JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C#

Roslyn-Detected C# Warning Classes

This page lists all Roslyn-detected C# warning classes shipped with CodeSonar.

See also C# Warning Classes, C/C++ Warning Classes, Java Warning Classes.

Important Note: CodeSonar projects are built from Microsoft C# assembly code (.exe or .dll files) and debug information (.pdb files). However, CodeSonar will only analyze those parts of the project for which corresponding source code (.cs files) is also available, because warning reports are not useful or comprehensible without source information.

Introduction

We divide the C# warning classes shipped with CodeSonar into two groups.

Configuration Presets

There are several configuration presets that are specific to the C# analysis, as well as a number of presets that apply across all analyzed source languages.

The following presets are especially relevant to the Roslyn-detected C# warning classes. Each enables a set of classes corresponding to a ruleset in microsoft.codeanalysis.netanalyzers 8.0.0.

Preset Corresponding microsoft.codeanalysis.netanalyzers 8.0.0 ruleset
csharp_roslyn_allrulesdefault allrulesdefault
csharp_roslyn_allrulesenabled allrulesenabled
csharp_roslyn_designrulesdefault designrulesdefault
csharp_roslyn_globalizationrulesdefault globalizationrulesdefault
csharp_roslyn_interoperabilityrulesdefault interoperabilityrulesdefault
csharp_roslyn_maintainabilityrulesdefault maintainabilityrulesdefault
csharp_roslyn_performancerulesdefault performancerulesdefault
csharp_roslyn_portedfromfxcoprulesdefault portedfromfxcoprulesdefault
csharp_roslyn_reliabilityrulesdefault reliabilityrulesdefault
csharp_roslyn_usagerulesdefault usagerulesdefault

Class Names and Mnemonics

There is a Roslyn-detected C# warning class corresponding to each Roslyn analyzer diagnostic.

For example, warning class Do not declare static members on generic types (C#) has mnemonic ROSLYN.DESIGN.CA1000: the corresponding Roslyn analyzer diagnostic has Title "Do not declare static members on generic types", Category "Design", and ID "CA1000".

