# NOTE: Requires **VS2019 16.3** or later

# Usage Rules with default severity
# Description: All Usage Rules with default severity. Rules with IsEnabledByDefault = false or from a different category are disabled.

# Code files
[*.{cs,vb}]

# Usage Rules

# CA1801: Review unused parameters
dotnet_diagnostic.CA1801.severity = warning

# CA1816: Dispose methods should call SuppressFinalize
dotnet_diagnostic.CA1816.severity = warning

# CA2200: Rethrow to preserve stack details.
dotnet_diagnostic.CA2200.severity = warning

# CA2201: Do not raise reserved exception types
dotnet_diagnostic.CA2201.severity = none

# CA2207: Initialize value type static fields inline
dotnet_diagnostic.CA2207.severity = warning

# CA2208: Instantiate argument exceptions correctly
dotnet_diagnostic.CA2208.severity = warning

# CA2211: Non-constant fields should not be visible
dotnet_diagnostic.CA2211.severity = warning

# CA2213: Disposable fields should be disposed
dotnet_diagnostic.CA2213.severity = warning

# CA2214: Do not call overridable methods in constructors
dotnet_diagnostic.CA2214.severity = warning

# CA2216: Disposable types should declare finalizer
dotnet_diagnostic.CA2216.severity = warning

# CA2217: Do not mark enums with FlagsAttribute
dotnet_diagnostic.CA2217.severity = none

# CA2218: Override GetHashCode on overriding Equals
dotnet_diagnostic.CA2218.severity = warning

# CA2219: Do not raise exceptions in finally clauses
dotnet_diagnostic.CA2219.severity = warning

# CA2224: Override Equals on overloading operator equals
dotnet_diagnostic.CA2224.severity = warning

# CA2225: Operator overloads have named alternates
dotnet_diagnostic.CA2225.severity = warning

# CA2226: Operators should have symmetrical overloads
dotnet_diagnostic.CA2226.severity = warning

# CA2227: Collection properties should be read only
dotnet_diagnostic.CA2227.severity = warning

# CA2229: Implement serialization constructors
dotnet_diagnostic.CA2229.severity = warning

# CA2231: Overload operator equals on overriding value type Equals
dotnet_diagnostic.CA2231.severity = warning

# CA2234: Pass system uri objects instead of strings
dotnet_diagnostic.CA2234.severity = warning

# CA2235: Mark all non-serializable fields
dotnet_diagnostic.CA2235.severity = warning

# CA2237: Mark ISerializable types with serializable
dotnet_diagnostic.CA2237.severity = warning

# CA2241: Provide correct arguments to formatting methods
dotnet_diagnostic.CA2241.severity = warning

# CA2242: Test for NaN correctly
dotnet_diagnostic.CA2242.severity = warning

# CA2243: Attribute string literals should parse correctly
dotnet_diagnostic.CA2243.severity = warning

# CA2244: Do not duplicate indexed element initializations
dotnet_diagnostic.CA2244.severity = warning

# CA2245: Do not assign a property to itself.
dotnet_diagnostic.CA2245.severity = warning

# CA2246: Assigning symbol and its member in the same statement.
dotnet_diagnostic.CA2246.severity = warning



# Other Rules

# CA1000: Do not declare static members on generic types
dotnet_diagnostic.CA1000.severity = none

# CA1001: Types that own disposable fields should be disposable
dotnet_diagnostic.CA1001.severity = none

# CA1003: Use generic event handler instances
dotnet_diagnostic.CA1003.severity = none

# CA1008: Enums should have zero value
dotnet_diagnostic.CA1008.severity = none

# CA1010: Collections should implement generic interface
dotnet_diagnostic.CA1010.severity = none

# CA1012: Abstract types should not have constructors
dotnet_diagnostic.CA1012.severity = none

# CA1014: Mark assemblies with CLSCompliant
dotnet_diagnostic.CA1014.severity = none

# CA1016: Mark assemblies with assembly version
dotnet_diagnostic.CA1016.severity = none

# CA1017: Mark assemblies with ComVisible
dotnet_diagnostic.CA1017.severity = none

