Generate editorconfig based rule configuration files in NuGet packages

[mavasani]

Provides editorconfig files analogous to rulesets at https://docs.microsoft.com/en-us/visualstudio/code-quality/analyzer-rule-sets?view=vs-2019#available-rule-sets

# NOTE: Requires **VS2019 16.3** or later

# All Rules with default severity
# Description: All Rules with default severity. Rules with IsEnabledByDefault = false are disabled.

# Code files
[*.{cs,vb}]


# CA1000: Do not declare static members on generic types
dotnet_diagnostic.CA1000.severity = warning

# CA1001: Types that own disposable fields should be disposable
dotnet_diagnostic.CA1001.severity = warning

# CA1003: Use generic event handler instances
dotnet_diagnostic.CA1003.severity = none

# CA1008: Enums should have zero value
dotnet_diagnostic.CA1008.severity = none

# CA1010: Collections should implement generic interface
dotnet_diagnostic.CA1010.severity = warning

# CA1012: Abstract types should not have constructors
dotnet_diagnostic.CA1012.severity = none

# CA1014: Mark assemblies with CLSCompliant
dotnet_diagnostic.CA1014.severity = none

# CA1016: Mark assemblies with assembly version
dotnet_diagnostic.CA1016.severity = warning

# CA1017: Mark assemblies with ComVisible
dotnet_diagnostic.CA1017.severity = none

# CA1018: Mark attributes with AttributeUsageAttribute
dotnet_diagnostic.CA1018.severity = warning

# CA1019: Define accessors for attribute arguments
dotnet_diagnostic.CA1019.severity = none

# CA1024: Use properties where appropriate
dotnet_diagnostic.CA1024.severity = none

# CA1027: Mark enums with FlagsAttribute
dotnet_diagnostic.CA1027.severity = none

# CA1028: Enum Storage should be Int32
dotnet_diagnostic.CA1028.severity = warning

# CA1030: Use events where appropriate
dotnet_diagnostic.CA1030.severity = warning

# CA1031: Do not catch general exception types
dotnet_diagnostic.CA1031.severity = warning

# CA1032: Implement standard exception constructors
dotnet_diagnostic.CA1032.severity = warning

# CA1033: Interface methods should be callable by child types
dotnet_diagnostic.CA1033.severity = none

# CA1034: Nested types should not be visible
dotnet_diagnostic.CA1034.severity = warning

# CA1036: Override methods on comparable types
dotnet_diagnostic.CA1036.severity = warning

# CA1040: Avoid empty interfaces
dotnet_diagnostic.CA1040.severity = warning

# CA1041: Provide ObsoleteAttribute message
dotnet_diagnostic.CA1041.severity = warning

# CA1043: Use Integral Or String Argument For Indexers
dotnet_diagnostic.CA1043.severity = warning

# CA1044: Properties should not be write only
dotnet_diagnostic.CA1044.severity = warning

# CA1050: Declare types in namespaces
dotnet_diagnostic.CA1050.severity = none

# CA1051: Do not declare visible instance fields
dotnet_diagnostic.CA1051.severity = warning

# CA1052: Static holder types should be Static or NotInheritable
dotnet_diagnostic.CA1052.severity = warning

# CA1054: Uri parameters should not be strings
dotnet_diagnostic.CA1054.severity = warning

# CA1055: Uri return values should not be strings
dotnet_diagnostic.CA1055.severity = warning

# CA1056: Uri properties should not be strings
dotnet_diagnostic.CA1056.severity = warning

# CA1058: Types should not extend certain base types
dotnet_diagnostic.CA1058.severity = warning

# CA1060: Move pinvokes to native methods class
dotnet_diagnostic.CA1060.severity = none

# CA1061: Do not hide base class methods
dotnet_diagnostic.CA1061.severity = warning

# CA1062: Validate arguments of public methods
dotnet_diagnostic.CA1062.severity = warning

# CA1063: Implement IDisposable Correctly
dotnet_diagnostic.CA1063.severity = warning

# CA1064: Exceptions should be public
dotnet_diagnostic.CA1064.severity = warning

# CA1065: Do not raise exceptions in unexpected locations
dotnet_diagnostic.CA1065.severity = warning

# CA1066: Type {0} should implement IEquatable<T> because it overrides Equals
dotnet_diagnostic.CA1066.severity = warning

