mavasani
commented
5 years ago PortedFromFxCopRules*.ruleset embedded in the rulesets folder in the latest NuGet package should have all the ported FxCop rules listed in the first half, and new rules in the second half of the file (see <!-- Other Rules --> section):
<?xml version="1.0"?>
<RuleSet Name="PortedFromFxCop Rules with default action" Description="All PortedFromFxCop Rules with default action. Rules with IsEnabledByDefault = false and non-PortedFromFxCop rules are disabled." ToolsVersion="15.0">
<!-- PortedFromFxCop Rules -->
<Rules AnalyzerId="Microsoft.CodeQuality.Analyzers" RuleNamespace="Microsoft.CodeQuality.Analyzers">
<Rule Id="CA1000" Action="Warning" /> <!-- Do not declare static members on generic types -->
<Rule Id="CA1008" Action="None" /> <!-- Enums should have zero value -->
<Rule Id="CA1010" Action="Warning" /> <!-- Collections should implement generic interface -->
<Rule Id="CA1012" Action="None" /> <!-- Abstract types should not have constructors -->
<Rule Id="CA1014" Action="None" /> <!-- Mark assemblies with CLSCompliant -->
<Rule Id="CA1016" Action="Warning" /> <!-- Mark assemblies with assembly version -->
<Rule Id="CA1017" Action="None" /> <!-- Mark assemblies with ComVisible -->
<Rule Id="CA1018" Action="Warning" /> <!-- Mark attributes with AttributeUsageAttribute -->
<Rule Id="CA1024" Action="None" /> <!-- Use properties where appropriate -->
<Rule Id="CA1027" Action="None" /> <!-- Mark enums with FlagsAttribute -->
<Rule Id="CA1028" Action="Warning" /> <!-- Enum Storage should be Int32 -->
<Rule Id="CA1030" Action="Warning" /> <!-- Use events where appropriate -->
<Rule Id="CA1031" Action="Warning" /> <!-- Do not catch general exception types -->
<Rule Id="CA1033" Action="None" /> <!-- Interface methods should be callable by child types -->
<Rule Id="CA1034" Action="Warning" /> <!-- Nested types should not be visible -->
<Rule Id="CA1036" Action="Warning" /> <!-- Override methods on comparable types -->
<Rule Id="CA1040" Action="Warning" /> <!-- Avoid empty interfaces -->
<Rule Id="CA1041" Action="Warning" /> <!-- Provide ObsoleteAttribute message -->
<Rule Id="CA1043" Action="Warning" /> <!-- Use Integral Or String Argument For Indexers -->
<Rule Id="CA1044" Action="Warning" /> <!-- Properties should not be write only -->
<Rule Id="CA1050" Action="None" /> <!-- Declare types in namespaces -->
<Rule Id="CA1051" Action="Warning" /> <!-- Do not declare visible instance fields -->
<Rule Id="CA1052" Action="Warning" /> <!-- Static holder types should be Static or NotInheritable -->
<Rule Id="CA1054" Action="Warning" /> <!-- Uri parameters should not be strings -->
<Rule Id="CA1055" Action="Warning" /> <!-- Uri return values should not be strings -->
<Rule Id="CA1056" Action="Warning" /> <!-- Uri properties should not be strings -->
<Rule Id="CA1060" Action="None" /> <!-- Move pinvokes to native methods class -->
<Rule Id="CA1061" Action="Warning" /> <!-- Do not hide base class methods -->
<Rule Id="CA1062" Action="Warning" /> <!-- Validate arguments of public methods -->
<Rule Id="CA1063" Action="Warning" /> <!-- Implement IDisposable Correctly -->
<Rule Id="CA1064" Action="Warning" /> <!-- Exceptions should be public -->
<Rule Id="CA1501" Action="None" /> <!-- Avoid excessive inheritance -->
<Rule Id="CA1502" Action="None" /> <!-- Avoid excessive complexity -->
<Rule Id="CA1505" Action="None" /> <!-- Avoid unmaintainable code -->
