# NOTE: Requires **VS2019 16.3** or later

# Microsoft SDL Roslyn Rules - Required and Recommended (Error) PreRelease version
# Description: This rule set contains all Microsoft SDL required and recommended rules for Microsoft.CodeAnalysis.NetAnalyzers v5.0.3 (and Microsoft.CodeAnalysis.FxCopAnalyzers), configured to error rather than warn.  Generated 2021-02-08T19:40:15Z.

# top-most EditorConfig file for the entire solution
root = true

# editorconfig.org
# Copied from the .NET Core repo https://github.com/dotnet/corefx/blob/master/.editorconfig
# NOTE: Requires **VS2019 16.3** or later

#These configuration override the config in the top most SDL EditorConfig for a more personalized code style while maintaining required SDL rules

# Default settings:
# A newline ending every file
# Use 4 spaces as indentation
[*]
insert_final_newline = true
indent_style = space
indent_size = 4

[project.json]
indent_size = 2

# C# files
[*.cs]
# New line preferences
csharp_new_line_before_open_brace = all
csharp_new_line_before_else = true
csharp_new_line_before_catch = true
csharp_new_line_before_finally = true
csharp_new_line_before_members_in_object_initializers = true
csharp_new_line_before_members_in_anonymous_types = true
csharp_new_line_between_query_expression_clauses = true

# Indentation preferences
csharp_indent_block_contents = true
csharp_indent_braces = false
csharp_indent_case_contents = true
csharp_indent_switch_labels = true
csharp_indent_labels = one_less_than_current

# avoid this. unless absolutely necessary
dotnet_style_qualification_for_field = false:suggestion
dotnet_style_qualification_for_property = false:suggestion
dotnet_style_qualification_for_method = false:suggestion
dotnet_style_qualification_for_event = false:suggestion

# only use var when it's obvious what the variable type is
csharp_style_var_for_built_in_types = false:none
csharp_style_var_when_type_is_apparent = false:none
csharp_style_var_elsewhere = false:suggestion

# use language keywords instead of BCL types
dotnet_style_predefined_type_for_locals_parameters_members = true:suggestion
dotnet_style_predefined_type_for_member_access = true:suggestion

# name all constant fields using PascalCase
dotnet_naming_rule.constant_fields_should_be_pascal_case.severity = suggestion
dotnet_naming_rule.constant_fields_should_be_pascal_case.symbols  = constant_fields
dotnet_naming_rule.constant_fields_should_be_pascal_case.style = pascal_case_style

dotnet_naming_symbols.constant_fields.applicable_kinds   = field
dotnet_naming_symbols.constant_fields.required_modifiers = const

dotnet_naming_style.pascal_case_style.capitalization = pascal_case

# static fields should have s_ prefix
dotnet_naming_rule.static_fields_should_have_prefix.severity = suggestion
dotnet_naming_rule.static_fields_should_have_prefix.symbols  = static_fields
dotnet_naming_rule.static_fields_should_have_prefix.style = static_prefix_style

dotnet_naming_symbols.static_fields.applicable_kinds   = field
dotnet_naming_symbols.static_fields.required_modifiers = static

dotnet_naming_style.static_prefix_style.required_prefix = s_
dotnet_naming_style.static_prefix_style.capitalization = camel_case 

# internal and private fields should be _camelCase
dotnet_naming_rule.camel_case_for_private_internal_fields.severity = suggestion
dotnet_naming_rule.camel_case_for_private_internal_fields.symbols  = private_internal_fields
dotnet_naming_rule.camel_case_for_private_internal_fields.style = camel_case_underscore_style

dotnet_naming_symbols.private_internal_fields.applicable_kinds = field
dotnet_naming_symbols.private_internal_fields.applicable_accessibilities = private, internal

dotnet_naming_style.camel_case_underscore_style.required_prefix = _
dotnet_naming_style.camel_case_underscore_style.capitalization = camel_case 

# Code style defaults
dotnet_sort_system_directives_first = true
csharp_preserve_single_line_blocks = true
csharp_preserve_single_line_statements = false

# Expression-level preferences
dotnet_style_object_initializer = true:suggestion
dotnet_style_collection_initializer = true:suggestion
dotnet_style_explicit_tuple_names = true:suggestion
dotnet_style_coalesce_expression = true:suggestion
dotnet_style_null_propagation = true:suggestion

# Expression-bodied members
csharp_style_expression_bodied_methods = false:none
csharp_style_expression_bodied_constructors = false:none
csharp_style_expression_bodied_operators = false:none
csharp_style_expression_bodied_properties = true:none
csharp_style_expression_bodied_indexers = true:none
csharp_style_expression_bodied_accessors = true:none

# Pattern matching
csharp_style_pattern_matching_over_is_with_cast_check = true:suggestion
csharp_style_pattern_matching_over_as_with_null_check = true:suggestion
csharp_style_inlined_variable_declaration = true:suggestion

# Null checking preferences
csharp_style_throw_expression = true:suggestion
csharp_style_conditional_delegate_call = true:suggestion

