Release 9.1 brings a set of rules that help users avoid performance pitfalls.
New Rules
7132 - [C#] New rule S6618: "string.Create" should be used instead of "FormattableString"
7131 - [C#, VB.NET] New rule S6617: "Contains" should be used instead of "Any" for simple equality checks
7129 - [C#, VB.NET] New rule S6613: "First" and "Last" properties of "LinkedList" should be used instead of the "First()" and "Last()" extension methods
7128 - [C#, VB.NET] New rule S6612: The lambda parameter should be used instead of capturing arguments in "ConcurrentDictionary" methods
7127 - [C#, VB.NET] New rule S6610: "StartsWith" and "EndsWith" overloads that take a "char" should be used instead of the ones that take a "string"
7126 - [C#, VB.NET] New rule S6609: "Min/Max" properties of "Set" types should be used instead of the "Enumerable" extension methods
7125 - [C#, VB.NET] New rule S6608: Indexing should be used instead of "Enumerable" methods on types implementing "IList"
7124 - [C#, VB.NET] New rule S6607: The collection should be filtered before sorting by using "Where" before "OrderBy"
7123 - [C#, VB.NET] New rule S6605: Collection-specific "Exists" method should be used instead of the "Any" extension
7122 - [C#, VB.NET] New rule S6603: The collection-specific "TrueForAll" method should be used instead of the "All" extension
7121 - [C#, VB.NET] New rule S6602: "Find" method should be used instead of the "FirstOrDefault" extension
Improvements
7197 - [VB.NET] Improve S2302 Message: Use NameOf for VB.NET
7133 - [C#] Extend S3260 to include file access modifier on types
Bug Fixes
7134 - [C#] Fix AD0001 in S138: NullReferenceException
False Negative
2528 - [C#] FPs and FNs in the Symbolic Execution rules when null coalescing is combined with arithmetic expressions because we do not support constraints on integers
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps SonarAnalyzer.CSharp from 9.0.0.68202 to 9.1.0.70676.
Release notes
Sourced from SonarAnalyzer.CSharp's releases.
Commits
48001c5
Update parent pom version (#7268)e523c60
Update RSPEC before 9.1 release (#7266)9ded47c
SE: Add BitOrOperation (#7232)28f3de2
SE: CompoundAssignment learns NotNull (#7257)6c05986
Fix S6612 FP: lambda parameter used inside NameOf() (#7255)f608ee4
SE: Learn NumberConstraint from range comparisons (#7242)5ca6364
SE: Reset values on compound assignments (#7223)ae4c24a
Update the expected csharp plugin file size range (#7248)7c5ff36
Repo S101 FP: Lower case character after number (#7244)030173b
SE UTs: Replace ValidateTag with TagValue (#7236)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)