<Rule Id="CA1506" Action="None" /> <!-- Avoid excessive class coupling -->
<Rule Id="CA1707" Action="Warning" /> <!-- Identifiers should not contain underscores -->
<Rule Id="CA1708" Action="None" /> <!-- Identifiers should differ by more than case -->
<Rule Id="CA1710" Action="Warning" /> <!-- Identifiers should have correct suffix -->
<Rule Id="CA1711" Action="None" /> <!-- Identifiers should not have incorrect suffix -->
<Rule Id="CA1712" Action="Warning" /> <!-- Do not prefix enum values with type name -->
<Rule Id="CA1714" Action="Warning" /> <!-- Flags enums should have plural names -->
<Rule Id="CA1715" Action="Warning" /> <!-- Identifiers should have correct prefix -->
<Rule Id="CA1716" Action="Warning" /> <!-- Identifiers should not match keywords -->
<Rule Id="CA1717" Action="Warning" /> <!-- Only FlagsAttribute enums should have plural names -->
<Rule Id="CA1720" Action="Warning" /> <!-- Identifier contains type name -->
<Rule Id="CA1721" Action="Warning" /> <!-- Property names should not match get methods -->
<Rule Id="CA1724" Action="Warning" /> <!-- Type names should not match namespaces -->
<Rule Id="CA1725" Action="None" /> <!-- Parameter names should match base declaration -->
<Rule Id="CA1801" Action="Warning" /> <!-- Review unused parameters -->
<Rule Id="CA1802" Action="Warning" /> <!-- Use literals where appropriate -->
<Rule Id="CA1806" Action="Warning" /> <!-- Do not ignore method results -->
<Rule Id="CA1812" Action="Warning" /> <!-- Avoid uninstantiated internal classes -->
<Rule Id="CA1814" Action="Warning" /> <!-- Prefer jagged arrays over multidimensional -->
<Rule Id="CA1815" Action="Warning" /> <!-- Override equals and operator equals on value types -->
<Rule Id="CA1819" Action="Warning" /> <!-- Properties should not return arrays -->
<Rule Id="CA1822" Action="Warning" /> <!-- Mark members as static -->
<Rule Id="CA1823" Action="Warning" /> <!-- Avoid unused private fields -->
<Rule Id="CA2119" Action="Warning" /> <!-- Seal methods that satisfy private interfaces -->
<Rule Id="CA2211" Action="Warning" /> <!-- Non-constant fields should not be visible -->
<Rule Id="CA2214" Action="Warning" /> <!-- Do not call overridable methods in constructors -->
<Rule Id="CA2217" Action="None" /> <!-- Do not mark enums with FlagsAttribute -->
<Rule Id="CA2219" Action="Warning" /> <!-- Do not raise exceptions in finally clauses -->
<Rule Id="CA2225" Action="Warning" /> <!-- Operator overloads have named alternates -->
<Rule Id="CA2226" Action="Warning" /> <!-- Operators should have symmetrical overloads -->
<Rule Id="CA2227" Action="Warning" /> <!-- Collection properties should be read only -->
<Rule Id="CA2231" Action="Warning" /> <!-- Overload operator equals on overriding value type Equals -->
</Rules>
<Rules AnalyzerId="Microsoft.CodeQuality.CSharp.Analyzers" RuleNamespace="Microsoft.CodeQuality.CSharp.Analyzers">
<Rule Id="CA1001" Action="Warning" /> <!-- Types that own disposable fields should be disposable -->
<Rule Id="CA1003" Action="None" /> <!-- Use generic event handler instances -->
<Rule Id="CA1019" Action="None" /> <!-- Define accessors for attribute arguments -->
<Rule Id="CA1032" Action="Warning" /> <!-- Implement standard exception constructors -->
<Rule Id="CA1065" Action="Warning" /> <!-- Do not raise exceptions in unexpected locations -->
<Rule Id="CA1821" Action="Warning" /> <!-- Remove empty Finalizers -->
<Rule Id="CA2200" Action="Warning" /> <!-- Rethrow to preserve stack details. -->
