SecurityCodeScan.VS2017 3.5.4

Security static code analyzer for .NET

Suggested Alternatives

SecurityCodeScan.VS2019

Additional Details

Please use SecurityCodeScan.VS2019 NuGet instead

Requires NuGet 2.8 or higher.

Install-Package SecurityCodeScan.VS2017 -Version 3.5.4
dotnet add package SecurityCodeScan.VS2017 --version 3.5.4
<PackageReference Include="SecurityCodeScan.VS2017" Version="3.5.4">
  <PrivateAssets>all</PrivateAssets>
  <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
</PackageReference>
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add SecurityCodeScan.VS2017 --version 3.5.4
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: SecurityCodeScan.VS2017, 3.5.4"
For F# scripts that support #r syntax, copy this into the source code to reference the package.

This extension is legacy and is no longer maintained, please use SecurityCodeScan VS2019 instead.

Security static code analyzer for .NET

Website

  • Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.

  • Basic intraprocedural taint analysis for input data.

  • Analyzes .NET and .NET Core projects in a background (IntelliSense) or during a build.

  • Continuous Integration (CI) through MSBuild. For Unix CI runners please use VS2017 nuget package.

  • Works with Visual Studio 2017 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.

  • Open Source

This extension is legacy and is no longer maintained, please use SecurityCodeScan VS2019 instead.

Security static code analyzer for .NET

Website

  • Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.

  • Basic intraprocedural taint analysis for input data.

  • Analyzes .NET and .NET Core projects in a background (IntelliSense) or during a build.

  • Continuous Integration (CI) through MSBuild. For Unix CI runners please use VS2017 nuget package.

  • Works with Visual Studio 2017 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.

  • Open Source

Release Notes

https://security-code-scan.github.io/#ReleaseNotes

Dependencies

This package has no dependencies.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version History

Version Downloads Last updated
3.5.4 4,606 2/10/2021
3.5.3 199,397 5/17/2020
3.5.2 3,100 5/8/2020
3.5.0 45,490 2/27/2020
3.4.0 16,854 1/3/2020
3.3.0 116,880 9/13/2019
3.2.0 113,364 4/20/2019
3.1.0 1,951 4/4/2019
3.0.0 62,496 12/3/2018
2.8.0 12,633 7/23/2018