2 <RuleSet Name="All Rules with default severity" Description="All Rules with default severity. Rules with IsEnabledByDefault = false are disabled." ToolsVersion="15.0">
3 <Rules AnalyzerId="Microsoft.CodeAnalysis.FxCopAnalyzers" RuleNamespace="Microsoft.CodeAnalysis.FxCopAnalyzers">
4 <Rule Id="CA1000" Action="Warning" /> <!-- Do not declare static members on generic types -->
5 <Rule Id="CA1001" Action="Warning" /> <!-- Types that own disposable fields should be disposable -->
6 <Rule Id="CA1003" Action="None" /> <!-- Use generic event handler instances -->
7 <Rule Id="CA1008" Action="None" /> <!-- Enums should have zero value -->
8 <Rule Id="CA1010" Action="Warning" /> <!-- Collections should implement generic interface -->
9 <Rule Id="CA1012" Action="None" /> <!-- Abstract types should not have constructors -->
10 <Rule Id="CA1014" Action="None" /> <!-- Mark assemblies with CLSCompliant -->
11 <Rule Id="CA1016" Action="Warning" /> <!-- Mark assemblies with assembly version -->
12 <Rule Id="CA1017" Action="None" /> <!-- Mark assemblies with ComVisible -->
13 <Rule Id="CA1018" Action="Warning" /> <!-- Mark attributes with AttributeUsageAttribute -->
14 <Rule Id="CA1019" Action="None" /> <!-- Define accessors for attribute arguments -->
15 <Rule Id="CA1024" Action="None" /> <!-- Use properties where appropriate -->
16 <Rule Id="CA1027" Action="None" /> <!-- Mark enums with FlagsAttribute -->
17 <Rule Id="CA1028" Action="Warning" /> <!-- Enum Storage should be Int32 -->
18 <Rule Id="CA1030" Action="None" /> <!-- Use events where appropriate -->
19 <Rule Id="CA1031" Action="Warning" /> <!-- Do not catch general exception types -->
20 <Rule Id="CA1032" Action="Warning" /> <!-- Implement standard exception constructors -->
21 <Rule Id="CA1033" Action="None" /> <!-- Interface methods should be callable by child types -->
22 <Rule Id="CA1034" Action="Warning" /> <!-- Nested types should not be visible -->
23 <Rule Id="CA1036" Action="Warning" /> <!-- Override methods on comparable types -->
24 <Rule Id="CA1040" Action="Warning" /> <!-- Avoid empty interfaces -->
25 <Rule Id="CA1041" Action="Warning" /> <!-- Provide ObsoleteAttribute message -->
26 <Rule Id="CA1043" Action="Warning" /> <!-- Use Integral Or String Argument For Indexers -->
27 <Rule Id="CA1044" Action="Warning" /> <!-- Properties should not be write only -->
28 <Rule Id="CA1050" Action="None" /> <!-- Declare types in namespaces -->
29 <Rule Id="CA1051" Action="Warning" /> <!-- Do not declare visible instance fields -->
30 <Rule Id="CA1052" Action="Warning" /> <!-- Static holder types should be Static or NotInheritable -->
31 <Rule Id="CA1054" Action="Warning" /> <!-- Uri parameters should not be strings -->
32 <Rule Id="CA1055" Action="Warning" /> <!-- Uri return values should not be strings -->
33 <Rule Id="CA1056" Action="Warning" /> <!-- Uri properties should not be strings -->
34 <Rule Id="CA1058" Action="Warning" /> <!-- Types should not extend certain base types -->
35 <Rule Id="CA1060" Action="None" /> <!-- Move pinvokes to native methods class -->
36 <Rule Id="CA1061" Action="Warning" /> <!-- Do not hide base class methods -->
37 <Rule Id="CA1062" Action="Warning" /> <!-- Validate arguments of public methods -->
38 <Rule Id="CA1063" Action="Warning" /> <!-- Implement IDisposable Correctly -->
39 <Rule Id="CA1064" Action="Warning" /> <!-- Exceptions should be public -->
40 <Rule Id="CA1065" Action="Warning" /> <!-- Do not raise exceptions in unexpected locations -->
41 <Rule Id="CA1066" Action="Warning" /> <!-- Type {0} should implement IEquatable<T> because it overrides Equals -->
42 <Rule Id="CA1067" Action="Warning" /> <!-- Override Object.Equals(object) when implementing IEquatable<T> -->
43 <Rule Id="CA1068" Action="Warning" /> <!-- CancellationToken parameters must come last -->
