· 4 years ago · Apr 27, 2021, 09:26 AM
1# NOTE: Requires **VS2019 16.3** or later
2
3# All Rules Enabled with default severity
4# Description: All Rules are enabled with default severity. Rules with IsEnabledByDefault = false are force enabled with default severity.
5
6# Code files
7[*.{cs,vb}]
8
9
10# CA1000: Do not declare static members on generic types
11dotnet_diagnostic.CA1000.severity = silent
12
13# CA1001: Types that own disposable fields should be disposable
14dotnet_diagnostic.CA1001.severity = silent
15
16# CA1002: Do not expose generic lists
17dotnet_diagnostic.CA1002.severity = warning
18
19# CA1003: Use generic event handler instances
20dotnet_diagnostic.CA1003.severity = warning
21
22# CA1005: Avoid excessive parameters on generic types
23dotnet_diagnostic.CA1005.severity = warning
24
25# CA1008: Enums should have zero value
26dotnet_diagnostic.CA1008.severity = warning
27
28# CA1010: Generic interface should also be implemented
29dotnet_diagnostic.CA1010.severity = silent
30
31# CA1012: Abstract types should not have public constructors
32dotnet_diagnostic.CA1012.severity = warning
33
34# CA1014: Mark assemblies with CLSCompliant
35dotnet_diagnostic.CA1014.severity = warning
36
37# CA1016: Mark assemblies with assembly version
38dotnet_diagnostic.CA1016.severity = suggestion
39
40# CA1017: Mark assemblies with ComVisible
41dotnet_diagnostic.CA1017.severity = warning
42
43# CA1018: Mark attributes with AttributeUsageAttribute
44dotnet_diagnostic.CA1018.severity = suggestion
45
46# CA1019: Define accessors for attribute arguments
47dotnet_diagnostic.CA1019.severity = warning
48
49# CA1021: Avoid out parameters
50dotnet_diagnostic.CA1021.severity = warning
51
52# CA1024: Use properties where appropriate
53dotnet_diagnostic.CA1024.severity = warning
54
55# CA1027: Mark enums with FlagsAttribute
56dotnet_diagnostic.CA1027.severity = warning
57
58# CA1028: Enum Storage should be Int32
59dotnet_diagnostic.CA1028.severity = warning
60
61# CA1030: Use events where appropriate
62dotnet_diagnostic.CA1030.severity = warning
63
64# CA1031: Do not catch general exception types
65dotnet_diagnostic.CA1031.severity = warning
66
67# CA1032: Implement standard exception constructors
68dotnet_diagnostic.CA1032.severity = warning
69
70# CA1033: Interface methods should be callable by child types
71dotnet_diagnostic.CA1033.severity = warning
72
73# CA1034: Nested types should not be visible
74dotnet_diagnostic.CA1034.severity = warning
75
76# CA1036: Override methods on comparable types
77dotnet_diagnostic.CA1036.severity = silent
78
79# CA1040: Avoid empty interfaces
80dotnet_diagnostic.CA1040.severity = warning
81
82# CA1041: Provide ObsoleteAttribute message
83dotnet_diagnostic.CA1041.severity = suggestion
84
85# CA1043: Use Integral Or String Argument For Indexers
86dotnet_diagnostic.CA1043.severity = warning
87
88# CA1044: Properties should not be write only
89dotnet_diagnostic.CA1044.severity = warning
90
91# CA1045: Do not pass types by reference
92dotnet_diagnostic.CA1045.severity = warning
93
94# CA1046: Do not overload equality operator on reference types
95dotnet_diagnostic.CA1046.severity = warning
96
97# CA1047: Do not declare protected member in sealed type
98dotnet_diagnostic.CA1047.severity = suggestion
99
100# CA1050: Declare types in namespaces
101dotnet_diagnostic.CA1050.severity = suggestion
102
103# CA1051: Do not declare visible instance fields
104dotnet_diagnostic.CA1051.severity = silent
105
106# CA1052: Static holder types should be Static or NotInheritable
107dotnet_diagnostic.CA1052.severity = warning
108
109# CA1054: URI-like parameters should not be strings
110dotnet_diagnostic.CA1054.severity = warning
111
112# CA1055: URI-like return values should not be strings
113dotnet_diagnostic.CA1055.severity = warning
114
115# CA1056: URI-like properties should not be strings