# Space preferences
csharp_space_after_cast = false
csharp_space_after_colon_in_inheritance_clause = true
csharp_space_after_comma = true
csharp_space_after_dot = false
csharp_space_after_keywords_in_control_flow_statements = true
csharp_space_after_semicolon_in_for_statement = true
csharp_space_around_binary_operators = before_and_after
csharp_space_around_declaration_statements = do_not_ignore
csharp_space_before_colon_in_inheritance_clause = true
csharp_space_before_comma = false
csharp_space_before_dot = false
csharp_space_before_open_square_brackets = false
csharp_space_before_semicolon_in_for_statement = false
csharp_space_between_empty_square_brackets = false
csharp_space_between_method_call_empty_parameter_list_parentheses = false
csharp_space_between_method_call_name_and_opening_parenthesis = false
csharp_space_between_method_call_parameter_list_parentheses = false
csharp_space_between_method_declaration_empty_parameter_list_parentheses = false
csharp_space_between_method_declaration_name_and_open_parenthesis = false
csharp_space_between_method_declaration_parameter_list_parentheses = false
csharp_space_between_parentheses = false
csharp_space_between_square_brackets = false
csharp_using_directive_placement = outside_namespace:silent
csharp_prefer_simple_using_statement = true:suggestion
csharp_prefer_braces = true:silent
csharp_style_namespace_declarations = block_scoped:silent
csharp_style_prefer_method_group_conversion = true:silent
csharp_style_prefer_top_level_statements = true:silent
csharp_style_prefer_primary_constructors = true:suggestion
csharp_style_expression_bodied_lambdas = true:silent
csharp_style_expression_bodied_local_functions = false:silent
csharp_style_prefer_null_check_over_type_check = true:suggestion
csharp_prefer_simple_default_expression = true:suggestion
csharp_style_prefer_local_over_anonymous_function = true:suggestion
csharp_style_prefer_index_operator = true:suggestion
csharp_style_prefer_range_operator = true:suggestion
csharp_style_implicit_object_creation_when_type_is_apparent = true:suggestion
csharp_style_prefer_tuple_swap = true:suggestion
csharp_style_prefer_utf8_string_literals = true:suggestion

# C++ Files


[*.{cpp,h,in}]
curly_bracket_next_line = true
indent_brace_style = Allman

# Xml project files
[*.{csproj,vcxproj,vcxproj.filters,proj,nativeproj,locproj}]
indent_size = 2

# Xml build files
[*.builds]
indent_size = 2

# Xml files
[*.{xml,stylecop,resx,ruleset}]
indent_size = 2

# Xml config files
[*.{props,targets,config,nuspec}]
indent_size = 2

# Shell scripts
[*.sh]
end_of_line = lf
[*.{cmd, bat}]
end_of_line = crlf

# MSAL Async Rules
# Description: MSAL rules.

# Code files
[*.{cs,vb}]

end_of_line = crlf

# Async Threading Rules

# Use Async suffix for async methods
dotnet_diagnostic.VSTHRD200.severity = error

# Use .ConfigureAwait(bool)
dotnet_diagnostic.VSTHRD111.severity = error

# Avoid async void methods
dotnet_diagnostic.VSTHRD100.severity = warning

# Critical Threading Rules

# Avoid legacy thread switching methods
dotnet_diagnostic.VSTHRD001.severity = warning

# Avoid problematic synchronous waits
dotnet_diagnostic.VSTHRD002.severity = none

# Avoid awaiting foreign Tasks
dotnet_diagnostic.VSTHRD003.severity = none

# Await SwitchToMainThreadAsync
dotnet_diagnostic.VSTHRD004.severity = error

# Invoke single-threaded types on Main thread
dotnet_diagnostic.VSTHRD010.severity = warning

# Use AsyncLazy<T>
dotnet_diagnostic.VSTHRD011.severity = none #error requires the use of Microsoft.VisualStudio.Threading to get access to the AsyncLazy<T> type

# Provide JoinableTaskFactory where allowed
dotnet_diagnostic.VSTHRD012.severity = warning

# Compiler warnings that trigger SDL
dotnet_diagnostic.CS0618.severity = error

# General Threading Rules

# VSTHRD103: Call async methods when in an async method
dotnet_diagnostic.VSTHRD103.severity = none

# VSTHRD105: use current context
dotnet_diagnostic.VSTHRD105.severity = none

# VSTHRD001: use JoinableTaskFactory (this is part of a different package - MSAL cannot use it)
dotnet_diagnostic.VSTHRD001.severity = none



# VSTHRD110: Observe result of async calls
dotnet_diagnostic.VSTHRD110.severity = none

#------------------------------------------------------------------------------------------------------------------------------------------------------------#
# Rules from aspnet
# CA1018: Mark attributes with AttributeUsageAttribute
dotnet_diagnostic.CA1018.severity = warning

# CA1047: Do not declare protected member in sealed type
dotnet_diagnostic.CA1047.severity = warning

# CA1305: Specify IFormatProvider
dotnet_diagnostic.CA1305.severity = warning

# CA1507: Use nameof to express symbol names
dotnet_diagnostic.CA1507.severity = warning

# CA1725: Parameter names should match base declaration
dotnet_diagnostic.CA1725.severity = suggestion

# CA1802: Use literals where appropriate
dotnet_diagnostic.CA1802.severity = warning

# CA1805: Do not initialize unnecessarily
dotnet_diagnostic.CA1805.severity = warning

# CA1810: Do not initialize unnecessarily
dotnet_diagnostic.CA1810.severity = suggestion

# CA1821: Remove empty Finalizers
dotnet_diagnostic.CA1821.severity = warning

# CA1822: Make member static
dotnet_diagnostic.CA1822.severity = warning

# CA1823: Avoid unused private fields
dotnet_diagnostic.CA1823.severity = warning

# CA1825: Avoid zero-length array allocations
dotnet_diagnostic.CA1825.severity = warning

# CA1826: Do not use Enumerable methods on indexable collections. Instead use the collection directly
dotnet_diagnostic.CA1826.severity = warning

# CA1827: Do not use Count() or LongCount() when Any() can be used
dotnet_diagnostic.CA1827.severity = warning

# CA1828: Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used
dotnet_diagnostic.CA1828.severity = warning

# CA1829: Use Length/Count property instead of Count() when available
dotnet_diagnostic.CA1829.severity = warning

# CA1830: Prefer strongly-typed Append and Insert method overloads on StringBuilder
dotnet_diagnostic.CA1830.severity = warning