Enabled By Default

Class Name Mnemonic
'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument (C#) ROSLYN.RELIABILITY.CA2018
'ThreadStatic' only affects static fields (C#) ROSLYN.USAGE.CA2259
A constant is expected for the parameter (C#) ROSLYN.PERFORMANCE.CA1857
All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface (C#) ROSLYN.USAGE.CA2256
Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum (C#) ROSLYN.USAGE.CA2247
Assigning symbol and its member in the same statement (C#) ROSLYN.USAGE.CA2246
Avoid 'StringBuilder' parameters for P/Invokes (C#) ROSLYN.PERFORMANCE.CA1838
Avoid constant arrays as arguments (C#) ROSLYN.PERFORMANCE.CA1861
Avoid inexact read with 'Stream.Read' (C#) ROSLYN.RELIABILITY.CA2022
Avoid infinite recursion (C#) ROSLYN.RELIABILITY.CA2011
Avoid redundant length argument (C#) ROSLYN.MAINTAINABILITY.CA1514
Avoid using 'Enumerable.Any()' extension method (C#) ROSLYN.PERFORMANCE.CA1860
Avoid using cref tags with a prefix (C#) ROSLYN.DOCUMENTATION.CA1200
Avoid zero-length array allocations (C#) ROSLYN.PERFORMANCE.CA1825
Cache and reuse 'JsonSerializerOptions' instances (C#) ROSLYN.PERFORMANCE.CA1869
CancellationToken parameters must come last (C#) ROSLYN.DESIGN.CA1068
Consider using 'StringBuilder.Append(char)' when applicable (C#) ROSLYN.PERFORMANCE.CA1834
Consider using 'string.Contains' instead of 'string.IndexOf' (C#) ROSLYN.USAGE.CA2249
Declare types in namespaces (C#) ROSLYN.DESIGN.CA1050
Dispose methods should call SuppressFinalize (C#) ROSLYN.USAGE.CA1816
Dispose methods should call base class dispose (C#) ROSLYN.USAGE.CA2215
Do Not Add Schema By URL (C#) ROSLYN.SECURITY.CA3061
Do Not Call Dangerous Methods In Deserialization (C#) ROSLYN.SECURITY.CA5360
Do Not Disable Certificate Validation (C#) ROSLYN.SECURITY.CA5359
Do Not Disable HTTP Header Checking (C#) ROSLYN.SECURITY.CA5365
Do Not Disable Request Validation (C#) ROSLYN.SECURITY.CA5363
Do Not Use Broken Cryptographic Algorithms (C#) ROSLYN.SECURITY.CA5351
Do Not Use Deprecated Security Protocols (C#) ROSLYN.SECURITY.CA5364
Do Not Use Digital Signature Algorithm (DSA) (C#) ROSLYN.SECURITY.CA5384
Do Not Use Weak Cryptographic Algorithms (C#) ROSLYN.SECURITY.CA5350
Do Not Use XslTransform (C#) ROSLYN.SECURITY.CA5374
Do not assign a property to itself (C#) ROSLYN.USAGE.CA2245
Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types (C#) ROSLYN.RELIABILITY.CA2021
Do not call ToImmutableCollection on an ImmutableCollection value (C#) ROSLYN.RELIABILITY.CA2009
Do not compare Span<T> to 'null' or 'default' (C#) ROSLYN.USAGE.CA2265
Do not declare event fields as virtual (C#) ROSLYN.DESIGN.CA1070
Do not declare protected member in sealed type (C#) ROSLYN.DESIGN.CA1047
Do not declare static members on generic types (C#) ROSLYN.DESIGN.CA1000
Do not declare visible instance fields (C#) ROSLYN.DESIGN.CA1051
Do not define finalizers for types derived from MemoryManager<T> (C#) ROSLYN.RELIABILITY.CA2015
Do not duplicate indexed element initializations (C#) ROSLYN.USAGE.CA2244
