blob: 04d29052f7c10d180ee635d771c201b297cdb507 [file] [log] [blame]
# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/configuration-files
# global can be overridden by local
is_global = true
# higher levels override lower levels. Standard is 0. MS-Analyzer are -100
global_level = -30
# ---
# https://github.com/dotnet/roslyn-analyzers/issues/7031
#CA2021: Type '{}' is incompatible with type '{}' and cast attempts will throw InvalidCastException at runtime
dotnet_diagnostic.CA2021.severity = none
# ---
#CA1002: Do not expose generic lists
dotnet_diagnostic.CA1002.severity = warning
#CA1003: Use generic event handler instances
dotnet_diagnostic.CA1003.severity = warning
#CA1005: Avoid excessive parameters on generic types
dotnet_diagnostic.CA1005.severity = warning
#CA1008: Enums should have zero value
dotnet_diagnostic.CA1008.severity = warning
#CA1012: Abstract types should not have constructors
dotnet_diagnostic.CA1012.severity = warning
#CA1019: Define accessors for attribute arguments
dotnet_diagnostic.CA1019.severity = warning
#CA1024: Use properties where appropriate
dotnet_diagnostic.CA1024.severity = warning
#CA1027: Mark enums with FlagsAttribute
dotnet_diagnostic.CA1027.severity = warning
#CA1031: Do not catch general exception types
dotnet_diagnostic.CA1031.severity = warning
#CA1040: Avoid empty interfaces
dotnet_diagnostic.CA1040.severity = warning
#CA1043: Use integral or string argument for indexers
dotnet_diagnostic.CA1043.severity = warning
#CA1044: Properties should not be write only
dotnet_diagnostic.CA1044.severity = warning
#CA1045: Do not pass types by reference
dotnet_diagnostic.CA1045.severity = warning
#CA1050: Declare types in namespaces
dotnet_diagnostic.CA1050.severity = warning
#CA1052: Static holder types should be sealed
dotnet_diagnostic.CA1052.severity = warning
#CA1058: Types should not extend certain base types
dotnet_diagnostic.CA1058.severity = warning
#CA1060: Move P/Invokes to NativeMethods class
dotnet_diagnostic.CA1060.severity = warning
#CA1062: Validate arguments of public methods
dotnet_diagnostic.CA1062.severity = warning
#CA1063: Implement IDisposable correctly
dotnet_diagnostic.CA1063.severity = warning
#CA1064: Exceptions should be public
dotnet_diagnostic.CA1064.severity = warning
#CA1066: Implement IEquatable when overriding Equals
dotnet_diagnostic.CA1066.severity = warning
#CA1303: Do not pass literals as localized parameters
dotnet_diagnostic.CA1303.severity = none
#CA1307: Specify StringComparison for clarity
dotnet_diagnostic.CA1307.severity = warning
#CA1309: Use ordinal StringComparison
dotnet_diagnostic.CA1309.severity = warning
#CA1311: Specify a culture or use an invariant version
dotnet_diagnostic.CA1311.severity = warning
#CA1421: Method uses runtime marshalling when DisableRuntimeMarshallingAttribute is applied
dotnet_diagnostic.CA1421.severity = warning
#CA1501: Avoid excessive inheritance
dotnet_diagnostic.CA1501.severity = warning
#CA1502: Avoid excessive complexity
dotnet_diagnostic.CA1502.severity = warning
#CA1505: Avoid unmaintainable code
dotnet_diagnostic.CA1505.severity = warning
#CA1505: Avoid unmaintainable code
dotnet_diagnostic.CA1505.severity = warning
#CA1506: Avoid excessive class coupling
dotnet_diagnostic.CA1506.severity = warning
#CA1509: Invalid entry in code metrics configuration file
dotnet_diagnostic.CA1509.severity = warning
#CA1700: Do not name enum values 'Reserved'
dotnet_diagnostic.CA1700.severity = warning
#CA1708: Identifiers should differ by more than case
