{"id":5194,"name":"SonarAnalyzer.CSharp","ecosystem":"nuget","repository_url":null,"issues_count":445,"created_at":"2025-06-06T17:08:29.325Z","updated_at":"2025-06-06T17:08:29.325Z","purl":"pkg:nuget/SonarAnalyzer.CSharp","unique_repositories_count":134,"unique_repositories_count_past_30_days":7,"recent_issues":[{"uuid":"4559875279","node_id":"PR_kwDODIYC-87hMqbb","number":629,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.26.0.140279 to 10.27.0.140913","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-01T02:24:03.000Z","updated_at":"2026-06-01T02:25:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.26.0.140279","new_version":"10.27.0.140913","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.26.0.140279 to 10.27.0.140913.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.27.0.140913\n\n# Release notes - .NET Analyzers - 10.27\n\n### Feature\n[NET-1285](https://sonarsource.atlassian.net/browse/NET-1285) S2629: Add custom message for Log4Net and Castle.Core\n[NET-3666](https://sonarsource.atlassian.net/browse/NET-3666) Deprecate S5042 and move it from HotSpots to Code Smell\n[NET-3783](https://sonarsource.atlassian.net/browse/NET-3783) Update RSPEC before 10.27 release\n\n### False Positive\n[NET-2696](https://sonarsource.atlassian.net/browse/NET-2696) Fix S4260 FP: Extension Properties always raise\n\n### False Negative\n[NET-230](https://sonarsource.atlassian.net/browse/NET-230) Fix S4056 FN: SpecifyIFormatProviderOrCultureInfo for C#​13 compatibility\n[NET-2692](https://sonarsource.atlassian.net/browse/NET-2692) Fix S2190 FN: Recursive extension properties\n[NET-2705](https://sonarsource.atlassian.net/browse/NET-2705) Fix S3343 FN: Partial Constructor with attribute in definition\n[NET-2732](https://sonarsource.atlassian.net/browse/NET-2732) Fix S1172 FN: Extension blocks\n[NET-2745](https://sonarsource.atlassian.net/browse/NET-2745) Fix S4144 FN: Extension Members\n[NET-2829](https://sonarsource.atlassian.net/browse/NET-2829) Fix S3241 FN: Extension methods and extension blocks\n[NET-3541](https://sonarsource.atlassian.net/browse/NET-3541) Fix S1117 FN: add CatchDeclaration coverage and adopt LocalDeclarationKinds\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/compare/10.26.0.140279...10.27.0.140913).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.26.0.140279\u0026new-version=10.27.0.140913)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/VTEX-SDK-dotnet/pull/629","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FVTEX-SDK-dotnet/issues/629","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/629/packages"},{"uuid":"4507279288","node_id":"PR_kwDORs78Ms7ek5B_","number":32,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.22.0.136894 to 10.26.0.140279","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T07:15:22.000Z","updated_at":"2026-05-23T07:16:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.22.0.136894","new_version":"10.26.0.140279","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.22.0.136894 to 10.26.0.140279.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.26.0.140279\n\n# Release notes - .NET Analyzers - 10.26\n\n### Feature\n[NET-3694](https://sonarsource.atlassian.net/browse/NET-3694) Update RSPEC before 10.26 release\n\n### False Positive\n[NET-2346](https://sonarsource.atlassian.net/browse/NET-2346) Fix S1854 FP: Variable used after another assignment in finally\n[NET-2347](https://sonarsource.atlassian.net/browse/NET-2347) Fix S1168 FP: Do not report on value types\n[NET-3698](https://sonarsource.atlassian.net/browse/NET-3698) Fix S1210 FP: file-scoped types should be exempt \n\n### False Negative\n[NET-1265](https://sonarsource.atlassian.net/browse/NET-1265) Fix S2930 FN: raise issues on non-disposed RegistryKeys\n[NET-2685](https://sonarsource.atlassian.net/browse/NET-2685) Fix S3604 FN: Field Keyword, Partial Constructors, NullConditional Assignment\n[NET-2812](https://sonarsource.atlassian.net/browse/NET-2812) Fix S4275 FN: Field Keyword\n[NET-2999](https://sonarsource.atlassian.net/browse/NET-2999) Fix S6672 FN: Mismatch in primary constructor is not recognized\n\n\n\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits/10.26.0.140279).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.22.0.136894\u0026new-version=10.26.0.140279)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/HoBom-s/hammer-gateway/pull/32","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HoBom-s%2Fhammer-gateway/issues/32","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/32/packages"},{"uuid":"4497930608","node_id":"PR_kwDOHNT51s7eG28P","number":388,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.25.0.139117 to 10.26.0.140279","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-21T21:09:38.000Z","updated_at":"2026-05-21T21:13:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.25.0.139117","new_version":"10.26.0.140279","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.25.0.139117 to 10.26.0.140279.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.26.0.140279\n\n# Release notes - .NET Analyzers - 10.26\n\n### Feature\n[NET-3694](https://sonarsource.atlassian.net/browse/NET-3694) Update RSPEC before 10.26 release\n\n### False Positive\n[NET-2346](https://sonarsource.atlassian.net/browse/NET-2346) Fix S1854 FP: Variable used after another assignment in finally\n[NET-2347](https://sonarsource.atlassian.net/browse/NET-2347) Fix S1168 FP: Do not report on value types\n[NET-3698](https://sonarsource.atlassian.net/browse/NET-3698) Fix S1210 FP: file-scoped types should be exempt \n\n### False Negative\n[NET-1265](https://sonarsource.atlassian.net/browse/NET-1265) Fix S2930 FN: raise issues on non-disposed RegistryKeys\n[NET-2685](https://sonarsource.atlassian.net/browse/NET-2685) Fix S3604 FN: Field Keyword, Partial Constructors, NullConditional Assignment\n[NET-2812](https://sonarsource.atlassian.net/browse/NET-2812) Fix S4275 FN: Field Keyword\n[NET-2999](https://sonarsource.atlassian.net/browse/NET-2999) Fix S6672 FN: Mismatch in primary constructor is not recognized\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits/10.26.0.140279).\n\u003c/details\u003e\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mateuszlor/TaxAssistant/pull/388","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mateuszlor%2FTaxAssistant/issues/388","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/388/packages"},{"uuid":"4436395976","node_id":"PR_kwDOJCpKFc7bCbhP","number":29,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.18.0.131500 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-13T09:02:01.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-13T08:56:15.000Z","updated_at":"2026-05-13T09:02:01.000Z","time_to_close":346,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.18.0.131500","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.18.0.131500 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.18.0.131500\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/LionMarc/smusdi-regex-tools/pull/29","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LionMarc%2Fsmusdi-regex-tools/issues/29","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/29/packages"},{"uuid":"4374194677","node_id":"PR_kwDOBkRhp87X4oe3","number":346,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T05:24:51.000Z","updated_at":"2026-05-04T05:43:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/GuiStracini.Mandae/pull/346","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FGuiStracini.Mandae/issues/346","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/346/packages"},{"uuid":"4373824235","node_id":"PR_kwDOIyEMH87X3b2z","number":564,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T03:23:06.000Z","updated_at":"2026-05-04T04:17:27.743Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/Sankhya-SDK-dotnet/pull/564","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FSankhya-SDK-dotnet/issues/564","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/564/packages"},{"uuid":"4373523619","node_id":"PR_kwDODIYC-87X2gfn","number":619,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T01:22:24.000Z","updated_at":"2026-05-11T02:22:08.978Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/VTEX-SDK-dotnet/pull/619","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FVTEX-SDK-dotnet/issues/619","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/619/packages"},{"uuid":"4372465903","node_id":"PR_kwDOEU2Rg87XzWrP","number":200,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-03T17:22:20.000Z","updated_at":"2026-05-03T17:22:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Tsingis/video-converter/pull/200","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tsingis%2Fvideo-converter/issues/200","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/200/packages"},{"uuid":"4362988324","node_id":"PR_kwDOC0ogC87XWUM7","number":91,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.22.0.136894 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-01T05:25:04.000Z","updated_at":"2026-05-01T05:26:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.22.0.136894","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.22.0.136894 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.22.0.136894\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Nivaes/Iso20022Net/pull/91","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nivaes%2FIso20022Net/issues/91","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/91/packages"},{"uuid":"4362537323","node_id":"PR_kwDOQ4I8ac7XU389","number":47,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.23.0.137933 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-01T02:54:59.000Z","updated_at":"2026-05-01T02:57:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.23.0.137933","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.23.0.137933 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.23.0.137933\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Bertk/coverlet-examples/pull/47","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bertk%2Fcoverlet-examples/issues/47","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/47/packages"},{"uuid":"4339643121","node_id":"PR_kwDOHNT51s7WJ3md","number":363,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.23.0.137933 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-28T00:14:08.000Z","updated_at":"2026-04-28T00:17:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.23.0.137933","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.23.0.137933 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mateuszlor/TaxAssistant/pull/363","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mateuszlor%2FTaxAssistant/issues/363","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/363/packages"},{"uuid":"4339514526","node_id":"PR_kwDOPzto7M7WJdOT","number":20,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-27T23:40:51.000Z","updated_at":"2026-04-27T23:41:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Nexus-Project-app/Api/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nexus-Project-app%2FApi/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"},{"uuid":"4332265725","node_id":"PR_kwDONQs_787VyIhC","number":13,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-03T23:24:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-26T23:23:31.000Z","updated_at":"2026-05-03T23:24:04.000Z","time_to_close":604831,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.Configuration/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.Configuration/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"},{"uuid":"4330465496","node_id":"PR_kwDOBvZ49c7Vs41t","number":228,"state":"open","title":"nuget: Bump SonarAnalyzer.CSharp from 10.23.0.137933 to 10.24.0.138807","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-26T08:56:08.000Z","updated_at":"2026-04-26T08:56:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"nuget: Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.23.0.137933","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.23.0.137933 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.23.0.137933\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/NAnt2/NAnt2/pull/228","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NAnt2%2FNAnt2/issues/228","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/228/packages"},{"uuid":"4329387499","node_id":"PR_kwDONTrzG87VpuBA","number":12,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-02T22:23:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-25T22:23:15.000Z","updated_at":"2026-05-02T22:23:21.000Z","time_to_close":604805,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.WcfServer/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.WcfServer/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"4326785858","node_id":"PR_kwDONTsyJM7Vh8m2","number":9,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-02T03:33:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-25T02:43:29.000Z","updated_at":"2026-05-02T03:33:15.000Z","time_to_close":607784,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.WindowAutomation/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.WindowAutomation/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4324818055","node_id":"PR_kwDOSLtuKc7Vbdsd","number":6,"state":"open","title":"Bump Meziantou.Analyzer and SonarAnalyzer.CSharp","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-24T18:24:35.000Z","updated_at":"2026-04-24T19:33:59.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"Meziantou.Analyzer","repository_url":"https://github.com/meziantou/Meziantou.Analyzer"},{"name":"SonarAnalyzer.CSharp","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [Meziantou.Analyzer](https://github.com/meziantou/Meziantou.Analyzer) from 2.0.187 to 3.0.52.