Do not hide base class methods (C#) ROSLYN.DESIGN.CA1061
Do not ignore method results (C#) ROSLYN.PERFORMANCE.CA1806
Do not initialize unnecessarily (C#) ROSLYN.PERFORMANCE.CA1805
Do not pass a non-nullable value to 'ArgumentNullException.ThrowIfNull' (C#) ROSLYN.USAGE.CA2264
Do not pass a nullable struct to 'ArgumentNullException.ThrowIfNull' (C#) ROSLYN.PERFORMANCE.CA1871
Do not prefix enum values with type name (C#) ROSLYN.NAMING.CA1712
Do not raise exceptions in finally clauses (C#) ROSLYN.USAGE.CA2219
Do not raise reserved exception types (C#) ROSLYN.USAGE.CA2201
Do not use 'OutAttribute' on string parameters for P/Invokes (C#) ROSLYN.INTEROPERABILITY.CA1417
Do not use 'WaitAll' with a single task (C#) ROSLYN.PERFORMANCE.CA1843
Do not use 'WhenAll' with a single task (C#) ROSLYN.PERFORMANCE.CA1842
Do not use ConfigureAwaitOptions.SuppressThrowing with Task<TResult> (C#) ROSLYN.USAGE.CA2261
Do not use Count() or LongCount() when Any() can be used (C#) ROSLYN.PERFORMANCE.CA1827
Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used (C#) ROSLYN.PERFORMANCE.CA1828
Do not use Enumerable methods on indexable collections (C#) ROSLYN.PERFORMANCE.CA1826
Do not use ReferenceEquals with value types (C#) ROSLYN.RELIABILITY.CA2013
Do not use deprecated SslProtocols values (C#) ROSLYN.SECURITY.CA5397
Do not use obsolete key derivation function (C#) ROSLYN.SECURITY.CA5373
Do not use stackalloc in loops (C#) ROSLYN.RELIABILITY.CA2014
Ensure Key Derivation Function algorithm is sufficiently strong (C#) ROSLYN.SECURITY.CA5379
Enums values should not be duplicated (C#) ROSLYN.DESIGN.CA1069
Forward the 'CancellationToken' parameter to methods (C#) ROSLYN.RELIABILITY.CA2016
Generic interface should also be implemented (C#) ROSLYN.DESIGN.CA1010
Identifier contains type name (C#) ROSLYN.NAMING.CA1720
Identifiers should differ by more than case (C#) ROSLYN.NAMING.CA1708
Identifiers should have correct prefix (C#) ROSLYN.NAMING.CA1715
Identifiers should have correct suffix (C#) ROSLYN.NAMING.CA1710
Identifiers should not contain underscores (C#) ROSLYN.NAMING.CA1707
Identifiers should not have incorrect suffix (C#) ROSLYN.NAMING.CA1711
Identifiers should not match keywords (C#) ROSLYN.NAMING.CA1716
Improper 'ThreadStatic' field initialization (C#) ROSLYN.RELIABILITY.CA2019
Incorrect usage of ConstantExpected attribute (C#) ROSLYN.PERFORMANCE.CA1856
Insecure DTD processing in XML (C#) ROSLYN.SECURITY.CA3075
Insecure Processing in API Design, XmlDocument and XmlTextReader (C#) ROSLYN.SECURITY.CA3077
Insecure XSLT script processing (C#) ROSLYN.SECURITY.CA3076
Instantiate argument exceptions correctly (C#) ROSLYN.USAGE.CA2208
Mark Verb Handlers With Validate Antiforgery Token (C#) ROSLYN.SECURITY.CA3147
Mark assemblies with NeutralResourcesLanguageAttribute (C#) ROSLYN.PERFORMANCE.CA1824
Mark assemblies with assembly version (C#) ROSLYN.DESIGN.CA1016
Mark attributes with AttributeUsageAttribute (C#) ROSLYN.DESIGN.CA1018
Mark members as static (C#) ROSLYN.PERFORMANCE.CA1822
Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' (C#) ROSLYN.USAGE.CA2257