44 <Rule Id="CA1200" Action="Warning" /> <!-- Avoid using cref tags with a prefix -->
45 <Rule Id="CA1303" Action="None" /> <!-- Do not pass literals as localized parameters -->
46 <Rule Id="CA1304" Action="Warning" /> <!-- Specify CultureInfo -->
47 <Rule Id="CA1305" Action="None" /> <!-- Specify IFormatProvider -->
48 <Rule Id="CA1307" Action="None" /> <!-- Specify StringComparison -->
49 <Rule Id="CA1308" Action="Warning" /> <!-- Normalize strings to uppercase -->
50 <Rule Id="CA1309" Action="None" /> <!-- Use ordinal stringcomparison -->
51 <Rule Id="CA1401" Action="Warning" /> <!-- P/Invokes should not be visible -->
52 <Rule Id="CA1501" Action="None" /> <!-- Avoid excessive inheritance -->
53 <Rule Id="CA1502" Action="None" /> <!-- Avoid excessive complexity -->
54 <Rule Id="CA1505" Action="None" /> <!-- Avoid unmaintainable code -->
55 <Rule Id="CA1506" Action="None" /> <!-- Avoid excessive class coupling -->
56 <Rule Id="CA1507" Action="Warning" /> <!-- Use nameof to express symbol names -->
57 <Rule Id="CA1508" Action="None" /> <!-- Avoid dead conditional code -->
58 <Rule Id="CA1509" Action="None" /> <!-- Invalid entry in code metrics rule specification file -->
59 <Rule Id="CA1707" Action="Warning" /> <!-- Identifiers should not contain underscores -->
60 <Rule Id="CA1708" Action="None" /> <!-- Identifiers should differ by more than case -->
61 <Rule Id="CA1710" Action="Warning" /> <!-- Identifiers should have correct suffix -->
62 <Rule Id="CA1711" Action="None" /> <!-- Identifiers should not have incorrect suffix -->
63 <Rule Id="CA1712" Action="Warning" /> <!-- Do not prefix enum values with type name -->
64 <Rule Id="CA1714" Action="Warning" /> <!-- Flags enums should have plural names -->
65 <Rule Id="CA1715" Action="Warning" /> <!-- Identifiers should have correct prefix -->
66 <Rule Id="CA1716" Action="Warning" /> <!-- Identifiers should not match keywords -->
67 <Rule Id="CA1717" Action="Warning" /> <!-- Only FlagsAttribute enums should have plural names -->
68 <Rule Id="CA1720" Action="Warning" /> <!-- Identifier contains type name -->
69 <Rule Id="CA1721" Action="Warning" /> <!-- Property names should not match get methods -->
70 <Rule Id="CA1724" Action="Warning" /> <!-- Type names should not match namespaces -->
71 <Rule Id="CA1725" Action="None" /> <!-- Parameter names should match base declaration -->
72 <Rule Id="CA1801" Action="Warning" /> <!-- Review unused parameters -->
73 <Rule Id="CA1802" Action="Warning" /> <!-- Use literals where appropriate -->
74 <Rule Id="CA1806" Action="Warning" /> <!-- Do not ignore method results -->
75 <Rule Id="CA1810" Action="Warning" /> <!-- Initialize reference type static fields inline -->
76 <Rule Id="CA1812" Action="Warning" /> <!-- Avoid uninstantiated internal classes -->
77 <Rule Id="CA1813" Action="None" /> <!-- Avoid unsealed attributes -->
78 <Rule Id="CA1814" Action="Warning" /> <!-- Prefer jagged arrays over multidimensional -->
79 <Rule Id="CA1815" Action="Warning" /> <!-- Override equals and operator equals on value types -->
80 <Rule Id="CA1816" Action="Warning" /> <!-- Dispose methods should call SuppressFinalize -->
81 <Rule Id="CA1819" Action="Warning" /> <!-- Properties should not return arrays -->
82 <Rule Id="CA1820" Action="Warning" /> <!-- Test for empty strings using string length -->
83 <Rule Id="CA1821" Action="Warning" /> <!-- Remove empty Finalizers -->
84 <Rule Id="CA1822" Action="None" /> <!-- Mark members as static -->
85 <Rule Id="CA1823" Action="Warning" /> <!-- Avoid unused private fields -->
86 <Rule Id="CA1824" Action="Warning" /> <!-- Mark assemblies with NeutralResourcesLanguageAttribute -->
87 <Rule Id="CA1825" Action="Warning" /> <!-- Avoid zero-length array allocations. -->