# CA1067: Override Object.Equals(object) when implementing IEquatable<T>
dotnet_diagnostic.CA1067.severity = warning

# CA1068: CancellationToken parameters must come last
dotnet_diagnostic.CA1068.severity = warning

# CA1200: Avoid using cref tags with a prefix
dotnet_diagnostic.CA1200.severity = warning

# CA1303: Do not pass literals as localized parameters
dotnet_diagnostic.CA1303.severity = warning

# CA1304: Specify CultureInfo
dotnet_diagnostic.CA1304.severity = warning

# CA1305: Specify IFormatProvider
dotnet_diagnostic.CA1305.severity = warning

# CA1307: Specify StringComparison
dotnet_diagnostic.CA1307.severity = warning

# CA1308: Normalize strings to uppercase
dotnet_diagnostic.CA1308.severity = warning

# CA1309: Use ordinal stringcomparison
dotnet_diagnostic.CA1309.severity = none

# CA1401: P/Invokes should not be visible
dotnet_diagnostic.CA1401.severity = warning

# CA1501: Avoid excessive inheritance
dotnet_diagnostic.CA1501.severity = none

# CA1502: Avoid excessive complexity
dotnet_diagnostic.CA1502.severity = none

# CA1505: Avoid unmaintainable code
dotnet_diagnostic.CA1505.severity = none

# CA1506: Avoid excessive class coupling
dotnet_diagnostic.CA1506.severity = none

# CA1507: Use nameof to express symbol names
dotnet_diagnostic.CA1507.severity = warning

# CA1508: Avoid dead conditional code
dotnet_diagnostic.CA1508.severity = none

# CA1509: Invalid entry in code metrics rule specification file
dotnet_diagnostic.CA1509.severity = none

# CA1707: Identifiers should not contain underscores
dotnet_diagnostic.CA1707.severity = warning

# CA1708: Identifiers should differ by more than case
dotnet_diagnostic.CA1708.severity = none

# CA1710: Identifiers should have correct suffix
dotnet_diagnostic.CA1710.severity = warning

# CA1711: Identifiers should not have incorrect suffix
dotnet_diagnostic.CA1711.severity = none

# CA1712: Do not prefix enum values with type name
dotnet_diagnostic.CA1712.severity = warning

# CA1714: Flags enums should have plural names
dotnet_diagnostic.CA1714.severity = warning

# CA1715: Identifiers should have correct prefix
dotnet_diagnostic.CA1715.severity = warning

# CA1716: Identifiers should not match keywords
dotnet_diagnostic.CA1716.severity = warning

# CA1717: Only FlagsAttribute enums should have plural names
dotnet_diagnostic.CA1717.severity = warning

# CA1720: Identifier contains type name
dotnet_diagnostic.CA1720.severity = warning

# CA1721: Property names should not match get methods
dotnet_diagnostic.CA1721.severity = warning

# CA1724: Type names should not match namespaces
dotnet_diagnostic.CA1724.severity = warning

# CA1725: Parameter names should match base declaration
dotnet_diagnostic.CA1725.severity = none

# CA1801: Review unused parameters
dotnet_diagnostic.CA1801.severity = warning

# CA1802: Use literals where appropriate
dotnet_diagnostic.CA1802.severity = warning

# CA1806: Do not ignore method results
dotnet_diagnostic.CA1806.severity = warning

# CA1810: Initialize reference type static fields inline
dotnet_diagnostic.CA1810.severity = warning

# CA1812: Avoid uninstantiated internal classes
dotnet_diagnostic.CA1812.severity = warning

# CA1813: Avoid unsealed attributes
dotnet_diagnostic.CA1813.severity = none

# CA1814: Prefer jagged arrays over multidimensional
dotnet_diagnostic.CA1814.severity = warning

# CA1815: Override equals and operator equals on value types
dotnet_diagnostic.CA1815.severity = warning

# CA1816: Dispose methods should call SuppressFinalize
dotnet_diagnostic.CA1816.severity = warning

# CA1819: Properties should not return arrays
dotnet_diagnostic.CA1819.severity = warning

# CA1820: Test for empty strings using string length
dotnet_diagnostic.CA1820.severity = warning

# CA1821: Remove empty Finalizers
dotnet_diagnostic.CA1821.severity = warning

# CA1822: Mark members as static
dotnet_diagnostic.CA1822.severity = warning

# CA1823: Avoid unused private fields
dotnet_diagnostic.CA1823.severity = warning

# CA1824: Mark assemblies with NeutralResourcesLanguageAttribute
dotnet_diagnostic.CA1824.severity = warning

# CA1825: Avoid zero-length array allocations.
dotnet_diagnostic.CA1825.severity = warning

# CA1826: Do not use Enumerable methods on indexable collections. Instead use the collection directly
dotnet_diagnostic.CA1826.severity = warning