Named placeholders should not be numeric values (C#) ROSLYN.USAGE.CA2253
Non-constant fields should not be visible (C#) ROSLYN.USAGE.CA2211
Overload operator equals on overriding value type Equals (C#) ROSLYN.USAGE.CA2231
Override Object.Equals(object) when implementing IEquatable<T> (C#) ROSLYN.DESIGN.CA1067
Override methods on comparable types (C#) ROSLYN.DESIGN.CA1036
P/Invokes should not be visible (C#) ROSLYN.INTEROPERABILITY.CA1401
Parameter count mismatch (C#) ROSLYN.RELIABILITY.CA2017
Parameter names should match base declaration (C#) ROSLYN.NAMING.CA1725
Prefer 'AsSpan' over 'Substring' (C#) ROSLYN.PERFORMANCE.CA1846
Prefer 'Clear' over 'Fill' (C#) ROSLYN.PERFORMANCE.CA1855
Prefer 'Convert.ToHexString' and 'Convert.ToHexStringLower' over call chains based on 'BitConverter.ToString' (C#) ROSLYN.PERFORMANCE.CA1872
Prefer Dictionary.Contains methods (C#) ROSLYN.PERFORMANCE.CA1841
Prefer IsEmpty over Count (C#) ROSLYN.PERFORMANCE.CA1836
Prefer generic overload when type is known (C#) ROSLYN.USAGE.CA2263
Prefer static 'HashData' method over 'ComputeHash' (C#) ROSLYN.PERFORMANCE.CA1850
Prefer strongly-typed Append and Insert method overloads on StringBuilder (C#) ROSLYN.PERFORMANCE.CA1830
Prefer the 'IDictionary.TryAdd(TKey, TValue)' method (C#) ROSLYN.PERFORMANCE.CA1864
Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method (C#) ROSLYN.PERFORMANCE.CA1854
Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' (C#) ROSLYN.PERFORMANCE.CA1835
Prevent behavioral change (C#) ROSLYN.RELIABILITY.CA2020
Property, type, or attribute requires runtime marshalling (C#) ROSLYN.INTEROPERABILITY.CA1420
Provide ObsoleteAttribute message (C#) ROSLYN.DESIGN.CA1041
Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' (C#) ROSLYN.INTEROPERABILITY.CA1419
Provide correct 'enum' argument to 'Enum.HasFlag' (C#) ROSLYN.USAGE.CA2248
Provide correct arguments to formatting methods (C#) ROSLYN.USAGE.CA2241
Provide memory-based overrides of async methods when subclassing 'Stream' (C#) ROSLYN.PERFORMANCE.CA1844
Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported (C#) ROSLYN.USAGE.CA2258
Remove empty Finalizers (C#) ROSLYN.PERFORMANCE.CA1821
Rethrow to preserve stack details (C#) ROSLYN.USAGE.CA2200
Seal internal types (C#) ROSLYN.PERFORMANCE.CA1852
Set 'MaxResponseHeadersLength' properly (C#) ROSLYN.USAGE.CA2262
Set ViewStateUserKey For Classes Derived From Page (C#) ROSLYN.SECURITY.CA5368
Specify CultureInfo (C#) ROSLYN.GLOBALIZATION.CA1304
Specify IFormatProvider (C#) ROSLYN.GLOBALIZATION.CA1305
Specify StringComparison for correctness (C#) ROSLYN.GLOBALIZATION.CA1310
Specify a culture or use an invariant version (C#) ROSLYN.GLOBALIZATION.CA1311
Specify marshaling for P/Invoke string arguments (C#) ROSLYN.GLOBALIZATION.CA2101
Template should be a static expression (C#) ROSLYN.USAGE.CA2254
Test for NaN correctly (C#) ROSLYN.USAGE.CA2242
The 'ModuleInitializer' attribute should not be used in libraries (C#) ROSLYN.USAGE.CA2255
This API requires opting into preview features (C#) ROSLYN.USAGE.CA2252