88 <Rule Id="CA1826" Action="Warning" /> <!-- Do not use Enumerable methods on indexable collections. Instead use the collection directly -->
89 <Rule Id="CA1827" Action="Warning" /> <!-- Do not use Count() or LongCount() when Any() can be used -->
90 <Rule Id="CA1828" Action="Warning" /> <!-- Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used -->
91 <Rule Id="CA1829" Action="Warning" /> <!-- Use Length/Count property instead of Count() when available -->
92 <Rule Id="CA2000" Action="Warning" /> <!-- Dispose objects before losing scope -->
93 <Rule Id="CA2002" Action="Warning" /> <!-- Do not lock on objects with weak identity -->
94 <Rule Id="CA2007" Action="Warning" /> <!-- Consider calling ConfigureAwait on the awaited task -->
95 <Rule Id="CA2008" Action="Warning" /> <!-- Do not create tasks without passing a TaskScheduler -->
96 <Rule Id="CA2009" Action="Warning" /> <!-- Do not call ToImmutableCollection on an ImmutableCollection value -->
97 <Rule Id="CA2010" Action="Warning" /> <!-- Always consume the value returned by methods marked with PreserveSigAttribute -->
98 <Rule Id="CA2100" Action="Warning" /> <!-- Review SQL queries for security vulnerabilities -->
99 <Rule Id="CA2101" Action="None" /> <!-- Specify marshaling for P/Invoke string arguments -->
100 <Rule Id="CA2119" Action="Warning" /> <!-- Seal methods that satisfy private interfaces -->
101 <Rule Id="CA2153" Action="Warning" /> <!-- Do Not Catch Corrupted State Exceptions -->
102 <Rule Id="CA2200" Action="Warning" /> <!-- Rethrow to preserve stack details. -->
103 <Rule Id="CA2201" Action="None" /> <!-- Do not raise reserved exception types -->
104 <Rule Id="CA2207" Action="Warning" /> <!-- Initialize value type static fields inline -->
105 <Rule Id="CA2208" Action="Warning" /> <!-- Instantiate argument exceptions correctly -->
106 <Rule Id="CA2211" Action="Warning" /> <!-- Non-constant fields should not be visible -->
107 <Rule Id="CA2213" Action="Warning" /> <!-- Disposable fields should be disposed -->
108 <Rule Id="CA2214" Action="Warning" /> <!-- Do not call overridable methods in constructors -->
109 <Rule Id="CA2216" Action="Warning" /> <!-- Disposable types should declare finalizer -->
110 <Rule Id="CA2217" Action="None" /> <!-- Do not mark enums with FlagsAttribute -->
111 <Rule Id="CA2218" Action="Warning" /> <!-- Override GetHashCode on overriding Equals -->
112 <Rule Id="CA2219" Action="Warning" /> <!-- Do not raise exceptions in finally clauses -->
113 <Rule Id="CA2224" Action="Warning" /> <!-- Override Equals on overloading operator equals -->
114 <Rule Id="CA2225" Action="None" /> <!-- Operator overloads have named alternates -->
115 <Rule Id="CA2226" Action="Warning" /> <!-- Operators should have symmetrical overloads -->
116 <Rule Id="CA2227" Action="Warning" /> <!-- Collection properties should be read only -->
117 <Rule Id="CA2229" Action="Warning" /> <!-- Implement serialization constructors -->
118 <Rule Id="CA2231" Action="Warning" /> <!-- Overload operator equals on overriding value type Equals -->
119 <Rule Id="CA2234" Action="Warning" /> <!-- Pass system uri objects instead of strings -->
120 <Rule Id="CA2235" Action="Warning" /> <!-- Mark all non-serializable fields -->
121 <Rule Id="CA2237" Action="Warning" /> <!-- Mark ISerializable types with serializable -->
122 <Rule Id="CA2241" Action="Warning" /> <!-- Provide correct arguments to formatting methods -->
123 <Rule Id="CA2242" Action="Warning" /> <!-- Test for NaN correctly -->
124 <Rule Id="CA2243" Action="Warning" /> <!-- Attribute string literals should parse correctly -->
125 <Rule Id="CA2244" Action="Warning" /> <!-- Do not duplicate indexed element initializations -->
126 <Rule Id="CA2245" Action="Warning" /> <!-- Do not assign a property to itself. -->