# CA1831: Use AsSpan or AsMemory instead of Range-based indexers when appropriate
# CA1832: Use AsSpan or AsMemory instead of Range-based indexers when appropriate
# CA1833: Use AsSpan or AsMemory instead of Range-based indexers when appropriate
dotnet_diagnostic.CA1831.severity = warning
dotnet_diagnostic.CA1832.severity = warning
dotnet_diagnostic.CA1833.severity = warning

# CA1834: Consider using 'StringBuilder.Append(char)' when applicable
dotnet_diagnostic.CA1834.severity = warning

# CA1835: Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync'
dotnet_diagnostic.CA1835.severity = warning

# CA1836: Prefer IsEmpty over Count
dotnet_diagnostic.CA1836.severity = warning

# CA1837: Use 'Environment.ProcessId'
dotnet_diagnostic.CA1837.severity = warning

# CA1838: Avoid 'StringBuilder' parameters for P/Invokes
dotnet_diagnostic.CA1838.severity = warning

# CA1839: Use 'Environment.ProcessPath'
dotnet_diagnostic.CA1839.severity = warning

# CA1840: Use 'Environment.CurrentManagedThreadId'
dotnet_diagnostic.CA1840.severity = warning

# CA1841: Prefer Dictionary.Contains methods
dotnet_diagnostic.CA1841.severity = warning

# CA1842: Do not use 'WhenAll' with a single task
dotnet_diagnostic.CA1842.severity = warning

# CA1843: Do not use 'WaitAll' with a single task
dotnet_diagnostic.CA1843.severity = warning

# CA1844: Provide memory-based overrides of async methods when subclassing 'Stream'
dotnet_diagnostic.CA1844.severity = warning

# CA1845: Use span-based 'string.Concat'
dotnet_diagnostic.CA1845.severity = warning

# CA1846: Prefer AsSpan over Substring
dotnet_diagnostic.CA1846.severity = warning

# CA1847: Use string.Contains(char) instead of string.Contains(string) with single characters
dotnet_diagnostic.CA1847.severity = warning

# CA2007: Consider calling ConfigureAwait on the awaited task
dotnet_diagnostic.CA2007.severity = warning

# CA2008: Do not create tasks without passing a TaskScheduler
dotnet_diagnostic.CA2008.severity = warning

# CA2009: Do not call ToImmutableCollection on an ImmutableCollection value
dotnet_diagnostic.CA2009.severity = warning

# CA2011: Avoid infinite recursion
dotnet_diagnostic.CA2011.severity = warning

# CA2012: Use ValueTask correctly
dotnet_diagnostic.CA2012.severity = warning

# CA2013: Do not use ReferenceEquals with value types
dotnet_diagnostic.CA2013.severity = warning

# CA2014: Do not use stackalloc in loops.
dotnet_diagnostic.CA2014.severity = warning

# CA2016: Forward the 'CancellationToken' parameter to methods that take one
dotnet_diagnostic.CA2016.severity = warning

# CA2200: Rethrow to preserve stack details
dotnet_diagnostic.CA2200.severity = warning

# CA2208: Instantiate argument exceptions correctly
dotnet_diagnostic.CA2208.severity = warning

# CA2245: Do not assign a property to itself
dotnet_diagnostic.CA2245.severity = warning

# CA2246: Assigning symbol and its member in the same statement
dotnet_diagnostic.CA2246.severity = warning

# CA2249: Use string.Contains instead of string.IndexOf to improve readability.
dotnet_diagnostic.CA2249.severity = warning

# IDE0005: Remove unnecessary usings
dotnet_diagnostic.IDE0005.severity = warning

# IDE0011: Curly braces to surround blocks of code
dotnet_diagnostic.IDE0011.severity = warning

# IDE0035: Remove unreachable code
dotnet_diagnostic.IDE0035.severity = warning

# IDE0036: Order modifiers
csharp_preferred_modifier_order = public,private,protected,internal,static,extern,new,virtual,abstract,sealed,override,readonly,unsafe,volatile,async:suggestion
dotnet_diagnostic.IDE0036.severity = warning

# IDE0043: Format string contains invalid placeholder
dotnet_diagnostic.IDE0043.severity = warning

# IDE0044: Make field readonly
dotnet_diagnostic.IDE0044.severity = warning

# IDE0051: Remove unused private members
dotnet_diagnostic.IDE0051.severity = warning

# IDE0055: All formatting rules
dotnet_diagnostic.IDE0055.severity = suggestion

# IDE0059: Unnecessary assignment to a value
dotnet_diagnostic.IDE0059.severity = warning

# IDE0062: Make local function static
dotnet_diagnostic.IDE0062.severity = warning

# IDE0073: File header
dotnet_diagnostic.IDE0073.severity = warning
file_header_template = Copyright (c) Microsoft Corporation. All rights reserved.\nLicensed under the MIT License.

# IDE0161: Convert to file-scoped namespace
dotnet_diagnostic.IDE0161.severity = warning

# IDE2000: Disallow multiple blank lines
dotnet_style_allow_multiple_blank_lines_experimental = false
dotnet_diagnostic.IDE2000.severity = warning