# CA1018: Mark attributes with AttributeUsageAttribute
dotnet_diagnostic.CA1018.severity = none

# CA1019: Define accessors for attribute arguments
dotnet_diagnostic.CA1019.severity = none

# CA1024: Use properties where appropriate
dotnet_diagnostic.CA1024.severity = none

# CA1027: Mark enums with FlagsAttribute
dotnet_diagnostic.CA1027.severity = none

# CA1028: Enum Storage should be Int32
dotnet_diagnostic.CA1028.severity = none

# CA1030: Use events where appropriate
dotnet_diagnostic.CA1030.severity = none

# CA1031: Do not catch general exception types
dotnet_diagnostic.CA1031.severity = none

# CA1032: Implement standard exception constructors
dotnet_diagnostic.CA1032.severity = none

# CA1033: Interface methods should be callable by child types
dotnet_diagnostic.CA1033.severity = none

# CA1034: Nested types should not be visible
dotnet_diagnostic.CA1034.severity = none

# CA1036: Override methods on comparable types
dotnet_diagnostic.CA1036.severity = none

# CA1040: Avoid empty interfaces
dotnet_diagnostic.CA1040.severity = none

# CA1041: Provide ObsoleteAttribute message
dotnet_diagnostic.CA1041.severity = none

# CA1043: Use Integral Or String Argument For Indexers
dotnet_diagnostic.CA1043.severity = none

# CA1044: Properties should not be write only
dotnet_diagnostic.CA1044.severity = none

# CA1050: Declare types in namespaces
dotnet_diagnostic.CA1050.severity = none

# CA1051: Do not declare visible instance fields
dotnet_diagnostic.CA1051.severity = none

# CA1052: Static holder types should be Static or NotInheritable
dotnet_diagnostic.CA1052.severity = none

# CA1054: Uri parameters should not be strings
dotnet_diagnostic.CA1054.severity = none

# CA1055: Uri return values should not be strings
dotnet_diagnostic.CA1055.severity = none

# CA1056: Uri properties should not be strings
dotnet_diagnostic.CA1056.severity = none

# CA1058: Types should not extend certain base types
dotnet_diagnostic.CA1058.severity = none

# CA1060: Move pinvokes to native methods class
dotnet_diagnostic.CA1060.severity = none

# CA1061: Do not hide base class methods
dotnet_diagnostic.CA1061.severity = none

# CA1062: Validate arguments of public methods
dotnet_diagnostic.CA1062.severity = none

# CA1063: Implement IDisposable Correctly
dotnet_diagnostic.CA1063.severity = none

# CA1064: Exceptions should be public
dotnet_diagnostic.CA1064.severity = none

# CA1065: Do not raise exceptions in unexpected locations
dotnet_diagnostic.CA1065.severity = none

# CA1066: Type {0} should implement IEquatable<T> because it overrides Equals
dotnet_diagnostic.CA1066.severity = none

# CA1067: Override Object.Equals(object) when implementing IEquatable<T>
dotnet_diagnostic.CA1067.severity = none

# CA1068: CancellationToken parameters must come last
dotnet_diagnostic.CA1068.severity = none

# CA1200: Avoid using cref tags with a prefix
dotnet_diagnostic.CA1200.severity = none

# CA1303: Do not pass literals as localized parameters
dotnet_diagnostic.CA1303.severity = none

# CA1304: Specify CultureInfo
dotnet_diagnostic.CA1304.severity = none

# CA1305: Specify IFormatProvider
dotnet_diagnostic.CA1305.severity = none

# CA1307: Specify StringComparison
dotnet_diagnostic.CA1307.severity = none

# CA1308: Normalize strings to uppercase
dotnet_diagnostic.CA1308.severity = none

# CA1309: Use ordinal stringcomparison
dotnet_diagnostic.CA1309.severity = none

# CA1401: P/Invokes should not be visible
dotnet_diagnostic.CA1401.severity = none

# CA1501: Avoid excessive inheritance
dotnet_diagnostic.CA1501.severity = none

# CA1502: Avoid excessive complexity
dotnet_diagnostic.CA1502.severity = none

# CA1505: Avoid unmaintainable code
dotnet_diagnostic.CA1505.severity = none

# CA1506: Avoid excessive class coupling
dotnet_diagnostic.CA1506.severity = none