dotnet_diagnostic.CA1708.severity = warning
#CA1711: Identifiers should not have incorrect suffix
dotnet_diagnostic.CA1711.severity = warning
#CA1721: Property names should not match get methods
dotnet_diagnostic.CA1721.severity = warning
#CA1724: Type Names Should Not Match Namespaces
dotnet_diagnostic.CA1724.severity = warning
#CA1725: Parameter names should match base declaration
dotnet_diagnostic.CA1725.severity = warning
#CA1801: Review unused parameters
dotnet_diagnostic.CA1801.severity = warning
#CA1802: Use Literals Where Appropriate
dotnet_diagnostic.CA1802.severity = warning
#CA1810: Initialize reference type static fields inline
dotnet_diagnostic.CA1810.severity = warning
#CA1812: Avoid uninstantiated internal classes
dotnet_diagnostic.CA1812.severity = none
#CA1813: Avoid unsealed attributes
dotnet_diagnostic.CA1813.severity = warning
#CA1814: Prefer jagged arrays over multidimensional
dotnet_diagnostic.CA1814.severity = warning
#CA1815: Override equals and operator equals on value types
dotnet_diagnostic.CA1815.severity = warning
#CA1819: Properties should not return arrays
dotnet_diagnostic.CA1819.severity = warning
#CA1820: Test for empty strings using string length
dotnet_diagnostic.CA1820.severity = warning
#CA1822: Mark members as static
dotnet_diagnostic.CA1822.severity = warning
#CA1823: Avoid unused private fields
dotnet_diagnostic.CA1823.severity = warning
#CA1850: Prefer static HashData method over ComputeHash
dotnet_diagnostic.CA1850.severity = warning
#CA1851: Possible multiple enumerations of IEnumerable collection
dotnet_diagnostic.CA1851.severity = warning
#CA1852: Seal internal types
dotnet_diagnostic.CA1852.severity = warning
#CA1853: Unnecessary call to 'Dictionary.ContainsKey(key)'
dotnet_diagnostic.CA1853.severity = warning
#CA1854: Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method
dotnet_diagnostic.CA1854.severity = warning
#CA1855: Use Span<T>.Clear() instead of Span<T>.Fill()
dotnet_diagnostic.CA1855.severity = warning
#CA2000: Dispose objects before losing scope
dotnet_diagnostic.CA2000.severity = warning
#CA2002: Do not lock on objects with weak identity
dotnet_diagnostic.CA2002.severity = warning
#CA2007: Do not directly await a Task
dotnet_diagnostic.CA2007.severity = warning
#CA2008: Do not create tasks without passing a TaskScheduler
dotnet_diagnostic.CA2008.severity = warning
#CA2019: ThreadStatic fields should not use inline initialization
dotnet_diagnostic.CA2019.severity = warning
#CA2020: Prevent behavioral change caused by built-in operators of IntPtr/UIntPtr
dotnet_diagnostic.CA2020.severity = warning
#CA2100: Review SQL queries for security vulnerabilities
dotnet_diagnostic.CA2100.severity = warning
#CA2119: Seal methods that satisfy private interfaces
dotnet_diagnostic.CA2119.severity = warning
#CA2153: Avoid handling Corrupted State Exceptions
dotnet_diagnostic.CA2153.severity = warning
#CA2201: Do not raise reserved exception types
dotnet_diagnostic.CA2201.severity = warning
#CA2207: Initialize value type static fields inline
dotnet_diagnostic.CA2207.severity = warning
#CA2213: Disposable fields should be disposed
dotnet_diagnostic.CA2213.severity = warning
#CA2214: Do not call overridable methods in constructors
dotnet_diagnostic.CA2214.severity = warning
#CA2217: Do not mark enums with FlagsAttribute
dotnet_diagnostic.CA2217.severity = warning
#CA2226: Operators should have symmetrical overloads
dotnet_diagnostic.CA2226.severity = warning
#CA2227: Collection properties should be read only