# CA1018: Mark attributes with AttributeUsageAttribute
dotnet_diagnostic.CA1018.severity = suggestion
# CA1507: Use nameof to express symbol names
dotnet_diagnostic.CA1507.severity = suggestion
# CA1802: Use literals where appropriate
dotnet_diagnostic.CA1802.severity = suggestion
# CA1805: Do not initialize unnecessarily
dotnet_diagnostic.CA1805.severity = suggestion
# CA1822: Make member static
dotnet_diagnostic.CA1822.severity = suggestion
# CA1823: Avoid zero-length array allocations
dotnet_diagnostic.CA1825.severity = suggestion
# CA1826: Do not use Enumerable methods on indexable collections. Instead use the collection directly
dotnet_diagnostic.CA1826.severity = suggestion
# CA1827: Do not use Count() or LongCount() when Any() can be used
dotnet_diagnostic.CA1827.severity = suggestion
# CA1829: Use Length/Count property instead of Count() when available
dotnet_diagnostic.CA1829.severity = suggestion
# CA1834: Consider using 'StringBuilder.Append(char)' when applicable
dotnet_diagnostic.CA1834.severity = suggestion
# CA1835: Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync'
dotnet_diagnostic.CA1835.severity = suggestion
# CA1837: Use 'Environment.ProcessId'
dotnet_diagnostic.CA1837.severity = suggestion
# CA1838: Avoid 'StringBuilder' parameters for P/Invokes
dotnet_diagnostic.CA1838.severity = suggestion
# CA1841: Prefer Dictionary.Contains methods
dotnet_diagnostic.CA1841.severity = suggestion
# CA1844: Provide memory-based overrides of async methods when subclassing 'Stream'
dotnet_diagnostic.CA1844.severity = suggestion
# CA1845: Use span-based 'string.Concat'
dotnet_diagnostic.CA1845.severity = suggestion
# CA1846: Prefer AsSpan over Substring
dotnet_diagnostic.CA1846.severity = suggestion
# CA1847: Use string.Contains(char) instead of string.Contains(string) with single characters
dotnet_diagnostic.CA1847.severity = suggestion
# CA2008: Do not create tasks without passing a TaskScheduler
dotnet_diagnostic.CA2008.severity = suggestion
# CA2012: Use ValueTask correctly
dotnet_diagnostic.CA2012.severity = suggestion
# CA2249: Use string.Contains instead of string.IndexOf to improve readability.
dotnet_diagnostic.CA2249.severity = suggestion
# IDE0005: Remove unnecessary usings
dotnet_diagnostic.IDE0005.severity = suggestion
# IDE0044: Make field readonly
dotnet_diagnostic.IDE0044.severity = suggestion
# IDE0051: Remove unused private members
dotnet_diagnostic.IDE0051.severity = suggestion
# IDE0059: Unnecessary assignment to a value
dotnet_diagnostic.IDE0059.severity = suggestion
# IDE0062: Make local function static
dotnet_diagnostic.IDE0062.severity = suggestion

# CA2016: Forward the 'CancellationToken' parameter to methods that take one
dotnet_diagnostic.CA2016.severity = suggestion

# Defaults for content in the shared src/ and shared runtime dir

# CA1822: Make member static
dotnet_diagnostic.CA1822.severity = silent
# IDE0011: Use braces
dotnet_diagnostic.IDE0011.severity = silent
# IDE0055: Fix formatting
dotnet_diagnostic.IDE0055.severity = silent
# IDE0062: Make local function static
dotnet_diagnostic.IDE0062.severity = silent
# IDE0161: Convert to file-scoped namespace
dotnet_diagnostic.IDE0161.severity = silent

# IDE0005: Remove unused usings. Ignore for shared src files since imports for those depend on the projects in which they are included.
dotnet_diagnostic.IDE0005.severity = silent




#------------------------------------------------------------------------------------------------------------------------------------------------------------#
# Rules imported from Sdl.Recommended.Error.ruleset
# https://dev.azure.com/SecurityTools/Phalanx/_git/RoslynInternalAnalyzers2?path=%2FExamples%2FRulesets%2FPublic%2FSdl.Recommended.Error.ruleset

dotnet_diagnostic.Async001.severity = none

dotnet_diagnostic.Async002.severity = none

dotnet_diagnostic.Async003.severity = none

dotnet_diagnostic.Async004.severity = none

dotnet_diagnostic.Async005.severity = none

dotnet_diagnostic.Async006.severity = none

# IDE0073: Require file header
dotnet_diagnostic.IDE0073.severity = warning
file_header_template = Copyright (c) Microsoft Corporation. All rights reserved.\nLicensed under the MIT License.