# CA1507: Use nameof to express symbol names
dotnet_diagnostic.CA1507.severity = none

# CA1508: Avoid dead conditional code
dotnet_diagnostic.CA1508.severity = none

# CA1509: Invalid entry in code metrics rule specification file
dotnet_diagnostic.CA1509.severity = none

# CA1707: Identifiers should not contain underscores
dotnet_diagnostic.CA1707.severity = none

# CA1708: Identifiers should differ by more than case
dotnet_diagnostic.CA1708.severity = none

# CA1710: Identifiers should have correct suffix
dotnet_diagnostic.CA1710.severity = none

# CA1711: Identifiers should not have incorrect suffix
dotnet_diagnostic.CA1711.severity = none

# CA1712: Do not prefix enum values with type name
dotnet_diagnostic.CA1712.severity = none

# CA1714: Flags enums should have plural names
dotnet_diagnostic.CA1714.severity = none

# CA1715: Identifiers should have correct prefix
dotnet_diagnostic.CA1715.severity = none

# CA1716: Identifiers should not match keywords
dotnet_diagnostic.CA1716.severity = none

# CA1717: Only FlagsAttribute enums should have plural names
dotnet_diagnostic.CA1717.severity = none

# CA1720: Identifier contains type name
dotnet_diagnostic.CA1720.severity = none

# CA1721: Property names should not match get methods
dotnet_diagnostic.CA1721.severity = none

# CA1724: Type names should not match namespaces
dotnet_diagnostic.CA1724.severity = none

# CA1725: Parameter names should match base declaration
dotnet_diagnostic.CA1725.severity = none

# CA1802: Use literals where appropriate
dotnet_diagnostic.CA1802.severity = none

# CA1806: Do not ignore method results
dotnet_diagnostic.CA1806.severity = none

# CA1810: Initialize reference type static fields inline
dotnet_diagnostic.CA1810.severity = none

# CA1812: Avoid uninstantiated internal classes
dotnet_diagnostic.CA1812.severity = none

# CA1813: Avoid unsealed attributes
dotnet_diagnostic.CA1813.severity = none

# CA1814: Prefer jagged arrays over multidimensional
dotnet_diagnostic.CA1814.severity = none

# CA1815: Override equals and operator equals on value types
dotnet_diagnostic.CA1815.severity = none

# CA1819: Properties should not return arrays
dotnet_diagnostic.CA1819.severity = none

# CA1820: Test for empty strings using string length
dotnet_diagnostic.CA1820.severity = none

# CA1821: Remove empty Finalizers
dotnet_diagnostic.CA1821.severity = none

# CA1822: Mark members as static
dotnet_diagnostic.CA1822.severity = none

# CA1823: Avoid unused private fields
dotnet_diagnostic.CA1823.severity = none

# CA1824: Mark assemblies with NeutralResourcesLanguageAttribute
dotnet_diagnostic.CA1824.severity = none

# CA1825: Avoid zero-length array allocations.
dotnet_diagnostic.CA1825.severity = none

# CA1826: Do not use Enumerable methods on indexable collections. Instead use the collection directly
dotnet_diagnostic.CA1826.severity = none

# CA1827: Do not use Count() or LongCount() when Any() can be used
dotnet_diagnostic.CA1827.severity = none

# CA1828: Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used
dotnet_diagnostic.CA1828.severity = none

# CA1829: Use Length/Count property instead of Count() when available
dotnet_diagnostic.CA1829.severity = none

# CA2000: Dispose objects before losing scope
dotnet_diagnostic.CA2000.severity = none

# CA2002: Do not lock on objects with weak identity
dotnet_diagnostic.CA2002.severity = none

# CA2007: Consider calling ConfigureAwait on the awaited task
dotnet_diagnostic.CA2007.severity = none

# CA2008: Do not create tasks without passing a TaskScheduler
dotnet_diagnostic.CA2008.severity = none

# CA2009: Do not call ToImmutableCollection on an ImmutableCollection value
dotnet_diagnostic.CA2009.severity = none

# CA2010: Always consume the value returned by methods marked with PreserveSigAttribute
dotnet_diagnostic.CA2010.severity = none