This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied (C#) ROSLYN.INTEROPERABILITY.CA1421
Types that own disposable fields should be disposable (C#) ROSLYN.DESIGN.CA1001
Unnecessary call to 'Contains(item)' (C#) ROSLYN.PERFORMANCE.CA1868
Unnecessary call to 'Dictionary.ContainsKey(key)' (C#) ROSLYN.PERFORMANCE.CA1853
Use 'CompositeFormat' (C#) ROSLYN.PERFORMANCE.CA1863
Use 'Environment.CurrentManagedThreadId' (C#) ROSLYN.PERFORMANCE.CA1840
Use 'Environment.ProcessId' (C#) ROSLYN.PERFORMANCE.CA1837
Use 'Environment.ProcessPath' (C#) ROSLYN.PERFORMANCE.CA1839
Use 'StartsWith' instead of 'IndexOf' (C#) ROSLYN.PERFORMANCE.CA1858
Use 'ThrowIfCancellationRequested' (C#) ROSLYN.USAGE.CA2250
Use 'string.Equals' (C#) ROSLYN.USAGE.CA2251
Use ArgumentException throw helper (C#) ROSLYN.MAINTAINABILITY.CA1511
Use ArgumentNullException throw helper (C#) ROSLYN.MAINTAINABILITY.CA1510
Use ArgumentOutOfRangeException throw helper (C#) ROSLYN.MAINTAINABILITY.CA1512
Use AsSpan or AsMemory instead of Range-based indexers (C#) ROSLYN.PERFORMANCE.CA1832
Use AsSpan or AsMemory instead of Range-based indexers for getting Span of an array (C#) ROSLYN.PERFORMANCE.CA1833
Use AsSpan or AsMemory instead of Range-based indexers when appropriate (C#) ROSLYN.PERFORMANCE.CA1831
Use Length/Count property instead of Count() when available (C#) ROSLYN.PERFORMANCE.CA1829
Use ObjectDisposedException throw helper (C#) ROSLYN.MAINTAINABILITY.CA1513
Use PascalCase for named placeholders (C#) ROSLYN.NAMING.CA1727
Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size (C#) ROSLYN.SECURITY.CA5385
Use ValueTasks correctly (C#) ROSLYN.RELIABILITY.CA2012
Use XmlReader for 'DataSet.ReadXml()' (C#) ROSLYN.SECURITY.CA5366
Use XmlReader for 'XmlSchema.Read()' (C#) ROSLYN.SECURITY.CA5371
Use XmlReader for 'XmlSerializer.Deserialize()' (C#) ROSLYN.SECURITY.CA5369
Use XmlReader for XPathDocument constructor (C#) ROSLYN.SECURITY.CA5372
Use XmlReader for XmlValidatingReader constructor (C#) ROSLYN.SECURITY.CA5370
Use a cached 'SearchValues' instance (C#) ROSLYN.PERFORMANCE.CA1870
Use char literal for a single character lookup (C#) ROSLYN.PERFORMANCE.CA1847
Use char overload, CA1865 (C#) ROSLYN.PERFORMANCE.CA1865
Use char overload, CA1866 (C#) ROSLYN.PERFORMANCE.CA1866
Use concrete types when possible for improved performance (C#) ROSLYN.PERFORMANCE.CA1859
Use correct type parameter (C#) ROSLYN.USAGE.CA2260
Use nameof to express symbol names (C#) ROSLYN.MAINTAINABILITY.CA1507
Use ordinal string comparison (C#) ROSLYN.GLOBALIZATION.CA1309
Use span-based 'string.Concat' (C#) ROSLYN.PERFORMANCE.CA1845
Use the 'StringComparison' method overloads to perform case-insensitive string comparisons (C#) ROSLYN.PERFORMANCE.CA1862
Use the LoggerMessage delegates (C#) ROSLYN.PERFORMANCE.CA1848
Use valid platform string (C#) ROSLYN.INTEROPERABILITY.CA1418
Validate platform compatibility (C#) ROSLYN.INTEROPERABILITY.CA1416
Validate platform compatibility - obsoleted APIs (C#) ROSLYN.INTEROPERABILITY.CA1422