# Do not declare static members on generic types
dotnet_diagnostic.CA1000.severity = none

# Types that own disposable fields should be disposable
dotnet_diagnostic.CA1001.severity = none

# Do not expose generic lists
dotnet_diagnostic.CA1002.severity = none

# Use generic event handler instances
dotnet_diagnostic.CA1003.severity = none

# Avoid excessive parameters on generic types
dotnet_diagnostic.CA1005.severity = none

# Enums should have zero value
dotnet_diagnostic.CA1008.severity = none

# Generic interface should also be implemented
dotnet_diagnostic.CA1010.severity = none

# Abstract types should not have public constructors
dotnet_diagnostic.CA1012.severity = none

# Mark assemblies with CLSCompliant
dotnet_diagnostic.CA1014.severity = none

# Mark assemblies with assembly version
dotnet_diagnostic.CA1016.severity = none

# Mark assemblies with ComVisible
dotnet_diagnostic.CA1017.severity = none

# Mark attributes with AttributeUsageAttribute
dotnet_diagnostic.CA1018.severity = none

# Define accessors for attribute arguments
dotnet_diagnostic.CA1019.severity = none

# Avoid out parameters
dotnet_diagnostic.CA1021.severity = none

# Use properties where appropriate
dotnet_diagnostic.CA1024.severity = none

# Mark enums with FlagsAttribute
dotnet_diagnostic.CA1027.severity = none

# Enum Storage should be Int32
dotnet_diagnostic.CA1028.severity = none

# Use events where appropriate
dotnet_diagnostic.CA1030.severity = none

# Do not catch general exception types
dotnet_diagnostic.CA1031.severity = none

# Implement standard exception constructors
dotnet_diagnostic.CA1032.severity = none

# Interface methods should be callable by child types
dotnet_diagnostic.CA1033.severity = none

# Nested types should not be visible
dotnet_diagnostic.CA1034.severity = none

# Override methods on comparable types
dotnet_diagnostic.CA1036.severity = none

# Avoid empty interfaces
dotnet_diagnostic.CA1040.severity = none

# Provide ObsoleteAttribute message
dotnet_diagnostic.CA1041.severity = none

# Use Integral Or String Argument For Indexers
dotnet_diagnostic.CA1043.severity = none

# Properties should not be write only
dotnet_diagnostic.CA1044.severity = none

# Do not pass types by reference
dotnet_diagnostic.CA1045.severity = none

# Do not overload equality operator on reference types
dotnet_diagnostic.CA1046.severity = none

# Do not declare protected member in sealed type
dotnet_diagnostic.CA1047.severity = none

# Declare types in namespaces
dotnet_diagnostic.CA1050.severity = none

# Do not declare visible instance fields
dotnet_diagnostic.CA1051.severity = none

# Static holder types should be Static or NotInheritable
dotnet_diagnostic.CA1052.severity = none

# URI-like parameters should not be strings
dotnet_diagnostic.CA1054.severity = none

# URI-like return values should not be strings
dotnet_diagnostic.CA1055.severity = none

# URI-like properties should not be strings
dotnet_diagnostic.CA1056.severity = none

# Types should not extend certain base types
dotnet_diagnostic.CA1058.severity = none

# Move pinvokes to native methods class
dotnet_diagnostic.CA1060.severity = none

# Do not hide base class methods
dotnet_diagnostic.CA1061.severity = none

# Validate arguments of public methods
dotnet_diagnostic.CA1062.severity = none

# Implement IDisposable Correctly
dotnet_diagnostic.CA1063.severity = none

# Exceptions should be public
dotnet_diagnostic.CA1064.severity = none

# Do not raise exceptions in unexpected locations
dotnet_diagnostic.CA1065.severity = none

# Implement IEquatable when overriding Object.Equals
dotnet_diagnostic.CA1066.severity = none

# Override Object.Equals(object) when implementing IEquatable&lt;T&gt;
dotnet_diagnostic.CA1067.severity = none

# CancellationToken parameters must come last
dotnet_diagnostic.CA1068.severity = none

# Enums values should not be duplicated
dotnet_diagnostic.CA1069.severity = none

# Do not declare event fields as virtual
dotnet_diagnostic.CA1070.severity = none

# Avoid using cref tags with a prefix
dotnet_diagnostic.CA1200.severity = none

# Do not pass literals as localized parameters
dotnet_diagnostic.CA1303.severity = none

# Specify CultureInfo
dotnet_diagnostic.CA1304.severity = none

# Specify IFormatProvider
dotnet_diagnostic.CA1305.severity = none

# Specify StringComparison for clarity
dotnet_diagnostic.CA1307.severity = none

# Normalize strings to uppercase
dotnet_diagnostic.CA1308.severity = none

# Use ordinal string comparison
dotnet_diagnostic.CA1309.severity = none

# Specify StringComparison for correctness
dotnet_diagnostic.CA1310.severity = none

# P/Invokes should not be visible
dotnet_diagnostic.CA1401.severity = none

# Validate platform compatibility
dotnet_diagnostic.CA1416.severity = none

# Do not use &apos;OutAttribute&apos; on string parameters for P/Invokes
dotnet_diagnostic.CA1417.severity = none

# Avoid excessive inheritance
dotnet_diagnostic.CA1501.severity = none

# Avoid excessive complexity
dotnet_diagnostic.CA1502.severity = none

# Avoid unmaintainable code
dotnet_diagnostic.CA1505.severity = none

# Avoid excessive class coupling
dotnet_diagnostic.CA1506.severity = none

# Use nameof to express symbol names
dotnet_diagnostic.CA1507.severity = none

# Avoid dead conditional code
dotnet_diagnostic.CA1508.severity = none

# Invalid entry in code metrics rule specification file
dotnet_diagnostic.CA1509.severity = none

# Do not name enum values &apos;Reserved&apos;
dotnet_diagnostic.CA1700.severity = none

# Identifiers should not contain underscores
dotnet_diagnostic.CA1707.severity = none

# Identifiers should differ by more than case
dotnet_diagnostic.CA1708.severity = none

# Identifiers should have correct suffix
dotnet_diagnostic.CA1710.severity = none

# Identifiers should not have incorrect suffix
dotnet_diagnostic.CA1711.severity = none

# Do not prefix enum values with type name
dotnet_diagnostic.CA1712.severity = none

# Events should not have &apos;Before&apos; or &apos;After&apos; prefix
dotnet_diagnostic.CA1713.severity = none

dotnet_diagnostic.CA1714.severity = none

# Identifiers should have correct prefix
dotnet_diagnostic.CA1715.severity = none

# Identifiers should not match keywords
dotnet_diagnostic.CA1716.severity = none

dotnet_diagnostic.CA1717.severity = none

# Identifier contains type name
dotnet_diagnostic.CA1720.severity = none

# Property names should not match get methods
dotnet_diagnostic.CA1721.severity = none

# Type names should not match namespaces
dotnet_diagnostic.CA1724.severity = none

# Parameter names should match base declaration
dotnet_diagnostic.CA1725.severity = none

# Review unused parameters
dotnet_diagnostic.CA1801.severity = none

# Use literals where appropriate
dotnet_diagnostic.CA1802.severity = none

# Do not initialize unnecessarily
dotnet_diagnostic.CA1805.severity = none

# Do not ignore method results
dotnet_diagnostic.CA1806.severity = none

# Initialize reference type static fields inline
dotnet_diagnostic.CA1810.severity = none

# Avoid uninstantiated internal classes
dotnet_diagnostic.CA1812.severity = none

# Avoid unsealed attributes
dotnet_diagnostic.CA1813.severity = none

# Prefer jagged arrays over multidimensional
dotnet_diagnostic.CA1814.severity = none

# Override equals and operator equals on value types
dotnet_diagnostic.CA1815.severity = none

# Dispose methods should call SuppressFinalize
dotnet_diagnostic.CA1816.severity = none

# Properties should not return arrays
dotnet_diagnostic.CA1819.severity = none

# Test for empty strings using string length
dotnet_diagnostic.CA1820.severity = none

# Remove empty Finalizers
dotnet_diagnostic.CA1821.severity = none

# Mark members as static
dotnet_diagnostic.CA1822.severity = none

# Avoid unused private fields
dotnet_diagnostic.CA1823.severity = none

# Mark assemblies with NeutralResourcesLanguageAttribute
dotnet_diagnostic.CA1824.severity = none

# Avoid zero-length array allocations
dotnet_diagnostic.CA1825.severity = none

# Do not use Enumerable methods on indexable collections
dotnet_diagnostic.CA1826.severity = none

# Do not use Count() or LongCount() when Any() can be used
dotnet_diagnostic.CA1827.severity = none

# Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used
dotnet_diagnostic.CA1828.severity = none