# CA1827: Do not use Count() or LongCount() when Any() can be used
dotnet_diagnostic.CA1827.severity = warning

# CA1828: Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used
dotnet_diagnostic.CA1828.severity = warning

# CA1829: Use Length/Count property instead of Count() when available
dotnet_diagnostic.CA1829.severity = warning

# CA2000: Dispose objects before losing scope
dotnet_diagnostic.CA2000.severity = warning

# CA2002: Do not lock on objects with weak identity
dotnet_diagnostic.CA2002.severity = warning

# CA2007: Consider calling ConfigureAwait on the awaited task
dotnet_diagnostic.CA2007.severity = warning

# CA2008: Do not create tasks without passing a TaskScheduler
dotnet_diagnostic.CA2008.severity = warning

# CA2009: Do not call ToImmutableCollection on an ImmutableCollection value
dotnet_diagnostic.CA2009.severity = warning

# CA2010: Always consume the value returned by methods marked with PreserveSigAttribute
dotnet_diagnostic.CA2010.severity = warning

# CA2100: Review SQL queries for security vulnerabilities
dotnet_diagnostic.CA2100.severity = warning

# CA2101: Specify marshaling for P/Invoke string arguments
dotnet_diagnostic.CA2101.severity = warning

# CA2119: Seal methods that satisfy private interfaces
dotnet_diagnostic.CA2119.severity = warning

# CA2153: Do Not Catch Corrupted State Exceptions
dotnet_diagnostic.CA2153.severity = warning

# CA2200: Rethrow to preserve stack details.
dotnet_diagnostic.CA2200.severity = warning

# CA2201: Do not raise reserved exception types
dotnet_diagnostic.CA2201.severity = none

# CA2207: Initialize value type static fields inline
dotnet_diagnostic.CA2207.severity = warning

# CA2208: Instantiate argument exceptions correctly
dotnet_diagnostic.CA2208.severity = warning

# CA2211: Non-constant fields should not be visible
dotnet_diagnostic.CA2211.severity = warning

# CA2213: Disposable fields should be disposed
dotnet_diagnostic.CA2213.severity = warning

# CA2214: Do not call overridable methods in constructors
dotnet_diagnostic.CA2214.severity = warning

# CA2216: Disposable types should declare finalizer
dotnet_diagnostic.CA2216.severity = warning

# CA2217: Do not mark enums with FlagsAttribute
dotnet_diagnostic.CA2217.severity = none

# CA2218: Override GetHashCode on overriding Equals
dotnet_diagnostic.CA2218.severity = warning

# CA2219: Do not raise exceptions in finally clauses
dotnet_diagnostic.CA2219.severity = warning

# CA2224: Override Equals on overloading operator equals
dotnet_diagnostic.CA2224.severity = warning

# CA2225: Operator overloads have named alternates
dotnet_diagnostic.CA2225.severity = warning

# CA2226: Operators should have symmetrical overloads
dotnet_diagnostic.CA2226.severity = warning

# CA2227: Collection properties should be read only
dotnet_diagnostic.CA2227.severity = warning

# CA2229: Implement serialization constructors
dotnet_diagnostic.CA2229.severity = warning

# CA2231: Overload operator equals on overriding value type Equals
dotnet_diagnostic.CA2231.severity = warning

# CA2234: Pass system uri objects instead of strings
dotnet_diagnostic.CA2234.severity = warning

# CA2235: Mark all non-serializable fields
dotnet_diagnostic.CA2235.severity = warning

# CA2237: Mark ISerializable types with serializable
dotnet_diagnostic.CA2237.severity = warning

# CA2241: Provide correct arguments to formatting methods
dotnet_diagnostic.CA2241.severity = warning

# CA2242: Test for NaN correctly
dotnet_diagnostic.CA2242.severity = warning

# CA2243: Attribute string literals should parse correctly
dotnet_diagnostic.CA2243.severity = warning

# CA2244: Do not duplicate indexed element initializations
dotnet_diagnostic.CA2244.severity = warning

# CA2245: Do not assign a property to itself.
dotnet_diagnostic.CA2245.severity = warning

# CA2246: Assigning symbol and its member in the same statement.
dotnet_diagnostic.CA2246.severity = warning

# CA2300: Do not use insecure deserializer BinaryFormatter
dotnet_diagnostic.CA2300.severity = none

# CA2301: Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder
dotnet_diagnostic.CA2301.severity = none

# CA2302: Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize
dotnet_diagnostic.CA2302.severity = none

# CA2305: Do not use insecure deserializer LosFormatter
dotnet_diagnostic.CA2305.severity = none

# CA2310: Do not use insecure deserializer NetDataContractSerializer
dotnet_diagnostic.CA2310.severity = none

# CA2311: Do not deserialize without first setting NetDataContractSerializer.Binder
dotnet_diagnostic.CA2311.severity = none

