All Versions
29
Latest Version
Avg Release Cycle
45 days
Latest Release
1210 days ago

Changelog History
Page 3

  • v2.9.4 Changes

    July 29, 2019

    πŸš€ Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains bug fixes on top of v2.9.3 release and additional rules listed below.

    Works with VS 2017.9 or later.

    βž• Added

    • 🐎 Performance
      • CA1827: Do not use Count() when Any() can be used -- Enabled by default
    • πŸ”’ Security
      • CA2326: Do not use TypeNameHandling values other than None
      • CA2327: Do not use insecure JsonSerializerSettings
      • CA2328: Ensure that JsonSerializerSettings are secure
      • CA5387: Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
      • CA5388: Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
      • CA5389: Do Not Add Archive Item's Path To The Target File System Path -- Enabled by default
      • CA5390: Do Not Hard Code Encryption Key -- Enabled by default
    • Usage
      • CA2245: Do not assign a property to itself. -- Enabled by default

    πŸ›  Fixes

    • 🐎 CA3075: Insecure DTD processing in XML -- Performance improvements.
    • πŸ›  CA5360: Do Not Call Dangerous Methods In Deserialization -- Fixed KeyNotFoundException.
  • v2.9.4-beta1.final Changes

    June 25, 2019

    πŸš€ Pre-Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains following additional analyzers and additional bug fixes on top of v2.9.3 release:

    0️⃣ 1. Usage rule CA2245 (AvoidPropertySelfAssignment) - On by default πŸ”’ 2. Security rule CA5387 (DefinitelyUseWeakKDFInsufficientIterationCount) - Off by default πŸ”’ 3. Security rule CA5388 (MaybeUseWeakKDFInsufficientIterationCount) - Off by default πŸ”’ 4. Security rule CA5389 (DoNotAddArchiveItemPathToTheTargetFileSystemPath) - Off by default

    Works with VS 2017.9 or later.

  • v2.9.3 Changes

    June 06, 2019

    πŸš€ Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains bug fixes on top of v2.9.2 release.

    Works with VS 2017.9 or later.

    βž• Added

    • πŸ”’ Security
      • CA2321: Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
      • CA2322: Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
      • CA5366: Use XmlReader For DataSet Read Xml -- Enabled by default
      • CA5369: Use XmlReader For Deserialize -- Enabled by default
      • CA5370: Use XmlReader For Validating Reader -- Enabled by default
      • CA5371: Use XmlReader For Schema Read -- Enabled by default
      • CA5372: Use XmlReader For XPathDocument -- Enabled by default
      • CA5373: Do not use obsolete key derivation function -- Enabled by default
      • CA5374: Do Not Use XslTransform -- Enabled by default
      • CA5375: Do Not Use Account Shared Access Signature
      • CA5376: Use SharedAccessProtocol HttpsOnly -- Enabled by default
      • CA5377: Use Container Level Access Policy -- Enabled by default
      • CA5378: Do not disable ServicePointManagerSecurityProtocols -- Enabled by default
      • CA5379: Do Not Use Weak Key Derivation Function Algorithm -- Enabled by default
      • CA5380: Do Not Add Certificates To Root Store -- Enabled by default
      • CA5381: Ensure Certificates Are Not Added To Root Store -- Enabled by default
      • CA5382: Use Secure Cookies In ASP.Net Core
      • CA5383: Ensure Use Secure Cookies In ASP.Net Core
      • CA5384: Do Not Use Digital Signature Algorithm (DSA) -- Enabled by default
      • CA5385: Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size -- Enabled by default
      • CA5386: Avoid hardcoding SecurityProtocolType value
  • v2.9.2 Changes

    April 17, 2019

    πŸš€ Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains bug fixes on top of v2.9.1 release.

    Works with VS 2017.9 or later.

  • v2.9.1 Changes

    March 29, 2019

    πŸš€ Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.1 NuGet packages. Contains bug fixes on top of v2.9.0 release.

    Works with VS 2017.9 or later.

    βž• Added

    • πŸ”’ Security
      • CA3061: Do Not Add Schema By URL -- Enabled by default
      • CA5367: Do Not Serialize Types With Pointer Fields
      • CA5368: Set ViewStateUserKey For Classes Derived From Page -- Enabled by default
  • v2.9.0 Changes

    March 12, 2019

    πŸš€ Pre-Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains additional analyzers/fixers and additional bug fixes on top of v2.6.3 release.

    Works with VS 2017.9 or later.

  • v2.9.0-beta1.final Changes

    March 12, 2019

    πŸš€ Pre-Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains additional analyzers/fixers and additional bug fixes on top of v2.6.3 release.

    Works with VS 2017.9 or later.

  • v2.6.4 Changes

    May 08, 2019

    πŸš€ Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.6.0 NuGet packages, with additional bug fixes and rules on top of v2.6.3 release.

    Works with VS 2017.5 or later.

  • v2.6.3 Changes

    January 10, 2019

    πŸš€ Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.6.0 NuGet packages, with additional bug fixes on top of v2.6.2 release.

    Works with VS 2017.5 or later.