans validation d'un jeton antifalsification peut être vulnérable aux attaques par falsification de requête intersites. Une attaque par falsification de requête intersites peut envoyer des requêtes malveillantes de la part d'un utilisateur authentifié à votre contrôleur ASP.NET Core MVC. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + La méthode {0} traite une requête {1} sans validation de jeton antifalsification. Vous devez également vérifier que votre formulaire HTML envoie un jeton antifalsification. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + Utilisez l'attribut DefaultDllImportSearchPaths pour les P/Invoke By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + Par défaut, les P/Invoke qui utilisent DllImportAttribute sondent un certain nombre de répertoires, notamment le répertoire de travail actuel de la bibliothèque à charger. Cela peut poser un problème de sécurité pour certaines applications, et se traduire par un détournement de DLL. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + La méthode {0} n'a pas utilisé l'attribut DefaultDllImportSearchPaths pour les P/Invoke. @@ -589,7 +589,7 @@ Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Une activité périodique très fréquente sollicite l'UC et interfère avec les minuteurs d'inactivité qui déclenchent la mise en veille de l'écran et des disques durs pour économiser de l'énergie. + Une activité régulière à plus grande fréquence occupe le processeur et interfère avec les minuteurs d'inactivité qui déclenchent la mise en veille de l'écran et des disques durs pour économiser de l'énergie. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - La méthode « {0} » n'est pas sécurisée durant la désérialisation de données non fiables à l'aide d'un JavaScriptSerializer initialisé avec un SimpleTypeResolver. Vérifiez que JavaScriptSerializer est initialisé sans JavaScriptTypeResolver ou avec un JavaScriptTypeResolver qui limite ces types d'objets dans le graphe d'objet désérialisé. + La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables à l'aide d'un JavaScriptSerializer initialisé avec un SimpleTypeResolver. Vérifiez que JavaScriptSerializer est initialisé sans JavaScriptTypeResolver, ou qu'il est initialisé avec un JavaScriptTypeResolver qui limite les types des objets dans le graphe d'objet désérialisé. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - La méthode « {0} » n'est pas sécurisée durant la désérialisation de données non fiables à l'aide d'un JavaScriptSerializer initialisé avec un SimpleTypeResolver. Initialisez JavaScriptSerializer sans JavaScriptTypeResolver ou avec un JavaScriptTypeResolver qui limite ces types d'objets dans le graphe d'objet désérialisé. + La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables à l'aide d'un JavaScriptSerializer initialisé avec un SimpleTypeResolver. Initialisez JavaScriptSerializer sans JavaScriptTypeResolver, ou initialisez un JavaScriptTypeResolver qui limite les types des objets dans le graphe d'objet désérialisé. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous utilisez JsonSerializerSettings, utilisez TypeNameHandling.None, ou pour les valeurs autres que None, restreignez les types désérialisés avec SerializationBinder. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + N'utilisez pas de JsonSerializerSettings non sécurisé When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous utilisez JsonSerializerSettings, vérifiez que TypeNameHandling.None est spécifié. Pour les valeurs autres que None, vérifiez que SerializationBinder est spécifié afin de restreindre les types désérialisés. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Vérifiez la sécurisation de JsonSerializerSettings Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + Si vous désérialisez JSON quand vous utilisez une autre valeur que None pour TypeNameHandling, cela peut présenter un risque de sécurité. Si vous devez plutôt détecter la désérialisation de Json.NET quand aucun SerializationBinder n'est spécifié, désactivez la règle CA2326, et activez les règles CA2327, CA2328, CA2329 et CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + Si vous désérialisez JSON quand vous utilisez une autre valeur que None pour TypeNameHandling, cela peut présenter un risque de sécurité. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + N'utilisez pas d'autre valeur que None pour TypeNameHandling @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Ne pas coder en dur la clé de chiffrement SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + La propriété .Key de SymmetricAlgorithm ou le paramètre rgbKey d'une méthode ne doivent jamais correspondre à une valeur codée en dur. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + Une vulnérabilité potentielle liée à la sécurité a été détectée. '{0}' dans la méthode '{1}' peut être altéré par une clé codée en dur en provenance de '{2}' dans la méthode '{3}' diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf index 41797d82ed..5f7117ec5d 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Le versioni precedenti del protocollo Transport Layer Security (TLS) sono meno sicure rispetto a TLS 1.2 e TLS 1.3 e presentano maggiori probabilità di includere nuove vulnerabilità. Evitare le versioni precedenti del protocollo per ridurre al minimo i rischi. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + La versione '{0}' del protocollo Transport Layer Security è deprecata. Usare 'None' per consentire al sistema operativo di scegliere una versione. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + Non usare valori SslProtocols deprecati @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Non usare la casualità non sicura {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} è un generatore di numeri casuali non sicuro. Usare generatori di numeri casuali sicuri dal punto di vista della crittografia quando per motivi di sicurezza è richiesta la casualità Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + L'uso di un generatore di numeri pseudo-casuali vulnerabile dal punto di vista della crittografia può consentire a un utente malintenzionato di prevedere il valore sensibile alla sicurezza che verrà generato. Se è richiesto un valore non prevedibile, usare un generatore di numeri casuali sicuro dal punto di vista della crittografia oppure verificare che i numeri pseudo-casuali vulnerabili non vengano usati in modo sensibile per la sicurezza. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Non usare il valore DllImportSearchPath non sicuro There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + Nelle directory di ricerca DLL predefinite potrebbe essere presente una DLL dannosa oppure, a seconda della posizione di esecuzione dell'applicazione, nella directory dell'applicazione potrebbe essere presente una DLL dannosa. Usare un valore DllImportSearchPath che specifica un percorso di ricerca esplicito. I flag DllImportSearchPath cercati da questa regola possono essere configurati nel file con estensione editorconfig. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Uso del valore {0} non sicuro di DllImportSearchPath Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Le versioni correnti del protocollo Transport Layer Security potrebbero diventare deprecate se vengono trovate vulnerabilità. Per garantire la protezione dell'applicazione, evitare di impostare i valori SslProtocols come hardcoded. Usare 'None' per consentire al sistema operativo di scegliere una versione. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Evitare di impostare i valori '{0}' di SslProtocols come hardcoded per garantire che l'applicazione rimanga protetta in futuro. Usare 'None' per consentire al sistema operativo di scegliere una versione. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Evitare di impostare i valori di SslProtocols come hardcoded When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si deserializza con JsonSerializer, usare TypeNameHandling.None oppure, per valori diversi da None, limitare i tipi deserializzati con un elemento SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + Non deserializzare con JsonSerializer usando una configurazione non sicura When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si deserializza con JsonSerializer, usare TypeNameHandling.None oppure, per valori diversi da None, limitare i tipi deserializzati con un elemento SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Assicurarsi che la configurazione di JsonSerializer sia sicura durante la deserializzazione + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Attributo HttpVerb mancante per i metodi di azione All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Tutti i metodi che consentono di creare, modificare, eliminare o cambiare in altro modo i dati usano l'overload [HttpPost] del metodo, che deve essere protetto dalla falsificazione delle richieste con l'apposito attributo antifalsificazione. L'esecuzione di un'operazione GET deve essere un'operazione sicura che non presenta effetti collaterali e non modifica i dati persistenti. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + Il metodo di azione {0} deve specificare in modo esplicito il tipo della richiesta HTTP @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + Impostare HttpOnly su true per HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + Come ulteriore misura di difesa, assicurarsi che i cookie HTTP sensibili alla sicurezza siano contrassegnati come HttpOnly. In questo modo il Web browser non consentirà agli script di accedere ai cookie. Il modo più comune per appropriarsi dei cookie consiste nell'usare script in cui viene inserito codice dannoso. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie.HttpOnly è impostato su false o non è impostato affatto quando si usa un elemento HttpCookie. Assicurarsi che i cookie sensibili alla sicurezza siano contrassegnati come HttpOnly per impedire a script dannosi di appropriarsi dei cookie @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Usare token antifalsificazione nei controller MVC ASP.NET Core Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + La gestione di una richiesta POST, PUT, PATCH o DELETE senza la convalida di un token antifalsificazione può essere vulnerabile ad attacchi di tipo richiesta intersito falsa. In un attacco di questo tipo vengono inviate richieste dannose da un utente autenticato al controller MVC ASP.NET Core. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + Il metodo {0} gestisce una richiesta {1} senza eseguire la convalida del token antifalsificazione. È necessario assicurarsi anche che il modulo HTML invii un token antifalsificazione. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + Usare l'attributo DefaultDllImportSearchPaths per i P/Invoke By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + Per impostazione predefinita, i P/Invoke che usano DllImportAttribute esaminano un certo numero di directory, tra cui la directory di lavoro corrente per la libreria da caricare. Per alcune applicazioni questo comportamento può costituire un problema di sicurezza che permette di assumere il controllo delle DLL. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + Il metodo {0} non ha usato l'attributo DefaultDllImportSearchPaths per i P/Invoke. @@ -589,7 +589,7 @@ Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Un'attività periodica più frequente tiene occupata la CPU e interferisce con i timer di inattività per il risparmio di energia che disattivano lo schermo e i dischi rigidi. + Un'attività periodica più frequente tiene la CPU occupata e interferisce con i timer di inattività per il risparmio di energia che disattivano lo schermo e i dischi rigidi. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili con un elemento JavaScriptSerializer inizializzato con un elemento SimpleTypeResolver. Assicurarsi che l'elemento JavaScriptSerializer venga inizializzato senza specificare un elemento JavaScriptTypeResolver oppure che venga inizializzato con un elemento JavaScriptTypeResolver che limita tale tipo di oggetti nell'oggetto grafico deserializzato. + Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili con un elemento JavaScriptSerializer inizializzato con un elemento SimpleTypeResolver. Assicurarsi che l'elemento JavaScriptSerializer venga inizializzato senza specificare un elemento JavaScriptTypeResolver oppure che venga inizializzato con un elemento JavaScriptTypeResolver che limita i tipi di oggetti nell'oggetto grafico deserializzato. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili con un elemento JavaScriptSerializer inizializzato con un elemento SimpleTypeResolver. Inizializzare JavaScriptSerializer senza specificare un elemento JavaScriptTypeResolver oppure inizializzarlo con un elemento JavaScriptTypeResolver che limita tale tipo di oggetti nell'oggetto grafico deserializzato. + Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili con un elemento JavaScriptSerializer inizializzato con un elemento SimpleTypeResolver. Inizializzare JavaScriptSerializer senza specificare un elemento JavaScriptTypeResolver oppure inizializzarlo con un elemento JavaScriptTypeResolver che limita i tipi di oggetti nell'oggetto grafico deserializzato. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si usa JsonSerializerSettings, usare TypeNameHandling.None oppure, per valori diversi da None, limitare i tipi deserializzati con un elemento SerializationBinder. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + Non usare l'elemento JsonSerializerSettings non sicuro When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si usa JsonSerializerSettings, assicurarsi che TypeNameHandling.None sia specificato oppure, per valori diversi da None, assicurarsi che sia specificato un elemento SerializationBinder per limitare i tipi deserializzati. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Assicurarsi che l'elemento JsonSerializerSettings sia sicuro Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + La deserializzazione di JSON quando si usa un valore TypeNameHandling diverso da None può essere insicura. Se è necessario rilevare invece la deserializzazione di JSON.NET quando non è specificato alcun oggetto SerializationBinder, disabilitare la regola CA2326 e abilitare le regole CA2327, CA2328, CA2329 e CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + La deserializzazione di JSON quando si usa un valore TypeNameHandling diverso da None può essere insicura. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + Non usare valori di TypeNameHandling diversi da None @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Non impostare la chiave di crittografia come hardcoded SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + La proprietà .Key di SymmetricAlgorithm o il parametro rgbKey di un metodo non deve essere mai essere un valore hardcoded. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + È stata trovata una potenziale vulnerabilità di sicurezza in cui '{0}' nel metodo '{1}' può essere contaminato dalla chiave hardcoded di '{2}' nel metodo '{3}' diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf index 73d256fd93..3938fb8b38 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + トランスポート層セキュリティ (TLS) の以前のプロトコル バージョンは、TLS 1.2 および TLS 1.3 よりも安全性が低く、新しい脆弱性が見つかる可能性が高くなります。リスクを最小限に抑えるため、以前のプロトコル バージョンは使用しないでください。 Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + トランスポート層セキュリティ プロトコルのバージョン '{0}' は非推奨です。オペレーティング システムがバージョンを選択できるようにするには、'None' を使用します。 Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + SslProtocols の非推奨の値を使用しない @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + 安全でないランダム度を使用しない {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} は安全でない乱数ジェネレーターです。セキュリティにランダム度が必要な場合に、暗号化によってセキュリティで保護された乱数ジェネレーターを使用します Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + 暗号強度の低い擬似乱数ジェネレーターを使用すると、セキュリティ上注意が必要などのような値が生成されるかを攻撃者が予測できる可能性があります。予測できない値が必要な場合は暗号強度の高い乱数ジェネレーターを使用するか、または暗号強度の低い疑似乱数がセキュリティ上注意が必要な形で使用されていないことを確認してください。 Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + 安全でない DllImportSearchPath 値を使用しない There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + 既定の DLL 検索ディレクトリ内に悪意のある DLL が存在する可能性があります。または、アプリケーションが実行されている場所に応じて、アプリケーションのディレクトリに悪意のある DLL が存在する可能性があります。代わりに、明示的な検索パスを指定する DllImportSearchPath 値を使用してください。この規則で検索される DllImportSearchPath フラグは、.editorconfig で構成できます。 Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + 安全でない DllImportSearchPath 値 {0} の使用 Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + 現在のトランスポート層セキュリティ プロトコルのバージョンに脆弱性が見つかると、非推奨になる可能性があります。アプリケーションのセキュリティを維持するために、SslProtocols の値をハードコードしないでください。オペレーティング システムがバージョンを選択できるようにするには、'None' を使用します。 Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + 今後のアプリケーションのセキュリティを確保するため、SslProtocols '{0}' をハードコードしないでください。オペレーティング システムがバージョンを選択できるようにするには、'None' を使用します。 Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + ハードコードされた SslProtocols の値を使用しない When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。逆シリアル化 JsonSerializer を使用する場合は TypeNameHandling.None を使用し、None 以外の値の場合は SerializationBinder を使用して逆シリアル化の種類を制限します。 Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + 安全でない構成を使用している JsonSerializer で逆シリアル化をしない When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。逆シリアル化 JsonSerializer を使用する場合は TypeNameHandling.None を使用し、None 以外の値の場合は SerializationBinder を使用して逆シリアル化の種類を制限します。 Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + 逆シリアル化するときに JsonSerializer に安全な構成があることを確認する + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + アクション メソッドの HttpVerb 属性がない All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + データの作成、編集、削除、または変更を行うすべてのメソッドでは、メソッドの [HttpPost] オーバーロードでそれらの操作が実行されます。これは、リクエスト フォージェリからの偽造防止属性を使用して保護する必要があります。取得操作の実行は副作用がなく、持続データを変更しない安全な操作である必要があります。 Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + アクション メソッド {0} では、HTTP 要求の種類を明示的に指定する必要があります @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + HttpCookie で HttpOnly を true に設定する As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + 高度な防御手段として、セキュリティ上注意が必要な HTTP Cookie が、必ず HttpOnly としてマークされるようにしてください。これは、スクリプトから Cookie へのアクセスを Web ブラウザーで許可してはならないことを示しています。挿入された悪意のあるスクリプトは、Cookie を盗むための一般的な方法です。 HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie を使用している場合、HttpCookie.HttpOnly は false に設定されるか、まったく設定されません。悪意のあるスクリプトによって Cookie が盗まれないようにするために、セキュリティ上注意が必要な Cookie が、必ず HttpOnly としてマークされるようにしてください @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + ASP.NET Core MVC コントローラーで偽造防止トークンを使用する Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + 偽造防止トークンを検証せずに POST、PUT、PATCH、DELETE 要求を処理すると、クロスサイト リクエスト フォージェリ攻撃に対して脆弱になる可能性があります。クロスサイト リクエスト フォージェリ攻撃では、認証されたユーザーから ASP.NET Core MVC コントローラーに悪意のある要求が送信される可能性があります。 Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + メソッド {0} では、偽造防止トークンの検証を実行せずに {1} 要求が処理されます。また、HTML フォームで偽造防止トークンが送信されるようにする必要もあります。 Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + P/Invoke に対して DefaultDllImportSearchPaths 属性を使用する By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + 既定では、DllImportAttribute を使用している P/Invoke は、ライブラリが読み込むための現在の作業ディレクトリを含むいくつかのディレクトリを精査します。これは特定のアプリケーションでセキュリティ上の問題を引き起こし、DLL のハイジャックにつながる可能性があります。 The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + メソッド {0} で、P/Invoke に対して DefaultDllImportSearchPaths 属性が使用されませんでした。 @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver で初期化された JavaScriptSerializer で信頼されていないデータを逆シリアル化している場合、メソッド '{0}' は安全ではありません。JavaScriptTypeResolver が指定されずに JavaScriptSerializer が初期化されていること、または逆シリアル化されたオブジェクト グラフ内のオブジェクトの種類を制限する JavaScriptTypeResolver で初期化されていることを確認してください。 + SimpleTypeResolver で初期化された JavaScriptSerializer で信頼されていないデータを逆シリアル化している場合、メソッド '{0}' は安全ではありません。JavaScriptTypeResolver が指定されずに JavaScriptSerializer が初期化されていること、または逆シリアル化されたオブジェクト グラフ内のオブジェクトの種類を制限する JavaScriptTypeResolver で初期化されていることをご確認ください。 @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver で初期化された JavaScriptSerializer で信頼されていないデータを逆シリアル化している場合、メソッド '{0}' は安全ではありません。JavaScriptTypeResolver を指定せずに JavaScriptSerializer を初期化するか、逆シリアル化されたオブジェクト グラフ内のオブジェクトの種類を制限する JavaScriptTypeResolver で初期化します。 + SimpleTypeResolver で初期化された JavaScriptSerializer で信頼されていないデータを逆シリアル化している場合、メソッド '{0}' は安全ではありません。JavaScriptTypeResolver を指定せずに JavaScriptSerializer を初期化するか、逆シリアル化されたオブジェクト グラフ内のオブジェクトの種類を制限する JavaScriptTypeResolver で初期化します。 @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。JsonSerializerSettings を使用する場合は TypeNameHandling.None を使用し、None 以外の値の場合は SerializationBinder を使用して逆シリアル化の種類を制限します。 Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + 安全でない JsonSerializerSettings を使用しない When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。JsonSerializerSettings を使用する場合は TypeNameHandling.None が指定されていること、None 以外の値の場合は SerializationBinder を指定して逆シリアル化の種類が制限されていることをご確認ください。 Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + JsonSerializerSettings がセキュリティで保護されていることの確認 Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + None 以外の TypeNameHandling 値を使用する場合の JSON の逆シリアル化は、安全でない可能性があります。SerializationBinder が指定されていないときに Json.NET の逆シリアル化を検出する必要がある場合は、規則 CA2326 を無効にして、規則 CA2327、CA2328、CA2329、CA2330 を有効にしてください。 Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + None 以外の TypeNameHandling 値を使用する場合の JSON の逆シリアル化は、安全でない可能性があります。 Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + None 以外の TypeNameHandling 値を使用しないでください @@ -1319,7 +1319,7 @@ When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - アーカイブからファイルを抽出し、アーカイブ アイテムのパスを使用するときは、パスが安全であるかどうかを確認します。アーカイブ パスは相対パスの場合があり、想定されるファイル システムのターゲット パス以外でファイル システムへのアクセスを引き起こす可能性があります。これは、lay-and-wait の技法によって悪意のある構成変更とリモート コードの実行につながります。 + アーカイブからファイルを抽出し、アーカイブ アイテムのパスを使用するときは、パスが安全であるかどうかを確認します。アーカイブ パスは相対パスの場合があり、想定されるファイル システムのターゲット パス以外でファイル システムへのアクセスが可能になる可能性があります。これは、lay-and-wait の技法によって悪意のある構成変更とリモート コードの実行につながります。 @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + 暗号化キーをハード コードしない SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + SymmetricAlgorithm の .Key プロパティまたはメソッドの rgbKey パラメーターをハードコードされた値にすることはできません。 Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + 潜在的なセキュリティの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのハードコードされたキーによって悪用される可能性があります diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf index 1061281c70..4edf189a40 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + TLS(전송 계층 보안)의 이전 프로토콜 버전은 TLS 1.2 및 TLS 1.3보다 보안 수준이 낮으며 새로운 취약성이 발생할 가능성이 더 높습니다. 위험을 최소화하려면 이전 프로토콜 버전을 사용하지 마세요. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + 전송 계층 보안 프로토콜 버전 '{0}'은(는) 사용되지 않습니다. 운영 체제에서 버전을 선택하도록 하려면 '없음'을 사용하세요. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + 사용되지 않는 SslProtocols 값 사용 안 함 @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + 안전하지 않은 임의성 사용 안 함 {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0}은(는) 안전하지 않은 난수 생성기입니다. 보안을 위해 임의성이 필요한 경우 암호화된 보안 난수 생성기를 사용합니다. Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + 암호화가 약한 의사 난수 생성기를 사용하면 공격자가 생성되는 보안에 중요한 값을 예측할 수 있습니다. 예측 불가능한 값이 필요한 경우 암호화가 강한 난수 생성기를 사용하거나, 약한 의사 난수가 보안에 중요한 방식으로 사용되지 않도록 하세요. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + 안전하지 않은 DllImportSearchPath 값 사용 안 함 There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + 기본 DLL 검색 디렉터리에 악성 DLL이 있을 수 있습니다. 또는 애플리케이션이 실행되는 위치에 따라 애플리케이션의 디렉터리에 악성 DLL이 있을 수 있습니다. 대신 명시적 검색 경로를 지정하는 DllImportSearchPath 값을 사용합니다. 이 규칙이 검색하는 DllImportSearchPath 플래그는 .editorconfig에서 구성할 수 있습니다. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + 안전하지 않은 DllImportSearchPath 값 {0} 사용 Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + 취약성이 발견되면 현재 전송 계층 보안 프로토콜 버전이 사용되지 않을 수 있습니다. 애플리케이션을 안전하게 유지하려면 SslProtocols 값을 하드 코딩하지 않습니다. 운영 체제에서 버전을 선택하도록 하려면 '없음'을 사용합니다. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + 앞으로 애플리케이션을 안전하게 유지하려면 SslProtocols '{0}'을(를) 하드 코딩하지 마세요. 운영 체제에서 버전을 선택하도록 하려면 '없음'을 사용하세요. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + 하드 코딩된 SslProtocols 값 방지 When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 신뢰할 수 없는 입력을 deserialize하는 경우 deserialize되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializer를 deserialize하는 경우 TypeNameHandling.None을 사용하고, 또는 None 이외의 값에 대해 SerializationBinder를 사용하여 deserialize된 형식을 제한하세요. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + 안전하지 않은 구성을 사용하여 JsonSerializer로 deserialize 안 함 When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 신뢰할 수 없는 입력을 deserialize하는 경우 deserialize되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializer를 deserialize하는 경우 TypeNameHandling.None을 사용하고, 또는 None 이외의 값에 대해 SerializationBinder를 사용하여 deserialize된 형식을 제한하세요. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + deserialize할 때 JsonSerializer에 보안 구성이 있는지 확인 + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + 작업 메서드의 HttpVerb 특성 누락 All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + 데이터를 생성, 편집, 삭제 또는 수정하는 모든 메서드는 위조 방지 특성을 사용하여 요청 위조로부터 보호되어야 하는 메서드의 [HttpPost] 오버로드에서 해당 작업을 수행합니다. GET 작업 수행은 부작용이 없고 영구 데이터를 수정하지 않는 안전한 작업이어야 합니다. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + 작업 메서드 {0}은(는) Http 요청 종류를 명시적으로 지정해야 합니다. @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + HttpCookie에 대해 HttpOnly를 true로 설정 As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + 심층 방어 수단으로 보안에 중요한 HTTP 쿠키가 HttpOnly로 표시되어 있는지 확인합니다. 이는 웹 브라우저에서 스크립트가 쿠키에 액세스하는 것을 허용하지 않아야 함을 나타냅니다. 삽입된 악성 스크립트는 쿠키를 도용하는 일반적인 방법입니다. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie를 사용할 경우 HttpCookie.HttpOnly가 false로 설정되거나, 설정되지 않습니다. 악성 스크립트가 쿠키를 도용하지 못하도록 하려면 보안에 중요한 쿠키가 HttpOnly로 표시되어 있는지 확인하세요. @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + ASP.NET Core MVC 컨트롤러에서 위조 방지 토큰 사용 Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + 위조 방지 토큰의 유효성을 검사하지 않고 POST, PUT, PATCH 또는 DELETE 요청을 처리하면 교차 사이트 요청 위조 공격에 취약할 수 있습니다. 교차 사이트 요청 위조 공격은 인증된 사용자의 악성 요청을 ASP.NET Core MVC 컨트롤러로 보낼 수 있습니다. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + {0} 메서드는 위조 방지 토큰 유효성 검사를 수행하지 않고 {1} 요청을 처리합니다. 또한 HTML 양식이 위조 방지 토큰을 보내는지 확인해야 합니다. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + P/Invokes에 DefaultDllImportSearchPaths 특성 사용 By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + 기본적으로 DllImportAttribute를 사용하는 P/Invokes는 로드할 라이브러리의 현재 작업 디렉터리를 비롯한 여러 디렉터리를 프로브합니다. 이는 특정 애플리케이션에서 DLL 하이재킹으로 이어지는 보안 문제가 될 수 있습니다. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + {0} 메서드는 P/Invokes에 DefaultDllImportSearchPaths 특성을 사용하지 않았습니다. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver로 초기화된 JavaScriptSerializer로 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. JavaScriptSerializer가 JavaScriptTypeResolver가 지정되지 않은 상태로 초기화되었거나 deserialize된 개체 그래프에서 해당 개체 형식을 제한하는 JavaScriptTypeResolver로 초기화되었는지 확인하세요. + SimpleTypeResolver로 초기화된 JavaScriptSerializer로 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. JavaScriptSerializer가 JavaScriptTypeResolver가 지정되지 않은 상태로 초기화되었거나 deserialize된 개체 그래프에서 해당 개체 형식을 제한하는 JavaScriptTypeResolver로 초기화되었는지 확인하세요. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver로 초기화된 JavaScriptSerializer로 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. JavaScriptTypeResolver가 지정되지 않은 상태로 JavaScriptSerializer를 초기화하거나 deserialize된 개체 그래프에서 해당 개체 형식을 제한하는 JavaScriptTypeResolver로 초기화하세요. + SimpleTypeResolver로 초기화된 JavaScriptSerializer로 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. JavaScriptTypeResolver가 지정되지 않은 상태로 JavaScriptSerializer를 초기화하거나 deserialize된 개체 그래프에서 해당 개체 형식을 제한하는 JavaScriptTypeResolver로 초기화하세요. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 신뢰할 수 없는 입력을 deserialize하는 경우 deserialize되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializerSettings를 사용하는 경우 TypeNameHandling.None을 사용하고, 또는 None 이외의 값에 대해 SerializationBinder를 사용하여 deserialize된 형식을 제한하세요. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + 안전하지 않은 JsonSerializerSettings를 사용하지 마세요. When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + 신뢰할 수 없는 입력을 deserialize하는 경우 deserialize되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializerSettings를 사용하는 경우 TypeNameHandling.None이 지정되었는지 확인하고, 또는 None 이외의 값에 대해 SerializationBinder가 지정되어 deserialize된 형식을 제한하는지 확인하세요. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + JsonSerializerSettings가 안전한지 확인하세요. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + None 이외의 TypeNameHandling 값을 사용하는 경우 JSON deserialize가 안전하지 않을 수 있습니다. SerializationBinder가 지정되지 않았을 때 대신 Json.NET deserialization을 검색해야 하는 경우 CA2326 규칙을 사용하지 않도록 설정하고 CA2327, CA2328, CA2329, CA2330 규칙을 사용하도록 설정합니다. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + None 이외의 TypeNameHandling 값을 사용하는 경우 JSON deserialize가 안전하지 않을 수 있습니다. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + None 이외의 TypeNameHandling 값을 사용하지 마세요. @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + 암호화 키 하드 코딩 안 함 SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + SymmetricAlgorithm의 .Key 속성 또는 메서드의 rgbKey 매개 변수는 하드 코딩된 값이어서는 안 됩니다. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 하드 코딩된 키에 의해 감염될 수 있는 잠재적인 보안 취약성이 발견되었습니다. diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf index 1b5fdb6f1b..b42b782387 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Starsze wersje protokołu Transport Layer Security (TLS) są mniej bezpieczne niż TLS 1.2 i TLS 1.3 i mogą być bardziej podatne na luki w zabezpieczeniach. Aby zminimalizować ryzyko, unikaj używania starszych wersji protokołu. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + Wersja protokołu Transport Layer Security „{0}” jest przestarzała. Użyj opcji „Brak”, aby umożliwić systemowi operacyjnemu wybranie wersji. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + Nie używaj przestarzałych wartości SslProtocols @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Nie używaj niezabezpieczonej losowości {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} to niezabezpieczony generator liczb losowych. Użyj kryptograficznie zabezpieczonego generatora liczb losowych, gdy losowość jest wymagana ze względów bezpieczeństwa. Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + Użycie kryptograficznie słabego generatora liczb pseudolosowych może umożliwić osobie atakującej przewidzenie, jaka wartość wpływająca na zabezpieczenia zostanie wygenerowana. Użyj kryptograficznie silnego generatora liczb losowych, jeśli jest wymagana wartości niemożliwa do przewidzenia, lub upewnij się, że liczby pseudolosowe nie są używane w przypadku wartości wpływających na zabezpieczenia . Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Nie używaj niebezpiecznej wartości DllImportSearchPath There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + W domyślnych katalogach wyszukiwania bibliotek DLL może znajdować się złośliwa biblioteka DLL albo, w zależności od tego, z jakiej lokalizacji jest uruchamiana aplikacja, złośliwa biblioteka DLL może znajdować się w katalogu aplikacji. W zastępstwie użyj wartości DllImportSearchPath, która określa jawną ścieżkę wyszukiwania. Flagi DllImportSearchPath, które wyszukuje ta reguła, można skonfigurować w pliku .editorconfig. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Użycie niebezpiecznej wartości DllImportSearchPath {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Bieżące wersje protokołu Transport Layer Security mogą zostać uznane za przestarzałe w przypadku znalezienia luk w zabezpieczeniach. Unikaj kodowania na stałe wartości SslProtocols, aby zachować bezpieczeństwo aplikacji. Użyj opcji „Brak”, aby umożliwić systemowi operacyjnemu wybranie wersji. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Unikaj kodowania na stałe wartości SslProtocols „{0}”, aby zapewnić bezpieczeństwo aplikacji w przyszłości. Użyj opcji „Brak”, aby umożliwić systemowi operacyjnemu wybranie wersji. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Unikaj kodowania na stałe wartości SslProtocols When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest mało bezpieczne. W przypadku deserializacji typu JsonSerializer użyj wartości TypeNameHandling.None lub, w przypadku wartości innych niż None, użyj elementu SerializationBinder w celu ograniczenia typów deserializowanych. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + Nie wykonuj deserializacji typu JsonSerializer przy użyciu niezabezpieczonej konfiguracji When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest mało bezpieczne. W przypadku deserializacji typu JsonSerializer użyj wartości TypeNameHandling.None lub, w przypadku wartości innych niż None, użyj elementu SerializationBinder w celu ograniczenia typów deserializowanych. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Upewnij się, że element JsonSerializer ma bezpieczną konfigurację podczas deserializacji + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Pomiń atrybut HttpVerb dla metod akcji All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Wszystkie metody, które tworzą, edytują, usuwają lub w inny sposób modyfikują dane, dokonują tego w przeciążeniu [HttpPost] metody, która musi być chroniona przy użyciu atrybutu zabezpieczającego przed fałszerstwem przez sfałszowanie żądania. Wykonanie operacji GET powinno być bezpieczną operacją, która nie ma żadnych efektów ubocznych i nie powoduje modyfikacji utrwalonych danych. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + Metoda akcji {0} musi jawnie określać rodzaj żądania Http @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + Ustaw element HttpOnly na wartość true dla elementu HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + W celu zapewnienia kompleksowej ochrony upewnij się, że wpływające na zabezpieczenia pliki cookie protokołu HTTP są oznaczone jako HttpOnly. Oznacza to, że przeglądarki internetowe powinny uniemożliwić skryptom uzyskiwanie dostępu do tych plików cookie. Wstrzykiwanie złośliwych skryptów to typowy sposób kradzieży plików cookie. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + Właściwość HttpCookie.HttpOnly jest ustawiana na wartość false lub nie jest konfigurowana wcale w przypadku używania elementu HttpCookie. Upewnij się, że wpływające na zabezpieczenia pliki cookie są oznaczone jako HttpOnly, aby uniemożliwić złośliwym skryptom kradzież plików cookie @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Użyj tokenów zabezpieczających przed fałszerstwem w kontrolerach MVC ASP.NET Core Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + Obsługa żądania POST, PUT, PATCH lub DELETE bez weryfikacji tokenu zabezpieczającego przed fałszerstwem może prowadzić do podatności na ataki z wykorzystaniem fałszerstwa żądania międzywitrynowego. Atak z wykorzystaniem fałszerstwa żądania międzywitrynowego może wysyłać złośliwe żądania od uwierzytelnionego użytkownika do kontrolera MVC ASP.NET Core. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + Metoda {0} obsługuje żądanie {1} bez przeprowadzania weryfikacji tokenu zabezpieczającego przed fałszerstwem. Należy również upewnić się, że formularz HTML wysyła token zabezpieczający przed fałszerstwem. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + Użyj atrybutu DefaultDllImportSearchPaths dla elementów P/Invoke By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + Domyślnie elementy P/Invoke korzystające z atrybutu DllImportAttribute sondują określoną liczbę katalogów, w tym bieżący katalog roboczy biblioteki do załadowania. Może to stanowić problem z zabezpieczeniami dla pewnych aplikacji i prowadzić do przejęcia biblioteki DLL. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + Metoda {0} nie korzystała z atrybutu DefaultDllImportSearchPaths dla elementów P/Invoke. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych za pomocą klasy JavaScriptSerializer zainicjowanej z klasą SimpleTypeResolver. Upewnij się, że klasa JavaScriptSerializer jest inicjowana bez określonej klasy JavaScriptTypeResolver lub inicjowana z klasą JavaScriptTypeResolver, która ogranicza te typy obiektów na wykresie obiektu po deserializacji. + Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych za pomocą klasy JavaScriptSerializer zainicjowanej z klasą SimpleTypeResolver. Upewnij się, że klasa JavaScriptSerializer jest inicjowana bez określonej klasy JavaScriptTypeResolver lub inicjowana z klasą JavaScriptTypeResolver, która ogranicza typy obiektów na wykresie obiektu po deserializacji. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych za pomocą klasy JavaScriptSerializer zainicjowanej z klasą SimpleTypeResolver. Zainicjuj klasę JavaScriptSerializer bez określonej klasy JavaScriptTypeResolver lub zainicjuj ją z klasą JavaScriptTypeResolver, która ogranicza te typy obiektów na wykresie obiektu po deserializacji. + Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych za pomocą klasy JavaScriptSerializer zainicjowanej z klasą SimpleTypeResolver. Zainicjuj klasę JavaScriptSerializer bez określonej klasy JavaScriptTypeResolver lub zainicjuj ją z klasą JavaScriptTypeResolver, która ogranicza typy obiektów na wykresie obiektu po deserializacji. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest mało bezpieczne. W przypadku korzystania z klasy JsonSerializerSettings użyj wartości TypeNameHandling.None lub, w przypadku wartości innych niż None, użyj elementu SerializationBinder w celu ograniczenia typów deserializowanych. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + Nie używaj niezabezpieczonej klasy JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest niezabezpieczone. W przypadku korzystania z klasy JsonSerializerSettings upewnij się, że określono wartość TypeNameHandling.None lub, w przypadku wartości innych niż None, upewnij się, że określono element SerializationBinder, aby ograniczyć typy deserializowane. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Upewnij się, że klasa JsonSerializerSettings jest zabezpieczona Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + Deserializacja danych JSON, gdy używana jest wartość TypeNameHandling inna niż None, może być niebezpieczna. Jeśli zamiast tego potrzebujesz wykrywać deserializację Json.NET, gdy nie jest określona wartość SerializationBinder, wyłącz regułę CA2326 i włącz reguły CA2327, CA2328, CA2329 i CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + Deserializacja danych JSON, gdy używana jest wartość TypeNameHandling inna niż None, może być niebezpieczna. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + Nie używaj wartości TypeNameHandling innych niż None @@ -1319,7 +1319,7 @@ When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Podczas wyodrębniania plików z archiwum i używania ścieżki elementu archiwum sprawdź, czy ścieżka jest bezpieczna. Ścieżka archiwum może być ścieżką względną i może prowadzić do dostępu do systemu plików poza oczekiwaną ścieżką docelową systemu plików, prowadząc do złośliwej zmiany konfiguracji i zdalnego wykonania kodu za pomocą techniki lay-and-wait. + Podczas wyodrębniania plików z archiwum i używania ścieżki elementu archiwum sprawdź, czy ścieżka jest bezpieczna. Ścieżka archiwum może być ścieżką względną i może prowadzić do dostępu do systemu plików poza oczekiwaną ścieżką docelową systemu plików, doprowadzając do złośliwej zmiany konfiguracji i zdalnego wykonania kodu za pomocą techniki „podłóż i zaczekaj”. @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Nie koduj na stałe klucza szyfrowania SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + Właściwość .Key elementu SymmetricAlgorithm lub parametr rgbKey metody nigdy nie powinny być wartością zakodowaną na stałe. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + Znaleziono potencjalną lukę w zabezpieczeniach, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony zakodowanym na stałe kluczem z elementu „{2}” w metodzie „{3}”. diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf index 42e98fd91f..c17e2fa614 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Versões de protocolo mais antigas do TLS (protocolo TLS) são menos seguras do que TLS 1.2 e TLS 1.3, e a probabilidade de que tenham novas vulnerabilidades é maior. Evite versões de protocolo mais antigas para minimizar o risco. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + A versão do protocolo TLS '{0}' foi preterida. Use 'None' para permitir que o Sistema Operacional escolha uma versão. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + Não usar valores de SslProtocols preteridos @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Não usar aleatoriedade não segura {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} é um gerador de números aleatórios inseguro. Usar geradores de números aleatórios criptograficamente seguros quando a aleatoriedade for necessária para segurança Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + O uso de um gerador de números pseudoaleatórios criptograficamente fraco pode permitir que um invasor preveja qual valor de segurança confidencial será gerado. Use um gerador de números aleatórios criptograficamente forte se for necessário um valor imprevisível ou garanta que os números pseudoaleatórios fracos não sejam usados de uma maneira sensível à segurança. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Não usar valor DllImportSearchPath não seguro There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + Pode haver uma DLL mal-intencionada nos diretórios de pesquisa de DLL padrão. Ou, dependendo do local de onde o seu aplicativo é executado, pode haver uma DLL mal-intencionada no diretório do aplicativo. Em vez disso, use um valor de DllImportSearchPath que especifique um caminho de pesquisa explícito. Os sinalizadores DllImportSearchPath pelos quais esta regra procura podem ser configurados em .editorconfig. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Uso de valor DllImportSearchPath não seguro {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + As versões atuais do protocolo TLS poderão ser preteridas se forem localizadas vulnerabilidades. Evite codificar valores de SslProtocols para manter o seu aplicativo seguro. Use 'None' para permitir que o Sistema Operacional escolha uma versão. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Evite codificar SslProtocols '{0}' para garantir que o seu aplicativo permaneça seguro no futuro. Use 'None' para permitir que o Sistema Operacional escolha uma versão. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Evitar valores SslProtocols codificados When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar a desserialização por JsonSerializer, use TypeNameHandling.None ou, para valores diferentes de None, restrinja os tipos desserializados com um SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + Não desserializar com JsonSerializer usando uma configuração insegura When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar a desserialização por JsonSerializer, use TypeNameHandling.None ou, para valores diferentes de None, restrinja os tipos desserializados com um SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Verificar se JsonSerializer tem uma configuração segura durante a desserialização + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Atributo HttpVerb ignorado para métodos de ação All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Todos os métodos que criam, editam, excluem ou modificam de qualquer forma os dados fazem isso na sobrecarga [HttpPost] do método, que precisa ser protegida com o atributo antifalsificação contra a falsificação de solicitações. A execução de uma operação GET deve ser uma operação segura que não tenha efeitos colaterais e não modifique os seus dados persistentes. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + O método de ação {0} precisa especificar explicitamente o tipo de solicitação HTTP @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + Definir HttpOnly como true para HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + Como medida de defesa completa, verifique se os cookies HTTP confidenciais de segurança estão marcados como HttpOnly. Isso indica que os navegadores da Web devem impedir que os scripts acessem os cookies. Scripts mal-intencionados injetados são uma maneira comum de roubar cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie.HttpOnly está definido como false ou não foi definido durante o uso de um HttpCookie. Verifique se os cookies confidenciais de segurança estão marcados como HttpOnly para impedir que scripts mal-intencionados roubem os cookies @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Usar tokens antifalsificação em controladores MVC do ASP.NET Core Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + A manipulação de uma solicitação de POST, PUT, PATCH ou DELETE sem a validação de um token antifalsificação pode ser vulnerável a ataques de falsificação de solicitações intersite. Um ataque de falsificação de solicitações intersite pode enviar solicitações mal-intencionadas de um usuário autenticado para o seu controlador MVC ASP.NET Core. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + O método {0} lida com uma solicitação de {1} sem executar a validação de token antifalsificação. Também é necessário garantir que o seu formulário em HTML envie um token antifalsificação. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + Use o atributo DefaultDllImportSearchPaths para P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + Por padrão, P/Invokes que usam DllImportAttribute investigam diversos diretórios, incluindo o diretório de trabalho atual, para a biblioteca carregar. Isso pode ser um problema de segurança para determinados aplicativos, levando ao sequestro de DLL. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + O método {0} não usou o atributo DefaultDllImportSearchPaths para P/Invokes. @@ -749,7 +749,7 @@ Dispose methods should call base class dispose - Os métodos Dispose devem chamar o descarte da classe base + Métodos Dispose devem chamar o descarte da classe base @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização dos dados não confiáveis com um JavaScriptSerializer inicializado com um SimpleTypeResolver. Verifique se o JavaScriptSerializer é inicializado sem um JavaScriptTypeResolver especificado ou inicializado com um JavaScriptTypeResolver que limita aqueles tipos de objetos no grafo de objeto desserializado. + O método '{0}' não é seguro durante a desserialização de dados não confiáveis com um JavaScriptSerializer inicializado com um SimpleTypeResolver. Verifique se o JavaScriptSerializer é inicializado sem um JavaScriptTypeResolver especificado ou inicializado com um JavaScriptTypeResolver que limita os tipos de objetos no gráfico de objeto desserializado. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização dos dados não confiáveis com um JavaScriptSerializer inicializado com um SimpleTypeResolver. Inicialize o JavaScriptSerializer sem um JavaScriptTypeResolver especificado ou inicialize-o com um JavaScriptTypeResolver que limita aqueles tipos de objetos no grafo de objeto desserializado. + O método '{0}' não é seguro durante a desserialização de dados não confiáveis com um JavaScriptSerializer inicializado com um SimpleTypeResolver. Inicialize o JavaScriptSerializer sem um JavaScriptTypeResolver especificado ou inicialize com um JavaScriptTypeResolver que limita os tipos de objetos no gráfico de objeto desserializado. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar JsonSerializerSettings, use TypeNameHandling.None ou, para valores diferentes de None, restrinja os tipos desserializados com um SerializationBinder. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + Não use JsonSerializerSettings não seguro When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar JsonSerializerSettings, verifique se TypeNameHandling.None está especificado ou, para valores diferentes de None, verifique se um SerializationBinder está especificado para restringir tipos desserializados. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Verifique se os JsonSerializerSettings são seguros Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + A desserialização do JSON ao usar um valor TypeNameHandling diferente de None pode não ser segura. Se você precisar detectar a desserialização do Json.NET quando um SerializationBinder não for especificado, desabilite a regra CA2326 e habilite as regras CA2327, CA2328, CA2329 e CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + A desserialização do JSON ao usar um valor TypeNameHandling diferente de None pode não ser segura. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + Não use valores TypeNameHandling diferentes de None @@ -1319,7 +1319,7 @@ When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Ao extrair arquivos de um arquivo morto e usar o caminho do item de arquivo morto, verifique se o caminho é seguro. O caminho do arquivo morto pode ser relativo e levar ao acesso ao sistema de arquivos fora do caminho de destino do sistema de arquivos esperado, causando alterações maliciosas na configuração e a execução remota de código por meio da técnica de espera passiva. + Ao extrair arquivos de um arquivo morto e usar o caminho do item do arquivo morto, verifique se o caminho é seguro. O caminho do arquivo morto pode ser relativo e levar ao acesso ao sistema de arquivos fora do caminho de destino do sistema de arquivos esperado, causando alterações mal-intencionadas de configuração e execução remota de código por meio da técnica de espera passiva. @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Não Codificar a Chave de Criptografia SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + A propriedade .Key de SymmetricAlgorithm ou o parâmetro rgbKey de um método nunca devem ser um valor codificado. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + Foi localizada uma possível vulnerabilidade de segurança na qual '{0}' no método '{1}' pode ter sido afetado pela chave codificada de '{2}' no método '{3}' diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf index e650d0e57b..9bc0c7c452 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Более старые версии протокола TLS менее безопасны, чем TLS 1.2 и TLS 1.3 и скорее всего имеют новые уязвимости. Избегайте использования ранних версий протокола, чтобы минимизировать риски. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + Версия протокола TLS "{0}" является устаревшей. Используйте "None", чтобы операционная система самостоятельно выбрала версию протокола. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + Не используйте устаревшие значения параметра SslProtocols @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Не используйте небезопасные генераторы случайных чисел. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} является небезопасным генератором случайных чисел. Если случайные числа требуются для обеспечения безопасности, используйте криптографически безопасные генераторы случайных чисел. Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + Использование криптографически слабого генератора псевдослучайных чисел может позволить злоумышленнику предсказать, какое значение, чувствительное к безопасности, будет создаваться. Используйте криптографически надежный генератор случайных чисел, если требуется непрогнозируемое значение, или убедитесь, что слабые псевдослучайные числа не используются для обеспечения безопасности. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Не используйте небезопасное значение DllImportSearchPath. There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + В каталогах поиска DLL по умолчанию может присутствовать вредоносная библиотека DLL. Или в зависимости от места запуска приложения вредоносная библиотека DLL может присутствовать в каталоге приложения. Вместо этого используйте значение DllImportSearchPath, определяющее путь поиска явным образом. Флаги DllImportSearchPath, поиск которых осуществляет это правило, могут быть настроены в файле EDITORCONFIG. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Использование небезопасного значения DllImportSearchPath {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Текущие версии протокола TLS могут стать нерекомендуемыми при обнаружении уязвимостей. Не следует жестко задавать значения параметра SslProtocols, чтобы в будущем приложение также оставалось безопасным. Используйте значение "None", чтобы операционная система самостоятельно выбрала версию протокола. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Не следует жестко задавать значение параметра SslProtocols "{0}", чтобы в будущем приложение также оставалось безопасным. Используйте значение "None", чтобы операционная система самостоятельно выбрала версию протокола. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Не следует жестко задавать значение параметра SslProtocols When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + При десериализации ненадежных входных данных разрешать десериализацию произвольных типов небезопасно. При использовании десериализации JsonSerializer укажите TypeNameHandling.None, а для значений, отличных от None, ограничьте десериализованные типы с помощью SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + Не выполняйте десериализацию с JsonSerializer при использовании небезопасной конфигурации When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + При десериализации ненадежных входных данных разрешать десериализацию произвольных типов небезопасно. При использовании десериализации JsonSerializer укажите TypeNameHandling.None, а для значений, отличных от None, ограничьте десериализованные типы с помощью SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Убедитесь, что конфигурация JsonSerializer является безопасной при десериализации. + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Отсутствует атрибут HttpVerb для методов действия. All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Все методы, которые создают, изменяют, удаляют или иным образом модифицируют данные, делают это в перегрузке [HttpPost] метода, которую необходимо защитить от подделки запроса с помощью атрибута для защиты от подделки. Выполнение операции GET должно быть безопасным, не должно иметь побочных эффектов и не должно изменять сохраненные данные. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + В методе действия {0} необходимо указать тип HTTP-запроса явным образом. @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + Установите для параметра HttpOnly объекта HttpCookie значение true As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + В качестве меры углубленной защиты убедитесь, что файлы cookie HTTP с конфиденциальной информацией о безопасности помечены как HttpOnly. Это означает, что веб-браузеры должны запретить сценариям доступ к файлам cookie. Внедрение вредоносных сценариев является распространенным способом кражи файлов cookie. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie.HttpOnly имеет значение false или значение не задано при использовании HttpCookie. Убедитесь, что файлы cookie с конфиденциальными сведениями безопасности помечены как HttpOnly, чтобы избежать кражи файлов cookie вредоносными сценариями. @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + Используйте маркеры для защиты от подделки в контроллерах MVC ASP.NET Core. Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + Обработка запроса POST, PUT, PATCH или DELETE без проверки маркера для защиты от подделки может стать уязвимой для атак с использованием подделки межсайтовых запросов. Атаки с использованием подделки межсайтовых запросов позволяют отправлять вредоносные запросы от пользователя, прошедшего проверку подлинности, в контроллер MVC ASP.NET Core. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + Метод {0} обрабатывает запрос {1} без проверки маркера для защиты от подделки. Также убедитесь в том, что HTML-форма отправляет маркер для защиты от подделки. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + Используйте атрибут DefaultDllImportSearchPaths для P/Invokes. By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + По умолчанию P/Invokes, использующий атрибут DllImportAttribute, проверяет наличие загружаемой библиотеки в нескольких каталогах, включая рабочий каталог. Это может быть проблемой безопасности для некоторых приложений и привести к захвату DLL. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + Метод {0} не использовал атрибут DefaultDllImportSearchPaths для P/Invokes. @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных с помощью JavaScriptSerializer, который был инициализирован с указанием SimpleTypeResolver. Убедитесь, что JavaScriptSerializer был инициализирован без указания JavaScriptTypeResolver или с указанием JavaScriptTypeResolver, который ограничивает типы объектов в десериализованном графе объектов. + Метод "{0}" является небезопасным при десериализации ненадежных данных с помощью JavaScriptSerializer, который был инициализирован с указанием SimpleTypeResolver. Убедитесь, что JavaScriptSerializer был инициализирован без указания JavaScriptTypeResolver или с указанием JavaScriptTypeResolver, который ограничивает типы объектов в десериализованном графе объектов. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных с помощью JavaScriptSerializer, который был инициализирован с указанием SimpleTypeResolver. Инициализируйте JavaScriptSerializer без указания JavaScriptTypeResolver или с указанием JavaScriptTypeResolver, который ограничивает типы объектов в десериализованном графе объектов. + Метод "{0}" является небезопасным при десериализации ненадежных данных с помощью JavaScriptSerializer, который был инициализирован с указанием SimpleTypeResolver. Инициализируйте JavaScriptSerializer без указания JavaScriptTypeResolver или с указанием JavaScriptTypeResolver, который ограничивает типы объектов в десериализованном графе объектов. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + При десериализации ненадежных входных данных разрешение десериализации произвольных типов является небезопасным. При использовании JsonSerializerSettings укажите TypeNameHandling.None, а для значений, отличных от None, ограничьте десериализованные типы с помощью SerializationBinder. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + Не используйте небезопасный JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + При десериализации ненадежных входных данных разрешение десериализации произвольных типов является небезопасным. При использовании JsonSerializerSettings убедитесь, что указан TypeNameHandling.None, а для значений, отличных от None, убедитесь, что указан SerializationBinder для ограничения десериализованных типов. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + Убедитесь, что JsonSerializerSettings безопасны. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + Десериализация JSON при использовании значения TypeNameHandling, отличного от "None", может быть небезопасной. Если необходимо обнаружить десериализацию Json.NET в том случае, если SerializationBinder не указан, отключите правило CA2326 и включите правила CA2327, CA2328, CA2329 и CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + Десериализация JSON при использовании значения TypeNameHandling, отличного от "None", может быть небезопасной. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + Не используйте значения TypeNameHandling, отличные от "None" @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Не используйте жестко заданный ключ шифрования. SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + Свойство .Key симметричного алгоритма и параметр rgbKey метода не могут быть жестко заданными значениями. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + Обнаружена потенциальная уязвимость безопасности, заключающаяся в том, что "{0}" в методе "{1}" может быть изменен с использованием жестко заданного ключа из "{2}" в методе "{3}". diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf index 31263ad544..88cb75f965 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + Aktarım Katmanı Güvenliği'nin (TLS) eski protokol sürümleri TLS 1.2 ve TLS 1.3'ten daha az güvenli olduğundan yeni güvenlik açıkları oluşma olasılığı daha yüksektir. Riski en aza indirmek için eski protokol sürümlerini kullanmaktan kaçının. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + Aktarım Katmanı Güvenliği protokol sürümü '{0}' kullanımdan kaldırılmış. İşletim Sistemi'nin sürüm seçmesine izin vermek için 'Yok' seçeneğini belirleyin. Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + Kullanımdan kaldırılmış SslProtocols değerlerini kullanma @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + Güvenli olmayan rastgelelik kullanmayın {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0}, güvenli olmayan bir rastgele sayı üreticidir. Güvenlik için rastgelelik gerekli olduğundan şifreli olarak güvenli rastgele sayı üreticileri kullanın Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + Şifreleme açısından zayıf olan bir boş rastgele sayı oluşturucu kullanmak, saldırganın, oluşturulacak güvenlik açısından hassas değeri tahmin etmesine olanak sağlayabilir. Tahmin edilemeyen bir değer gerekiyorsa şifreleme açısından güçlü bir rastgele sayı oluşturucuyu kullanın veya zayıf boş rastgele sayıların güvenlik gerektiren işlemlerde kullanılmadığından emin olun. Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + Güvenli olmayan DllImportSearchPath değeri kullanmayın There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + Varsayılan arama dizinlerinde zararlı bir DLL olabilir veya uygulamanızın çalıştığı konuma bağlı olarak uygulama dizininde zararlı bir DLL olabilir. Bunun yerine açık bir arama yolu belirten DllImportSearchPath değeri kullanın. Bu kuralın aradığı DllImportSearchPath bayrakları .editorconfig içinde yapılandırılabilir. Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + Güvenli olmayan DllImportSearchPath değeri {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + Güvenlik açıkları bulunursa, geçerli Aktarım Katmanı Güvenliği protokol sürümleri kullanımdan kaldırılmış olabilir. Uygulamanızın güvenliğini sağlamak için sabit kodlanmış SslProtocols değerleri kullanmaktan kaçının. İşletim Sisteminin bir sürüm seçmesi için 'Yok' seçeneğini belirleyin. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + Uygulamanızın ileride de güvenli kalmasını sağlamak için sabit kodlanmış SslProtocols '{0}' kullanmaktan kaçının. İşletim Sisteminin bir sürüm seçmesi için 'Yok' seçeneğini belirleyin. Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + Sabit kodlanmış SslProtocols değerlerinden kaçının When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Güvenilmeyen girişler seri durumdan çıkarılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializer seri durumdan çıkarılırken TypeNameHandling.None kullanın veya Hiçbiri dışındaki değerler için, SerializationBinder ile seri durumdan çıkarılan türleri kısıtlayın. Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + Güvenli olmayan yapılandırma kullanarak JsonSerializer ile seri durumdan kaldırmayın When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Güvenilmeyen girişler seri durumdan çıkarılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializer seri durumdan çıkarılırken TypeNameHandling.None kullanın veya Hiçbiri dışındaki değerler için, SerializationBinder ile seri durumdan çıkarılan türleri kısıtlayın. Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + Seri durumdan kaldırırken JsonSerializer'ın güvenli yapılandırmaya sahip olduğundan emin olun + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + Eylem metotları için HttpVerb özniteliği eksik All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + Metodun [HttpPost] aşırı yüklemesinde verileri oluşturan, düzenleyen, silen veya değiştiren tüm metotların, istek sahteciliğine karşı sahteciliğe karşı koruma özniteliği ile korunması gerekir. GET işlemi, yan etki içermeyen ve kalıcı verilerinizi değiştirmeyen güvenli bir işlem olmalıdır. Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + Eylem metodu {0} için HTTP isteği türünün açık olarak belirtilmesi gerekir @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + HttpCookie için HttpOnly'yi true olarak ayarlayın As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + Derinlik ölçümü savunması olarak, güvenlik açısından önemli HTTP tanımlama bilgilerinin HttpOnly biçiminde işaretlendiğinden emin olun. Bu, web tarayıcılarının betiklerin tanımlama bilgilerine erişmesini engelleyeceğini belirtir. Eklenmiş kötü amaçlı betikler, tanımlama bilgilerini çalmak için kullanılan yaygın bir yoldur. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + HttpCookie kullanılırken HttpCookie.HttpOnly false olarak ayarlandı veya hiç ayarlanamadı. Kötü amaçlı betiklerin tanımlama bilgilerini çalmasını engellemek için, güvenlik açısından önemli tanımlama bilgilerinin HttpOnly olarak işaretlendiğinden emin olun @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + ASP.NET Core MVC denetleyicilerinde sahtecilik önleme belirteçleri kullanın Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + POST, PUT, PATCH veya DELETE isteğini sahtecilik önleme belirtecini doğrulamadan işlemek, sizi siteler arası istek sahteciliği saldırılarına karşı savunmasız bırakır. Siteler arası istek sahteciliği saldırısı, kimliği doğrulanmamış kullanıcıdan ASP.NET Core MVC denetleyicinize kötü amaçlı istekler gönderebilir. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + {0} metodu, {1} isteğini sahtecilik önleme belirtecini doğrulamadan işler. Ayrıca HTML formunuzun sahtecilik önleme belirteci gönderdiğinden emin olmanız gerekir. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + P/Invokes için DefaultDllImportSearchPaths özniteliğini kullan By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + DllImportAttribute kullanan P/Invokesusing varsayılan olarak, yüklenecek kitaplığın geçerli çalışma dizini de dahil olmak üzere birkaç dizini araştırır. Bu, belirli uygulamalar için DLL'nin ele geçirilmesine yol açan bir güvenlik sorunu olabilir. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + {0} metodu P/Invokes için DefaultDllImportSearchPaths özniteliğini kullanmadı. @@ -749,7 +749,7 @@ Dispose methods should call base class dispose - Dispose metotları Dispose temel sınıfını çağırmalıdır + Atma yöntemleri taban sınıf atmayı çağırmalıdır @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - '{0}' metodu, SimpleTypeResolver ile başlatılmış bir JavaScriptSerializer ile güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. JavaScriptSerializer'ın JavaScriptTypeResolver belirtilmeden başlatıldığından veya seri durumdan çıkarılan nesne grafındaki nesne türlerini sınırlayan bir JavaScriptTypeResolver ile başlatıldığından emin olun. + '{0}' metodu, SimpleTypeResolver ile başlatılmış bir JavaScriptSerializer ile güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. JavaScriptSerializer'ın JavaScriptTypeResolver belirtilmeden başlatıldığından veya seri durumdan çıkarılan nesne grafındaki nesne türlerini sınırlayan bir JavaScriptTypeResolver ile başlatıldığından emin olun. @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - '{0}' metodu, SimpleTypeResolver ile başlatılmış bir JavaScriptSerializer ile güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. JavaScriptSerializer'ı JavaScriptTypeResolver belirtilmeden başlatın veya seri durumdan çıkarılan nesne grafındaki nesne türlerini sınırlayan bir JavaScriptTypeResolver ile başlatın. + '{0}' metodu, SimpleTypeResolver ile başlatılmış bir JavaScriptSerializer ile güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. JavaScriptSerializer'ı JavaScriptTypeResolver belirtilmeden başlatın veya seri durumdan çıkarılan nesne grafındaki nesne türlerini sınırlayan bir JavaScriptTypeResolver ile başlatın. @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + Güvenilmeyen girişler seri durumdan kaldırılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializerSettings kullanılırken, TypeNameHandling.None kullanın veya Hiçbiri dışındaki değerler için, SerializationBinder ile seri durumda çıkarılan türleri kısıtlayın. Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + Güvenli olmayan JsonSerializerSettings kullanmayın When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + Güvenilmeyen girişler seri durumdan kaldırılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializerSettings kullanılırken, TypeNameHandling.None belirtildiğinden veya Hiçbiri dışındaki değerler için, seri durumda çıkarılan türleri kısıtlamak için SerializationBinder belirtildiğinden emin olun. Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + JsonSerializerSettings'in güvenli olduğundan emin olun Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + None dışında bir TypeNameHandling değeri kullanılırken JSON'nin seri durumundan çıkarılması güvenli olmayabilir. SerializationBinder belirtilmediğinde, Json.NET'in seri durumundan çıkarılmasının algılanması gerekiyorsa, CA2326 kuralını devre dışı bırakıp CA2327, CA2328, CA2329 ve CA2330 kurallarını etkinleştirin. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + None dışında bir TypeNameHandling değeri kullanılırken JSON'nin seri durumundan çıkarılması güvenli olmayabilir. Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + None dışında bir TypeNameHandling değeri kullanmayın @@ -1319,7 +1319,7 @@ When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Bir arşivden dosya ayıklarken ve arşiv öğesinin yolunu kullanırken yolun güvenli olup olmadığını denetleyin. Arşiv yolu göreli olabilir ve beklenen dosya sistemi hedef yolunun dışında bir dosya sistemine yönlendirerek düzenleme ve bekleme tekniği aracılığıyla kötü amaçlı değişikliklere ve uzaktan kod yürütmeye yol açabilir. + Bir arşivden dosya ayıklarken ve arşiv öğesinin yolunu kullanırken yolun güvenli olup olmadığını denetleyin. Arşiv yolu göreli olabilir ve beklenen dosya sistemi hedef yolunun dışında bir dosya sistemi erişimine yönlendirebilir. Bu durum, düzenleme ve bekleme tekniği aracılığıyla kötü amaçlı yapılandırma değişikliklerine ve uzaktan kod yürütmeye yol açabilir. @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + Şifreleme Anahtarını Sabit Kodlama SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + SymmetricAlgorithm'in .Key özelliği veya bir metodun rgbKey parametresi hiçbir zaman sabit kodlanmış bir değer olamaz. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + '{1}' metodundaki '{0}' öğesinin, '{3}' metodundaki '{2}' öğesinde bulunan sabit kodlanmış anahtar nedeniyle zarar görmüş olabileceği olası güvenlik açığı bulundu. @@ -1599,7 +1599,7 @@ {0} created with a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password - {0} zayıf bir karma algoritmasıyla oluşturuldu. Bir paroladan güçlü bir anahtar oluşturmak için SHA256, SHA384 veya SHA512 kullanın + {0} zayıf bir karma algoritmasıyla oluşturuldu. Paroladan güçlü bir anahtar oluşturmak için SHA256, SHA384 veya SHA512 kullanın diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf index 5c27caf2d3..82e7314aaf 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + 旧协议版本的传输层安全性(TLS)不如 TLS 1.2 和 TLS 1.3 安全,更有可能存在新的漏洞。请避免使用旧协议版本,以将风险降至最低。 Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + 传输层安全协议版本“{0}”已被弃用。请使用“无”,让操作系统选择一个版本。 Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + 请勿使用已弃用的 SslProtocols 值 @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + 请勿使用不安全的随机性 {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} 是不安全的随机数生成器。当需要随机性以确保安全性时,请使用加密的安全随机数生成器 Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + 使用加密的弱伪随机数生成器,攻击者可以预测将生成何种安全敏感值。如果需要不可预测的值,请使用加密的强随机数生成器,或确保不以安全敏感的方式使用弱伪随机数。 Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + 请勿使用不安全的 DllImportSearchPath 值 There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + 默认 DLL 搜索目录中可能有恶意 DLL。或者,根据应用程序的运行位置,应用程序的目录中可能有恶意 DLL。请改为使用指定显式搜索路径的 DllImportSearchPath 值。可在 .editorconfig 中配置此规则查找的 DllImportSearchPath 标志。 Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + 使用了不安全的 DllImportSearchPath 值 {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + 如果发现漏洞,则当前传输层安全协议版本可能会被弃用。请避免硬编码 SslProtocols 值,以确保应用程序安全。请使用“无”,让操作系统选择一个版本。 Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + 请避免硬编码 SslProtocols“{0}”,以确保应用程序在将来保持安全。请使用“无”,让操作系统选择一个版本。 Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + 避免硬编码的 SslProtocols 值 When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用反序列化 JsonSerializer 时,请使用 TypeNameHandling.None;对于“无”以外的值,请使用 SerializationBinder 限制反序列化的类型。 Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + 请勿使用不安全的配置对 JsonSerializer 进行反序列化 When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用反序列化 JsonSerializer 时,请使用 TypeNameHandling.None;对于“无”以外的值,请使用 SerializationBinder 限制反序列化的类型。 Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + 请确保在反序列化时 JsonSerializer 具有安全配置 + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + 缺少操作方法的 HttpVerb 属性 All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + 创建、编辑、删除或以其他方式修改数据的所有方法都在方法的 [HttpPost] 重载中执行,这需要使用来自请求伪造的防伪造属性来保护。执行 GET 操作应是不具有任何副作用且不会修改永久性数据的安全操作。 Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + 操作方法 {0} 需要显式指定 Http 请求类型 @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + 将 HttpCookie 的 HttpOnly 设置为 true As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + 作为深度防御措施,请确保将安全敏感的 HTTP cookie 标记为 HttpOnly。这表示 Web 浏览器应禁止脚本访问 cookie。注入的恶意脚本是窃取 cookie 的常用方法。 HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + 使用 HttpCookie 时,HttpCookie.HttpOnly 被设置为 false 或根本不设置。请确保安全敏感的 cookie 标记为 HttpOnly,以防止恶意脚本窃取 cookie @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + 在 ASP.NET Core MVC 控制器中使用防伪造令牌 Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + 在未验证防伪造令牌的情况下处理 POST、PUT、PATCH 或 DELETE 请求可能易受跨站点请求伪造攻击。跨站点请求伪造攻击可将来自已通过身份验证的用户的恶意请求发送到 ASP.NET Core MVC 控制器。 Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + 方法 {0} 在不执行防伪造令牌验证的情况下处理 {1} 请求。你还需要确保 HTML 窗体发送防伪造令牌。 Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + 对 P/Invoke 使用 DefaultDllImportSearchPaths 属性 By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + 默认情况下,使用 DllImportAttribute 探测的 P/Invoke 包含许多目录,包括要加载的库的当前工作目录。对于某些应用程序,这可能是一个安全问题,它会导致 DLL 劫持。 The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + 方法 {0} 未对 P/Invoke 使用 DefaultDllImportSearchPaths 属性。 @@ -589,7 +589,7 @@ Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - 频率较高的定期活动会使 CPU 处于繁忙状态并且干扰具有节能功能(关闭显示器和硬盘)的空闲计时器。 + 频率较高的定期活动会使 CPU 处于忙状态并且干扰具有节能功能(关闭显示器和硬盘)的空闲计时器。 @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 使用通过 SimpleTypeResolver 初始化的 JavaScriptSerializer 反序列化不可信数据时,{0} 方法不安全。请确保初始化 JavaScriptSerializer 但不指定 JavaScriptTypeResolver,或使用限制为反序列化对象图形中的对象类型的 JavaScriptTypeResolver 初始化该对象。 + 使用通过 SimpleTypeResolver 初始化的 JavaScriptSerializer 反序列化不可信数据时,{0} 方法不安全。请确保初始化 JavaScriptSerializer 但不指定 JavaScriptTypeResolver,或使用限制为反序列化对象图形中的对象类型的 JavaScriptTypeResolver 初始化该对象。 @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 使用通过 SimpleTypeResolver 初始化的 JavaScriptSerializer 反序列化不可信数据时,{0} 方法不安全。请初始化 JavaScriptSerializer 但不指定 JavaScriptTypeResolver,或使用限制为反序列化对象图形中的对象类型的 JavaScriptTypeResolver 初始化该对象。 + 使用通过 SimpleTypeResolver 初始化的 JavaScriptSerializer 反序列化不可信数据时,{0} 方法不安全。请初始化 JavaScriptSerializer 但不指定 JavaScriptTypeResolver,或使用限制为反序列化对象图形中的对象类型的 JavaScriptTypeResolver 初始化该对象。 @@ -1049,37 +1049,37 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用 JsonSerializerSettings 时,请使用 TypeNameHandling.None;对于不是“无”的值,请使用 SerializationBinder 限制反序列化的类型。 Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + 请勿使用不安全的 JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用 JsonSerializerSettings 时,请确保已指定 TypeNameHandling.None;对于不是“无”的值,请确保指定了 SerializationBinder 来限制反序列化的类型。 Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + 请确保 JsonSerializerSetting 是安全的 Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + 使用“无”以外的 TypeNameHandling 值时,进行 JSON 反序列化可能不安全。如需在未指定 SerializationBinder 时检测 Json.NET 反序列化,请禁用规则 CA2326 并启用规则 CA2327、CA2328、CA2329 和 CA2330。 Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + 使用“无”以外的 TypeNameHandling 值时,进行 JSON 反序列化可能不安全。 Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + 请勿使用“无”以外的 TypeNameHandling 值 @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + 请勿硬编码加密密钥 SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + SymmetricAlgorithm 的 .Key 属性或方法的 rgbKey 参数永远都不得是硬编码值。 Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + 找到了潜在安全漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的硬编码密钥污染。 diff --git a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf index 07fef6de5a..0c8fcebcc9 100644 --- a/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf +++ b/src/Microsoft.NetCore.Analyzers/Core/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf @@ -4,17 +4,17 @@ Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. + 較舊的通訊協定版本的傳輸層安全性 (TLS) 比 TLS 1.2 和 TLS 1.3 不安全,而且更可能有新的弱點。請避免較舊的通訊協定版本,以將風險降至最低。 Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. + 傳輸層安全性通訊協定版本 '{0}' 已淘汰。請使用 'None' 讓作業系統選擇版本。 Do not use deprecated SslProtocols values - Do not use deprecated SslProtocols values + 不要使用已淘汰的 SslProtocols 值 @@ -64,92 +64,92 @@ Do not use insecure randomness - Do not use insecure randomness + 不要使用不安全的隨機性 {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security - {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security + {0} 是不安全的亂數產生器。當安全性需要隨機性時,使用密碼編譯亂數產生器 Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. - Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security sensitive manner. + 使用密碼編譯弱式虛擬亂數產生器,可能會讓攻擊者預測產生的安全性敏感性值。請在需要無法預測的值,或是要確保非以安全性敏感性方式使用弱式虛擬亂數時,使用密碼編譯強式亂數產生器。 Do not use unsafe DllImportSearchPath value - Do not use unsafe DllImportSearchPath value + 不要使用不安全的 DllImportSearchPath 值 There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. + 預設 DLL 搜尋目錄中可能有惡意的 DLL。或者,視應用程式的執行位置而定,應用程式的目錄中可能有惡意的 DLL。請改用指定明確搜尋路徑的 DllImportSearchPath 值。此規則尋找的 DllImportSearchPath 旗標可在 .editorconfig 中設定。 Use of unsafe DllImportSearchPath value {0} - Use of unsafe DllImportSearchPath value {0} + 使用不安全的 DllImportSearchPath 值 {0} Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. + 若發現弱點,則目前的傳輸層安全性通訊協定版本可能會受到淘汰。請避免硬式編碼 SslProtocols 值來確保應用程式安全。請使用 'None' 讓作業系統選擇版本。 Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. + 請避免硬式編碼 SslProtocols '{0}',以確保應用程式在未來的安全性。請使用 'None' 讓作業系統選擇版本。 Avoid hardcoded SslProtocols values - Avoid hardcoded SslProtocols values + 避免硬式編碼 SslProtocols 值 When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用還原序列化 JsonSerializer 時,請使用 TypeNameHandling.None,或對 None 以外的值使用 SerializationBinder 來限制還原序列化類型。 Do not deserialize with JsonSerializer using an insecure configuration - Do not deserialize with JsonSerializer using an insecure configuration + 不要使用不安全的組態以 JsonSerializer 還原序列化 When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用還原序列化 JsonSerializer 時,請使用 TypeNameHandling.None,或對 None 以外的值使用 SerializationBinder 來限制還原序列化類型。 Ensure that JsonSerializer has a secure configuration when deserializing - Ensure that JsonSerializer has a secure configuration when deserializing + 還原序列化時,請確認 JsonSerializer 有安全的組態 + + + + Ensure HttpClient certificate revocation list check is not disabled + Ensure HttpClient certificate revocation list check is not disabled + + + + HttpClient may be created without enabling CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Miss HttpVerb attribute for action methods - Miss HttpVerb attribute for action methods + 缺少動作方法的 HttpVerb 屬性 All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. + 建立、編輯、刪除或修改資料的所有方法,都會在方法的 [HttpPost] 多載中進行,其需要由反偽造屬性保護免受偽造要求侵害。執行 GET 作業是安全的操作,沒有任何副作用且不會修改保存的資料。 Action method {0} needs to specify the Http request kind explictly - Action method {0} needs to specify the Http request kind explictly - - - - Ensure HttpClient certificate revocation list check is not disabled - Ensure HttpClient certificate revocation list check is not disabled - - - - HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient may be created without enabling CheckCertificateRevocationList + 動作方法 {0} 必須明確指定 Http 要求類型 @@ -224,17 +224,17 @@ Set HttpOnly to true for HttpCookie - Set HttpOnly to true for HttpCookie + 針對 HttpCookie 將 HttpOnly 設為 true As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. + 請確保安全性敏感性 HTTP Cookie 已標記為 HttpOnly,以防止全面性的測量。這代表 Web 瀏覽器應禁止指令碼存取 Cookie。插入的惡意指令碼是竊取 Cookie 的常見方式。 HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies + 使用 HttpCookie 時,HttpCookie.HttpOnly 設為 false 或完全未設定。請確保安全性敏感性 Cookie 已標記為 HttpOnly,以避免惡意指令碼竊取 Cookie。 @@ -269,32 +269,32 @@ Use antiforgery tokens in ASP.NET Core MVC controllers - Use antiforgery tokens in ASP.NET Core MVC controllers + 使用 ASP.NET Core MVC 控制器中的 antiforgery 權杖 Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. + 在不驗證 antiforgery 權杖的情況下處理 POST、PUT、PATCH 或 DELETE 要求,可能會容易受到跨站台偽造要求攻擊。跨站台偽造要求攻擊可將惡意要求從已驗證的使用者傳送到 ASP.NET Core MVC 控制器。 Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. + 方法 {0} 會在不驗證 antiforgery 權杖的情況下處理 {1} 要求。您也必須確保 HTML 表單傳送 antiforgery 權杖。 Use DefaultDllImportSearchPaths attribute for P/Invokes - Use DefaultDllImportSearchPaths attribute for P/Invokes + 針對 P/Invoke 使用 DefaultDllImportSearchPaths 屬性 By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. + 根據預設,使用 DllImportAttribute 的 P/Invoke 會探查許多目錄,包括目前正在運作的目錄以供程式庫載入。這可能成為部分應用程式的安全性問題,導致 DLL 劫持。 The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. + 方法 {0} 未針對 P/Invoke 使用 DefaultDllImportSearchPaths 屬性。 @@ -1004,12 +1004,12 @@ The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - 還原序列化不受信任的資料時,方法 '{0}' 不安全。如果您需要改為偵測 BinaryFormatter 還原序列化,而不想要設定 SerializationBinder,則請停用規則 CA2300,並啟用規則 CA2301 和 CA2302。 + 將不受信任的資料還原序列化時,方法 '{0}' 不安全。如果您需要改為偵測 BinaryFormatter 還原序列化,而不想要設定 SerializationBinder,則請停用規則 CA2300,並啟用規則 CA2301 和 CA2302。 The method '{0}' is insecure when deserializing untrusted data. - 還原序列化不受信任的資料時,方法 '{0}' 不安全。 + 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 @@ -1029,7 +1029,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 若使用以 SimpleTypeResolver 初始化的 JavaScriptSerializer 來將未受信任的資料還原序列化,方法 '{0}' 會不安全。請確認 JavaScriptSerializer 在初始化時未指定 JavaScriptTypeResolver,或使用在還原序列化物件圖形中限制該物件類型的 JavaScriptTypeResolver。 + 若使用以 SimpleTypeResolver 初始化的 JavaScriptSerializer 來將未受信任的資料還原序列化,方法 '{0}' 會不安全。請確認 JavaScriptSerializer 在初始化時未指定 JavaScriptTypeResolver,或使用在還原序列化物件圖形中限制該物件類型的 JavaScriptTypeResolver。 @@ -1039,7 +1039,7 @@ The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 若使用以 SimpleTypeResolver 初始化的 JavaScriptSerializer 來將未受信任的資料還原序列化,方法 '{0}' 會不安全。請在未指定 JavaScriptTypeResolver 的情況下將 JavaScriptSerializer 初始化,或以在還原序列化物件圖形中限制該物件類型的 JavaScriptTypeResolver 初始化。 + 若使用以 SimpleTypeResolver 初始化的 JavaScriptSerializer 來將未受信任的資料還原序列化,方法 '{0}' 會不安全。請在未指定 JavaScriptTypeResolver 的情況下將 JavaScriptSerializer 初始化,或以在還原序列化物件圖形中限制該物件類型的 JavaScriptTypeResolver 初始化。 @@ -1049,42 +1049,42 @@ When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. + 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用 JsonSerializerSettings 時,請使用 TypeNameHandling.None,或對 None 以外的值使用 SerializationBinder 來限制還原序列化類型。 Do not use insecure JsonSerializerSettings - Do not use insecure JsonSerializerSettings + 請勿使用不安全的 JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. + 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用 JsonSerializerSettings 時,請確保指定 TypeNameHandling.None,或對 None 以外的值確保指定 SerializationBinder 來限制還原序列化類型。 Ensure that JsonSerializerSettings are secure - Ensure that JsonSerializerSettings are secure + 確保 JsonSerializerSettings 是安全的 Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. + 使用非 None 的 TypeNameHandling 值時,將 JSON 還原序列化可能不安全。