Dotnetarium.Analyzers.SCS 1.1.0

.NET Standard 2.0 This package targets .NET Standard 2.0. The package is compatible with this framework or higher. 
dotnet add package Dotnetarium.Analyzers.SCS --version 1.1.0                

                    
                

            
NuGet\Install-Package Dotnetarium.Analyzers.SCS -Version 1.1.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Dotnetarium.Analyzers.SCS" Version="1.1.0">
  <PrivateAssets>all</PrivateAssets>
  <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
</PackageReference>
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
paket add Dotnetarium.Analyzers.SCS --version 1.1.0                

                    
                

            
#r "nuget: Dotnetarium.Analyzers.SCS, 1.1.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
// Install Dotnetarium.Analyzers.SCS as a Cake Addin
#addin nuget:?package=Dotnetarium.Analyzers.SCS&version=1.1.0

// Install Dotnetarium.Analyzers.SCS as a Cake Tool
#tool nuget:?package=Dotnetarium.Analyzers.SCS&version=1.1.0

Dotnetarium.Analyzers.SCS

Static code analyzer for .NET (Nuget package) based on Security Code Scan.

Installation

It is a Nuget package Add the following package to your project Dotnetarium.Analyzers.SCS

Notes

Dotnetarium.Analyzers.SCS is still using the SecurityCodeScan website to provide references for fixes.

How to add a new analyzer/rule

In most cases, you will want to simply add a new source, sink, sanitizer to existing ruleset. Or probably just a new sink. Check Config/Main.yml file.

Key Concept

Entry Points

Entry points are the methods or classes where untrusted data enters the application. These are typically public methods in controllers or API endpoints in web applications.

Sources

Sources are the origins of potentially tainted data. They include objects or methods that return data from external or untrusted inputs, such as HTTP requests.

Sinks

Sinks are the points in the application where tainted data could potentially cause harm if not properly sanitized. These often include database queries, file writes, or any other operation that executes or displays untrusted data.

Sanitizers

Sanitizers are methods or functions that cleanse tainted data, making it safe for use in sinks. They transform, encode, or otherwise neutralize harmful data.

Read more about rule configuration

Compatibility

The project uses Roslyn compiler version 3.11.0, thus supporting Visual Studio 2019 version 16.11 and all versions of Visual Studio 2022. More information is available here

Contributing

If you would like to contribute to DotnetariumSCS, please fork the repository and submit a pull request. For major changes, please open an issue to discuss what you would like to change.

License

DotnetariumSCS is licensed under the LGPL License. See the LICENSE file for more information.

Contact

For support or any inquiries, please open an issue on GitHub

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

This package has no dependencies.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.1.0 386 7/8/2024
1.0.3 103 7/4/2024
1.0.2 101 7/4/2024
1.0.1 90 6/30/2024
1.0.0 103 6/29/2024

Check details here: https://github.com/dotnetarium/Dotnetarium.Analyzers.SCS/releases