Disabled By Default

Class Name Mnemonic
Abstract types should not have public constructors (C#) ROSLYN.DESIGN.CA1012
Attribute string literals should parse correctly (C#) ROSLYN.USAGE.CA2243
Avoid dead conditional code (C#) ROSLYN.MAINTAINABILITY.CA1508
Avoid empty interfaces (C#) ROSLYN.DESIGN.CA1040
Avoid excessive class coupling (C#) ROSLYN.MAINTAINABILITY.CA1506
Avoid excessive complexity (C#) ROSLYN.MAINTAINABILITY.CA1502
Avoid excessive inheritance (C#) ROSLYN.MAINTAINABILITY.CA1501
Avoid excessive parameters on generic types (C#) ROSLYN.DESIGN.CA1005
Avoid hardcoded SslProtocols values (C#) ROSLYN.SECURITY.CA5398
Avoid hardcoding SecurityProtocolType value (C#) ROSLYN.SECURITY.CA5386
Avoid out parameters (C#) ROSLYN.DESIGN.CA1021
Avoid uninstantiated internal classes (C#) ROSLYN.PERFORMANCE.CA1812
Avoid unmaintainable code (C#) ROSLYN.MAINTAINABILITY.CA1505
Avoid unsealed attributes (C#) ROSLYN.PERFORMANCE.CA1813
Avoid unused private fields (C#) ROSLYN.PERFORMANCE.CA1823
Call async methods when in an async method (C#) ROSLYN.PERFORMANCE.CA1849
Collection properties should be read only (C#) ROSLYN.USAGE.CA2227
Consider calling ConfigureAwait on the awaited task (C#) ROSLYN.RELIABILITY.CA2007
Consider making public types internal (C#) ROSLYN.MAINTAINABILITY.CA1515
Define accessors for attribute arguments (C#) ROSLYN.DESIGN.CA1019
Disposable fields should be disposed (C#) ROSLYN.USAGE.CA2213
Disposable types should declare finalizer (C#) ROSLYN.USAGE.CA2216
Dispose objects before losing scope (C#) ROSLYN.RELIABILITY.CA2000
Do Not Add Archive Item's Path To The Target File System Path (C#) ROSLYN.SECURITY.CA5389
Do Not Add Certificates To Root Store (C#) ROSLYN.SECURITY.CA5380
Do Not Catch Corrupted State Exceptions (C#) ROSLYN.SECURITY.CA2153
Do Not Disable SChannel Use of Strong Crypto (C#) ROSLYN.SECURITY.CA5361
Do Not Serialize Types With Pointer Fields (C#) ROSLYN.SECURITY.CA5367
Do Not Use Account Shared Access Signature (C#) ROSLYN.SECURITY.CA5375
Do Not Use Weak Key Derivation Function With Insufficient Iteration Count (C#) ROSLYN.SECURITY.CA5387
Do not always skip token validation in delegates (C#) ROSLYN.SECURITY.CA5405
Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder (C#) ROSLYN.SECURITY.CA2301
Do not call overridable methods in constructors (C#) ROSLYN.USAGE.CA2214
Do not catch general exception types (C#) ROSLYN.DESIGN.CA1031
Do not create tasks without passing a TaskScheduler (C#) ROSLYN.RELIABILITY.CA2008
Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver (C#) ROSLYN.SECURITY.CA2321
Do not deserialize with JsonSerializer using an insecure configuration (C#) ROSLYN.SECURITY.CA2329
Do not deserialize without first setting NetDataContractSerializer.Binder (C#) ROSLYN.SECURITY.CA2311
Do not disable ServicePointManagerSecurityProtocols (C#) ROSLYN.SECURITY.CA5378
Do not disable token validation checks (C#) ROSLYN.SECURITY.CA5404
Do not expose generic lists (C#) ROSLYN.DESIGN.CA1002
Do not hard-code certificate (C#) ROSLYN.SECURITY.CA5403
Do not hard-code encryption key (C#) ROSLYN.SECURITY.CA5390
Do not lock on objects with weak identity (C#) ROSLYN.RELIABILITY.CA2002
Do not mark enums with FlagsAttribute (C#) ROSLYN.USAGE.CA2217
Do not name enum values 'Reserved' (C#) ROSLYN.NAMING.CA1700
Do not overload equality operator on reference types (C#) ROSLYN.DESIGN.CA1046
Do not pass literals as localized parameters (C#) ROSLYN.GLOBALIZATION.CA1303
Do not pass types by reference (C#) ROSLYN.DESIGN.CA1045
Do not raise exceptions in unexpected locations (C#) ROSLYN.DESIGN.CA1065