若您需要在未指定 SerializationBinder 時,偵測 Json.NET 還原序列化,請停用規則 CA2326,並啟用規則 CA2327、CA2328、CA2329 及 CA2330。 Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializing JSON when using a TypeNameHandling value other than None can be insecure. + 使用非 None 的 TypeNameHandling 值時,將 JSON 還原序列化可能不安全。 Do not use TypeNameHandling values other than None - Do not use TypeNameHandling values other than None + 請勿使用非 None 的 TypeNameHandling 值 The method '{0}' is insecure when deserializing untrusted data. - 還原序列化不受信任的資料時,方法 '{0}' 不安全。 + 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 @@ -1114,12 +1114,12 @@ The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - 還原序列化不受信任的資料時,方法 '{0}' 不安全。如果您需要改為偵測 NetDataContractSerializer 還原序列化,而不想要設定 SerializationBinder,則請停用規則 CA2310,並啟用規則 CA2311 和 CA2312。 + 將不受信任的資料還原序列化時,方法 '{0}' 不安全。如果您需要改為偵測 NetDataContractSerializer 還原序列化,而不想要設定 SerializationBinder,則請停用規則 CA2310,並啟用規則 CA2311 和 CA2312。 The method '{0}' is insecure when deserializing untrusted data. - 還原序列化不受信任的資料時,方法 '{0}' 不安全。 + 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 @@ -1129,7 +1129,7 @@ The method '{0}' is insecure when deserializing untrusted data. - 還原序列化不受信任的資料時,方法 '{0}' 不安全。 + 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 @@ -1429,17 +1429,17 @@ Do Not Hard Code Encryption Key - Do Not Hard Code Encryption Key + 不要硬式編碼加密金鑰 SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. - SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hardcoded value. + SymmetricAlgorithm 的 .Key 屬性,或方法的 rgbKey 參數不應為硬式編碼值。 Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' - Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hardcoded key from '{2}' in method '{3}' + 發現潛在的安全性弱點,方法 '{1}' 中的 '{0}' 可能受來自方法 '{3}' 中 '{2}' 由硬式編碼的金鑰所感染。 diff --git a/src/Microsoft.NetFramework.Analyzers/Core/xlf/MicrosoftNetFrameworkAnalyzersResources.pl.xlf b/src/Microsoft.NetFramework.Analyzers/Core/xlf/MicrosoftNetFrameworkAnalyzersResources.pl.xlf index 8ae3f31b59..42e83a5137 100644 --- a/src/Microsoft.NetFramework.Analyzers/Core/xlf/MicrosoftNetFrameworkAnalyzersResources.pl.xlf +++ b/src/Microsoft.NetFramework.Analyzers/Core/xlf/MicrosoftNetFrameworkAnalyzersResources.pl.xlf @@ -54,7 +54,7 @@ A method in a type that inherits from System.EnterpriseServices.ServicedComponent is marked by using System.Web.Services.WebMethodAttribute. Because WebMethodAttribute and a ServicedComponent method have conflicting behavior and requirements for context and transaction flow, the behavior of the method will be incorrect in some scenarios. - Metoda w typie dziedziczącym z elementu System.EnterpriseServices.ServicedComponent jest oznaczona za pomocą elementu System.Web.Services.WebMethodAttribute. Ponieważ metody WebMethodAttribute oraz ServicedComponent mają sprzeczne zachowania i wymagania dotyczące kontekstu i przepływu transakcji, zachowanie metody w niektórych scenariuszach będzie niepoprawne. + Metoda w typie dziedziczącym z elementu System.EnterpriseServices.ServicedComponent jest oznaczona za pomocą elementu System.Web.Services.WebMethodAttribute. Ponieważ metody WebMethodAttribute oraz ServicedComponent mają będące w konflikcie zachowania i wymagania dotyczące kontekstu i przepływu transakcji, zachowanie metody w niektórych scenariuszach będzie niepoprawne. diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.cs.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.cs.xlf index 25b881f026..dfd42c6ed4 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.cs.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.cs.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + Řešení musí obsahovat dva soubory typu AdditionalFiles: PublicAPI.Unshipped.txt a PublicAPI.Shipped.txt. Nejméně jeden z těchto souborů chybí nebo nemá správný typ. One or both of the public API files are missing - One or both of the public API files are missing + Chybí nejméně jeden soubor veřejného rozhraní API diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.de.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.de.xlf index bea87f5f14..5659185474 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.de.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.de.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + Die Projektmappe muss zwei Dateien mit dem Typ "AdditionalFiles" enthalten: "PublicAPI.Unshipped.txt" und "PublicAPI.Shipped.txt". txt. Mindestens eine dieser Dateien fehlt oder weist den falschen Typ auf. One or both of the public API files are missing - One or both of the public API files are missing + Mindestens eine der öffentlichen API-Dateien fehlt. diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.es.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.es.xlf index 8da1702465..40576dd444 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.es.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.es.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + La solución debe contener dos archivos con el tipo "AdditionalFiles": PublicAPI.Unshipped.txt y PublicAPI.Shipped.txt. Al menos uno de estos archivos falta o tiene un tipo incorrecto. One or both of the public API files are missing - One or both of the public API files are missing + Faltan los dos archivos de la API pública o uno de ellos diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.fr.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.fr.xlf index b67edeb9a8..96fa542929 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.fr.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.fr.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + La solution doit contenir deux fichiers ayant le type "AdditionalFiles" : PublicAPI.Unshipped.txt et PublicAPI.Shipped.txt. L'un de ces fichiers est manquant, ou son type est incorrect. One or both of the public API files are missing - One or both of the public API files are missing + Il manque l'un des deux fichiers d'API publiques, ou les deux diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.it.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.it.xlf index c7d950375b..484fae257f 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.it.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.it.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + La soluzione deve contenere due file con il tipo "AdditionalFiles": PublicAPI.unshipped.txt e PublicAPI.shipped.txt. Almeno uno di questi file manca o è di tipo errato. One or both of the public API files are missing - One or both of the public API files are missing + Uno o entrambi i file dell'API pubblica sono mancanti diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ja.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ja.xlf index 4b9278eedd..53a2fea465 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ja.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ja.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + ソリューションには、種類が "AdditionalFiles" の 2 つのファイル (PublicAPI.Unshipped.txt と PublicAPI.Shipped.txt) が含まれている必要があります。これらのファイルのうち少なくとも 1 つが見つからないか、種類が正しくありません。 One or both of the public API files are missing - One or both of the public API files are missing + パブリック API ファイルの 1 つまたは両方が見つからない diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ko.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ko.xlf index 7a4e6b00c6..5f8ac46335 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ko.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ko.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + 솔루션에 "AdditionalFiles": PublicAPI.Unshipped.txt 및 PublicAPI.Shipped.txt 형식의 파일이 두 개 포함되어야 합니다. 이러한 파일 중 하나 이상이 없거나 형식이 잘못되었습니다. One or both of the public API files are missing - One or both of the public API files are missing + 공용 API 파일 중 하나 또는 둘 다 없습니다. diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pl.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pl.xlf index 4af3f230d8..863be26a91 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pl.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pl.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + Rozwiązanie musi zawierać dwa pliki typu „AdditionalFiles”: PublicAPI.Unshipped.txt i PublicAPI.Shipped.txt. Brakuje co najmniej jednego z tych plików lub ma on nieprawidłowy typ. One or both of the public API files are missing - One or both of the public API files are missing + Brakuje co najmniej jednego pliku publicznego interfejsu API diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pt-BR.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pt-BR.xlf index 93925323bd..ead2a81642 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pt-BR.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.pt-BR.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + A solução precisa conter dois arquivos com o tipo "AdditionalFiles": PublicAPI.Unshipped.txt e PublicAPI.Shipped.txt. Pelo menos um desses arquivos está ausente ou tem o tipo errado. One or both of the public API files are missing - One or both of the public API files are missing + Um ou ambos os arquivos de API pública estão ausentes diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ru.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ru.xlf index 41fdf2f28f..fc7d347b98 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ru.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.ru.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + Решение должно содержать два файла с типом "AdditionalFiles": PublicAPI.Unshipped.txt и PublicAPI.Shipped.txt. По меньшей мере один из этих файлов отсутствует или имеет неправильный тип. One or both of the public API files are missing - One or both of the public API files are missing + Отсутствует один или оба файла открытого API diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.tr.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.tr.xlf index 53ff967711..8c3f42c835 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.tr.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.tr.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + Çözüm, "AdditionalFiles" türüne sahip iki dosya içermelidir: PublicAPI.Unshipped.txt ve PublicAPI.Shipped.txt. Bu dosyalardan en az biri eksik veya yanlış türe sahip. One or both of the public API files are missing - One or both of the public API files are missing + Ortak API dosyalarından biri veya her ikisi de eksik diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hans.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hans.xlf index 97d742f33d..ccb65e353b 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hans.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hans.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + 解决方案必须包含两个具有类型 "AdditionalFiles" 的文件(PublicAPI.Unshipped.txt 和 PublicAPI.Shipped.txt)。其中至少有一个文件缺失或类型错误。 One or both of the public API files are missing - One or both of the public API files are missing + 缺少一个或两个公共 API 文件 @@ -99,7 +99,7 @@ Symbol '{0}' is part of the declared API, but is either not public or could not be found - 符号“{0}”是已声明 API 的一部分,但此符号为非公共或无法找到 + 符号“{0}”是已声明 API 的一部分,但此符号不是公共符号或无法找到 diff --git a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hant.xlf b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hant.xlf index b42ea13470..a9e6f24b7c 100644 --- a/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hant.xlf +++ b/src/PublicApiAnalyzers/Core/Analyzers/xlf/PublicApiAnalyzerResources.zh-Hant.xlf @@ -69,12 +69,12 @@ The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. - The solution must contain two files with the type "AdditionalFiles": PublicAPI.Unshipped.txt and PublicAPI.Shipped.txt. At least one of these files is missing or has the wrong type. + 解決方案必須包含兩個類型為 "AdditionalFiles" 的檔案: PublicAPI.Unshipped.txt 與 PublicAPI.Shipped.txt。其中至少缺少一個檔案或檔案類型錯誤。 One or both of the public API files are missing - One or both of the public API files are missing + 缺少兩個公用 API 檔案的其中一個或兩者