Fix SonarQube Scanning

[304NotModified]

msbuild-sonarqube-runner is deprecated

trying to fix #492

[codecov-io]

Codecov Report

Merging #494 (8f8f2aa) into master (a047ac1) will decrease coverage by 0.28%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #494      +/-   ##
==========================================
- Coverage   81.25%   80.96%   -0.29%     
==========================================
  Files          15       16       +1     
  Lines        1296     1345      +49     
  Branches      223      234      +11     
==========================================
+ Hits         1053     1089      +36     
- Misses        165      172       +7     
- Partials       78       84       +6     

Impacted Files	Coverage Δ
.../LayoutRenderers/MicrosoftConsoleLayoutRenderer.cs	73.46% <0.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a047ac1...8f8f2aa. Read the comment docs.

[304NotModified]

I seems the branch needs to passed, as it's all on master

[304NotModified]

See https://docs.sonarqube.org/latest/branches/overview/
And
https://docs.sonarqube.org/latest/analysis/pull-request/

[304NotModified]

branch analysis is now good, PR not (reported to master)

[304NotModified]

Docs: https://docs.sonarqube.org/latest/analysis/pull-request/

Parameter Name	Description
sonar.pullrequest.key	Unique identifier of your Pull Request. Must correspond to the key of the Pull Request in your ALM.e.g.: sonar.pullrequest.key=5
sonar.pullrequest.branch	The name of the branch that contains the changes to be merged.e.g.: sonar.pullrequest.branch=feature/my-new-feature
sonar.pullrequest.base	The branch into which the Pull Request will be merged.Default: mastere.g.: sonar.pullrequest.base=master

[304NotModified]

now good:

[snakefoot]

Looks like it has caused some "security issues" to become unresolved on the NLog-project:

https://sonarcloud.io/project/security_hotspots?branch=dev&id=nlog2

[304NotModified]

It's the SonarQube update itself I guess, will check it

[304NotModified]

@snakefoot doubting about this one:

https://sonarcloud.io/project/security_hotspots?branch=dev&id=nlog2#

It's because if the [Serializable]. What do you think?

[snakefoot]

No idea. Marked NestedContext as obsolete with NLog 5.0, because injecting "custom" types into remoting-context gives issues on all applications called using the obsolete remoting-protocol (Did not know this when implementing NDLC for NLog). Avoiding isuses with application using NLog NDLC that calls other application that doesn't depend on NLog and therfore doesn't know about NestedContext.

But I kept NestedContext around in NLog 5.0, because I was guessing it would allow remoting-calls between applications that depends on NLog 4 or 5.