<Rule Id="CA2234" Action="Warning" /> <!-- Pass system uri objects instead of strings -->
</Rules>
<Rules AnalyzerId="Microsoft.CodeQuality.VisualBasic.Analyzers" RuleNamespace="Microsoft.CodeQuality.VisualBasic.Analyzers">
<Rule Id="CA1001" Action="Warning" /> <!-- Types that own disposable fields should be disposable -->
<Rule Id="CA1003" Action="None" /> <!-- Use generic event handler instances -->
<Rule Id="CA1019" Action="None" /> <!-- Define accessors for attribute arguments -->
<Rule Id="CA1032" Action="Warning" /> <!-- Implement standard exception constructors -->
<Rule Id="CA1065" Action="Warning" /> <!-- Do not raise exceptions in unexpected locations -->
<Rule Id="CA1821" Action="Warning" /> <!-- Remove empty Finalizers -->
<Rule Id="CA2200" Action="Warning" /> <!-- Rethrow to preserve stack details. -->
<Rule Id="CA2218" Action="Warning" /> <!-- Override GetHashCode on overriding Equals -->
<Rule Id="CA2224" Action="Warning" /> <!-- Override Equals on overloading operator equals -->
<Rule Id="CA2234" Action="Warning" /> <!-- Pass system uri objects instead of strings -->
</Rules>
<Rules AnalyzerId="Microsoft.NetCore.Analyzers" RuleNamespace="Microsoft.NetCore.Analyzers">
<Rule Id="CA1303" Action="Warning" /> <!-- Do not pass literals as localized parameters -->
<Rule Id="CA1304" Action="Warning" /> <!-- Specify CultureInfo -->
<Rule Id="CA1305" Action="Warning" /> <!-- Specify IFormatProvider -->
<Rule Id="CA1307" Action="Warning" /> <!-- Specify StringComparison -->
<Rule Id="CA1308" Action="Warning" /> <!-- Normalize strings to uppercase -->
<Rule Id="CA1401" Action="Warning" /> <!-- P/Invokes should not be visible -->
<Rule Id="CA1813" Action="None" /> <!-- Avoid unsealed attributes -->
<Rule Id="CA1816" Action="Warning" /> <!-- Dispose methods should call SuppressFinalize -->
<Rule Id="CA1820" Action="Warning" /> <!-- Test for empty strings using string length -->
<Rule Id="CA2000" Action="Warning" /> <!-- Dispose objects before losing scope -->
<Rule Id="CA2002" Action="Warning" /> <!-- Do not lock on objects with weak identity -->
<Rule Id="CA2100" Action="Warning" /> <!-- Review SQL queries for security vulnerabilities -->
<Rule Id="CA2101" Action="Warning" /> <!-- Specify marshaling for P/Invoke string arguments -->
<Rule Id="CA2208" Action="Warning" /> <!-- Instantiate argument exceptions correctly -->
<Rule Id="CA2213" Action="Warning" /> <!-- Disposable fields should be disposed -->
<Rule Id="CA2216" Action="Warning" /> <!-- Disposable types should declare finalizer -->
<Rule Id="CA2229" Action="Warning" /> <!-- Implement serialization constructors -->
<Rule Id="CA2235" Action="Warning" /> <!-- Mark all non-serializable fields -->
<Rule Id="CA2237" Action="Warning" /> <!-- Mark ISerializable types with serializable -->
<Rule Id="CA2241" Action="Warning" /> <!-- Provide correct arguments to formatting methods -->
<Rule Id="CA2242" Action="Warning" /> <!-- Test for NaN correctly -->
<Rule Id="CA2243" Action="Warning" /> <!-- Attribute string literals should parse correctly -->
</Rules>
<Rules AnalyzerId="Microsoft.NetCore.CSharp.Analyzers" RuleNamespace="Microsoft.NetCore.CSharp.Analyzers">
<Rule Id="CA1309" Action="None" /> <!-- Use ordinal stringcomparison -->
<Rule Id="CA1810" Action="Warning" /> <!-- Initialize reference type static fields inline -->
<Rule Id="CA1824" Action="Warning" /> <!-- Mark assemblies with NeutralResourcesLanguageAttribute -->