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [Meziantou.Analyzer's releases](https://github.com/meziantou/Meziantou.Analyzer/releases)._\n\n## 3.0.52\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.52\u003e\n\n## What's Changed\n* Expand documentation for MA0065, MA0066, and MA0069 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1099\n* MA0050: improve Throw* argument validation detection by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1100\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.51...3.0.52\n\n## 3.0.51\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.51\u003e\n\n## What's Changed\n* Extend MA0067 detection for empty Guid patterns by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1098\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.50...3.0.51\n\n## 3.0.50\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.50\u003e\n\n## What's Changed\n* Handle local variable values in MA0173 analyzer by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1097\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.49...3.0.50\n\n## 3.0.49\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.49\u003e\n\n## What's Changed\n* MA0182: treat `is` type checks as internal type usage by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1096\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.48...3.0.49\n\n## 3.0.48\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.48\u003e\n\n## What's Changed\n* Fix MA0004 code fix crash with chained await using by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1094\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.47...3.0.48\n\n## 3.0.47\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.47\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.46...3.0.47\n\n## 3.0.46\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.46\u003e\n\n## What's Changed\n* Add MA0192: Use HasFlag instead of bitwise checks with analyzer and fixer by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1091\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.45...3.0.46\n\n## 3.0.45\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.45\u003e\n\n## What's Changed\n* Fix MA0135/MA0139: Serilog `@` destructuring prefix not stripped consistently for multi-parameter log calls by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1089\n* Enable batch fix (Fix All) for MA0190 UseRegexSourceGenerator by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1090\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.44...3.0.45\n\n## 3.0.44\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.44\u003e\n\n## What's Changed\n* MA0011: suppress diagnostic when all AppendFormat template arguments are culture-insensitive by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1085\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.43...3.0.44\n\n## 3.0.43\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.43\u003e\n\n## What's Changed\n* Fix expression parenthesis in code fixers by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1083\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.42...3.0.43\n\n## 3.0.42\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.42\u003e\n\n## What's Changed\n* Cache IsAwaitable result for the no-SyntaxNode overload by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1082\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.41...3.0.42\n\n## 3.0.41\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.41\u003e\n\n## What's Changed\n* Improve MA0042 async overload matching coverage by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1065\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.40...3.0.41\n\n## 3.0.40\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.40\u003e\n\n## What's Changed\n* Add MA0191: Detect null! and default! usage by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1081\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.39...3.0.40\n\n## 3.0.39\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.39\u003e\n\n## What's Changed\n* Add code fixes for MA0094-MA0097 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1078\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.38...3.0.39\n\n## 3.0.38\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.38\u003e\n\n## What's Changed\n* Fix typos and grammar across all 188 rule documentation files by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1076\n* Add code fixers for MA0118, MA0161, and MA0186 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1079\n* Validate fix conditions in RegisterCodeFixesAsync before registering code fixes by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1077\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.37...3.0.38\n\n## 3.0.37\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.37\u003e\n\n## What's Changed\n* docs: require updating rule docs when rules change by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1075\n* Add code fixers for MA0138/44/46/52/56/57/58/60/69/73 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1074\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.36...3.0.37\n\n## 3.0.36\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.36\u003e\n\n## What's Changed\n* Add missing code fixers for 10 analyzer rules by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1073\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.35...3.0.36\n\n## 3.0.35\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.35\u003e\n\n## What's Changed\n* Add missing code fixers for MA0088-MA0137 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1072\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.34...3.0.35\n\n## 3.0.34\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.34\u003e\n\n## What's Changed\n* Add code fixer for MA0174 (Record should use explicit 'class' keyword) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1070\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.33...3.0.34\n\n## 3.0.33\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.33\u003e\n\n## What's Changed\n* Add code fixer for MA0173 (Use LazyInitializer.EnsureInitialized) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1071\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.32...3.0.33\n\n## 3.0.32\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.32\u003e\n\n## What's Changed\n* Add code fixer for MA0175 (Remove explicit `class` keyword from record declarations) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1069\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.31...3.0.32\n\n## 3.0.31\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.31\u003e\n\n## What's Changed\n* Add code fixer for MA0137 and MA0138 (async suffix naming) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1068\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.30...3.0.31\n\n## 3.0.30\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.30\u003e\n\n## What's Changed\n* MA0137: Add `exclude_test_methods` configuration option by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1067\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.29...3.0.30\n\n## 3.0.29\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.29\u003e\n\n## What's Changed\n* Skip NuGet publish steps for fork PRs in CI by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1063\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.28...3.0.29\n\n## 3.0.28\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.28\u003e\n\n## What's Changed\n* MA0008: Use proper blittable type check instead of IsReferenceType by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1062\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.27...3.0.28\n\n## 3.0.27\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.27\u003e\n\n## What's Changed\n* MA0190: Suggest converting [GeneratedRegex] partial methods to partial properties (C# 13+) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1060\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.26...3.0.27\n\n## 3.0.26\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.26\u003e\n\n## What's Changed\n* MA0015: Add option to allow member access expressions as parameter references by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1059\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.25...3.0.26\n\n## 3.0.25\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.25\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.24...3.0.25\n\n## 3.0.24\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.24\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.23...3.0.24\n\n## 3.0.23\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.23\u003e\n\n## What's Changed\n* Add MA0189 InlineArray analyzer and code fix by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1056\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.22...3.0.23\n\n## 3.0.22\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.22\u003e\n\n## What's Changed\n* Add MA0188: Use System.TimeProvider instead of a custom time abstraction by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1055\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.21...3.0.22\n\n## 3.0.21\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.21\u003e\n\n## What's Changed\n* Add `roslyn5.0` packing by @​viceroypenguin in https://github.com/meziantou/Meziantou.Analyzer/pull/1054\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.20...3.0.21\n\n## 3.0.20\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.20\u003e\n\n## What's Changed\n* Fix MA0068 false positive for C# 14 extension block parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1053\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.19...3.0.20\n\n## 3.0.19\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.19\u003e\n\n## What's Changed\n* MA0074: Fix StringComparison argument inserted at wrong position when trailing parameters exist by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1050\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.18...3.0.19\n\n## 3.0.18\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.18\u003e\n\n## What's Changed\n* MA0187: Migrate Blazor [Inject] property injection to constructor injection by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1048\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.17...3.0.18\n\n## 3.0.17\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.17\u003e\n\n## What's Changed\n* Refactor argument checks to use ArgumentKind.DefaultValue by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1045\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.16...3.0.17\n\n## 3.0.16\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.16\u003e\n\n## What's Changed\n* Fix MA0183 false positive when formatting argument is wrapped in parentheses by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1044\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.15...3.0.16\n\n## 3.0.15\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.15\u003e\n\n## What's Changed\n* MA0183: Extend detection to Console.Write, Console.WriteLine, and StringBuilder.AppendFormat by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1042\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.14...3.0.15\n\n## 3.0.14\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.14\u003e\n\n## What's Changed\n* docs(MA0028): Remove incorrect AppendFormat optimization example by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1039\n* docs: Document MA0158 as similar to IDE0330 by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1040\n* MA0028: Detect StringBuilder.AppendFormat with no-placeholder format strings by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1041\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.13...3.0.14\n\n## 3.0.13\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.13\u003e\n\n## What's Changed\n* Fix incorrect CA1065 → MA0072 equivalence mapping by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1028\n* Fix IDE0330 comparison incorrectly referencing MA0153 instead of MA0158 by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1036\n* docs(MA0042): Document false positive when calling sync method from its own async counterpart by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1038\n* Fix MA0158 not reported when lock field is initialized in constructor by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1037\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.12...3.0.13\n\n## 3.0.12\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.12\u003e\n\n## What's Changed\n* MA0056: Reclassify as \"similar to\" CA2214 and document differences by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1024\n* Fix MA0027 not firing for derived exception types by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1026\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.11...3.0.12\n\n## 3.0.11\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.11\u003e\n\n## What's Changed\n* Reduce test fakiness with source generators by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1022\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.10...3.0.11\n\n## 3.0.10\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.10\u003e\n\n## What's Changed\n* Add test for implicit params array in AppendLine with AppendFormat by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1021\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.9...3.0.10\n\n## 3.0.9\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.9\u003e\n\n## What's Changed\n* MA0029: Suppress all Where().X() diagnostics on IQueryable by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1017\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.8...3.0.9\n\n## 3.0.8\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.8\u003e\n\n## What's Changed\n* Remove exception handling from WithSourceGeneratorsFromNuGet and document Roslyn version testing by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1015\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.7...3.0.8\n\n## 3.0.7\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.7\u003e\n\n## What's Changed\n* Fix MA0110 to handle property initializers by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1014\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.6...3.0.7\n\n## 3.0.6\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.6\u003e\n\n## What's Changed\n* MA0110: Suggest partial property before partial method by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1013\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.5...3.0.6\n\n## 3.0.5\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.5\u003e\n\n## What's Changed\n* MA0110: Support top-level statements by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1012\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.4...3.0.5\n\n## 3.0.4\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.4\u003e\n\n## What's Changed\n* MA0110: Remove field/variable when generating