116dotnet_diagnostic.CA1056.severity = warning
117
118# CA1058: Types should not extend certain base types
119dotnet_diagnostic.CA1058.severity = warning
120
121# CA1060: Move pinvokes to native methods class
122dotnet_diagnostic.CA1060.severity = warning
123
124# CA1061: Do not hide base class methods
125dotnet_diagnostic.CA1061.severity = suggestion
126
127# CA1062: Validate arguments of public methods
128dotnet_diagnostic.CA1062.severity = warning
129
130# CA1063: Implement IDisposable Correctly
131dotnet_diagnostic.CA1063.severity = warning
132
133# CA1064: Exceptions should be public
134dotnet_diagnostic.CA1064.severity = warning
135
136# CA1065: Do not raise exceptions in unexpected locations
137dotnet_diagnostic.CA1065.severity = warning
138
139# CA1066: Implement IEquatable when overriding Object.Equals
140dotnet_diagnostic.CA1066.severity = warning
141
142# CA1067: Override Object.Equals(object) when implementing IEquatable<T>
143dotnet_diagnostic.CA1067.severity = suggestion
144
145# CA1068: CancellationToken parameters must come last
146dotnet_diagnostic.CA1068.severity = suggestion
147
148# CA1069: Enums values should not be duplicated
149dotnet_diagnostic.CA1069.severity = suggestion
150
151# CA1070: Do not declare event fields as virtual
152dotnet_diagnostic.CA1070.severity = suggestion
153
154# CA1200: Avoid using cref tags with a prefix
155dotnet_diagnostic.CA1200.severity = silent
156
157# CA1303: Do not pass literals as localized parameters
158dotnet_diagnostic.CA1303.severity = silent
159
160# CA1304: Specify CultureInfo
161dotnet_diagnostic.CA1304.severity = silent
162
163# CA1305: Specify IFormatProvider
164dotnet_diagnostic.CA1305.severity = silent
165
166# CA1307: Specify StringComparison for clarity
167dotnet_diagnostic.CA1307.severity = warning
168
169# CA1308: Normalize strings to uppercase
170dotnet_diagnostic.CA1308.severity = warning
171
172# CA1309: Use ordinal string comparison
173dotnet_diagnostic.CA1309.severity = silent
174
175# CA1310: Specify StringComparison for correctness
176dotnet_diagnostic.CA1310.severity = silent
177
178# CA1401: P/Invokes should not be visible
179dotnet_diagnostic.CA1401.severity = suggestion
180
181# CA1416: Validate platform compatibility
182dotnet_diagnostic.CA1416.severity = warning
183
184# CA1417: Do not use 'OutAttribute' on string parameters for P/Invokes
185dotnet_diagnostic.CA1417.severity = warning
186
187# CA1501: Avoid excessive inheritance
188dotnet_diagnostic.CA1501.severity = warning
189
190# CA1502: Avoid excessive complexity
191dotnet_diagnostic.CA1502.severity = warning
192
193# CA1505: Avoid unmaintainable code
194dotnet_diagnostic.CA1505.severity = warning
195
196# CA1506: Avoid excessive class coupling
197dotnet_diagnostic.CA1506.severity = warning
198
199# CA1507: Use nameof to express symbol names
200dotnet_diagnostic.CA1507.severity = suggestion
201
202# CA1508: Avoid dead conditional code
203dotnet_diagnostic.CA1508.severity = warning
204
205# CA1509: Invalid entry in code metrics rule specification file
206dotnet_diagnostic.CA1509.severity = warning
207
208# CA1700: Do not name enum values 'Reserved'
209dotnet_diagnostic.CA1700.severity = warning
210
211# CA1707: Identifiers should not contain underscores
212dotnet_diagnostic.CA1707.severity = silent
213
214# CA1708: Identifiers should differ by more than case
215dotnet_diagnostic.CA1708.severity = silent
216
217# CA1710: Identifiers should have correct suffix
218dotnet_diagnostic.CA1710.severity = silent
219
220# CA1711: Identifiers should not have incorrect suffix
221dotnet_diagnostic.CA1711.severity = silent
222
223# CA1712: Do not prefix enum values with type name
224dotnet_diagnostic.CA1712.severity = silent
225
226# CA1713: Events should not have 'Before' or 'After' prefix
227dotnet_diagnostic.CA1713.severity = warning