dotnet_diagnostic.CA2227.severity = warning
#CA2234: Pass System.Uri objects instead of strings
dotnet_diagnostic.CA2234.severity = warning
#CA2243: Attribute string literals should parse correctly
dotnet_diagnostic.CA2243.severity = warning
#CA2248: Provide correct enum argument to Enum.HasFlag
dotnet_diagnostic.CA2248.severity = warning
#CA2300: Do not use insecure deserializer BinaryFormatter
dotnet_diagnostic.CA2300.severity = warning
#CA2301: Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder
dotnet_diagnostic.CA2301.severity = warning
#CA2302: Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize
dotnet_diagnostic.CA2302.severity = warning
#CA2305: Do not use insecure deserializer LosFormatter
dotnet_diagnostic.CA2305.severity = warning
#CA2310: Do not use insecure deserializer NetDataContractSerializer
dotnet_diagnostic.CA2310.severity = warning
#CA2311: Do not deserialize without first setting NetDataContractSerializer.Binder
dotnet_diagnostic.CA2311.severity = warning
#CA2312: Ensure NetDataContractSerializer.Binder is set before deserializing
dotnet_diagnostic.CA2312.severity = warning
#CA2315: Do not use insecure deserializer ObjectStateFormatter
dotnet_diagnostic.CA2315.severity = warning
#CA2321: Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
dotnet_diagnostic.CA2321.severity = warning
#CA2322: Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
dotnet_diagnostic.CA2322.severity = warning
#CA2326: Do not use TypeNameHandling values other than None
dotnet_diagnostic.CA2326.severity = warning
#CA2327: Do not use insecure JsonSerializerSettings
dotnet_diagnostic.CA2327.severity = warning
#CA2328: Ensure that JsonSerializerSettings are secure
dotnet_diagnostic.CA2328.severity = warning
#CA2329: Do not deserialize with JsonSerializer using an insecure configuration
dotnet_diagnostic.CA2329.severity = warning
#CA2330: Ensure that JsonSerializer has a secure configuration when deserializing
dotnet_diagnostic.CA2330.severity = warning
#CA3001: Review code for SQL injection vulnerabilities
dotnet_diagnostic.CA3001.severity = warning
#CA3002: Review code for XSS vulnerabilities
dotnet_diagnostic.CA3002.severity = warning
#CA3003: Review code for file path injection vulnerabilities
dotnet_diagnostic.CA3003.severity = warning
#CA3004: Review code for information disclosure vulnerabilities
dotnet_diagnostic.CA3004.severity = warning
#CA3005: Review code for LDAP injection vulnerabilities
dotnet_diagnostic.CA3005.severity = warning
#CA3006: Review code for process command injection vulnerabilities
dotnet_diagnostic.CA3006.severity = warning
#CA3007: Review code for open redirect vulnerabilities
dotnet_diagnostic.CA3007.severity = warning
#CA3008: Review code for XPath injection vulnerabilities
dotnet_diagnostic.CA3008.severity = warning
#CA3009: Review code for XML injection vulnerabilities
dotnet_diagnostic.CA3009.severity = warning
#CA3010: Review code for XAML injection vulnerabilities
dotnet_diagnostic.CA3010.severity = warning
#CA3011: Review code for DLL injection vulnerabilities
dotnet_diagnostic.CA3011.severity = warning
#CA3012: Review code for regex injection vulnerabilities
dotnet_diagnostic.CA3012.severity = warning
#CA5358: Do Not Use Unsafe Cipher Modes
dotnet_diagnostic.CA5358.severity = warning
#CA5362: Potential reference cycle in deserialized object graph
dotnet_diagnostic.CA5362.severity = warning
#CA5367: Do Not Serialize Types With Pointer Fields
dotnet_diagnostic.CA5367.severity = warning