partial property code fix by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1011\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.3...3.0.4\n\n## 3.0.3\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.3\u003e\n\n## What's Changed\n* MA0110: Derive generated regex names from field/variable context by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1010\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.2...3.0.3\n\n## 3.0.2\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.2\u003e\n\n## What's Changed\n* Add partial property support for MA0110 Regex Source Generator by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1009\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.1...3.0.2\n\n## 3.0.1\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.1\u003e\n\n## What's Changed\n* Remove Roslyn 3.x support by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1007\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.302...3.0.1\n\n## 2.0.302\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.302\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.301...2.0.302\n\n## 2.0.301\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.301\u003e\n\n## What's Changed\n* Fix typo in message format for diagnostic rule by @​viceroypenguin in https://github.com/meziantou/Meziantou.Analyzer/pull/1005\n\n## New Contributors\n* @​viceroypenguin made their first contribution in https://github.com/meziantou/Meziantou.Analyzer/pull/1005\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.300...2.0.301\n\n## 2.0.300\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.300\u003e\n\n## What's Changed\n* Add configuration option to allow OfT suffix for generic types with any arity by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1004\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.299...2.0.300\n\n## 2.0.299\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.299\u003e\n\n## What's Changed\n* Fix MA0184 false positive on empty interpolated strings with custom handlers by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1001\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.298...2.0.299\n\n## 2.0.298\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.298\u003e\n\n## What's Changed\n* Add MA0186: Report missing nullable attributes on Equals and TryGetValue parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/998\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.297...2.0.298\n\n## 2.0.297\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.297\u003e\n\n## What's Changed\n* MA0007: Support multiline pattern-matching expressions by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/997\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.296...2.0.297\n\n## 2.0.296\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.296\u003e\n\n## What's Changed\n* Fix MA0185 false-positive for nullable value types by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/995\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.295...2.0.296\n\n## 2.0.295\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.295\u003e\n\n## What's Changed\n* Update default TargetFramework and adjust test setups by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/993\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.294...2.0.295\n\n## 2.0.294\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.294\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.293...2.0.294\n\n## 2.0.293\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.293\u003e\n\n## What's Changed\n* Fix MA0183 false-positive with params array arguments in string.Format by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/991\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.292...2.0.293\n\n## 2.0.292\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.292\u003e\n\n## What's Changed\n* Enable MA0184 by default with silent severity by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/988\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.291...2.0.292\n\n## 2.0.291\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.291\u003e\n\n## What's Changed\n* MA0185: Add tests and docs for literal-only interpolated strings by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/987\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.290...2.0.291\n\n## 2.0.290\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.290\u003e\n\n## What's Changed\n* Add MA0185: Simplify string.Create with culture-invariant parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/986\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.289...2.0.290\n\n## 2.0.289\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.289\u003e\n\n## What's Changed\n* Add MA0184: Report interpolated strings without parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/984\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.288...2.0.289\n\n## 2.0.288\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.288\u003e\n\n## What's Changed\n* Disable MA0042 async overload suggestions for TemporaryDirectory in test projects by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/980\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.287...2.0.288\n\n## 2.0.287\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.287\u003e\n\n## What's Changed\n* Add MA0183: Detect string.Format without placeholders or formatting arguments by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/979\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.286...2.0.287\n\n## 2.0.286\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.286\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.285...2.0.286\n\n## 2.0.285\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.285\u003e\n\n## What's Changed\n* Add collection expression test for MA0182 by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/977\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.284...2.0.285\n\n## 2.0.284\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.284\u003e\n\n## What's Changed\n* Add code fixers for MA0182 (Avoid unused internal types) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/976\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.283...2.0.284\n\n## 2.0.283\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.283\u003e\n\n## What's Changed\n* Exempt ExecutionContext.SuppressFlow() from MA0100 diagnostic by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/974\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.282...2.0.283\n\n## 2.0.282\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.282\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.281...2.0.282\n\n## 2.0.281\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.281\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.280...2.0.281\n\n## 2.0.280\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.280\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.279...2.0.280\n\n## 2.0.279\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.279\u003e\n\n## What's Changed\n* MA0182 handles entrypoint class and extensions (C# 14) by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/972\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.278...2.0.279\n\n## 2.0.278\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.278\u003e\n\n## What's Changed\n* Fix MA0182 false positive for delegates used in new expressions by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/969\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.277...2.0.278\n\n## 2.0.277\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.277\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.276...2.0.277\n\n## 2.0.276\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.276\u003e\n\n## What's Changed\n* Fix MA0182 false positive on types with DynamicallyAccessedMembers attribute by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/963\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.275...2.0.276\n\n## 2.0.275\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.275\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.274...2.0.275\n\n## 2.0.274\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.274\u003e\n\n## What's Changed\n* Fix MA0182 to handle COM interop types with CoClass attribute by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/959\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.273...2.0.274\n\n## 2.0.273\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.273\u003e\n\n## What's Changed\n* Fix MA0182 false positive for pointer type parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/961\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.272...2.0.273\n\n## 2.0.272\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.272\u003e\n\n## What's Changed\n* Extend MA0182 to all types by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/957\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.271...2.0.272\n\n## 2.0.271\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.271\u003e\n\n## What's Changed\n* Add MA0182: Detect unused internal classes with correct handling of generic type arguments and typeof references by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/956\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.270...2.0.271\n\n## 2.0.270\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.270\u003e\n\n## What's Changed\n* Apply repository configuration by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/954\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.269...2.0.270\n\n## 2.0.269\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.269\u003e\n\n## What's Changed\n* Apply repository configuration by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/953\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.268...2.0.269\n\n## 2.0.268\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.268\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.267...2.0.268\n\n## 2.0.267\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.267\u003e\n\n## What's Changed\n* Add MA0181 - Report use of explicit casts by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/952\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.266...2.0.267\n\n## 2.0.266\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.266\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.265...2.0.266\n\n## 2.0.265\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.265\u003e\n\n## What's Changed\n* Add refactoring: convert interpolated string to Format call by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/948\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.264...2.0.265\n\n## 2.0.264\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.264\u003e\n\n## What's Changed\n* Lower global_level from -1 to -100 in editorconfig files by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/944\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.263...2.0.264\n\n## 2.0.263\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.263\u003e\n\n## What's Changed\n* Add MA0180: Detect ILogger\u003cT\u003e type parameter mismatch with containing class by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/941\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.262...2.0.263\n\n## 2.0.262\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.262\u003e\n\n## What's Changed\n* Make DocumentationGenerator ignore trailing whitespace differences by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/942\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.261...2.0.262\n\n## 2.0.261\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.261\u003e\n\n## What's Changed\n* Add MA0179: Detect inefficient attribute existence checks by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/939\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.260...2.0.261\n\n## 2.0.260\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.260\u003e\n\n## What's Changed\n* Add concurrency control to serialize CI runs on main branch by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/938\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.259...2.0.260\n\n## 2.0.259\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.259\u003e\n\n## What's Changed\n* Add opt-in configuration for MA0153 to detect logging of types containing DataClassification members by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/936\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.258...2.0.259\n\n## 2.0.258\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.258\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.257...2.0.258\n\n## 2.0.257\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.257\u003e\n\n## What's Changed\n* Fix MA0042 to not flag SemaphoreSlim.Wait(0) as blocking by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/934\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.256...2.0.257\n\n## 2.0.256\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.256\u003e\n\n## What's Changed\n* Clarify MA0093 only applies to event invocations, not regular method calls by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/933\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.255...2.0.256\n\n## 2.0.255\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.255\u003e\n\n## What's Changed\n* Use GlobalAnalyzerConfigFiles with global_level=-1 for analyzer configuration by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/932\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.254...2.0.255\n\nCommits viewable in [compare view](https://github.com/meziantou/Meziantou.Analyzer/commits/3.0.52).