SecurityCodeScan 3.4.0

Security static code analyzer for .NET

Requires NuGet 2.8 or higher.

Install-Package SecurityCodeScan -Version 3.4.0
dotnet add package SecurityCodeScan --version 3.4.0
<PackageReference Include="SecurityCodeScan" Version="3.4.0">
  <PrivateAssets>all</PrivateAssets>
  <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
</PackageReference>
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add SecurityCodeScan --version 3.4.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Security static code analyzer for .NET

Website

  • Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.

  • Taint analysis to track user input data.

  • One click refactoring for some vulnerabilities.

  • Analyzes .NET and .NET Core projects in a background (IntelliSense) or during a build.

  • Continuous Integration (CI) through MSBuild. For Unix CI runners please use VS2017 nuget package.

  • Works with Visual Studio 2015 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.

  • Open Source

Security static code analyzer for .NET

Website

  • Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.

  • Taint analysis to track user input data.

  • One click refactoring for some vulnerabilities.

  • Analyzes .NET and .NET Core projects in a background (IntelliSense) or during a build.

  • Continuous Integration (CI) through MSBuild. For Unix CI runners please use VS2017 nuget package.

  • Works with Visual Studio 2015 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.

  • Open Source

Release Notes

https://security-code-scan.github.io/#ReleaseNotes

Dependencies

This package has no dependencies.

Showing the top 2 GitHub repositories that depend on SecurityCodeScan:

Repository Stars
dotnet/orleans
Orleans is a cross-platform framework for building distributed applications with .NET
umbraco/Umbraco-CMS
The simple, flexible and friendly ASP.NET CMS used by more than 500.000 websites

Read more about the GitHub Usage information on our documentation.

Version History

Version Downloads Last updated
3.4.0 4,914 1/3/2020
3.3.0 56,603 9/13/2019
3.2.0 79,594 4/20/2019
3.1.0 4,610 4/4/2019
3.0.0 107,250 12/3/2018
2.8.0 57,997 7/23/2018
2.7.1 97,435 5/22/2018
2.7.0 140,945 4/6/2018
2.6.1 3,913 2/23/2018
2.6.0 429 2/21/2018
2.5.0 1,145 1/25/2018
2.4.1 465 12/31/2017