.NET Compiler Platform ("Roslyn") Analyzers v2.9.4 Release Notes
Release Date: 2019-07-29 // 4 months ago-
🚀 Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains bug fixes on top of v2.9.3 release and additional rules listed below.
Works with VS 2017.9 or later.
➕ Added
- 🐎 Performance
- CA1827: Do not use Count() when Any() can be used -- Enabled by default
- 🔒 Security
- CA2326: Do not use TypeNameHandling values other than None
- CA2327: Do not use insecure JsonSerializerSettings
- CA2328: Ensure that JsonSerializerSettings are secure
- CA5387: Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
- CA5388: Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
- CA5389: Do Not Add Archive Item's Path To The Target File System Path -- Enabled by default
- CA5390: Do Not Hard Code Encryption Key -- Enabled by default
- Usage
- CA2245: Do not assign a property to itself. -- Enabled by default
🛠 Fixes
- 🐎 CA3075: Insecure DTD processing in XML -- Performance improvements.
- 🛠 CA5360: Do Not Call Dangerous Methods In Deserialization -- Fixed KeyNotFoundException.
- 🐎 Performance
Previous changes from v2.9.4-beta1.final
-
🚀 Pre-Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Contains following additional analyzers and additional bug fixes on top of v2.9.3 release:
0️⃣ 1. Usage rule CA2245 (AvoidPropertySelfAssignment) - On by default 🔒 2. Security rule CA5387 (DefinitelyUseWeakKDFInsufficientIterationCount) - Off by default 🔒 3. Security rule CA5388 (MaybeUseWeakKDFInsufficientIterationCount) - Off by default 🔒 4. Security rule CA5389 (DoNotAddArchiveItemPathToTheTargetFileSystemPath) - Off by default
Works with VS 2017.9 or later.