# CA2312: Ensure NetDataContractSerializer.Binder is set before deserializing
dotnet_diagnostic.CA2312.severity = none

# CA2315: Do not use insecure deserializer ObjectStateFormatter
dotnet_diagnostic.CA2315.severity = none

# CA2321: Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
dotnet_diagnostic.CA2321.severity = none

# CA2322: Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
dotnet_diagnostic.CA2322.severity = none

# CA2326: Do not use TypeNameHandling values other than None
dotnet_diagnostic.CA2326.severity = none

# CA2327: Do not use insecure JsonSerializerSettings
dotnet_diagnostic.CA2327.severity = none

# CA2328: Ensure that JsonSerializerSettings are secure
dotnet_diagnostic.CA2328.severity = none

# CA2329: Do not deserialize with JsonSerializer using an insecure configuration
dotnet_diagnostic.CA2329.severity = none

# CA2330: Ensure that JsonSerializer has a secure configuration when deserializing
dotnet_diagnostic.CA2330.severity = none

# CA3001: Review code for SQL injection vulnerabilities
dotnet_diagnostic.CA3001.severity = none

# CA3002: Review code for XSS vulnerabilities
dotnet_diagnostic.CA3002.severity = none

# CA3003: Review code for file path injection vulnerabilities
dotnet_diagnostic.CA3003.severity = none

# CA3004: Review code for information disclosure vulnerabilities
dotnet_diagnostic.CA3004.severity = none

# CA3005: Review code for LDAP injection vulnerabilities
dotnet_diagnostic.CA3005.severity = none

# CA3006: Review code for process command injection vulnerabilities
dotnet_diagnostic.CA3006.severity = none

# CA3007: Review code for open redirect vulnerabilities
dotnet_diagnostic.CA3007.severity = none

# CA3008: Review code for XPath injection vulnerabilities
dotnet_diagnostic.CA3008.severity = none

# CA3009: Review code for XML injection vulnerabilities
dotnet_diagnostic.CA3009.severity = none

# CA3010: Review code for XAML injection vulnerabilities
dotnet_diagnostic.CA3010.severity = none

# CA3011: Review code for DLL injection vulnerabilities
dotnet_diagnostic.CA3011.severity = none

# CA3012: Review code for regex injection vulnerabilities
dotnet_diagnostic.CA3012.severity = none

# CA3061: Do Not Add Schema By URL
dotnet_diagnostic.CA3061.severity = warning

# CA3075: Insecure DTD processing in XML
dotnet_diagnostic.CA3075.severity = warning

# CA3076: Insecure XSLT script processing.
dotnet_diagnostic.CA3076.severity = warning

# CA3077: Insecure Processing in API Design, XmlDocument and XmlTextReader
dotnet_diagnostic.CA3077.severity = warning

# CA3147: Mark Verb Handlers With Validate Antiforgery Token
dotnet_diagnostic.CA3147.severity = warning

# CA5350: Do Not Use Weak Cryptographic Algorithms
dotnet_diagnostic.CA5350.severity = warning

# CA5351: Do Not Use Broken Cryptographic Algorithms
dotnet_diagnostic.CA5351.severity = warning

# CA5358: Do Not Use Unsafe Cipher Modes
dotnet_diagnostic.CA5358.severity = none

# CA5359: Do Not Disable Certificate Validation
dotnet_diagnostic.CA5359.severity = warning

# CA5360: Do Not Call Dangerous Methods In Deserialization
dotnet_diagnostic.CA5360.severity = warning

# CA5361: Do Not Disable SChannel Use of Strong Crypto
dotnet_diagnostic.CA5361.severity = warning

# CA5362: Do Not Refer Self In Serializable Class
dotnet_diagnostic.CA5362.severity = none

# CA5363: Do Not Disable Request Validation
dotnet_diagnostic.CA5363.severity = warning

# CA5364: Do Not Use Deprecated Security Protocols
dotnet_diagnostic.CA5364.severity = warning

# CA5365: Do Not Disable HTTP Header Checking
dotnet_diagnostic.CA5365.severity = warning

# CA5366: Use XmlReader For DataSet Read Xml
dotnet_diagnostic.CA5366.severity = warning

# CA5367: Do Not Serialize Types With Pointer Fields
dotnet_diagnostic.CA5367.severity = none

# CA5368: Set ViewStateUserKey For Classes Derived From Page
dotnet_diagnostic.CA5368.severity = warning

# CA5369: Use XmlReader For Deserialize
dotnet_diagnostic.CA5369.severity = warning

