Please use SecurityCodeScan.VS2019 NuGet instead
Requires NuGet 2.8 or higher.
dotnet add package SecurityCodeScan.VS2017 --version 3.5.4
NuGet\Install-Package SecurityCodeScan.VS2017 -Version 3.5.4
<PackageReference Include="SecurityCodeScan.VS2017" Version="3.5.4"> <PrivateAssets>all</PrivateAssets> <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets> </PackageReference>
paket add SecurityCodeScan.VS2017 --version 3.5.4
#r "nuget: SecurityCodeScan.VS2017, 3.5.4"
// Install SecurityCodeScan.VS2017 as a Cake Addin #addin nuget:?package=SecurityCodeScan.VS2017&version=3.5.4 // Install SecurityCodeScan.VS2017 as a Cake Tool #tool nuget:?package=SecurityCodeScan.VS2017&version=3.5.4
This extension is legacy and is no longer maintained, please use SecurityCodeScan VS2019 instead.
Security static code analyzer for .NET
Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.
Basic intraprocedural taint analysis for input data.
Analyzes .NET and .NET Core projects in a background (IntelliSense) or during a build.
Continuous Integration (CI) through MSBuild. For Unix CI runners please use VS2017 nuget package.
Works with Visual Studio 2017 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.
Learn more about Target Frameworks and .NET Standard.
This package has no dependencies.
This package is not used by any NuGet packages.
This package is not used by any popular GitHub repositories.