\n\u003c/details\u003e\n\nUpdated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.4.0.108396 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\n## 10.8\n\nA small release with a few improvements for S1172, S2222 and S4158:\n\n### False Positive\n\n* [NET-1210](https://sonarsource.atlassian.net/browse/NET-1210) - Fix S4158 FP: collection filled by another function\n* [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter is used in local function  in a null-conditional or null-coalescing statement\n### False Negative\n\n* [NET-427](https://sonarsource.atlassian.net/browse/NET-427) - Fix S2222 FN: Support locking via Lock object primitives\n* [NET-1228](https://sonarsource.atlassian.net/browse/NET-1228) - Fix S4158 FN: Support LinkedList\n\n\n\n\n## 10.7\n\n\n### Improvement\n\n* [NET-1116](https://sonarsource.atlassian.net/browse/NET-1116) - Deprecate S1227: break statements should not be used except for switch cases\n* [NET-1045](https://sonarsource.atlassian.net/browse/NET-1045) - Remove unused AnalyzerId and RuleNamespace server properties\n\n### Bug\n\n* [NET-1047](https://sonarsource.atlassian.net/browse/NET-1047) - Fix install scripts for NuGet packages\n\n\n\n## 10.6\n\n### Improvement\n\n* [NET-735](https://sonarsource.atlassian.net/browse/NET-735) - Remove RoslynProfileExporter\n* [NET-1031](https://sonarsource.atlassian.net/browse/NET-1031) - Remove deprecated SonarLintProfileExporter\n* [NET-1038](https://sonarsource.atlassian.net/browse/NET-1038) - Add symbolic-execution tag to our rules\n* [NET-988](https://sonarsource.atlassian.net/browse/NET-988) - Remove S1197 from SonarWay for VB.NET\n* [NET-989](https://sonarsource.atlassian.net/browse/NET-989) - S3444: Add secondary location message\n* [NET-982](https://sonarsource.atlassian.net/browse/NET-982) - S4144: Add secondary location message\n* [NET-979](https://sonarsource.atlassian.net/browse/NET-979) - S4663: Add secondary location message \n* [NET-978](https://sonarsource.atlassian.net/browse/NET-978) - S1168: Add secondary location message\n* [NET-977](https://sonarsource.atlassian.net/browse/NET-977) - S4047: Add secondary location message\n* [NET-976](https://sonarsource.atlassian.net/browse/NET-976) - S4457: Add secondary location message\n* [NET-975](https://sonarsource.atlassian.net/browse/NET-975) - S1066: Add secondary location message\n* [NET-974](https://sonarsource.atlassian.net/browse/NET-974) - S4070: Add secondary location message\n* [NET-973](https://sonarsource.atlassian.net/browse/NET-973) - S1110: Add secondary location message\n* [NET-971](https://sonarsource.atlassian.net/browse/NET-971) - S2612: Add secondary location message\n* [NET-970](https://sonarsource.atlassian.net/browse/NET-970) - S6667: Add secondary location message\n* [NET-969](https://sonarsource.atlassian.net/browse/NET-969) - S6931: Add secondary location message\n* [NET-968](https://sonarsource.atlassian.net/browse/NET-968) - S6934: Add secondary location message\n* [NET-967](https://sonarsource.atlassian.net/browse/NET-967) - S5034: Add secondary location message\n* [NET-966](https://sonarsource.atlassian.net/browse/NET-966) - S6607: Add secondary location message\n* [NET-965](https://sonarsource.atlassian.net/browse/NET-965) - S4143: Add secondary location message\n* [NET-961](https://sonarsource.atlassian.net/browse/NET-961) - S6664: Add secondary location message\n* [NET-960](https://sonarsource.atlassian.net/browse/NET-960) - S6677: Add secondary location message\n* [NET-956](https://sonarsource.atlassian.net/browse/NET-956) - S6673: Add secondary location message\n\n\n## 10.5\n\n### Improvement\n\n* [NET-957](https://sonarsource.atlassian.net/browse/NET-957) - S5693: Add secondary location message\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e","html_url":"https://github.com/mghabin/entra-auth-patterns-dotnet/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mghabin%2Fentra-auth-patterns-dotnet/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4306362253","node_id":"PR_kwDONR7yRc7UfK5L","number":15,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-29T02:24:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-22T02:24:41.000Z","updated_at":"2026-04-29T02:24:58.000Z","time_to_close":604815,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.ApkImageView/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.ApkImageView/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4265853568","node_id":"PR_kwDONR7yRc7Sfrnl","number":14,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.23.0.137933","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-22T02:24:43.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-15T02:24:57.000Z","updated_at":"2026-04-22T02:24:44.000Z","time_to_close":604786,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.23.0.137933","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.23.0.137933.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.23.0.137933)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.ApkImageView/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.ApkImageView/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4251050306","node_id":"PR_kwDOIyEMH87R204f","number":557,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.22.0.136894 to 10.23.0.137933","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages","☑️ auto-merge","🤖 bot"],"assignees":["guibranco"],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-13T03:27:08.000Z","updated_at":"2026-04-13T06:13:40.382Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.22.0.136894","new_version":"10.23.0.137933","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.22.0.136894 to 10.23.0.137933.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.22.0.136894\u0026new-version=10.23.0.137933)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/Sankhya-SDK-dotnet/pull/557","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FSankhya-SDK-dotnet/issues/557","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/557/packages"}],"issue_packages":[{"old_version":"10.26.0.140279","new_version":"10.27.0.140913","update_type":"minor","path":null,"pr_created_at":"2026-06-01T02:24:03.000Z","version_change":"10.26.0.140279 → 10.27.0.140913","issue":{"uuid":"4559875279","node_id":"PR_kwDODIYC-87hMqbb","number":629,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.26.0.140279 to 10.27.0.140913","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-01T02:24:03.000Z","updated_at":"2026-06-01T02:25:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.26.0.140279","new_version":"10.27.0.140913","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.26.0.140279 to 10.27.0.140913.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.27.0.140913\n\n# Release notes - .NET Analyzers - 10.27\n\n### Feature\n[NET-1285](https://sonarsource.atlassian.net/browse/NET-1285) S2629: Add custom message for Log4Net and Castle.Core\n[NET-3666](https://sonarsource.atlassian.net/browse/NET-3666) Deprecate S5042 and move it from HotSpots to Code Smell\n[NET-3783](https://sonarsource.atlassian.net/browse/NET-3783) Update RSPEC before 10.27 release\n\n### False Positive\n[NET-2696](https://sonarsource.atlassian.net/browse/NET-2696) Fix S4260 FP: Extension Properties always raise\n\n### False Negative\n[NET-230](https://sonarsource.atlassian.net/browse/NET-230) Fix S4056 FN: SpecifyIFormatProviderOrCultureInfo for C#​13 compatibility\n[NET-2692](https://sonarsource.atlassian.net/browse/NET-2692) Fix S2190 FN: Recursive extension properties\n[NET-2705](https://sonarsource.atlassian.net/browse/NET-2705) Fix S3343 FN: Partial Constructor with attribute in definition\n[NET-2732](https://sonarsource.atlassian.net/browse/NET-2732) Fix S1172 FN: Extension blocks\n[NET-2745](https://sonarsource.atlassian.net/browse/NET-2745) Fix S4144 FN: Extension Members\n[NET-2829](https://sonarsource.atlassian.net/browse/NET-2829) Fix S3241 FN: Extension methods and extension blocks\n[NET-3541](https://sonarsource.atlassian.net/browse/NET-3541) Fix S1117 FN: add CatchDeclaration coverage and adopt LocalDeclarationKinds\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/compare/10.26.0.140279...10.27.0.140913).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.26.0.140279\u0026new-version=10.27.0.140913)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/VTEX-SDK-dotnet/pull/629","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FVTEX-SDK-dotnet/issues/629","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/629/packages"}},{"old_version":"10.22.0.136894","new_version":"10.26.0.140279","update_type":"minor","path":null,"pr_created_at":"2026-05-23T07:15:22.000Z","version_change":"10.22.0.136894 → 10.26.0.140279","issue":{"uuid":"4507279288","node_id":"PR_kwDORs78Ms7ek5B_","number":32,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.22.0.136894 to 10.26.0.140279","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T07:15:22.000Z","updated_at":"2026-05-23T07:16:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.22.0.136894","new_version":"10.26.0.140279","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.22.0.136894 to 10.26.0.140279.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.26.0.140279\n\n# Release notes - .NET Analyzers - 10.26\n\n### Feature\n[NET-3694](https://sonarsource.atlassian.net/browse/NET-3694) Update RSPEC before 10.26 release\n\n### False Positive\n[NET-2346](https://sonarsource.atlassian.net/browse/NET-2346) Fix S1854 FP: Variable used after another assignment in finally\n[NET-2347](https://sonarsource.atlassian.net/browse/NET-2347) Fix S1168 FP: Do not report on value types\n[NET-3698](https://sonarsource.atlassian.net/browse/NET-3698) Fix S1210 FP: file-scoped types should be exempt \n\n### False Negative\n[NET-1265](https://sonarsource.atlassian.net/browse/NET-1265) Fix S2930 FN: raise issues on non-disposed RegistryKeys\n[NET-2685](https://sonarsource.atlassian.net/browse/NET-2685) Fix S3604 FN: Field Keyword, Partial Constructors, NullConditional Assignment\n[NET-2812](https://sonarsource.atlassian.net/browse/NET-2812) Fix S4275 FN: Field Keyword\n[NET-2999](https://sonarsource.atlassian.net/browse/NET-2999) Fix S6672 FN: Mismatch in primary constructor is not recognized\n\n\n\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits/10.26.0.140279).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.22.0.136894\u0026new-version=10.26.0.140279)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/HoBom-s/hammer-gateway/pull/32","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HoBom-s%2Fhammer-gateway/issues/32","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/32/packages"}},{"old_version":"10.25.0.139117","new_version":"10.26.0.140279","update_type":"minor","path":null,"pr_created_at":"2026-05-21T21:09:38.000Z","version_change":"10.25.0.139117 → 10.26.0.140279","issue":{"uuid":"4497930608","node_id":"PR_kwDOHNT51s7eG28P","number":388,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.25.0.139117 to 10.26.0.140279","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-21T21:09:38.000Z","updated_at":"2026-05-21T21:13:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.25.0.139117","new_version":"10.26.0.140279","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.25.0.139117 to 10.26.0.140279.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.26.0.140279\n\n# Release notes - .NET Analyzers - 10.26\n\n### Feature\n[NET-3694](https://sonarsource.atlassian.net/browse/NET-3694) Update RSPEC before 10.26 release\n\n### False Positive\n[NET-2346](https://sonarsource.atlassian.net/browse/NET-2346) Fix S1854 FP: Variable used after another assignment in finally\n[NET-2347](https://sonarsource.atlassian.net/browse/NET-2347) Fix S1168 FP: Do not report on value types\n[NET-3698](https://sonarsource.atlassian.net/browse/NET-3698) Fix S1210 FP: file-scoped types should be exempt \n\n### False Negative\n[NET-1265](https://sonarsource.atlassian.net/browse/NET-1265) Fix S2930 FN: raise issues on non-disposed RegistryKeys\n[NET-2685](https://sonarsource.atlassian.net/browse/NET-2685) Fix S3604 FN: Field Keyword, Partial Constructors, NullConditional Assignment\n[NET-2812](https://sonarsource.atlassian.net/browse/NET-2812) Fix S4275 FN: Field Keyword\n[NET-2999](https://sonarsource.atlassian.net/browse/NET-2999) Fix S6672 FN: Mismatch in primary constructor is not recognized\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits/10.26.0.140279).\n\u003c/details\u003e\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mateuszlor/TaxAssistant/pull/388","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mateuszlor%2FTaxAssistant/issues/388","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/388/packages"}},{"old_version":"10.18.0.131500","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-05-13T08:56:15.000Z","version_change":"10.18.0.131500 → 10.25.0.139117","issue":{"uuid":"4436395976","node_id":"PR_kwDOJCpKFc7bCbhP","number":29,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.18.0.131500 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-13T09:02:01.