127 <Rule Id="CA2246" Action="Warning" /> <!-- Assigning symbol and its member in the same statement. -->
128 <Rule Id="CA2300" Action="None" /> <!-- Do not use insecure deserializer BinaryFormatter -->
129 <Rule Id="CA2301" Action="None" /> <!-- Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder -->
130 <Rule Id="CA2302" Action="None" /> <!-- Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize -->
131 <Rule Id="CA2305" Action="None" /> <!-- Do not use insecure deserializer LosFormatter -->
132 <Rule Id="CA2310" Action="None" /> <!-- Do not use insecure deserializer NetDataContractSerializer -->
133 <Rule Id="CA2311" Action="None" /> <!-- Do not deserialize without first setting NetDataContractSerializer.Binder -->
134 <Rule Id="CA2312" Action="None" /> <!-- Ensure NetDataContractSerializer.Binder is set before deserializing -->
135 <Rule Id="CA2315" Action="None" /> <!-- Do not use insecure deserializer ObjectStateFormatter -->
136 <Rule Id="CA2321" Action="None" /> <!-- Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver -->
137 <Rule Id="CA2322" Action="None" /> <!-- Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing -->
138 <Rule Id="CA2326" Action="None" /> <!-- Do not use TypeNameHandling values other than None -->
139 <Rule Id="CA2327" Action="None" /> <!-- Do not use insecure JsonSerializerSettings -->
140 <Rule Id="CA2328" Action="None" /> <!-- Ensure that JsonSerializerSettings are secure -->
141 <Rule Id="CA2329" Action="None" /> <!-- Do not deserialize with JsonSerializer using an insecure configuration -->
142 <Rule Id="CA2330" Action="None" /> <!-- Ensure that JsonSerializer has a secure configuration when deserializing -->
143 <Rule Id="CA3001" Action="None" /> <!-- Review code for SQL injection vulnerabilities -->
144 <Rule Id="CA3002" Action="None" /> <!-- Review code for XSS vulnerabilities -->
145 <Rule Id="CA3003" Action="None" /> <!-- Review code for file path injection vulnerabilities -->
146 <Rule Id="CA3004" Action="None" /> <!-- Review code for information disclosure vulnerabilities -->
147 <Rule Id="CA3005" Action="None" /> <!-- Review code for LDAP injection vulnerabilities -->
148 <Rule Id="CA3006" Action="None" /> <!-- Review code for process command injection vulnerabilities -->
149 <Rule Id="CA3007" Action="None" /> <!-- Review code for open redirect vulnerabilities -->
150 <Rule Id="CA3008" Action="None" /> <!-- Review code for XPath injection vulnerabilities -->
151 <Rule Id="CA3009" Action="None" /> <!-- Review code for XML injection vulnerabilities -->
152 <Rule Id="CA3010" Action="None" /> <!-- Review code for XAML injection vulnerabilities -->
153 <Rule Id="CA3011" Action="None" /> <!-- Review code for DLL injection vulnerabilities -->
154 <Rule Id="CA3012" Action="None" /> <!-- Review code for regex injection vulnerabilities -->
155 <Rule Id="CA3061" Action="Warning" /> <!-- Do Not Add Schema By URL -->
156 <Rule Id="CA3075" Action="Warning" /> <!-- Insecure DTD processing in XML -->
157 <Rule Id="CA3076" Action="Warning" /> <!-- Insecure XSLT script processing. -->
158 <Rule Id="CA3077" Action="Warning" /> <!-- Insecure Processing in API Design, XmlDocument and XmlTextReader -->
159 <Rule Id="CA3147" Action="Warning" /> <!-- Mark Verb Handlers With Validate Antiforgery Token -->
160 <Rule Id="CA5350" Action="Warning" /> <!-- Do Not Use Weak Cryptographic Algorithms -->
161 <Rule Id="CA5351" Action="Warning" /> <!-- Do Not Use Broken Cryptographic Algorithms -->
162 <Rule Id="CA5358" Action="None" /> <!-- Do Not Use Unsafe Cipher Modes -->
163 <Rule Id="CA5359" Action="Warning" /> <!-- Do Not Disable Certificate Validation -->
164 <Rule Id="CA5360" Action="Warning" /> <!-- Do Not Call Dangerous Methods In Deserialization -->
165 <Rule Id="CA5361" Action="Warning" /> <!-- Do Not Disable SChannel Use of Strong Crypto -->