<Rule Id="CA2201" Action="None" /> <!-- Do not raise reserved exception types -->
<Rule Id="CA2207" Action="Warning" /> <!-- Initialize value type static fields inline -->
</Rules>
<Rules AnalyzerId="Microsoft.NetCore.VisualBasic.Analyzers" RuleNamespace="Microsoft.NetCore.VisualBasic.Analyzers">
<Rule Id="CA1309" Action="None" /> <!-- Use ordinal stringcomparison -->
<Rule Id="CA1810" Action="Warning" /> <!-- Initialize reference type static fields inline -->
<Rule Id="CA1824" Action="Warning" /> <!-- Mark assemblies with NeutralResourcesLanguageAttribute -->
<Rule Id="CA2201" Action="None" /> <!-- Do not raise reserved exception types -->
<Rule Id="CA2207" Action="Warning" /> <!-- Initialize value type static fields inline -->
</Rules>
<Rules AnalyzerId="Microsoft.NetFramework.Analyzers" RuleNamespace="Microsoft.NetFramework.Analyzers">
<Rule Id="CA1058" Action="Warning" /> <!-- Types should not extend certain base types -->
</Rules>
<!-- Other Rules -->
<Rules AnalyzerId="Microsoft.CodeAnalysis.VersionCheckAnalyzer" RuleNamespace="Microsoft.CodeAnalysis.VersionCheckAnalyzer">
<Rule Id="CA9999" Action="None" /> <!-- Analyzer version mismatch -->
</Rules>
<Rules AnalyzerId="Microsoft.CodeQuality.Analyzers" RuleNamespace="Microsoft.CodeQuality.Analyzers">
<Rule Id="CA1066" Action="None" /> <!-- Type {0} should implement IEquatable<T> because it overrides Equals -->
<Rule Id="CA1067" Action="None" /> <!-- Override Object.Equals(object) when implementing IEquatable<T> -->
<Rule Id="CA1068" Action="None" /> <!-- CancellationToken parameters must come last -->
<Rule Id="CA1508" Action="None" /> <!-- Avoid dead conditional code -->
<Rule Id="CA1509" Action="None" /> <!-- Invalid entry in code metrics rule specification file -->
<Rule Id="CA1827" Action="None" /> <!-- Do not use Count() when Any() can be used -->
<Rule Id="CA2007" Action="None" /> <!-- Consider calling ConfigureAwait on the awaited task -->
<Rule Id="CA2244" Action="None" /> <!-- Do not duplicate indexed element initializations -->
<Rule Id="CA2245" Action="None" /> <!-- Do not assign a property to itself. -->
</Rules>
<Rules AnalyzerId="Microsoft.CodeQuality.CSharp.Analyzers" RuleNamespace="Microsoft.CodeQuality.CSharp.Analyzers">
<Rule Id="CA1200" Action="None" /> <!-- Avoid using cref tags with a prefix -->
<Rule Id="CA1507" Action="None" /> <!-- Use nameof to express symbol names -->
</Rules>
<Rules AnalyzerId="Microsoft.CodeQuality.VisualBasic.Analyzers" RuleNamespace="Microsoft.CodeQuality.VisualBasic.Analyzers">
<Rule Id="CA1200" Action="None" /> <!-- Avoid using cref tags with a prefix -->
<Rule Id="CA1507" Action="None" /> <!-- Use nameof to express symbol names -->
</Rules>
<Rules AnalyzerId="Microsoft.NetCore.Analyzers" RuleNamespace="Microsoft.NetCore.Analyzers">
<Rule Id="CA1826" Action="None" /> <!-- Do not use Enumerable methods on indexable collections. Instead use the collection directly -->
<Rule Id="CA2008" Action="None" /> <!-- Do not create tasks without passing a TaskScheduler -->
<Rule Id="CA2009" Action="None" /> <!-- Do not call ToImmutableCollection on an ImmutableCollection value -->
<Rule Id="CA2300" Action="None" /> <!-- Do not use insecure deserializer BinaryFormatter -->
<Rule Id="CA2301" Action="None" /> <!-- Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder -->
<Rule Id="CA2302" Action="None" /> <!-- Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize -->