# Use Length/Count property instead of Count() when available
dotnet_diagnostic.CA1829.severity = none

# Prefer strongly-typed Append and Insert method overloads on StringBuilder
dotnet_diagnostic.CA1830.severity = none

# Use AsSpan or AsMemory instead of Range-based indexers when appropriate
dotnet_diagnostic.CA1831.severity = none

# Use AsSpan or AsMemory instead of Range-based indexers when appropriate
dotnet_diagnostic.CA1832.severity = none

# Use AsSpan or AsMemory instead of Range-based indexers when appropriate
dotnet_diagnostic.CA1833.severity = none

# Consider using &apos;StringBuilder.Append(char)&apos; when applicable
dotnet_diagnostic.CA1834.severity = warning

# Prefer the &apos;Memory&apos;-based overloads for &apos;ReadAsync&apos; and &apos;WriteAsync&apos;
dotnet_diagnostic.CA1835.severity = none

# Prefer IsEmpty over Count
dotnet_diagnostic.CA1836.severity = none

# Use &apos;Environment.ProcessId&apos;
dotnet_diagnostic.CA1837.severity = none

# Avoid &apos;StringBuilder&apos; parameters for P/Invokes
dotnet_diagnostic.CA1838.severity = none

# Dispose objects before losing scope
dotnet_diagnostic.CA2000.severity = none

# Do not lock on objects with weak identity
dotnet_diagnostic.CA2002.severity = none

# Consider calling ConfigureAwait on the awaited task
dotnet_diagnostic.CA2007.severity = none

# Do not create tasks without passing a TaskScheduler
dotnet_diagnostic.CA2008.severity = none

# Do not call ToImmutableCollection on an ImmutableCollection value
dotnet_diagnostic.CA2009.severity = none

dotnet_diagnostic.CA2010.severity = none

# Avoid infinite recursion
dotnet_diagnostic.CA2011.severity = none

# Use ValueTasks correctly
dotnet_diagnostic.CA2012.severity = none

# Do not use ReferenceEquals with value types
dotnet_diagnostic.CA2013.severity = none

# Do not use stackalloc in loops
dotnet_diagnostic.CA2014.severity = none

# Do not define finalizers for types derived from MemoryManager&lt;T&gt;
dotnet_diagnostic.CA2015.severity = none

# Forward the &apos;CancellationToken&apos; parameter to methods
dotnet_diagnostic.CA2016.severity = none

# Review SQL queries for security vulnerabilities
dotnet_diagnostic.CA2100.severity = none

# Specify marshaling for P/Invoke string arguments
dotnet_diagnostic.CA2101.severity = none

# Review visible event handlers
dotnet_diagnostic.CA2109.severity = none

# Seal methods that satisfy private interfaces
dotnet_diagnostic.CA2119.severity = none

# Do Not Catch Corrupted State Exceptions
dotnet_diagnostic.CA2153.severity = error

# Rethrow to preserve stack details
dotnet_diagnostic.CA2200.severity = none

# Do not raise reserved exception types
dotnet_diagnostic.CA2201.severity = none

# Initialize value type static fields inline
dotnet_diagnostic.CA2207.severity = none

# Instantiate argument exceptions correctly
dotnet_diagnostic.CA2208.severity = none

# Non-constant fields should not be visible
dotnet_diagnostic.CA2211.severity = none

# Disposable fields should be disposed
dotnet_diagnostic.CA2213.severity = none

# Do not call overridable methods in constructors
dotnet_diagnostic.CA2214.severity = none

# Dispose methods should call base class dispose
dotnet_diagnostic.CA2215.severity = none

# Disposable types should declare finalizer
dotnet_diagnostic.CA2216.severity = none

# Do not mark enums with FlagsAttribute
dotnet_diagnostic.CA2217.severity = none

# Override GetHashCode on overriding Equals
dotnet_diagnostic.CA2218.severity = none

# Do not raise exceptions in finally clauses
dotnet_diagnostic.CA2219.severity = none

# Override Equals on overloading operator equals
dotnet_diagnostic.CA2224.severity = none

# Operator overloads have named alternates
dotnet_diagnostic.CA2225.severity = none

# Operators should have symmetrical overloads
dotnet_diagnostic.CA2226.severity = none

# Collection properties should be read only
dotnet_diagnostic.CA2227.severity = none

# Implement serialization constructors
dotnet_diagnostic.CA2229.severity = none

# Overload operator equals on overriding value type Equals
dotnet_diagnostic.CA2231.severity = none

# Pass system URI objects instead of strings
dotnet_diagnostic.CA2234.severity = none

# Mark all non-serializable fields
dotnet_diagnostic.CA2235.severity = none

# Mark ISerializable types with serializable
dotnet_diagnostic.CA2237.severity = none

# Provide correct arguments to formatting methods
dotnet_diagnostic.CA2241.severity = none

# Test for NaN correctly
dotnet_diagnostic.CA2242.severity = none

# Attribute string literals should parse correctly
dotnet_diagnostic.CA2243.severity = none

# Do not duplicate indexed element initializations
dotnet_diagnostic.CA2244.severity = none

# Do not assign a property to itself
dotnet_diagnostic.CA2245.severity = none

# Assigning symbol and its member in the same statement
dotnet_diagnostic.CA2246.severity = none

# Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum
dotnet_diagnostic.CA2247.severity = none