228
229# CA1715: Identifiers should have correct prefix
230dotnet_diagnostic.CA1715.severity = silent
231
232# CA1716: Identifiers should not match keywords
233dotnet_diagnostic.CA1716.severity = silent
234
235# CA1720: Identifier contains type name
236dotnet_diagnostic.CA1720.severity = silent
237
238# CA1721: Property names should not match get methods
239dotnet_diagnostic.CA1721.severity = warning
240
241# CA1724: Type names should not match namespaces
242dotnet_diagnostic.CA1724.severity = warning
243
244# CA1725: Parameter names should match base declaration
245dotnet_diagnostic.CA1725.severity = silent
246
247# CA1801: Review unused parameters
248dotnet_diagnostic.CA1801.severity = warning
249
250# CA1802: Use literals where appropriate
251dotnet_diagnostic.CA1802.severity = warning
252
253# CA1805: Do not initialize unnecessarily
254dotnet_diagnostic.CA1805.severity = silent
255
256# CA1806: Do not ignore method results
257dotnet_diagnostic.CA1806.severity = suggestion
258
259# CA1810: Initialize reference type static fields inline
260dotnet_diagnostic.CA1810.severity = warning
261
262# CA1812: Avoid uninstantiated internal classes
263dotnet_diagnostic.CA1812.severity = warning
264
265# CA1813: Avoid unsealed attributes
266dotnet_diagnostic.CA1813.severity = warning
267
268# CA1814: Prefer jagged arrays over multidimensional
269dotnet_diagnostic.CA1814.severity = warning
270
271# CA1815: Override equals and operator equals on value types
272dotnet_diagnostic.CA1815.severity = warning
273
274# CA1816: Dispose methods should call SuppressFinalize
275dotnet_diagnostic.CA1816.severity = suggestion
276
277# CA1819: Properties should not return arrays
278dotnet_diagnostic.CA1819.severity = warning
279
280# CA1820: Test for empty strings using string length
281dotnet_diagnostic.CA1820.severity = warning
282
283# CA1821: Remove empty Finalizers
284dotnet_diagnostic.CA1821.severity = suggestion
285
286# CA1822: Mark members as static
287dotnet_diagnostic.CA1822.severity = suggestion
288
289# CA1823: Avoid unused private fields
290dotnet_diagnostic.CA1823.severity = warning
291
292# CA1824: Mark assemblies with NeutralResourcesLanguageAttribute
293dotnet_diagnostic.CA1824.severity = suggestion
294
295# CA1825: Avoid zero-length array allocations
296dotnet_diagnostic.CA1825.severity = suggestion
297
298# CA1826: Do not use Enumerable methods on indexable collections
299dotnet_diagnostic.CA1826.severity = suggestion
300
301# CA1827: Do not use Count() or LongCount() when Any() can be used
302dotnet_diagnostic.CA1827.severity = suggestion
303
304# CA1828: Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used
305dotnet_diagnostic.CA1828.severity = suggestion
306
307# CA1829: Use Length/Count property instead of Count() when available
308dotnet_diagnostic.CA1829.severity = suggestion
309
310# CA1830: Prefer strongly-typed Append and Insert method overloads on StringBuilder
311dotnet_diagnostic.CA1830.severity = suggestion
312
313# CA1831: Use AsSpan or AsMemory instead of Range-based indexers when appropriate
314dotnet_diagnostic.CA1831.severity = warning
315
316# CA1832: Use AsSpan or AsMemory instead of Range-based indexers when appropriate
317dotnet_diagnostic.CA1832.severity = suggestion
318
319# CA1833: Use AsSpan or AsMemory instead of Range-based indexers when appropriate
320dotnet_diagnostic.CA1833.severity = suggestion
321
322# CA1834: Consider using 'StringBuilder.Append(char)' when applicable
323dotnet_diagnostic.CA1834.severity = suggestion
324
325# CA1835: Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync'
326dotnet_diagnostic.CA1835.severity = suggestion
327
328# CA1836: Prefer IsEmpty over Count
329dotnet_diagnostic.CA1836.severity = suggestion
330
331# CA1837: Use 'Environment.ProcessId'
332dotnet_diagnostic.CA1837.severity = suggestion