# CA5370: Use XmlReader For Validating Reader
dotnet_diagnostic.CA5370.severity = warning

# CA5371: Use XmlReader For Schema Read
dotnet_diagnostic.CA5371.severity = warning

# CA5372: Use XmlReader For XPathDocument
dotnet_diagnostic.CA5372.severity = warning

# CA5373: Do not use obsolete key derivation function
dotnet_diagnostic.CA5373.severity = warning

# CA5374: Do Not Use XslTransform
dotnet_diagnostic.CA5374.severity = warning

# CA5375: Do Not Use Account Shared Access Signature
dotnet_diagnostic.CA5375.severity = none

# CA5376: Use SharedAccessProtocol HttpsOnly
dotnet_diagnostic.CA5376.severity = warning

# CA5377: Use Container Level Access Policy
dotnet_diagnostic.CA5377.severity = warning

# CA5378: Do not disable ServicePointManagerSecurityProtocols
dotnet_diagnostic.CA5378.severity = warning

# CA5379: Do Not Use Weak Key Derivation Function Algorithm
dotnet_diagnostic.CA5379.severity = warning

# CA5380: Do Not Add Certificates To Root Store
dotnet_diagnostic.CA5380.severity = warning

# CA5381: Ensure Certificates Are Not Added To Root Store
dotnet_diagnostic.CA5381.severity = warning

# CA5382: Use Secure Cookies In ASP.Net Core
dotnet_diagnostic.CA5382.severity = none

# CA5383: Ensure Use Secure Cookies In ASP.Net Core
dotnet_diagnostic.CA5383.severity = none

# CA5384: Do Not Use Digital Signature Algorithm (DSA)
dotnet_diagnostic.CA5384.severity = warning

# CA5385: Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size
dotnet_diagnostic.CA5385.severity = warning

# CA5386: Avoid hardcoding SecurityProtocolType value
dotnet_diagnostic.CA5386.severity = none

# CA5387: Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
dotnet_diagnostic.CA5387.severity = none

# CA5388: Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
dotnet_diagnostic.CA5388.severity = none

# CA5389: Do Not Add Archive Item's Path To The Target File System Path
dotnet_diagnostic.CA5389.severity = none

# CA5390: Do Not Hard Code Encryption Key
dotnet_diagnostic.CA5390.severity = none

# CA5391: Use antiforgery tokens in ASP.NET Core MVC controllers
dotnet_diagnostic.CA5391.severity = warning

# CA5392: Use DefaultDllImportSearchPaths attribute for P/Invokes
dotnet_diagnostic.CA5392.severity = none

# CA5393: Do not use unsafe DllImportSearchPath value
dotnet_diagnostic.CA5393.severity = none

# CA5394: Do not use insecure randomness
dotnet_diagnostic.CA5394.severity = none

# CA5395: Miss HttpVerb attribute for action methods
dotnet_diagnostic.CA5395.severity = none

# CA5396: Set HttpOnly to true for HttpCookie
dotnet_diagnostic.CA5396.severity = none

# CA5397: Do not use deprecated SslProtocols values
dotnet_diagnostic.CA5397.severity = warning

# CA5398: Avoid hardcoded SslProtocols values
dotnet_diagnostic.CA5398.severity = none

# CA5399: Definitely disable HttpClient certificate revocation list check
dotnet_diagnostic.CA5399.severity = none

# CA5400: Ensure HttpClient certificate revocation list check is not disabled
dotnet_diagnostic.CA5400.severity = none

# CA9999: Analyzer version mismatch
dotnet_diagnostic.CA9999.severity = warning

[mavasani]

Actually going to fix the generated editorconfig files to avoid duplicate entries... Will push a separate commit.

[mavasani]

Actually going to fix the generated editorconfig files to avoid duplicate entries... Will push a separate commit.

Fixed now. PR is ready for review.

[sharwell]

The editorconfig specification was updated to clarify that the behavior for end of line comments is undefined. The generated comments should be moved to the preceding line.

[mavasani]

The editorconfig specification was updated to clarify that the behavior for end of line comments is undefined. The generated comments should be moved to the preceding line.

Ah, thanks good to know. I had it that way first but it was causing the file to become 3x times larger and the current form seemed to work. I will switch back to comments in the preceding line.

[mavasani]

Done - updated the sample editorconfig in the PR description.

[dotpaul]

🚢