# Provide correct &apos;enum&apos; argument to &apos;Enum.HasFlag&apos;
dotnet_diagnostic.CA2248.severity = none

# Consider using &apos;string.Contains&apos; instead of &apos;string.IndexOf&apos;
dotnet_diagnostic.CA2249.severity = none

# Do not use insecure deserializer BinaryFormatter
dotnet_diagnostic.CA2300.severity = suggestion

# Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder
dotnet_diagnostic.CA2301.severity = error

# Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize
dotnet_diagnostic.CA2302.severity = error

# Do not use insecure deserializer LosFormatter
dotnet_diagnostic.CA2305.severity = error

# Do not use insecure deserializer NetDataContractSerializer
dotnet_diagnostic.CA2310.severity = suggestion

# Do not deserialize without first setting NetDataContractSerializer.Binder
dotnet_diagnostic.CA2311.severity = error

# Ensure NetDataContractSerializer.Binder is set before deserializing
dotnet_diagnostic.CA2312.severity = error

# Do not use insecure deserializer ObjectStateFormatter
dotnet_diagnostic.CA2315.severity = error

# Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
dotnet_diagnostic.CA2321.severity = error

# Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
dotnet_diagnostic.CA2322.severity = suggestion

# Do not use TypeNameHandling values other than None
dotnet_diagnostic.CA2326.severity = none

# Do not use insecure JsonSerializerSettings
dotnet_diagnostic.CA2327.severity = error

# Ensure that JsonSerializerSettings are secure
dotnet_diagnostic.CA2328.severity = error

# Do not deserialize with JsonSerializer using an insecure configuration
dotnet_diagnostic.CA2329.severity = error

# Ensure that JsonSerializer has a secure configuration when deserializing
dotnet_diagnostic.CA2330.severity = error

# Do not use DataTable.ReadXml() with untrusted data
dotnet_diagnostic.CA2350.severity = suggestion

# Do not use DataSet.ReadXml() with untrusted data
dotnet_diagnostic.CA2351.severity = suggestion

# Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks
dotnet_diagnostic.CA2352.severity = suggestion

# Unsafe DataSet or DataTable in serializable type
dotnet_diagnostic.CA2353.severity = suggestion

# Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks
dotnet_diagnostic.CA2354.severity = suggestion

# Unsafe DataSet or DataTable type found in deserializable object graph
dotnet_diagnostic.CA2355.severity = suggestion

# Unsafe DataSet or DataTable type in web deserializable object graph
dotnet_diagnostic.CA2356.severity = suggestion

# Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data
dotnet_diagnostic.CA2361.severity = suggestion

# Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks
dotnet_diagnostic.CA2362.severity = suggestion