333
334# CA1838: Avoid 'StringBuilder' parameters for P/Invokes
335dotnet_diagnostic.CA1838.severity = silent
336
337# CA2000: Dispose objects before losing scope
338dotnet_diagnostic.CA2000.severity = warning
339
340# CA2002: Do not lock on objects with weak identity
341dotnet_diagnostic.CA2002.severity = warning
342
343# CA2007: Consider calling ConfigureAwait on the awaited task
344dotnet_diagnostic.CA2007.severity = warning
345
346# CA2008: Do not create tasks without passing a TaskScheduler
347dotnet_diagnostic.CA2008.severity = warning
348
349# CA2009: Do not call ToImmutableCollection on an ImmutableCollection value
350dotnet_diagnostic.CA2009.severity = suggestion
351
352# CA2011: Avoid infinite recursion
353dotnet_diagnostic.CA2011.severity = suggestion
354
355# CA2012: Use ValueTasks correctly
356dotnet_diagnostic.CA2012.severity = suggestion
357
358# CA2013: Do not use ReferenceEquals with value types
359dotnet_diagnostic.CA2013.severity = warning
360
361# CA2014: Do not use stackalloc in loops
362dotnet_diagnostic.CA2014.severity = warning
363
364# CA2015: Do not define finalizers for types derived from MemoryManager<T>
365dotnet_diagnostic.CA2015.severity = warning
366
367# CA2016: Forward the 'CancellationToken' parameter to methods
368dotnet_diagnostic.CA2016.severity = suggestion
369
370# CA2100: Review SQL queries for security vulnerabilities
371dotnet_diagnostic.CA2100.severity = warning
372
373# CA2101: Specify marshaling for P/Invoke string arguments
374dotnet_diagnostic.CA2101.severity = suggestion
375
376# CA2109: Review visible event handlers
377dotnet_diagnostic.CA2109.severity = warning
378
379# CA2119: Seal methods that satisfy private interfaces
380dotnet_diagnostic.CA2119.severity = warning
381
382# CA2153: Do Not Catch Corrupted State Exceptions
383dotnet_diagnostic.CA2153.severity = warning
384
385# CA2200: Rethrow to preserve stack details
386dotnet_diagnostic.CA2200.severity = warning
387
388# CA2201: Do not raise reserved exception types
389dotnet_diagnostic.CA2201.severity = silent
390
391# CA2207: Initialize value type static fields inline
392dotnet_diagnostic.CA2207.severity = warning
393
394# CA2208: Instantiate argument exceptions correctly
395dotnet_diagnostic.CA2208.severity = suggestion
396
397# CA2211: Non-constant fields should not be visible
398dotnet_diagnostic.CA2211.severity = suggestion
399
400# CA2213: Disposable fields should be disposed
401dotnet_diagnostic.CA2213.severity = warning
402
403# CA2214: Do not call overridable methods in constructors
404dotnet_diagnostic.CA2214.severity = warning
405
406# CA2215: Dispose methods should call base class dispose
407dotnet_diagnostic.CA2215.severity = silent
408
409# CA2216: Disposable types should declare finalizer
410dotnet_diagnostic.CA2216.severity = warning
411
412# CA2217: Do not mark enums with FlagsAttribute
413dotnet_diagnostic.CA2217.severity = warning
414
415# CA2218: Override GetHashCode on overriding Equals
416dotnet_diagnostic.CA2218.severity = suggestion
417
418# CA2219: Do not raise exceptions in finally clauses
419dotnet_diagnostic.CA2219.severity = suggestion
420
421# CA2224: Override Equals on overloading operator equals
422dotnet_diagnostic.CA2224.severity = suggestion
423
424# CA2225: Operator overloads have named alternates
425dotnet_diagnostic.CA2225.severity = warning
426
427# CA2226: Operators should have symmetrical overloads
428dotnet_diagnostic.CA2226.severity = warning
429
430# CA2227: Collection properties should be read only
431dotnet_diagnostic.CA2227.severity = warning
432
433# CA2229: Implement serialization constructors
434dotnet_diagnostic.CA2229.severity = silent
435
436# CA2231: Overload operator equals on overriding value type Equals
437dotnet_diagnostic.CA2231.severity = suggestion
438
439# CA2234: Pass system uri objects instead of strings