166 <Rule Id="CA5362" Action="None" /> <!-- Do Not Refer Self In Serializable Class -->
167 <Rule Id="CA5363" Action="Warning" /> <!-- Do Not Disable Request Validation -->
168 <Rule Id="CA5364" Action="Warning" /> <!-- Do Not Use Deprecated Security Protocols -->
169 <Rule Id="CA5365" Action="Warning" /> <!-- Do Not Disable HTTP Header Checking -->
170 <Rule Id="CA5366" Action="Warning" /> <!-- Use XmlReader For DataSet Read Xml -->
171 <Rule Id="CA5367" Action="None" /> <!-- Do Not Serialize Types With Pointer Fields -->
172 <Rule Id="CA5368" Action="Warning" /> <!-- Set ViewStateUserKey For Classes Derived From Page -->
173 <Rule Id="CA5369" Action="Warning" /> <!-- Use XmlReader For Deserialize -->
174 <Rule Id="CA5370" Action="Warning" /> <!-- Use XmlReader For Validating Reader -->
175 <Rule Id="CA5371" Action="Warning" /> <!-- Use XmlReader For Schema Read -->
176 <Rule Id="CA5372" Action="Warning" /> <!-- Use XmlReader For XPathDocument -->
177 <Rule Id="CA5373" Action="Warning" /> <!-- Do not use obsolete key derivation function -->
178 <Rule Id="CA5374" Action="Warning" /> <!-- Do Not Use XslTransform -->
179 <Rule Id="CA5375" Action="None" /> <!-- Do Not Use Account Shared Access Signature -->
180 <Rule Id="CA5376" Action="Warning" /> <!-- Use SharedAccessProtocol HttpsOnly -->
181 <Rule Id="CA5377" Action="Warning" /> <!-- Use Container Level Access Policy -->
182 <Rule Id="CA5378" Action="Warning" /> <!-- Do not disable ServicePointManagerSecurityProtocols -->
183 <Rule Id="CA5379" Action="Warning" /> <!-- Do Not Use Weak Key Derivation Function Algorithm -->
184 <Rule Id="CA5380" Action="Warning" /> <!-- Do Not Add Certificates To Root Store -->
185 <Rule Id="CA5381" Action="Warning" /> <!-- Ensure Certificates Are Not Added To Root Store -->
186 <Rule Id="CA5382" Action="None" /> <!-- Use Secure Cookies In ASP.Net Core -->
187 <Rule Id="CA5383" Action="None" /> <!-- Ensure Use Secure Cookies In ASP.Net Core -->
188 <Rule Id="CA5384" Action="Warning" /> <!-- Do Not Use Digital Signature Algorithm (DSA) -->
189 <Rule Id="CA5385" Action="Warning" /> <!-- Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size -->
190 <Rule Id="CA5386" Action="None" /> <!-- Avoid hardcoding SecurityProtocolType value -->
191 <Rule Id="CA5387" Action="None" /> <!-- Do Not Use Weak Key Derivation Function With Insufficient Iteration Count -->
192 <Rule Id="CA5388" Action="None" /> <!-- Ensure Sufficient Iteration Count When Using Weak Key Derivation Function -->
193 <Rule Id="CA5389" Action="None" /> <!-- Do Not Add Archive Item's Path To The Target File System Path -->
194 <Rule Id="CA5390" Action="None" /> <!-- Do Not Hard Code Encryption Key -->
195 <Rule Id="CA5391" Action="None" /> <!-- Use antiforgery tokens in ASP.NET Core MVC controllers -->
196 <Rule Id="CA5392" Action="None" /> <!-- Use DefaultDllImportSearchPaths attribute for P/Invokes -->
197 <Rule Id="CA5393" Action="None" /> <!-- Do not use unsafe DllImportSearchPath value -->
198 <Rule Id="CA5394" Action="None" /> <!-- Do not use insecure randomness -->
199 <Rule Id="CA5395" Action="None" /> <!-- Miss HttpVerb attribute for action methods -->
200 <Rule Id="CA5396" Action="None" /> <!-- Set HttpOnly to true for HttpCookie -->
201 <Rule Id="CA5397" Action="Warning" /> <!-- Do not use deprecated SslProtocols values -->
202 <Rule Id="CA5398" Action="None" /> <!-- Avoid hardcoded SslProtocols values -->
203 <Rule Id="CA5399" Action="None" /> <!-- Definitely disable HttpClient certificate revocation list check -->
204 <Rule Id="CA5400" Action="None" /> <!-- Ensure HttpClient certificate revocation list check is not disabled -->
205 <Rule Id="CA9999" Action="Warning" /> <!-- Analyzer version mismatch -->
projects / platform / core / csapi / tizenfx.git / blob