# CA2100: Review SQL queries for security vulnerabilities
dotnet_diagnostic.CA2100.severity = none

# CA2101: Specify marshaling for P/Invoke string arguments
dotnet_diagnostic.CA2101.severity = none

# CA2119: Seal methods that satisfy private interfaces
dotnet_diagnostic.CA2119.severity = none

# CA2153: Do Not Catch Corrupted State Exceptions
dotnet_diagnostic.CA2153.severity = none

# CA2300: Do not use insecure deserializer BinaryFormatter
dotnet_diagnostic.CA2300.severity = none

# CA2301: Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder
dotnet_diagnostic.CA2301.severity = none

# CA2302: Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize
dotnet_diagnostic.CA2302.severity = none

# CA2305: Do not use insecure deserializer LosFormatter
dotnet_diagnostic.CA2305.severity = none

# CA2310: Do not use insecure deserializer NetDataContractSerializer
dotnet_diagnostic.CA2310.severity = none

# CA2311: Do not deserialize without first setting NetDataContractSerializer.Binder
dotnet_diagnostic.CA2311.severity = none

# CA2312: Ensure NetDataContractSerializer.Binder is set before deserializing
dotnet_diagnostic.CA2312.severity = none

# CA2315: Do not use insecure deserializer ObjectStateFormatter
dotnet_diagnostic.CA2315.severity = none

# CA2321: Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
dotnet_diagnostic.CA2321.severity = none

# CA2322: Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
dotnet_diagnostic.CA2322.severity = none

# CA2326: Do not use TypeNameHandling values other than None
dotnet_diagnostic.CA2326.severity = none

# CA2327: Do not use insecure JsonSerializerSettings
dotnet_diagnostic.CA2327.severity = none

# CA2328: Ensure that JsonSerializerSettings are secure
dotnet_diagnostic.CA2328.severity = none

# CA2329: Do not deserialize with JsonSerializer using an insecure configuration
dotnet_diagnostic.CA2329.severity = none

# CA2330: Ensure that JsonSerializer has a secure configuration when deserializing
dotnet_diagnostic.CA2330.severity = none