440dotnet_diagnostic.CA2234.severity = warning
441
442# CA2235: Mark all non-serializable fields
443dotnet_diagnostic.CA2235.severity = warning
444
445# CA2237: Mark ISerializable types with serializable
446dotnet_diagnostic.CA2237.severity = warning
447
448# CA2241: Provide correct arguments to formatting methods
449dotnet_diagnostic.CA2241.severity = suggestion
450
451# CA2242: Test for NaN correctly
452dotnet_diagnostic.CA2242.severity = suggestion
453
454# CA2243: Attribute string literals should parse correctly
455dotnet_diagnostic.CA2243.severity = warning
456
457# CA2244: Do not duplicate indexed element initializations
458dotnet_diagnostic.CA2244.severity = suggestion
459
460# CA2245: Do not assign a property to itself
461dotnet_diagnostic.CA2245.severity = suggestion
462
463# CA2246: Assigning symbol and its member in the same statement
464dotnet_diagnostic.CA2246.severity = suggestion
465
466# CA2247: Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum
467dotnet_diagnostic.CA2247.severity = warning
468
469# CA2248: Provide correct 'enum' argument to 'Enum.HasFlag'
470dotnet_diagnostic.CA2248.severity = suggestion
471
472# CA2249: Consider using 'string.Contains' instead of 'string.IndexOf'
473dotnet_diagnostic.CA2249.severity = suggestion
474
475# CA2300: Do not use insecure deserializer BinaryFormatter
476dotnet_diagnostic.CA2300.severity = warning
477
478# CA2301: Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder
479dotnet_diagnostic.CA2301.severity = warning
480
481# CA2302: Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize
482dotnet_diagnostic.CA2302.severity = warning
483
484# CA2305: Do not use insecure deserializer LosFormatter
485dotnet_diagnostic.CA2305.severity = warning
486
487# CA2310: Do not use insecure deserializer NetDataContractSerializer
488dotnet_diagnostic.CA2310.severity = warning
489
490# CA2311: Do not deserialize without first setting NetDataContractSerializer.Binder
491dotnet_diagnostic.CA2311.severity = warning
492
493# CA2312: Ensure NetDataContractSerializer.Binder is set before deserializing
494dotnet_diagnostic.CA2312.severity = warning
495
496# CA2315: Do not use insecure deserializer ObjectStateFormatter
497dotnet_diagnostic.CA2315.severity = warning
498
499# CA2321: Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
500dotnet_diagnostic.CA2321.severity = warning
501
502# CA2322: Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
503dotnet_diagnostic.CA2322.severity = warning
504
505# CA2326: Do not use TypeNameHandling values other than None
506dotnet_diagnostic.CA2326.severity = warning
507
508# CA2327: Do not use insecure JsonSerializerSettings
509dotnet_diagnostic.CA2327.severity = warning
510
511# CA2328: Ensure that JsonSerializerSettings are secure
512dotnet_diagnostic.CA2328.severity = warning
513
514# CA2329: Do not deserialize with JsonSerializer using an insecure configuration
515dotnet_diagnostic.CA2329.severity = warning
516
517# CA2330: Ensure that JsonSerializer has a secure configuration when deserializing
518dotnet_diagnostic.CA2330.severity = warning
519
520# CA2350: Do not use DataTable.ReadXml() with untrusted data
521dotnet_diagnostic.CA2350.severity = warning
522
523# CA2351: Do not use DataSet.ReadXml() with untrusted data
524dotnet_diagnostic.CA2351.severity = warning
525
526# CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks
527dotnet_diagnostic.CA2352.severity = warning
528
529# CA2353: Unsafe DataSet or DataTable in serializable type
530dotnet_diagnostic.CA2353.severity = warning
531
532# CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks
533dotnet_diagnostic.CA2354.severity = warning
534
535# CA2355: Unsafe DataSet or DataTable type found in deserializable object graph
536dotnet_diagnostic.CA2355.severity = warning
537