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-13T08:56:15.000Z","updated_at":"2026-05-13T09:02:01.000Z","time_to_close":346,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.18.0.131500","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.18.0.131500 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.18.0.131500\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/LionMarc/smusdi-regex-tools/pull/29","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LionMarc%2Fsmusdi-regex-tools/issues/29","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/29/packages"}},{"old_version":"10.24.0.138807","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-05-04T05:24:51.000Z","version_change":"10.24.0.138807 → 10.25.0.139117","issue":{"uuid":"4374194677","node_id":"PR_kwDOBkRhp87X4oe3","number":346,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T05:24:51.000Z","updated_at":"2026-05-04T05:43:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/GuiStracini.Mandae/pull/346","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FGuiStracini.Mandae/issues/346","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/346/packages"}},{"old_version":"10.24.0.138807","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-05-04T03:23:06.000Z","version_change":"10.24.0.138807 → 10.25.0.139117","issue":{"uuid":"4373824235","node_id":"PR_kwDOIyEMH87X3b2z","number":564,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T03:23:06.000Z","updated_at":"2026-05-04T04:17:27.743Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/Sankhya-SDK-dotnet/pull/564","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FSankhya-SDK-dotnet/issues/564","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/564/packages"}},{"old_version":"10.24.0.138807","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-05-04T01:22:24.000Z","version_change":"10.24.0.138807 → 10.25.0.139117","issue":{"uuid":"4373523619","node_id":"PR_kwDODIYC-87X2gfn","number":619,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages"],"assignees":["guibranco"],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T01:22:24.000Z","updated_at":"2026-05-11T02:22:08.978Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/VTEX-SDK-dotnet/pull/619","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FVTEX-SDK-dotnet/issues/619","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/619/packages"}},{"old_version":"10.24.0.138807","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-05-03T17:22:20.000Z","version_change":"10.24.0.138807 → 10.25.0.139117","issue":{"uuid":"4372465903","node_id":"PR_kwDOEU2Rg87XzWrP","number":200,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-03T17:22:20.000Z","updated_at":"2026-05-03T17:22:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Tsingis/video-converter/pull/200","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tsingis%2Fvideo-converter/issues/200","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/200/packages"}},{"old_version":"10.22.0.136894","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-05-01T05:25:04.000Z","version_change":"10.22.0.136894 → 10.25.0.139117","issue":{"uuid":"4362988324","node_id":"PR_kwDOC0ogC87XWUM7","number":91,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.22.0.136894 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-01T05:25:04.000Z","updated_at":"2026-05-01T05:26:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.22.0.136894","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.22.0.136894 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.22.0.136894\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Nivaes/Iso20022Net/pull/91","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nivaes%2FIso20022Net/issues/91","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/91/packages"}},{"old_version":"10.23.0.137933","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-05-01T02:54:59.000Z","version_change":"10.23.0.137933 → 10.25.0.139117","issue":{"uuid":"4362537323","node_id":"PR_kwDOQ4I8ac7XU389","number":47,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.23.0.137933 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-01T02:54:59.000Z","updated_at":"2026-05-01T02:57:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.23.0.137933","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.23.0.137933 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.23.0.137933\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Bertk/coverlet-examples/pull/47","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bertk%2Fcoverlet-examples/issues/47","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/47/packages"}},{"old_version":"10.23.0.137933","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-04-28T00:14:08.000Z","version_change":"10.23.0.137933 → 10.25.0.139117","issue":{"uuid":"4339643121","node_id":"PR_kwDOHNT51s7WJ3md","number":363,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.23.0.137933 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-28T00:14:08.000Z","updated_at":"2026-04-28T00:17:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.23.0.137933","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.23.0.137933 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mateuszlor/TaxAssistant/pull/363","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mateuszlor%2FTaxAssistant/issues/363","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/363/packages"}},{"old_version":"10.24.0.138807","new_version":"10.25.0.139117","update_type":"minor","path":null,"pr_created_at":"2026-04-27T23:40:51.000Z","version_change":"10.24.0.138807 → 10.25.0.139117","issue":{"uuid":"4339514526","node_id":"PR_kwDOPzto7M7WJdOT","number":20,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.24.0.138807 to 10.25.0.139117","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-27T23:40:51.000Z","updated_at":"2026-04-27T23:41:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.24.0.138807","new_version":"10.25.0.139117","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.24.0.138807 to 10.25.0.139117.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.25\n\n?\n### Feature\n\n* [NET-3613](https://sonarsource.atlassian.net/browse/NET-3613) - Support Cobertura coverage file format\n  * Cobertura report paths can be passed via the `sonar.cs.cobertura.reportsPaths` parameter \n* [NET-3665](https://sonarsource.atlassian.net/browse/NET-3665) - Update RSPEC before 10.25 release\n\n### False Positive\n\n* [NET-3640](https://sonarsource.atlassian.net/browse/NET-3640) - Fix S3400 FP: Don't report function with conditional compilation body\n\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.24.0.138807\u0026new-version=10.25.0.139117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Nexus-Project-app/Api/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nexus-Project-app%2FApi/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"}},{"old_version":"10.8.0.113526","new_version":"10.24.0.138807","update_type":"minor","path":null,"pr_created_at":"2026-04-26T23:23:31.000Z","version_change":"10.8.0.113526 → 10.24.0.138807","issue":{"uuid":"4332265725","node_id":"PR_kwDONQs_787VyIhC","number":13,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-03T23:24:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-26T23:23:31.000Z","updated_at":"2026-05-03T23:24:04.000Z","time_to_close":604831,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.Configuration/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.Configuration/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}},{"old_version":"10.23.0.137933","new_version":"10.24.0.138807","update_type":"minor","path":null,"pr_created_at":"2026-04-26T08:56:08.000Z","version_change":"10.23.0.137933 → 10.24.0.138807","issue":{"uuid":"4330465496","node_id":"PR_kwDOBvZ49c7Vs41t","number":228,"state":"open","title":"nuget: Bump SonarAnalyzer.CSharp from 10.23.0.137933 to 10.24.0.138807","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-26T08:56:08.000Z","updated_at":"2026-04-26T08:56:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"nuget: Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.23.0.137933","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.23.0.137933 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.23.0.137933\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/NAnt2/NAnt2/pull/228","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NAnt2%2FNAnt2/issues/228","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/228/packages"}},{"old_version":"10.8.0.113526","new_version":"10.24.0.138807","update_type":"minor","path":null,"pr_created_at":"2026-04-25T22:23:15.000Z","version_change":"10.8.0.113526 → 10.24.0.138807","issue":{"uuid":"4329387499","node_id":"PR_kwDONTrzG87VpuBA","number":12,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-02T22:23:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-25T22:23:15.000Z","updated_at":"2026-05-02T22:23:21.000Z","time_to_close":604805,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.WcfServer/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.WcfServer/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"10.8.0.113526","new_version":"10.24.0.138807","update_type":"minor","path":null,"pr_created_at":"2026-04-25T02:43:29.000Z","version_change":"10.8.0.113526 → 10.24.0.138807","issue":{"uuid":"4326785858","node_id":"PR_kwDONTsyJM7Vh8m2","number":9,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-02T03:33:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-25T02:43:29.000Z","updated_at":"2026-05-02T03:33:15.000Z","time_to_close":607784,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.WindowAutomation/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.WindowAutomation/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":null,"new_version":null,"update_type":null,"path":null,"pr_created_at":"2026-04-24T18:24:35.000Z","version_change":null,"issue":{"uuid":"4324818055","node_id":"PR_kwDOSLtuKc7Vbdsd","number":6,"state":"open","title":"Bump Meziantou.Analyzer and SonarAnalyzer.CSharp","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-24T18:24:35.000Z","updated_at":"2026-04-24T19:33:59.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"Meziantou.Analyzer","repository_url":"https://github.com/meziantou/Meziantou.Analyzer"},{"name":"SonarAnalyzer.CSharp","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [Meziantou.Analyzer](https://github.com/meziantou/Meziantou.Analyzer) from 2.0.187 to 3.0.52.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [Meziantou.Analyzer's releases](https://github.com/meziantou/Meziantou.Analyzer/releases)._\n\n## 3.0.52\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.52\u003e\n\n## What's Changed\n* Expand documentation for MA0065, MA0066, and MA0069 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1099\n* MA0050: improve Throw* argument validation detection by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1100\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.51...3.0.52\n\n## 3.0.51\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.51\u003e\n\n## What's Changed\n* Extend MA0067 detection for empty Guid patterns by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1098\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.50...3.0.51\n\n## 3.0.50\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.50\u003e\n\n## What's Changed\n* Handle local variable values in MA0173 analyzer by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1097\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.49...3.0.50\n\n## 3.0.49\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.49\u003e\n\n## What's Changed\n* MA0182: treat `is` type checks as internal type usage by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1096\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.48...3.0.49\n\n## 3.0.48\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.48\u003e\n\n## What's Changed\n* Fix MA0004 code fix crash with chained await using by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1094\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.47...3.0.48\n\n## 3.0.47\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.47\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.46...3.0.47\n\n## 3.0.46\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.46\u003e\n\n## What's Changed\n* Add MA0192: Use HasFlag instead of bitwise checks with analyzer and fixer by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1091\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.45...3.0.46\n\n## 3.0.45\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.45\u003e\n\n## What's Changed\n* Fix MA0135/MA0139: Serilog `@` destructuring prefix not stripped consistently for multi-parameter log calls by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1089\n* Enable batch fix (Fix All) for MA0190 UseRegexSourceGenerator by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1090\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.44...3.0.45\n\n## 3.0.44\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.44\u003e\n\n## What's Changed\n* MA0011: suppress diagnostic when all AppendFormat template arguments are culture-insensitive by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1085\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.43...3.0.44\n\n## 3.0.43\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.43\u003e\n\n## What's Changed\n* Fix expression parenthesis in code fixers by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1083\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.42...3.0.43\n\n## 3.0.42\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.42\u003e\n\n## What's Changed\n* Cache IsAwaitable result for the no-SyntaxNode overload by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1082\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.41...3.0.42\n\n## 3.0.41\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.41\u003e\n\n## What's Changed\n* Improve MA0042 async overload matching coverage by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1065\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.40...3.0.41\n\n## 3.0.40\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.40\u003e\n\n## What's Changed\n* Add MA0191: Detect null! and default! usage by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1081\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.39...3.0.40\n\n## 3.0.39\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.39\u003e\n\n## What's Changed\n* Add code fixes for MA0094-MA0097 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1078\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.38...3.0.39\n\n## 3.0.38\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.38\u003e\n\n## What's Changed\n* Fix typos and grammar across all 188 rule documentation files by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1076\n* Add code fixers for MA0118, MA0161, and MA0186 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1079\n* Validate fix conditions in RegisterCodeFixesAsync before registering code fixes by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1077\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.37...3.0.38\n\n## 3.0.37\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.37\u003e\n\n## What's Changed\n* docs: require updating rule docs when rules change by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1075\n* Add code fixers for MA0138/44/46/52/56/57/58/60/69/73 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1074\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.36...3.0.37\n\n## 3.0.36\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.36\u003e\n\n## What's Changed\n* Add missing code fixers for 10 analyzer rules by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1073\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.35...3.0.36\n\n## 3.0.35\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.35\u003e\n\n## What's Changed\n* Add missing code fixers for MA0088-MA0137 by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1072\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.34...3.0.35\n\n## 3.0.34\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.34\u003e\n\n## What's Changed\n* Add code fixer for MA0174 (Record should use explicit 'class' keyword) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1070\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.33...3.0.34\n\n## 3.0.33\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.33\u003e\n\n## What's