Skip to content

v2.9.4
Compare
Choose a tag to compare
@mavasani mavasani released this 29 Jul 17:31
v2.9.4
a1a198d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains bug fixes on top of v2.9.3 release and additional rules listed below.

Works with VS 2017.9 or later.

Added

  • Performance
    • CA1827: Do not use Count() when Any() can be used -- Enabled by default
  • Security
    • CA2326: Do not use TypeNameHandling values other than None
    • CA2327: Do not use insecure JsonSerializerSettings
    • CA2328: Ensure that JsonSerializerSettings are secure
    • CA5387: Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
    • CA5388: Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
    • CA5389: Do Not Add Archive Item's Path To The Target File System Path -- Enabled by default
    • CA5390: Do Not Hard Code Encryption Key -- Enabled by default
  • Usage
    • CA2245: Do not assign a property to itself. -- Enabled by default

Fixes

  • CA3075: Insecure DTD processing in XML -- Performance improvements.
  • CA5360: Do Not Call Dangerous Methods In Deserialization -- Fixed KeyNotFoundException.
Assets 2
Loading