<Rule Id="CA2305" Action="None" /> <!-- Do not use insecure deserializer LosFormatter -->
<Rule Id="CA2310" Action="None" /> <!-- Do not use insecure deserializer NetDataContractSerializer -->
<Rule Id="CA2311" Action="None" /> <!-- Do not deserialize without first setting NetDataContractSerializer.Binder -->
<Rule Id="CA2312" Action="None" /> <!-- Ensure NetDataContractSerializer.Binder is set before deserializing -->
<Rule Id="CA2315" Action="None" /> <!-- Do not use insecure deserializer ObjectStateFormatter -->
<Rule Id="CA2321" Action="None" /> <!-- Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver -->
<Rule Id="CA2322" Action="None" /> <!-- Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing -->
<Rule Id="CA2326" Action="None" /> <!-- Do not use TypeNameHandling values other than None -->
<Rule Id="CA2327" Action="None" /> <!-- Do not use insecure JsonSerializerSettings -->
<Rule Id="CA2328" Action="None" /> <!-- Ensure that JsonSerializerSettings are secure -->
<Rule Id="CA3001" Action="None" /> <!-- Review code for SQL injection vulnerabilities -->
<Rule Id="CA3002" Action="None" /> <!-- Review code for XSS vulnerabilities -->
<Rule Id="CA3003" Action="None" /> <!-- Review code for file path injection vulnerabilities -->
<Rule Id="CA3004" Action="None" /> <!-- Review code for information disclosure vulnerabilities -->
<Rule Id="CA3005" Action="None" /> <!-- Review code for LDAP injection vulnerabilities -->
<Rule Id="CA3006" Action="None" /> <!-- Review code for process command injection vulnerabilities -->
<Rule Id="CA3007" Action="None" /> <!-- Review code for open redirect vulnerabilities -->
<Rule Id="CA3008" Action="None" /> <!-- Review code for XPath injection vulnerabilities -->
<Rule Id="CA3009" Action="None" /> <!-- Review code for XML injection vulnerabilities -->
<Rule Id="CA3010" Action="None" /> <!-- Review code for XAML injection vulnerabilities -->
<Rule Id="CA3011" Action="None" /> <!-- Review code for DLL injection vulnerabilities -->
<Rule Id="CA3012" Action="None" /> <!-- Review code for regex injection vulnerabilities -->
<Rule Id="CA3061" Action="None" /> <!-- Do Not Add Schema By URL -->
<Rule Id="CA5350" Action="None" /> <!-- Do Not Use Weak Cryptographic Algorithms -->
<Rule Id="CA5351" Action="None" /> <!-- Do Not Use Broken Cryptographic Algorithms -->
<Rule Id="CA5358" Action="None" /> <!-- Do Not Use Unsafe Cipher Modes -->
<Rule Id="CA5359" Action="None" /> <!-- Do Not Disable Certificate Validation -->
<Rule Id="CA5360" Action="None" /> <!-- Do Not Call Dangerous Methods In Deserialization -->
<Rule Id="CA5361" Action="None" /> <!-- Do Not Disable SChannel Use of Strong Crypto -->
<Rule Id="CA5362" Action="None" /> <!-- Do Not Refer Self In Serializable Class -->
<Rule Id="CA5363" Action="None" /> <!-- Do Not Disable Request Validation -->
<Rule Id="CA5364" Action="None" /> <!-- Do Not Use Deprecated Security Protocols -->
<Rule Id="CA5365" Action="None" /> <!-- Do Not Disable HTTP Header Checking -->
<Rule Id="CA5366" Action="None" /> <!-- Use XmlReader For DataSet Read Xml -->
<Rule Id="CA5367" Action="None" /> <!-- Do Not Serialize Types With Pointer Fields -->
<Rule Id="CA5368" Action="None" /> <!-- Set ViewStateUserKey For Classes Derived From Page -->
<Rule Id="CA5369" Action="None" /> <!-- Use XmlReader For Deserialize -->
<Rule Id="CA5370" Action="None" /> <!-- Use XmlReader For Validating Reader -->
<Rule Id="CA5371" Action="None" /> <!-- Use XmlReader For Schema Read -->