Changed\n* Add code fixer for MA0173 (Use LazyInitializer.EnsureInitialized) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1071\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.32...3.0.33\n\n## 3.0.32\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.32\u003e\n\n## What's Changed\n* Add code fixer for MA0175 (Remove explicit `class` keyword from record declarations) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1069\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.31...3.0.32\n\n## 3.0.31\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.31\u003e\n\n## What's Changed\n* Add code fixer for MA0137 and MA0138 (async suffix naming) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1068\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.30...3.0.31\n\n## 3.0.30\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.30\u003e\n\n## What's Changed\n* MA0137: Add `exclude_test_methods` configuration option by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1067\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.29...3.0.30\n\n## 3.0.29\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.29\u003e\n\n## What's Changed\n* Skip NuGet publish steps for fork PRs in CI by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1063\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.28...3.0.29\n\n## 3.0.28\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.28\u003e\n\n## What's Changed\n* MA0008: Use proper blittable type check instead of IsReferenceType by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1062\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.27...3.0.28\n\n## 3.0.27\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.27\u003e\n\n## What's Changed\n* MA0190: Suggest converting [GeneratedRegex] partial methods to partial properties (C# 13+) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1060\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.26...3.0.27\n\n## 3.0.26\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.26\u003e\n\n## What's Changed\n* MA0015: Add option to allow member access expressions as parameter references by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1059\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.25...3.0.26\n\n## 3.0.25\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.25\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.24...3.0.25\n\n## 3.0.24\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.24\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.23...3.0.24\n\n## 3.0.23\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.23\u003e\n\n## What's Changed\n* Add MA0189 InlineArray analyzer and code fix by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1056\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.22...3.0.23\n\n## 3.0.22\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.22\u003e\n\n## What's Changed\n* Add MA0188: Use System.TimeProvider instead of a custom time abstraction by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1055\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.21...3.0.22\n\n## 3.0.21\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.21\u003e\n\n## What's Changed\n* Add `roslyn5.0` packing by @​viceroypenguin in https://github.com/meziantou/Meziantou.Analyzer/pull/1054\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.20...3.0.21\n\n## 3.0.20\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.20\u003e\n\n## What's Changed\n* Fix MA0068 false positive for C# 14 extension block parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1053\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.19...3.0.20\n\n## 3.0.19\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.19\u003e\n\n## What's Changed\n* MA0074: Fix StringComparison argument inserted at wrong position when trailing parameters exist by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1050\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.18...3.0.19\n\n## 3.0.18\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.18\u003e\n\n## What's Changed\n* MA0187: Migrate Blazor [Inject] property injection to constructor injection by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1048\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.17...3.0.18\n\n## 3.0.17\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.17\u003e\n\n## What's Changed\n* Refactor argument checks to use ArgumentKind.DefaultValue by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1045\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.16...3.0.17\n\n## 3.0.16\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.16\u003e\n\n## What's Changed\n* Fix MA0183 false positive when formatting argument is wrapped in parentheses by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1044\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.15...3.0.16\n\n## 3.0.15\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.15\u003e\n\n## What's Changed\n* MA0183: Extend detection to Console.Write, Console.WriteLine, and StringBuilder.AppendFormat by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1042\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.14...3.0.15\n\n## 3.0.14\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.14\u003e\n\n## What's Changed\n* docs(MA0028): Remove incorrect AppendFormat optimization example by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1039\n* docs: Document MA0158 as similar to IDE0330 by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1040\n* MA0028: Detect StringBuilder.AppendFormat with no-placeholder format strings by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1041\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.13...3.0.14\n\n## 3.0.13\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.13\u003e\n\n## What's Changed\n* Fix incorrect CA1065 → MA0072 equivalence mapping by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1028\n* Fix IDE0330 comparison incorrectly referencing MA0153 instead of MA0158 by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1036\n* docs(MA0042): Document false positive when calling sync method from its own async counterpart by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1038\n* Fix MA0158 not reported when lock field is initialized in constructor by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1037\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.12...3.0.13\n\n## 3.0.12\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.12\u003e\n\n## What's Changed\n* MA0056: Reclassify as \"similar to\" CA2214 and document differences by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1024\n* Fix MA0027 not firing for derived exception types by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1026\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.11...3.0.12\n\n## 3.0.11\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.11\u003e\n\n## What's Changed\n* Reduce test fakiness with source generators by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1022\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.10...3.0.11\n\n## 3.0.10\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.10\u003e\n\n## What's Changed\n* Add test for implicit params array in AppendLine with AppendFormat by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/1021\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.9...3.0.10\n\n## 3.0.9\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.9\u003e\n\n## What's Changed\n* MA0029: Suppress all Where().X() diagnostics on IQueryable by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1017\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.8...3.0.9\n\n## 3.0.8\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.8\u003e\n\n## What's Changed\n* Remove exception handling from WithSourceGeneratorsFromNuGet and document Roslyn version testing by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1015\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.7...3.0.8\n\n## 3.0.7\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.7\u003e\n\n## What's Changed\n* Fix MA0110 to handle property initializers by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1014\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.6...3.0.7\n\n## 3.0.6\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.6\u003e\n\n## What's Changed\n* MA0110: Suggest partial property before partial method by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1013\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.5...3.0.6\n\n## 3.0.5\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.5\u003e\n\n## What's Changed\n* MA0110: Support top-level statements by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1012\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.4...3.0.5\n\n## 3.0.4\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.4\u003e\n\n## What's Changed\n* MA0110: Remove field/variable when generating partial property code fix by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1011\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.3...3.0.4\n\n## 3.0.3\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.3\u003e\n\n## What's Changed\n* MA0110: Derive generated regex names from field/variable context by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1010\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.2...3.0.3\n\n## 3.0.2\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.2\u003e\n\n## What's Changed\n* Add partial property support for MA0110 Regex Source Generator by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1009\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/3.0.1...3.0.2\n\n## 3.0.1\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/3.0.1\u003e\n\n## What's Changed\n* Remove Roslyn 3.x support by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1007\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.302...3.0.1\n\n## 2.0.302\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.302\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.301...2.0.302\n\n## 2.0.301\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.301\u003e\n\n## What's Changed\n* Fix typo in message format for diagnostic rule by @​viceroypenguin in https://github.com/meziantou/Meziantou.Analyzer/pull/1005\n\n## New Contributors\n* @​viceroypenguin made their first contribution in https://github.com/meziantou/Meziantou.Analyzer/pull/1005\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.300...2.0.301\n\n## 2.0.300\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.300\u003e\n\n## What's Changed\n* Add configuration option to allow OfT suffix for generic types with any arity by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1004\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.299...2.0.300\n\n## 2.0.299\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.299\u003e\n\n## What's Changed\n* Fix MA0184 false positive on empty interpolated strings with custom handlers by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/1001\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.298...2.0.299\n\n## 2.0.298\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.298\u003e\n\n## What's Changed\n* Add MA0186: Report missing nullable attributes on Equals and TryGetValue parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/998\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.297...2.0.298\n\n## 2.0.297\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.297\u003e\n\n## What's Changed\n* MA0007: Support multiline pattern-matching expressions by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/997\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.296...2.0.297\n\n## 2.0.296\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.296\u003e\n\n## What's Changed\n* Fix MA0185 false-positive for nullable value types by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/995\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.295...2.0.296\n\n## 2.0.295\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.295\u003e\n\n## What's Changed\n* Update default TargetFramework and adjust test setups by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/993\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.294...2.0.295\n\n## 2.0.294\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.294\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.293...2.0.294\n\n## 2.0.293\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.293\u003e\n\n## What's Changed\n* Fix MA0183 false-positive with params array arguments in string.Format by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/991\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.292...2.0.293\n\n## 2.0.292\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.292\u003e\n\n## What's Changed\n* Enable MA0184 by default with silent severity by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/988\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.291...2.0.292\n\n## 2.0.291\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.291\u003e\n\n## What's Changed\n* MA0185: Add tests and docs for literal-only interpolated strings by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/987\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.290...2.0.291\n\n## 2.0.290\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.290\u003e\n\n## What's Changed\n* Add MA0185: Simplify string.Create with culture-invariant parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/986\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.289...2.0.290\n\n## 2.0.289\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.289\u003e\n\n## What's Changed\n* Add MA0184: Report interpolated strings without parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/984\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.288...2.0.289\n\n## 2.0.288\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.288\u003e\n\n## What's Changed\n* Disable MA0042 async overload suggestions for TemporaryDirectory in test projects by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/980\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.287...2.0.288\n\n## 2.0.287\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.287\u003e\n\n## What's Changed\n* Add MA0183: Detect string.Format without placeholders or formatting arguments