# Review code for SQL injection vulnerabilities
dotnet_diagnostic.CA3001.severity = none

# Review code for XSS vulnerabilities
dotnet_diagnostic.CA3002.severity = none

# Review code for file path injection vulnerabilities
dotnet_diagnostic.CA3003.severity = none

# Review code for information disclosure vulnerabilities
dotnet_diagnostic.CA3004.severity = none

# Review code for LDAP injection vulnerabilities
dotnet_diagnostic.CA3005.severity = none

# Review code for process command injection vulnerabilities
dotnet_diagnostic.CA3006.severity = none

# Review code for open redirect vulnerabilities
dotnet_diagnostic.CA3007.severity = none

# Review code for XPath injection vulnerabilities
dotnet_diagnostic.CA3008.severity = none

# Review code for XML injection vulnerabilities
dotnet_diagnostic.CA3009.severity = none

# Review code for XAML injection vulnerabilities
dotnet_diagnostic.CA3010.severity = none

# Review code for DLL injection vulnerabilities
dotnet_diagnostic.CA3011.severity = none

# Review code for regex injection vulnerabilities
dotnet_diagnostic.CA3012.severity = none

# Do Not Add Schema By URL
dotnet_diagnostic.CA3061.severity = error

# Insecure DTD processing in XML
dotnet_diagnostic.CA3075.severity = error

# Insecure XSLT script processing.
dotnet_diagnostic.CA3076.severity = error

# Insecure Processing in API Design, XmlDocument and XmlTextReader
dotnet_diagnostic.CA3077.severity = error

# Mark Verb Handlers With Validate Antiforgery Token
dotnet_diagnostic.CA3147.severity = error

# Do Not Use Weak Cryptographic Algorithms
dotnet_diagnostic.CA5350.severity = error

# Do Not Use Broken Cryptographic Algorithms
dotnet_diagnostic.CA5351.severity = error

# Review cipher mode usage with cryptography experts
dotnet_diagnostic.CA5358.severity = error

# Do Not Disable Certificate Validation
dotnet_diagnostic.CA5359.severity = suggestion

# Do Not Call Dangerous Methods In Deserialization
dotnet_diagnostic.CA5360.severity = none

# Do Not Disable SChannel Use of Strong Crypto
dotnet_diagnostic.CA5361.severity = error

# Potential reference cycle in deserialized object graph
dotnet_diagnostic.CA5362.severity = none

# Do Not Disable Request Validation
dotnet_diagnostic.CA5363.severity = none

# Do Not Use Deprecated Security Protocols
dotnet_diagnostic.CA5364.severity = error

# Do Not Disable HTTP Header Checking
dotnet_diagnostic.CA5365.severity = none

# Use XmlReader for &apos;DataSet.ReadXml()&apos;
dotnet_diagnostic.CA5366.severity = suggestion

# Do Not Serialize Types With Pointer Fields
dotnet_diagnostic.CA5367.severity = none

# Set ViewStateUserKey For Classes Derived From Page
dotnet_diagnostic.CA5368.severity = none

# Use XmlReader for &apos;XmlSerializer.Deserialize()&apos;
dotnet_diagnostic.CA5369.severity = suggestion

# Use XmlReader for XmlValidatingReader constructor
dotnet_diagnostic.CA5370.severity = suggestion

# Use XmlReader for &apos;XmlSchema.Read()&apos;
dotnet_diagnostic.CA5371.severity = suggestion

# Use XmlReader for XPathDocument constructor
dotnet_diagnostic.CA5372.severity = suggestion

# Do not use obsolete key derivation function
dotnet_diagnostic.CA5373.severity = none

# Do Not Use XslTransform
dotnet_diagnostic.CA5374.severity = suggestion

# Do Not Use Account Shared Access Signature
dotnet_diagnostic.CA5375.severity = none

# Use SharedAccessProtocol HttpsOnly
dotnet_diagnostic.CA5376.severity = none

# Use Container Level Access Policy
dotnet_diagnostic.CA5377.severity = none

# Do not disable ServicePointManagerSecurityProtocols
dotnet_diagnostic.CA5378.severity = error

# Ensure Key Derivation Function algorithm is sufficiently strong
dotnet_diagnostic.CA5379.severity = none

# Do Not Add Certificates To Root Store
dotnet_diagnostic.CA5380.severity = suggestion

# Ensure Certificates Are Not Added To Root Store
dotnet_diagnostic.CA5381.severity = suggestion

# Use Secure Cookies In ASP.NET Core
dotnet_diagnostic.CA5382.severity = none

# Ensure Use Secure Cookies In ASP.NET Core
dotnet_diagnostic.CA5383.severity = none

# Do Not Use Digital Signature Algorithm (DSA)
dotnet_diagnostic.CA5384.severity = none

# Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size
dotnet_diagnostic.CA5385.severity = none

# Avoid hardcoding SecurityProtocolType value
dotnet_diagnostic.CA5386.severity = suggestion

# Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
dotnet_diagnostic.CA5387.severity = none

# Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
dotnet_diagnostic.CA5388.severity = none

# Do Not Add Archive Item&apos;s Path To The Target File System Path
dotnet_diagnostic.CA5389.severity = none

# Do not hard-code encryption key
dotnet_diagnostic.CA5390.severity = none

# Use antiforgery tokens in ASP.NET Core MVC controllers
dotnet_diagnostic.CA5391.severity = suggestion

# Use DefaultDllImportSearchPaths attribute for P/Invokes
dotnet_diagnostic.CA5392.severity = none

# Do not use unsafe DllImportSearchPath value
dotnet_diagnostic.CA5393.severity = none

# Do not use insecure randomness
dotnet_diagnostic.CA5394.severity = none

# Miss HttpVerb attribute for action methods
dotnet_diagnostic.CA5395.severity = suggestion

# Set HttpOnly to true for HttpCookie
dotnet_diagnostic.CA5396.severity = suggestion

# Do not use deprecated SslProtocols values
dotnet_diagnostic.CA5397.severity = error

# Avoid hardcoded SslProtocols values
dotnet_diagnostic.CA5398.severity = suggestion

# HttpClients should enable certificate revocation list checks
dotnet_diagnostic.CA5399.severity = none

# Ensure HttpClient certificate revocation list check is not disabled
dotnet_diagnostic.CA5400.severity = none

# Do not use CreateEncryptor with non-default IV
dotnet_diagnostic.CA5401.severity = none

# Use CreateEncryptor with the default IV
dotnet_diagnostic.CA5402.severity = none

# Do not hard-code certificate
dotnet_diagnostic.CA5403.severity = none

dotnet_diagnostic.CA9999.severity = none

# Avoid using accessing Assembly file path when publishing as a single-file
dotnet_diagnostic.IL3000.severity = none

# Avoid using accessing Assembly file path when publishing as a single-file
dotnet_diagnostic.IL3001.severity = none

dotnet_diagnostic.RS1000.severity = none

dotnet_diagnostic.RS1001.severity = none

dotnet_diagnostic.RS1002.severity = none

dotnet_diagnostic.RS1003.severity = none

dotnet_diagnostic.RS1004.severity = none

dotnet_diagnostic.RS1005.severity = none

dotnet_diagnostic.RS1006.severity = none

dotnet_diagnostic.RS1007.severity = none

dotnet_diagnostic.RS1008.severity = none

dotnet_diagnostic.RS1009.severity = none

dotnet_diagnostic.RS1010.severity = none

dotnet_diagnostic.RS1011.severity = none

dotnet_diagnostic.RS1012.severity = none

dotnet_diagnostic.RS1013.severity = none

dotnet_diagnostic.RS1014.severity = none
dotnet_style_operator_placement_when_wrapping = beginning_of_line
tab_width = 4
dotnet_style_coalesce_expression = true:suggestion
dotnet_style_null_propagation = true:suggestion
dotnet_style_prefer_is_null_check_over_reference_equality_method = true:suggestion
dotnet_style_prefer_auto_properties = true:silent
dotnet_style_object_initializer = true:suggestion
dotnet_style_prefer_collection_expression = true:suggestion
dotnet_style_collection_initializer = true:suggestion
dotnet_style_prefer_simplified_boolean_expressions = true:suggestion
dotnet_style_prefer_conditional_expression_over_assignment = true:silent
dotnet_style_prefer_conditional_expression_over_return = true:silent
dotnet_style_explicit_tuple_names = true:suggestion
dotnet_style_prefer_inferred_tuple_names = true:suggestion
dotnet_style_prefer_inferred_anonymous_type_member_names = true:suggestion
dotnet_style_prefer_compound_assignment = true:suggestion
dotnet_style_prefer_simplified_interpolation = true:suggestion
dotnet_style_namespace_match_folder = true:suggestion
