You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have been using SecurityCodeScan for years for our projects. However, we noticed the lack of releases on NuGet and the lack of activity in this project. That makes me wonder if this project is still maintained, or even needed.
There are several issues with this library:
Newer Asp.Net Core features are not covered (for example minimap api), so the possibility for false negatives is rather high.
There are several issues reported with newer dotnet versions.
Recently I performed an analysis of the rules provided here and what was provided by the .NET code analyzers and Sonarqube.
Although there are some checks that are not covered by either (SCS0023, SCS0024, SCS0034, SCS0032, SCS0033, SCS0012, SCS0019 and SCS0022) most of the checks are available and work with Asp.Net Core and minimal api's.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
We have been using SecurityCodeScan for years for our projects. However, we noticed the lack of releases on NuGet and the lack of activity in this project. That makes me wonder if this project is still maintained, or even needed.
There are several issues with this library:
Recently I performed an analysis of the rules provided here and what was provided by the .NET code analyzers and Sonarqube.
Although there are some checks that are not covered by either (SCS0023, SCS0024, SCS0034, SCS0032, SCS0033, SCS0012, SCS0019 and SCS0022) most of the checks are available and work with Asp.Net Core and minimal api's.
Beta Was this translation helpful? Give feedback.
All reactions