538# CA2356: Unsafe DataSet or DataTable type in web deserializable object graph
539dotnet_diagnostic.CA2356.severity = warning
540
541# CA2361: Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data
542dotnet_diagnostic.CA2361.severity = warning
543
544# CA2362: Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks
545dotnet_diagnostic.CA2362.severity = warning
546
547# CA3001: Review code for SQL injection vulnerabilities
548dotnet_diagnostic.CA3001.severity = warning
549
550# CA3002: Review code for XSS vulnerabilities
551dotnet_diagnostic.CA3002.severity = warning
552
553# CA3003: Review code for file path injection vulnerabilities
554dotnet_diagnostic.CA3003.severity = warning
555
556# CA3004: Review code for information disclosure vulnerabilities
557dotnet_diagnostic.CA3004.severity = warning
558
559# CA3005: Review code for LDAP injection vulnerabilities
560dotnet_diagnostic.CA3005.severity = warning
561
562# CA3006: Review code for process command injection vulnerabilities
563dotnet_diagnostic.CA3006.severity = warning
564
565# CA3007: Review code for open redirect vulnerabilities
566dotnet_diagnostic.CA3007.severity = warning
567
568# CA3008: Review code for XPath injection vulnerabilities
569dotnet_diagnostic.CA3008.severity = warning
570
571# CA3009: Review code for XML injection vulnerabilities
572dotnet_diagnostic.CA3009.severity = warning
573
574# CA3010: Review code for XAML injection vulnerabilities
575dotnet_diagnostic.CA3010.severity = warning
576
577# CA3011: Review code for DLL injection vulnerabilities
578dotnet_diagnostic.CA3011.severity = warning
579
580# CA3012: Review code for regex injection vulnerabilities
581dotnet_diagnostic.CA3012.severity = warning
582
583# CA3061: Do Not Add Schema By URL
584dotnet_diagnostic.CA3061.severity = silent
585
586# CA3075: Insecure DTD processing in XML
587dotnet_diagnostic.CA3075.severity = silent
588
589# CA3076: Insecure XSLT script processing.
590dotnet_diagnostic.CA3076.severity = silent
591
592# CA3077: Insecure Processing in API Design, XmlDocument and XmlTextReader
593dotnet_diagnostic.CA3077.severity = silent
594
595# CA3147: Mark Verb Handlers With Validate Antiforgery Token
596dotnet_diagnostic.CA3147.severity = silent
597
598# CA5350: Do Not Use Weak Cryptographic Algorithms
599dotnet_diagnostic.CA5350.severity = silent
600
601# CA5351: Do Not Use Broken Cryptographic Algorithms
602dotnet_diagnostic.CA5351.severity = silent
603
604# CA5358: Review cipher mode usage with cryptography experts
605dotnet_diagnostic.CA5358.severity = warning
606
607# CA5359: Do Not Disable Certificate Validation
608dotnet_diagnostic.CA5359.severity = silent
609
610# CA5360: Do Not Call Dangerous Methods In Deserialization
611dotnet_diagnostic.CA5360.severity = silent
612
613# CA5361: Do Not Disable SChannel Use of Strong Crypto
614dotnet_diagnostic.CA5361.severity = warning
615
616# CA5362: Potential reference cycle in deserialized object graph
617dotnet_diagnostic.CA5362.severity = warning
618
619# CA5363: Do Not Disable Request Validation
620dotnet_diagnostic.CA5363.severity = silent
621
622# CA5364: Do Not Use Deprecated Security Protocols
623dotnet_diagnostic.CA5364.severity = silent
624
625# CA5365: Do Not Disable HTTP Header Checking
626dotnet_diagnostic.CA5365.severity = silent
627
628# CA5366: Use XmlReader for 'DataSet.ReadXml()'
629dotnet_diagnostic.CA5366.severity = silent
630
631# CA5367: Do Not Serialize Types With Pointer Fields
632dotnet_diagnostic.CA5367.severity = warning
633
634# CA5368: Set ViewStateUserKey For Classes Derived From Page
635dotnet_diagnostic.CA5368.severity = silent
636
637# CA5369: Use XmlReader for 'XmlSerializer.Deserialize()'
638dotnet_diagnostic.CA5369.severity = silent
639
640# CA5370: Use XmlReader for XmlValidatingReader constructor
641dotnet_diagnostic.CA5370.severity = silent
642
