SecurityCodeScan.VS2017 3.3.0

Security static code analyzer for .NET

Requires NuGet 2.8 or higher.

Install-Package SecurityCodeScan.VS2017 -Version 3.3.0
dotnet add package SecurityCodeScan.VS2017 --version 3.3.0
<PackageReference Include="SecurityCodeScan.VS2017" Version="3.3.0">
  <PrivateAssets>all</PrivateAssets>
  <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
</PackageReference>
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add SecurityCodeScan.VS2017 --version 3.3.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

A version of the extension that doesn't support VS2015.

Security static code analyzer for .NET

Website

  • Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.

  • Taint analysis to track user input data.

  • One click refactoring for some vulnerabilities.

  • Analyzes .NET and .NET Core projects in a background (IntelliSense) or during a build.

  • Continuous Integration (CI) through MSBuild. For Unix CI runners please use VS2017 nuget package.

  • Works with Visual Studio 2015 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.

  • Open Source

A version of the extension that doesn't support VS2015.

Security static code analyzer for .NET

Website

  • Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.

  • Taint analysis to track user input data.

  • One click refactoring for some vulnerabilities.

  • Analyzes .NET and .NET Core projects in a background (IntelliSense) or during a build.

  • Continuous Integration (CI) through MSBuild. For Unix CI runners please use VS2017 nuget package.

  • Works with Visual Studio 2015 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.

  • Open Source

Release Notes

https://security-code-scan.github.io/#ReleaseNotes

Dependencies

This package has no dependencies.

This package is not used by any popular GitHub repositories.

Version History

Version Downloads Last updated
3.3.0 18,586 9/13/2019
3.2.0 33,092 4/20/2019
3.1.0 1,751 4/4/2019
3.0.0 48,555 12/3/2018
2.8.0 7,591 7/23/2018