Do not use CreateEncryptor with non-default IV (C#) ROSLYN.SECURITY.CA5401
Do not use DataSet.ReadXml() with untrusted data (C#) ROSLYN.SECURITY.CA2351
Do not use DataTable.ReadXml() with untrusted data (C#) ROSLYN.SECURITY.CA2350
Do not use TypeNameHandling values other than None (C#) ROSLYN.SECURITY.CA2326
Do not use insecure JsonSerializerSettings (C#) ROSLYN.SECURITY.CA2327
Do not use insecure deserializer BinaryFormatter (C#) ROSLYN.SECURITY.CA2300
Do not use insecure deserializer LosFormatter (C#) ROSLYN.SECURITY.CA2305
Do not use insecure deserializer NetDataContractSerializer (C#) ROSLYN.SECURITY.CA2310
Do not use insecure deserializer ObjectStateFormatter (C#) ROSLYN.SECURITY.CA2315
Do not use insecure randomness (C#) ROSLYN.SECURITY.CA5394
Do not use unsafe DllImportSearchPath value (C#) ROSLYN.SECURITY.CA5393
Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize (C#) ROSLYN.SECURITY.CA2302
Ensure Certificates Are Not Added To Root Store (C#) ROSLYN.SECURITY.CA5381
Ensure HttpClient certificate revocation list check is not disabled (C#) ROSLYN.SECURITY.CA5400
Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing (C#) ROSLYN.SECURITY.CA2322
Ensure NetDataContractSerializer.Binder is set before deserializing (C#) ROSLYN.SECURITY.CA2312
Ensure Sufficient Iteration Count When Using Weak Key Derivation Function (C#) ROSLYN.SECURITY.CA5388
Ensure Use Secure Cookies In ASP.NET Core (C#) ROSLYN.SECURITY.CA5383
Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data (C#) ROSLYN.SECURITY.CA2361
Ensure that JsonSerializer has a secure configuration when deserializing (C#) ROSLYN.SECURITY.CA2330
Ensure that JsonSerializerSettings are secure (C#) ROSLYN.SECURITY.CA2328
Enum Storage should be Int32 (C#) ROSLYN.DESIGN.CA1028
Enums should have zero value (C#) ROSLYN.DESIGN.CA1008
Events should not have 'Before' or 'After' prefix (C#) ROSLYN.NAMING.CA1713
Exceptions should be public (C#) ROSLYN.DESIGN.CA1064
HttpClients should enable certificate revocation list checks (C#) ROSLYN.SECURITY.CA5399
Implement IDisposable Correctly (C#) ROSLYN.DESIGN.CA1063
Implement IEquatable when overriding Object.Equals (C#) ROSLYN.DESIGN.CA1066
Implement standard exception constructors (C#) ROSLYN.DESIGN.CA1032
Initialize reference type static fields inline (C#) ROSLYN.PERFORMANCE.CA1810
Initialize value type static fields inline (C#) ROSLYN.USAGE.CA2207
Interface methods should be callable by child types (C#) ROSLYN.DESIGN.CA1033
Invalid entry in code metrics rule specification file (C#) ROSLYN.MAINTAINABILITY.CA1509
Mark ISerializable types with serializable (C#) ROSLYN.USAGE.CA2237
Mark all non-serializable fields (C#) ROSLYN.USAGE.CA2235
Mark assemblies with CLSCompliant (C#) ROSLYN.DESIGN.CA1014
Mark assemblies with ComVisible (C#) ROSLYN.DESIGN.CA1017
Mark enums with FlagsAttribute (C#) ROSLYN.DESIGN.CA1027
Miss HttpVerb attribute for action methods (C#) ROSLYN.SECURITY.CA5395
Move pinvokes to native methods class (C#) ROSLYN.DESIGN.CA1060
Nested types should not be visible (C#) ROSLYN.DESIGN.CA1034
Normalize strings to uppercase (C#) ROSLYN.GLOBALIZATION.CA1308
Operator overloads have named alternates (C#) ROSLYN.USAGE.CA2225
Operators should have symmetrical overloads (C#) ROSLYN.USAGE.CA2226
Override equals and operator equals on value types (C#) ROSLYN.PERFORMANCE.CA1815
Pass system uri objects instead of strings (C#) ROSLYN.USAGE.CA2234
Possible multiple enumerations of 'IEnumerable' collection (C#) ROSLYN.PERFORMANCE.CA1851
Potential reference cycle in deserialized object graph (C#) ROSLYN.SECURITY.CA5362