643# CA5371: Use XmlReader for 'XmlSchema.Read()'
644dotnet_diagnostic.CA5371.severity = silent
645
646# CA5372: Use XmlReader for XPathDocument constructor
647dotnet_diagnostic.CA5372.severity = silent
648
649# CA5373: Do not use obsolete key derivation function
650dotnet_diagnostic.CA5373.severity = silent
651
652# CA5374: Do Not Use XslTransform
653dotnet_diagnostic.CA5374.severity = silent
654
655# CA5375: Do Not Use Account Shared Access Signature
656dotnet_diagnostic.CA5375.severity = warning
657
658# CA5376: Use SharedAccessProtocol HttpsOnly
659dotnet_diagnostic.CA5376.severity = warning
660
661# CA5377: Use Container Level Access Policy
662dotnet_diagnostic.CA5377.severity = warning
663
664# CA5378: Do not disable ServicePointManagerSecurityProtocols
665dotnet_diagnostic.CA5378.severity = warning
666
667# CA5379: Ensure Key Derivation Function algorithm is sufficiently strong
668dotnet_diagnostic.CA5379.severity = silent
669
670# CA5380: Do Not Add Certificates To Root Store
671dotnet_diagnostic.CA5380.severity = warning
672
673# CA5381: Ensure Certificates Are Not Added To Root Store
674dotnet_diagnostic.CA5381.severity = warning
675
676# CA5382: Use Secure Cookies In ASP.NET Core
677dotnet_diagnostic.CA5382.severity = warning
678
679# CA5383: Ensure Use Secure Cookies In ASP.NET Core
680dotnet_diagnostic.CA5383.severity = warning
681
682# CA5384: Do Not Use Digital Signature Algorithm (DSA)
683dotnet_diagnostic.CA5384.severity = silent
684
685# CA5385: Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size
686dotnet_diagnostic.CA5385.severity = silent
687
688# CA5386: Avoid hardcoding SecurityProtocolType value
689dotnet_diagnostic.CA5386.severity = warning
690
691# CA5387: Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
692dotnet_diagnostic.CA5387.severity = warning
693
694# CA5388: Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
695dotnet_diagnostic.CA5388.severity = warning
696
697# CA5389: Do Not Add Archive Item's Path To The Target File System Path
698dotnet_diagnostic.CA5389.severity = warning
699
700# CA5390: Do not hard-code encryption key
701dotnet_diagnostic.CA5390.severity = warning
702
703# CA5391: Use antiforgery tokens in ASP.NET Core MVC controllers
704dotnet_diagnostic.CA5391.severity = warning
705
706# CA5392: Use DefaultDllImportSearchPaths attribute for P/Invokes
707dotnet_diagnostic.CA5392.severity = warning
708
709# CA5393: Do not use unsafe DllImportSearchPath value
710dotnet_diagnostic.CA5393.severity = warning
711
712# CA5394: Do not use insecure randomness
713dotnet_diagnostic.CA5394.severity = warning
714
715# CA5395: Miss HttpVerb attribute for action methods
716dotnet_diagnostic.CA5395.severity = warning
717
718# CA5396: Set HttpOnly to true for HttpCookie
719dotnet_diagnostic.CA5396.severity = warning
720
721# CA5397: Do not use deprecated SslProtocols values
722dotnet_diagnostic.CA5397.severity = silent
723
724# CA5398: Avoid hardcoded SslProtocols values
725dotnet_diagnostic.CA5398.severity = warning
726
727# CA5399: HttpClients should enable certificate revocation list checks
728dotnet_diagnostic.CA5399.severity = warning
729
730# CA5400: Ensure HttpClient certificate revocation list check is not disabled
731dotnet_diagnostic.CA5400.severity = warning
732
733# CA5401: Do not use CreateEncryptor with non-default IV
734dotnet_diagnostic.CA5401.severity = warning
735
736# CA5402: Use CreateEncryptor with the default IV
737dotnet_diagnostic.CA5402.severity = warning
738
739# CA5403: Do not hard-code certificate
740dotnet_diagnostic.CA5403.severity = warning
741
742# IL3000: Avoid using accessing Assembly file path when publishing as a single-file
743dotnet_diagnostic.IL3000.severity = warning
744
745# IL3001: Avoid using accessing Assembly file path when publishing as a single-file
746dotnet_diagnostic.IL3001.severity = warning
747