by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/979\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.286...2.0.287\n\n## 2.0.286\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.286\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.285...2.0.286\n\n## 2.0.285\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.285\u003e\n\n## What's Changed\n* Add collection expression test for MA0182 by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/977\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.284...2.0.285\n\n## 2.0.284\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.284\u003e\n\n## What's Changed\n* Add code fixers for MA0182 (Avoid unused internal types) by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/976\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.283...2.0.284\n\n## 2.0.283\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.283\u003e\n\n## What's Changed\n* Exempt ExecutionContext.SuppressFlow() from MA0100 diagnostic by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/974\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.282...2.0.283\n\n## 2.0.282\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.282\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.281...2.0.282\n\n## 2.0.281\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.281\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.280...2.0.281\n\n## 2.0.280\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.280\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.279...2.0.280\n\n## 2.0.279\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.279\u003e\n\n## What's Changed\n* MA0182 handles entrypoint class and extensions (C# 14) by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/972\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.278...2.0.279\n\n## 2.0.278\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.278\u003e\n\n## What's Changed\n* Fix MA0182 false positive for delegates used in new expressions by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/969\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.277...2.0.278\n\n## 2.0.277\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.277\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.276...2.0.277\n\n## 2.0.276\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.276\u003e\n\n## What's Changed\n* Fix MA0182 false positive on types with DynamicallyAccessedMembers attribute by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/963\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.275...2.0.276\n\n## 2.0.275\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.275\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.274...2.0.275\n\n## 2.0.274\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.274\u003e\n\n## What's Changed\n* Fix MA0182 to handle COM interop types with CoClass attribute by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/959\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.273...2.0.274\n\n## 2.0.273\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.273\u003e\n\n## What's Changed\n* Fix MA0182 false positive for pointer type parameters by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/961\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.272...2.0.273\n\n## 2.0.272\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.272\u003e\n\n## What's Changed\n* Extend MA0182 to all types by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/957\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.271...2.0.272\n\n## 2.0.271\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.271\u003e\n\n## What's Changed\n* Add MA0182: Detect unused internal classes with correct handling of generic type arguments and typeof references by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/956\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.270...2.0.271\n\n## 2.0.270\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.270\u003e\n\n## What's Changed\n* Apply repository configuration by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/954\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.269...2.0.270\n\n## 2.0.269\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.269\u003e\n\n## What's Changed\n* Apply repository configuration by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/953\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.268...2.0.269\n\n## 2.0.268\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.268\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.267...2.0.268\n\n## 2.0.267\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.267\u003e\n\n## What's Changed\n* Add MA0181 - Report use of explicit casts by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/952\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.266...2.0.267\n\n## 2.0.266\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.266\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.265...2.0.266\n\n## 2.0.265\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.265\u003e\n\n## What's Changed\n* Add refactoring: convert interpolated string to Format call by @​meziantou in https://github.com/meziantou/Meziantou.Analyzer/pull/948\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.264...2.0.265\n\n## 2.0.264\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.264\u003e\n\n## What's Changed\n* Lower global_level from -1 to -100 in editorconfig files by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/944\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.263...2.0.264\n\n## 2.0.263\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.263\u003e\n\n## What's Changed\n* Add MA0180: Detect ILogger\u003cT\u003e type parameter mismatch with containing class by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/941\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.262...2.0.263\n\n## 2.0.262\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.262\u003e\n\n## What's Changed\n* Make DocumentationGenerator ignore trailing whitespace differences by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/942\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.261...2.0.262\n\n## 2.0.261\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.261\u003e\n\n## What's Changed\n* Add MA0179: Detect inefficient attribute existence checks by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/939\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.260...2.0.261\n\n## 2.0.260\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.260\u003e\n\n## What's Changed\n* Add concurrency control to serialize CI runs on main branch by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/938\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.259...2.0.260\n\n## 2.0.259\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.259\u003e\n\n## What's Changed\n* Add opt-in configuration for MA0153 to detect logging of types containing DataClassification members by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/936\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.258...2.0.259\n\n## 2.0.258\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.258\u003e\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.257...2.0.258\n\n## 2.0.257\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.257\u003e\n\n## What's Changed\n* Fix MA0042 to not flag SemaphoreSlim.Wait(0) as blocking by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/934\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.256...2.0.257\n\n## 2.0.256\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.256\u003e\n\n## What's Changed\n* Clarify MA0093 only applies to event invocations, not regular method calls by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/933\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.255...2.0.256\n\n## 2.0.255\n\nNuGet package: \u003chttps://www.nuget.org/packages/Meziantou.Analyzer/2.0.255\u003e\n\n## What's Changed\n* Use GlobalAnalyzerConfigFiles with global_level=-1 for analyzer configuration by @​Copilot in https://github.com/meziantou/Meziantou.Analyzer/pull/932\n\n\n**Full Changelog**: https://github.com/meziantou/Meziantou.Analyzer/compare/2.0.254...2.0.255\n\nCommits viewable in [compare view](https://github.com/meziantou/Meziantou.Analyzer/commits/3.0.52).\n\u003c/details\u003e\n\nUpdated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.4.0.108396 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\n## 10.8\n\nA small release with a few improvements for S1172, S2222 and S4158:\n\n### False Positive\n\n* [NET-1210](https://sonarsource.atlassian.net/browse/NET-1210) - Fix S4158 FP: collection filled by another function\n* [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter is used in local function  in a null-conditional or null-coalescing statement\n### False Negative\n\n* [NET-427](https://sonarsource.atlassian.net/browse/NET-427) - Fix S2222 FN: Support locking via Lock object primitives\n* [NET-1228](https://sonarsource.atlassian.net/browse/NET-1228) - Fix S4158 FN: Support LinkedList\n\n\n\n\n## 10.7\n\n\n### Improvement\n\n* [NET-1116](https://sonarsource.atlassian.net/browse/NET-1116) - Deprecate S1227: break statements should not be used except for switch cases\n* [NET-1045](https://sonarsource.atlassian.net/browse/NET-1045) - Remove unused AnalyzerId and RuleNamespace server properties\n\n### Bug\n\n* [NET-1047](https://sonarsource.atlassian.net/browse/NET-1047) - Fix install scripts for NuGet packages\n\n\n\n## 10.6\n\n### Improvement\n\n* [NET-735](https://sonarsource.atlassian.net/browse/NET-735) - Remove RoslynProfileExporter\n* [NET-1031](https://sonarsource.atlassian.net/browse/NET-1031) - Remove deprecated SonarLintProfileExporter\n* [NET-1038](https://sonarsource.atlassian.net/browse/NET-1038) - Add symbolic-execution tag to our rules\n* [NET-988](https://sonarsource.atlassian.net/browse/NET-988) - Remove S1197 from SonarWay for VB.NET\n* [NET-989](https://sonarsource.atlassian.net/browse/NET-989) - S3444: Add secondary location message\n* [NET-982](https://sonarsource.atlassian.net/browse/NET-982) - S4144: Add secondary location message\n* [NET-979](https://sonarsource.atlassian.net/browse/NET-979) - S4663: Add secondary location message \n* [NET-978](https://sonarsource.atlassian.net/browse/NET-978) - S1168: Add secondary location message\n* [NET-977](https://sonarsource.atlassian.net/browse/NET-977) - S4047: Add secondary location message\n* [NET-976](https://sonarsource.atlassian.net/browse/NET-976) - S4457: Add secondary location message\n* [NET-975](https://sonarsource.atlassian.net/browse/NET-975) - S1066: Add secondary location message\n* [NET-974](https://sonarsource.atlassian.net/browse/NET-974) - S4070: Add secondary location message\n* [NET-973](https://sonarsource.atlassian.net/browse/NET-973) - S1110: Add secondary location message\n* [NET-971](https://sonarsource.atlassian.net/browse/NET-971) - S2612: Add secondary location message\n* [NET-970](https://sonarsource.atlassian.net/browse/NET-970) - S6667: Add secondary location message\n* [NET-969](https://sonarsource.atlassian.net/browse/NET-969) - S6931: Add secondary location message\n* [NET-968](https://sonarsource.atlassian.net/browse/NET-968) - S6934: Add secondary location message\n* [NET-967](https://sonarsource.atlassian.net/browse/NET-967) - S5034: Add secondary location message\n* [NET-966](https://sonarsource.atlassian.net/browse/NET-966) - S6607: Add secondary location message\n* [NET-965](https://sonarsource.atlassian.net/browse/NET-965) - S4143: Add secondary location message\n* [NET-961](https://sonarsource.atlassian.net/browse/NET-961) - S6664: Add secondary location message\n* [NET-960](https://sonarsource.atlassian.net/browse/NET-960) - S6677: Add secondary location message\n* [NET-956](https://sonarsource.atlassian.net/browse/NET-956) - S6673: Add secondary location message\n\n\n## 10.5\n\n### Improvement\n\n* [NET-957](https://sonarsource.atlassian.net/browse/NET-957) - S5693: Add secondary location message\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e","html_url":"https://github.com/mghabin/entra-auth-patterns-dotnet/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mghabin%2Fentra-auth-patterns-dotnet/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"10.8.0.113526","new_version":"10.24.0.138807","update_type":"minor","path":null,"pr_created_at":"2026-04-22T02:24:41.000Z","version_change":"10.8.0.113526 → 10.24.0.138807","issue":{"uuid":"4306362253","node_id":"PR_kwDONR7yRc7UfK5L","number":15,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.24.0.138807","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-29T02:24:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-22T02:24:41.000Z","updated_at":"2026-04-29T02:24:58.000Z","time_to_close":604815,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.24.0.138807","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.24.0.138807.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.24\n\n  This release brings a batch of false negative fixes and analyzer crash fixes.\n\n  **Bug Fixes**\n  - [NET-3596](https://sonarsource.atlassian.net/browse/NET-3596) - Fix S1144 AD0001: Index out of range exception with type named Nullable\n  - [NET-3522](https://sonarsource.atlassian.net/browse/NET-3522) - Fix S1215 AD0001: ArgumentOutOfRangeException\n  - [NET-3521](https://sonarsource.atlassian.net/browse/NET-3521) - Fix S2053 AD0001: NRE\n  - [NET-3520](https://sonarsource.atlassian.net/browse/NET-3520) - Fix S3267 AD0001: NRE\n\n  **False Positives**\n  - [NET-2276](https://sonarsource.atlassian.net/browse/NET-2276) - Fix S1192 FP: EF migration classes\n\n  **False Negatives**\n  - [NET-3569](https://sonarsource.atlassian.net/browse/NET-3569) - Fix T0008 and T0009 FN: Support extension blocks\n  - [NET-2875](https://sonarsource.atlassian.net/browse/NET-2875) - Fix S2092 FN: Null Conditional Assignment\n  - [NET-2857](https://sonarsource.atlassian.net/browse/NET-2857) - Fix S3330 FN: Null Conditional Assignment\n  - [NET-2719](https://sonarsource.atlassian.net/browse/NET-2719) - Fix S4136 FN: Extension methods\n  - [NET-2688](https://sonarsource.atlassian.net/browse/NET-2688) - Fix S4433 FN: Null-conditional assignment in tracker\n  - [NET-2675](https://sonarsource.atlassian.net/browse/NET-2675) - Fix S6418 FN: Field keyword\n  - [NET-2667](https://sonarsource.atlassian.net/browse/NET-2667) - Fix S2934 FN: Null-conditional assignment and field keyword\n  - [NET-2658](https://sonarsource.atlassian.net/browse/NET-2658) - Fix S127 FN: BitShiftCompound\n\n\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.24.0.138807)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.ApkImageView/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.ApkImageView/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"10.8.0.113526","new_version":"10.23.0.137933","update_type":"minor","path":null,"pr_created_at":"2026-04-15T02:24:57.000Z","version_change":"10.8.0.113526 → 10.23.0.137933","issue":{"uuid":"4265853568","node_id":"PR_kwDONR7yRc7Sfrnl","number":14,"state":"closed","title":"Bump SonarAnalyzer.CSharp from 10.8.0.113526 to 10.23.0.137933","user":"dependabot[bot]","labels":["dependencies",".NET"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-22T02:24:43.