<Rule Id="CA5372" Action="None" /> <!-- Use XmlReader For XPathDocument -->
<Rule Id="CA5373" Action="None" /> <!-- Do not use obsolete key derivation function -->
<Rule Id="CA5374" Action="None" /> <!-- Do Not Use XslTransform -->
<Rule Id="CA5375" Action="None" /> <!-- Do Not Use Account Shared Access Signature -->
<Rule Id="CA5376" Action="None" /> <!-- Use SharedAccessProtocol HttpsOnly -->
<Rule Id="CA5377" Action="None" /> <!-- Use Container Level Access Policy -->
<Rule Id="CA5378" Action="None" /> <!-- Do not disable ServicePointManagerSecurityProtocols -->
<Rule Id="CA5379" Action="None" /> <!-- Do Not Use Weak Key Derivation Function Algorithm -->
<Rule Id="CA5380" Action="None" /> <!-- Do Not Add Certificates To Root Store -->
<Rule Id="CA5381" Action="None" /> <!-- Ensure Certificates Are Not Added To Root Store -->
<Rule Id="CA5382" Action="None" /> <!-- Use Secure Cookies In ASP.Net Core -->
<Rule Id="CA5383" Action="None" /> <!-- Ensure Use Secure Cookies In ASP.Net Core -->
<Rule Id="CA5384" Action="None" /> <!-- Do Not Use Digital Signature Algorithm (DSA) -->
<Rule Id="CA5385" Action="None" /> <!-- Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size -->
<Rule Id="CA5386" Action="None" /> <!-- Avoid hardcoding SecurityProtocolType value -->
<Rule Id="CA5387" Action="None" /> <!-- Do Not Use Weak Key Derivation Function With Insufficient Iteration Count -->
<Rule Id="CA5388" Action="None" /> <!-- Ensure Sufficient Iteration Count When Using Weak Key Derivation Function -->
<Rule Id="CA5389" Action="None" /> <!-- Do Not Add Archive Item's Path To The Target File System Path -->
<Rule Id="CA5390" Action="None" /> <!-- Do Not Hard Code Encryption Key -->
</Rules>
<Rules AnalyzerId="Microsoft.NetCore.CSharp.Analyzers" RuleNamespace="Microsoft.NetCore.CSharp.Analyzers">
<Rule Id="CA1825" Action="None" /> <!-- Avoid zero-length array allocations. -->
<Rule Id="CA2010" Action="None" /> <!-- Always consume the value returned by methods marked with PreserveSigAttribute -->
</Rules>
<Rules AnalyzerId="Microsoft.NetCore.VisualBasic.Analyzers" RuleNamespace="Microsoft.NetCore.VisualBasic.Analyzers">
<Rule Id="CA1825" Action="None" /> <!-- Avoid zero-length array allocations. -->
<Rule Id="CA2010" Action="None" /> <!-- Always consume the value returned by methods marked with PreserveSigAttribute -->
</Rules>
<Rules AnalyzerId="Microsoft.NetFramework.Analyzers" RuleNamespace="Microsoft.NetFramework.Analyzers">
<Rule Id="CA2153" Action="None" /> <!-- Do Not Catch Corrupted State Exceptions -->
<Rule Id="CA3075" Action="None" /> <!-- Insecure DTD processing in XML -->
<Rule Id="CA3147" Action="None" /> <!-- Mark Verb Handlers With Validate Antiforgery Token -->
</Rules>
<Rules AnalyzerId="Microsoft.NetFramework.CSharp.Analyzers" RuleNamespace="Microsoft.NetFramework.CSharp.Analyzers">
<Rule Id="CA3076" Action="None" /> <!-- Insecure XSLT script processing. -->
<Rule Id="CA3077" Action="None" /> <!-- Insecure Processing in API Design, XmlDocument and XmlTextReader -->
</Rules>
<Rules AnalyzerId="Microsoft.NetFramework.VisualBasic.Analyzers" RuleNamespace="Microsoft.NetFramework.VisualBasic.Analyzers">
<Rule Id="CA3076" Action="None" /> <!-- Insecure XSLT script processing. -->
<Rule Id="CA3077" Action="None" /> <!-- Insecure Processing in API Design, XmlDocument and XmlTextReader -->
</Rules>
</RuleSet>
nishantkagrawal
Are there any new rules added while moving to Analyzers?