# CA3001: Review code for SQL injection vulnerabilities
dotnet_diagnostic.CA3001.severity = none

# CA3002: Review code for XSS vulnerabilities
dotnet_diagnostic.CA3002.severity = none

# CA3003: Review code for file path injection vulnerabilities
dotnet_diagnostic.CA3003.severity = none

# CA3004: Review code for information disclosure vulnerabilities
dotnet_diagnostic.CA3004.severity = none

# CA3005: Review code for LDAP injection vulnerabilities
dotnet_diagnostic.CA3005.severity = none

# CA3006: Review code for process command injection vulnerabilities
dotnet_diagnostic.CA3006.severity = none

# CA3007: Review code for open redirect vulnerabilities
dotnet_diagnostic.CA3007.severity = none

# CA3008: Review code for XPath injection vulnerabilities
dotnet_diagnostic.CA3008.severity = none

# CA3009: Review code for XML injection vulnerabilities
dotnet_diagnostic.CA3009.severity = none

# CA3010: Review code for XAML injection vulnerabilities
dotnet_diagnostic.CA3010.severity = none

# CA3011: Review code for DLL injection vulnerabilities
dotnet_diagnostic.CA3011.severity = none

# CA3012: Review code for regex injection vulnerabilities
dotnet_diagnostic.CA3012.severity = none

# CA3061: Do Not Add Schema By URL
dotnet_diagnostic.CA3061.severity = none

# CA3075: Insecure DTD processing in XML
dotnet_diagnostic.CA3075.severity = none

# CA3076: Insecure XSLT script processing.
dotnet_diagnostic.CA3076.severity = none

# CA3077: Insecure Processing in API Design, XmlDocument and XmlTextReader
dotnet_diagnostic.CA3077.severity = none

# CA3147: Mark Verb Handlers With Validate Antiforgery Token
dotnet_diagnostic.CA3147.severity = none

# CA5350: Do Not Use Weak Cryptographic Algorithms
dotnet_diagnostic.CA5350.severity = none

# CA5351: Do Not Use Broken Cryptographic Algorithms
dotnet_diagnostic.CA5351.severity = none

# CA5358: Do Not Use Unsafe Cipher Modes
dotnet_diagnostic.CA5358.severity = none

# CA5359: Do Not Disable Certificate Validation
dotnet_diagnostic.CA5359.severity = none

# CA5360: Do Not Call Dangerous Methods In Deserialization
dotnet_diagnostic.CA5360.severity = none

# CA5361: Do Not Disable SChannel Use of Strong Crypto
dotnet_diagnostic.CA5361.severity = none

# CA5362: Do Not Refer Self In Serializable Class
dotnet_diagnostic.CA5362.severity = none

# CA5363: Do Not Disable Request Validation
dotnet_diagnostic.CA5363.severity = none

# CA5364: Do Not Use Deprecated Security Protocols
dotnet_diagnostic.CA5364.severity = none

# CA5365: Do Not Disable HTTP Header Checking
dotnet_diagnostic.CA5365.severity = none

# CA5366: Use XmlReader For DataSet Read Xml
dotnet_diagnostic.CA5366.severity = none

# CA5367: Do Not Serialize Types With Pointer Fields
dotnet_diagnostic.CA5367.severity = none

# CA5368: Set ViewStateUserKey For Classes Derived From Page
dotnet_diagnostic.CA5368.severity = none

# CA5369: Use XmlReader For Deserialize
dotnet_diagnostic.CA5369.severity = none

# CA5370: Use XmlReader For Validating Reader
dotnet_diagnostic.CA5370.severity = none

# CA5371: Use XmlReader For Schema Read
dotnet_diagnostic.CA5371.severity = none

# CA5372: Use XmlReader For XPathDocument
dotnet_diagnostic.CA5372.severity = none

# CA5373: Do not use obsolete key derivation function
dotnet_diagnostic.CA5373.severity = none

# CA5374: Do Not Use XslTransform
dotnet_diagnostic.CA5374.severity = none

# CA5375: Do Not Use Account Shared Access Signature
dotnet_diagnostic.CA5375.severity = none

# CA5376: Use SharedAccessProtocol HttpsOnly
dotnet_diagnostic.CA5376.severity = none

# CA5377: Use Container Level Access Policy
dotnet_diagnostic.CA5377.severity = none

# CA5378: Do not disable ServicePointManagerSecurityProtocols
dotnet_diagnostic.CA5378.severity = none

# CA5379: Do Not Use Weak Key Derivation Function Algorithm
dotnet_diagnostic.CA5379.severity = none

# CA5380: Do Not Add Certificates To Root Store
dotnet_diagnostic.CA5380.severity = none

# CA5381: Ensure Certificates Are Not Added To Root Store
dotnet_diagnostic.CA5381.severity = none

# CA5382: Use Secure Cookies In ASP.Net Core
dotnet_diagnostic.CA5382.severity = none

# CA5383: Ensure Use Secure Cookies In ASP.Net Core
dotnet_diagnostic.CA5383.severity = none

# CA5384: Do Not Use Digital Signature Algorithm (DSA)
dotnet_diagnostic.CA5384.severity = none

# CA5385: Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size
dotnet_diagnostic.CA5385.severity = none

# CA5386: Avoid hardcoding SecurityProtocolType value
dotnet_diagnostic.CA5386.severity = none

# CA5387: Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
dotnet_diagnostic.CA5387.severity = none

# CA5388: Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
dotnet_diagnostic.CA5388.severity = none

# CA5389: Do Not Add Archive Item's Path To The Target File System Path
dotnet_diagnostic.CA5389.severity = none

# CA5390: Do Not Hard Code Encryption Key
dotnet_diagnostic.CA5390.severity = none

# CA5391: Use antiforgery tokens in ASP.NET Core MVC controllers
dotnet_diagnostic.CA5391.severity = none

# CA5392: Use DefaultDllImportSearchPaths attribute for P/Invokes
dotnet_diagnostic.CA5392.severity = none

# CA5393: Do not use unsafe DllImportSearchPath value
dotnet_diagnostic.CA5393.severity = none

# CA5394: Do not use insecure randomness
dotnet_diagnostic.CA5394.severity = none

# CA5395: Miss HttpVerb attribute for action methods
dotnet_diagnostic.CA5395.severity = none

# CA5396: Set HttpOnly to true for HttpCookie
dotnet_diagnostic.CA5396.severity = none

# CA5397: Do not use deprecated SslProtocols values
dotnet_diagnostic.CA5397.severity = none

# CA5398: Avoid hardcoded SslProtocols values
dotnet_diagnostic.CA5398.severity = none

# CA5399: Definitely disable HttpClient certificate revocation list check
dotnet_diagnostic.CA5399.severity = none

# CA5400: Ensure HttpClient certificate revocation list check is not disabled
dotnet_diagnostic.CA5400.severity = none

# CA9999: Analyzer version mismatch
dotnet_diagnostic.CA9999.severity = none