Prefer jagged arrays over multidimensional (C#) ROSLYN.PERFORMANCE.CA1814
Properties should not be write only (C#) ROSLYN.DESIGN.CA1044
Properties should not return arrays (C#) ROSLYN.PERFORMANCE.CA1819
Property names should not match get methods (C#) ROSLYN.NAMING.CA1721
Review SQL queries for security vulnerabilities (C#) ROSLYN.SECURITY.CA2100
Review cipher mode usage with cryptography experts (C#) ROSLYN.SECURITY.CA5358
Review code for DLL injection vulnerabilities (C#) ROSLYN.SECURITY.CA3011
Review code for LDAP injection vulnerabilities (C#) ROSLYN.SECURITY.CA3005
Review code for SQL injection vulnerabilities (C#) ROSLYN.SECURITY.CA3001
Review code for XAML injection vulnerabilities (C#) ROSLYN.SECURITY.CA3010
Review code for XML injection vulnerabilities (C#) ROSLYN.SECURITY.CA3009
Review code for XPath injection vulnerabilities (C#) ROSLYN.SECURITY.CA3008
Review code for XSS vulnerabilities (C#) ROSLYN.SECURITY.CA3002
Review code for file path injection vulnerabilities (C#) ROSLYN.SECURITY.CA3003
Review code for information disclosure vulnerabilities (C#) ROSLYN.SECURITY.CA3004
Review code for open redirect vulnerabilities (C#) ROSLYN.SECURITY.CA3007
Review code for process command injection vulnerabilities (C#) ROSLYN.SECURITY.CA3006
Review code for regex injection vulnerabilities (C#) ROSLYN.SECURITY.CA3012
Seal methods that satisfy private interfaces (C#) ROSLYN.SECURITY.CA2119
Set HttpOnly to true for HttpCookie (C#) ROSLYN.SECURITY.CA5396
Specify StringComparison for clarity (C#) ROSLYN.GLOBALIZATION.CA1307
Static holder types should be Static or NotInheritable (C#) ROSLYN.DESIGN.CA1052
Test for empty strings using string length (C#) ROSLYN.PERFORMANCE.CA1820
Type names should not match namespaces (C#) ROSLYN.NAMING.CA1724
Types should not extend certain base types (C#) ROSLYN.DESIGN.CA1058
URI-like parameters should not be strings (C#) ROSLYN.DESIGN.CA1054
URI-like properties should not be strings (C#) ROSLYN.DESIGN.CA1056
URI-like return values should not be strings (C#) ROSLYN.DESIGN.CA1055
Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks (C#) ROSLYN.SECURITY.CA2362
Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks (C#) ROSLYN.SECURITY.CA2354
Unsafe DataSet or DataTable in serializable type (C#) ROSLYN.SECURITY.CA2353
Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks (C#) ROSLYN.SECURITY.CA2352
Unsafe DataSet or DataTable type found in deserializable object graph (C#) ROSLYN.SECURITY.CA2355
Unsafe DataSet or DataTable type in web deserializable object graph (C#) ROSLYN.SECURITY.CA2356
Use Container Level Access Policy (C#) ROSLYN.SECURITY.CA5377
Use CreateEncryptor with the default IV (C#) ROSLYN.SECURITY.CA5402
Use DefaultDllImportSearchPaths attribute for P/Invokes (C#) ROSLYN.SECURITY.CA5392
Use Integral Or String Argument For Indexers (C#) ROSLYN.DESIGN.CA1043
Use Secure Cookies In ASP.NET Core (C#) ROSLYN.SECURITY.CA5382
Use SharedAccessProtocol HttpsOnly (C#) ROSLYN.SECURITY.CA5376
Use antiforgery tokens in ASP.NET Core MVC controllers (C#) ROSLYN.SECURITY.CA5391
Use char overload, CA1867 (C#) ROSLYN.PERFORMANCE.CA1867
Use events where appropriate (C#) ROSLYN.DESIGN.CA1030
Use generic event handler instances (C#) ROSLYN.DESIGN.CA1003
Use literals where appropriate (C#) ROSLYN.PERFORMANCE.CA1802
Use properties where appropriate (C#) ROSLYN.DESIGN.CA1024
Validate arguments of public methods (C#) ROSLYN.DESIGN.CA1062
 

To report problems with this documentation, please visit https://support.codesecure.com/.