#CA5367: Do Not Serialize Types With Pointer Fields
dotnet_diagnostic.CA5367.severity = warning
#CA5375: Do not use account shared access signature
dotnet_diagnostic.CA5375.severity = warning
#CA5378: Do not disable ServicePointManagerSecurityProtocols
dotnet_diagnostic.CA5378.severity = warning
#CA5382: Use secure cookies in ASP.NET Core
dotnet_diagnostic.CA5382.severity = warning
#CA5382: Use secure cookies in ASP.NET Core
dotnet_diagnostic.CA5382.severity = warning
#CA5383: Ensure use secure cookies in ASP.NET Core
dotnet_diagnostic.CA5383.severity = warning
#CA5383: Ensure use secure cookies in ASP.NET Core
dotnet_diagnostic.CA5383.severity = warning
#CA5386: Avoid hardcoding SecurityProtocolType value
dotnet_diagnostic.CA5386.severity = warning
#CA5387: Do not use weak key derivation function with insufficient iteration count
dotnet_diagnostic.CA5387.severity = warning
#CA5388: Ensure sufficient iteration count when using weak key derivation function
dotnet_diagnostic.CA5388.severity = warning
#CA5389: Do not add archive item's path to the target file system path
dotnet_diagnostic.CA5389.severity = warning
#CA5390: Do not hard-code encryption key
dotnet_diagnostic.CA5390.severity = warning
#CA5390: Do not hard-code encryption key
dotnet_diagnostic.CA5390.severity = warning
#CA5391: Use antiforgery tokens in ASP.NET Core MVC controllers
dotnet_diagnostic.CA5391.severity = warning
#CA5391: Use antiforgery tokens in ASP.NET Core MVC controllers
dotnet_diagnostic.CA5391.severity = warning
#CA5392: Use DefaultDllImportSearchPaths attribute for P/Invokes
dotnet_diagnostic.CA5392.severity = warning
#CA5392: Use DefaultDllImportSearchPaths attribute for P/Invokes
dotnet_diagnostic.CA5392.severity = warning
#CA5393: Do not use unsafe DllImportSearchPath value
dotnet_diagnostic.CA5393.severity = warning
#CA5393: Do not use unsafe DllImportSearchPath value
dotnet_diagnostic.CA5393.severity = warning
#CA5394: Do not use insecure randomness
dotnet_diagnostic.CA5394.severity = warning
#CA5394: Do not use insecure randomness
dotnet_diagnostic.CA5394.severity = warning
#CA5395: Miss HttpVerb attribute for action methods
dotnet_diagnostic.CA5395.severity = warning
#CA5395: Miss HttpVerb attribute for action methods
dotnet_diagnostic.CA5395.severity = warning
#CA5396: Set HttpOnly to true for HttpCookie
dotnet_diagnostic.CA5396.severity = warning
#CA5396: Set HttpOnly to true for HttpCookie
dotnet_diagnostic.CA5396.severity = warning
#CA5398: Avoid hardcoded SslProtocols values
dotnet_diagnostic.CA5398.severity = warning
#CA5398: Avoid hardcoded SslProtocols values
dotnet_diagnostic.CA5398.severity = warning
#CA5399: Definitely disable HttpClient certificate revocation list check
dotnet_diagnostic.CA5399.severity = warning
#CA5400: Ensure HttpClient certificate revocation list check is not disabled
dotnet_diagnostic.CA5400.severity = warning
#CA5401: Do not use CreateEncryptor with non-default IV
dotnet_diagnostic.CA5401.severity = warning
#CA5402: Use CreateEncryptor with the default IV
dotnet_diagnostic.CA5402.severity = warning
#CA5403: Do not hard-code certificate
dotnet_diagnostic.CA5403.severity = warning
#IDE0010: Add missing cases to switch statement
dotnet_diagnostic.IDE0010.severity = none
#IDE0067: Disposable object is never disposed
dotnet_diagnostic.IDE0067.severity = warning
#IDE0068: use recommended dispose pattern
dotnet_diagnostic.IDE0068.severity = warning
#IDE0072: Add missing cases to switch expression
dotnet_diagnostic.IDE0072.severity = none