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-15T02:24:57.000Z","updated_at":"2026-04-22T02:24:44.000Z","time_to_close":604786,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.8.0.113526","new_version":"10.23.0.137933","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.8.0.113526 to 10.23.0.137933.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\n## 10.22\n\nHello everyone,\nThis release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.\n\n### New rules\n\n* [NET-3361](https://sonarsource.atlassian.net/browse/NET-3361) - New rule S8381: \"scoped\" should be escaped when used as a type name in lambda parameters\n* [NET-3359](https://sonarsource.atlassian.net/browse/NET-3359) - New rule S8368: \"extension\" identifiers should be escaped to avoid contextual keyword conflicts\n* [NET-3347](https://sonarsource.atlassian.net/browse/NET-3347) - New rule S8380: Return types named \"partial\" should be escaped with \"@\"\n* [NET-3345](https://sonarsource.atlassian.net/browse/NET-3345) - New rule S8367: Identifiers should not conflict with the \"field\" keyword in C# 14?\n\n### False Positive\n\n* [NET-3443](https://sonarsource.atlassian.net/browse/NET-3443) - Fix S1940 FP: for floating point numbers that can be NaN \"!(a \u003c= b)\" is not the same as \"a \u003e b\"\n* [NET-3001](https://sonarsource.atlassian.net/browse/NET-3001) - Fix S3063 FP: Concatenation with identifier\n* [NET-1569](https://sonarsource.atlassian.net/browse/NET-1569) - Fix S5944 FP: AddressOf(MethodName) in Return statement\n* [NET-3445](https://sonarsource.atlassian.net/browse/NET-3445) - Fix T0029 FP: Inside target-typed new\n* [NET-2817](https://sonarsource.atlassian.net/browse/NET-2817) - Fix T0029 FP: Ident for collection expression members\n* [NET-2024](https://sonarsource.atlassian.net/browse/NET-2024) - Fix T0029 FP: Inside array initializer\n* [NET-3341](https://sonarsource.atlassian.net/browse/NET-3341) - Fix T0029 FP: After member access\n* [NET-3462](https://sonarsource.atlassian.net/browse/NET-3462) - Fix T0042 FP: Inside constructors and collection initializers\n* [NET-3426](https://sonarsource.atlassian.net/browse/NET-3426) - Fix T0042: Raw string in collection initializer\n* [NET-2888](https://sonarsource.atlassian.net/browse/NET-2888) - Fix T0042 FP: Returned from method\n* [NET-2874](https://sonarsource.atlassian.net/browse/NET-2874) - Fix T0042 FP: Raw string in ternary\n\n### Bugs\n\n* [NET-3386](https://sonarsource.atlassian.net/browse/NET-3386) - Fix S4583 AD0001: BeginInvoke callback declared in separate file\n\n### Other\n\n* [NET-3385](https://sonarsource.atlassian.net/browse/NET-3385) - S2612: Rule type changed from Security Hotspot to Vulnerability\n\n\n## 10.21\n\n### Bug\n\n* [NET-3376](https://sonarsource.atlassian.net/browse/NET-3376) - Fix S6930 AD0001: Issue on template / code files for blazor\n* [NET-3367](https://sonarsource.atlassian.net/browse/NET-3367) - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree\n\n### Feature\n\n* [NET-3260](https://sonarsource.atlassian.net/browse/NET-3260) - Fix broken links in S6960 RSPEC\n\n### False Positive\n\n* [NET-2886](https://sonarsource.atlassian.net/browse/NET-2886) - Fix T0015 FP: In constructor\n* [NET-1678](https://sonarsource.atlassian.net/browse/NET-1678) - Fix S4275 FP: with property overload\n\n\n\n\n## 10.20\n\nThis release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.\n\n### Changes\n\n* [NET-3227](https://sonarsource.atlassian.net/browse/NET-3227) - Remove S3256 from \"Sonar Way\" quality profile\n* [NET-3208](https://sonarsource.atlassian.net/browse/NET-3208) - S6418: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3207](https://sonarsource.atlassian.net/browse/NET-3207) - S2068: Rule type changed from Security Hotspot to Vulnerability\n* [NET-3206](https://sonarsource.atlassian.net/browse/NET-3206) - Remove links to rules.sonarsource.com\n\n### False Positive\n\n* [NET-3215](https://sonarsource.atlassian.net/browse/NET-3215) - Fix FP on S127: Should only raise on stop condition variables\n* [NET-3212](https://sonarsource.atlassian.net/browse/NET-3212) - Fix FP on S3254: Don't raise if the parameter isn't last\n* [NET-3053](https://sonarsource.atlassian.net/browse/NET-3053) - Fix FP on S1210: Implementing comparable operators for private types\n* [NET-2984](https://sonarsource.atlassian.net/browse/NET-2984) - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution\n* [NET-2976](https://sonarsource.atlassian.net/browse/NET-2976) - Fix FP on S1854: Default value initializations flagged despite exemptions\n* [NET-2966](https://sonarsource.atlassian.net/browse/NET-2966) - Fix FP on S1144: Constructors in MEF-exported types\n* [NET-2956](https://sonarsource.atlassian.net/browse/NET-2956) - Fix FP on S1116: Empty loop body with side effects in condition\n\n### False Negative\n\n* [NET-1261](https://sonarsource.atlassian.net/browse/NET-1261) - Fix FN on S2365: Rule should report on new collection\n* [NET-1259](https://sonarsource.atlassian.net/browse/NET-1259) - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected \n\n### Rule specification\n\n* [NET-3246](https://sonarsource.atlassian.net/browse/NET-3246) - Modify Rule S127: Update Description\n* [NET-3218](https://sonarsource.atlassian.net/browse/NET-3218) - Modify Rule S3265: Add exception for MethodImplAttributes\n* [NET-3086](https://sonarsource.atlassian.net/browse/NET-3086) - Modify Rule S1116: Add loop exception\n\n### Maintenance\n\n* [NET-3047](https://sonarsource.atlassian.net/browse/NET-3047) - Update RSPEC before 10.20 release\n\n\n\n## 10.19\n\n\n### Documentation\n\n* [NET-3012](https://sonarsource.atlassian.net/browse/NET-3012) - Modify Rule S3903: Update description for C#​10\n\n### False Positive\n\n* [NET-3004](https://sonarsource.atlassian.net/browse/NET-3004) - Fix S2696 FP: New extension method format triggers FP when accessing static fields\n\n### False Negative\n\n* [NET-3011](https://sonarsource.atlassian.net/browse/NET-3011) - Fix S4790 FN: Support Using statement\n\n### Task\n\n* [NET-2948](https://sonarsource.atlassian.net/browse/NET-2948) - Update RSPEC before 10.19 release\n\n### Bug\n\n* [NET-1866](https://sonarsource.atlassian.net/browse/NET-1866) - Support future VS versions in NuGet package\n\n\n## 10.18\n\nThis releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.\n### Improvement\n\n* [NET-2921](https://sonarsource.atlassian.net/browse/NET-2921) - Fix passthrough calculation in ModelBuilder\n* [NET-2903](https://sonarsource.atlassian.net/browse/NET-2903) - Remove manual extension methods\n* [NET-2895](https://sonarsource.atlassian.net/browse/NET-2895) - Cleanup handling of ParameterList of primary constructors\n\n### Task\n\n* [NET-2917](https://sonarsource.atlassian.net/browse/NET-2917) - Update RSPEC before 10.18 release\n\n### False Positive\n\n* [NET-2898](https://sonarsource.atlassian.net/browse/NET-2898) - Fix S2583/S2589 FP: Extension Members\n* [NET-2877](https://sonarsource.atlassian.net/browse/NET-2877) - Fix S2225 FP: Extension member\n* [NET-2832](https://sonarsource.atlassian.net/browse/NET-2832) - Fix S3063 FP: NullConditionalOperator\n* [NET-2825](https://sonarsource.atlassian.net/browse/NET-2825) - Fix S1144 FP: Partial events\n* [NET-2821](https://sonarsource.atlassian.net/browse/NET-2821) - Fix S3264 FP: Partial events\n* [NET-2805](https://sonarsource.atlassian.net/browse/NET-2805) - Fix S1144 FP: S1144 Is confused by Debugger Display attribute\n* [NET-2748](https://sonarsource.atlassian.net/browse/NET-2748) - Fix S3459 FP: NullConditional Assignment\n* [NET-2716](https://sonarsource.atlassian.net/browse/NET-2716) - Fix S2325 FP: Field Keyword\n* [NET-2712](https://sonarsource.atlassian.net/browse/NET-2712) - Fix S2953 FP: Extension block member\n* [NET-2707](https://sonarsource.atlassian.net/browse/NET-2707) - Fix S3877 FP: Equals method without IEquatable\n* [NET-2684](https://sonarsource.atlassian.net/browse/NET-2684) - Fix S7039 FP/FN: Null-conditional assignment\n* [NET-2672](https://sonarsource.atlassian.net/browse/NET-2672) - Fix S3928 FP: Extension block\n* [NET-2671](https://sonarsource.atlassian.net/browse/NET-2671) - Fix S2970 FP: Null Conditional Assignment\n* [NET-2668](https://sonarsource.atlassian.net/browse/NET-2668) - Fix S3398 FP: On private methods in C#​14 extensions classes\n* [NET-2644](https://sonarsource.atlassian.net/browse/NET-2644) - Fix S1144 FP: Always raises on private methods in extension block\n* [NET-2621](https://sonarsource.atlassian.net/browse/NET-2621) - Fix S2325 FP: Incorrectly reports on C# 14 extensions \n* [NET-2620](https://sonarsource.atlassian.net/browse/NET-2620) - Fix S4545 FP: Extension Methods\n* [NET-2391](https://sonarsource.atlassian.net/browse/NET-2391) - Fix S1121 FP: Extract (null-forgiving) assignment from expression\n* [NET-1914](https://sonarsource.atlassian.net/browse/NET-1914) - Fix S3264 FP: when using +=\n\n### False Negative\n\n* [NET-2813](https://sonarsource.atlassian.net/browse/NET-2813) - Fix S2292 FN: FieldKeyword\n* [NET-2681](https://sonarsource.atlassian.net/browse/NET-2681) - Fix S2692 FN: Support Spans\n\n\n\n## 10.17\n\n\n### False Negative\n\n* [NET-2840](https://sonarsource.atlassian.net/browse/NET-2840) - Improve S2077: Support more methods\n\n### Task\n\n* [NET-2839](https://sonarsource.atlassian.net/browse/NET-2839) - Update RSPEC before 10.17 release\n\n### New Feature\n\n* [NET-2820](https://sonarsource.atlassian.net/browse/NET-2820) - ShimLayer: Implement Factory\n* [NET-2789](https://sonarsource.atlassian.net/browse/NET-2789) - ShimLayer Generator: Enums\n* [NET-2728](https://sonarsource.atlassian.net/browse/NET-2728) - ShimLayer Generator: SyntaxNodes\n\n### Bug\n\n* [NET-2816](https://sonarsource.atlassian.net/browse/NET-2816) - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7\n\n### Improvement\n\n* [NET-2722](https://sonarsource.atlassian.net/browse/NET-2722) - Activate new ShimLayer\n* [NET-2721](https://sonarsource.atlassian.net/browse/NET-2721) - Create diff for ShimLayer\n* [NET-2720](https://sonarsource.atlassian.net/browse/NET-2720) - Create ShimLayer projects\n\n\n\n## 10.16.2\n\nRotations of binary signing keys\n\n\n## 10.16.1\n\nRotations of binary signing keys\n\n\n## 10.16\n\n### False Positive\n\n* [NET-1729](https://sonarsource.atlassian.net/browse/NET-1729) - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible\n\n### False Negative\n\n* [NET-399](https://sonarsource.atlassian.net/browse/NET-399) - Fix S4790 FN: Support CryptographicOperations data methods\n\n### Bug\n* [NET-2686](https://sonarsource.atlassian.net/browse/NET-2686) - Fix S3604 AD0001: NRE with partial constructor\n\n## 10.15\n\n### False Positive\n\n* [NET-2198](https://sonarsource.atlassian.net/browse/NET-2198) - Fix S1905 FP: Cast of default! expression is required\n* [NET-2197](https://sonarsource.atlassian.net/browse/NET-2197) - Fix S1905 FP: stackalloc and Span\u003cT\u003e conversions\n* [NET-1641](https://sonarsource.atlassian.net/browse/NET-1641) - Fix S1905 FP: casting `IEnumerable\u003cstring?\u003e` to `IEnumerable\u003cstring\u003e`\n* [NET-2157](https://sonarsource.atlassian.net/browse/NET-2157) - Fix S2589 FP: Don't raise an issue after a delegate is invoked\n* [NET-2073](https://sonarsource.atlassian.net/browse/NET-2073) - Fix S2699 FP: Add support for FsCheck property tests\n* [NET-1537](https://sonarsource.atlassian.net/browse/NET-1537) - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute\n\n### Improvement\n\n* [NET-2112](https://sonarsource.atlassian.net/browse/NET-2112) - Consider ExplodedNodes relevant if a successor would be relevant\n* [NET-2183](https://sonarsource.atlassian.net/browse/NET-2183) - SE: Set constraint on operation when learning from IsPattern\n\n### False Negative\n\n* [NET-429](https://sonarsource.atlassian.net/browse/NET-429) - Fix S4275 FN: Support partial properties\n\n### Task\n\n* [NET-2208](https://sonarsource.atlassian.net/browse/NET-2208) - Update RSpec before release\n\n## 10.14\n\nHey everyone,\n\nThis release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.\n\n\n### Improvement\n\n* [NET-2196](https://sonarsource.atlassian.net/browse/NET-2196) - Fix path algorithm for execution flows to mitigate performance regression\n* [NET-2177](https://sonarsource.atlassian.net/browse/NET-2177) - Improve how the Symbolic Execution engine handles exception paths\n* [NET-2135](https://sonarsource.atlassian.net/browse/NET-2135) - Support xUnit V3\n* [NET-2163](https://sonarsource.atlassian.net/browse/NET-2163) - Provide Interface for other plugins to add rules to VB.NET SonarWay profile\n\n### False Negative\n\n* [NET-235](https://sonarsource.atlassian.net/browse/NET-235) - Fix S2053: Adjust required salt length to be 32 bytes\n\n### Task\n\n* [NET-2170](https://sonarsource.atlassian.net/browse/NET-2170) - Update RSPEC before 10.14 release\n\n## 10.13\n\nHello everyone, \n\nIn this release, we've focused on:\n- False positive fixes\n- Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.\n\n\n\n### False Positives\n\n* [NET-2099](https://sonarsource.atlassian.net/browse/NET-2099) - Fix S3885 FP: Do not raise in ResolutionEventHandler\n* [NET-2023](https://sonarsource.atlassian.net/browse/NET-2023) - Fix S3257 FP: Array with target-typed new\n* [NET-1646](https://sonarsource.atlassian.net/browse/NET-1646) - Fix S3267 FP: Loops should be simplified with LINQ expressions\n* [NET-1588](https://sonarsource.atlassian.net/browse/NET-1588) - Fix S1066 FP: Combination of `dynamic` and `out` should not raise\n* [NET-882](https://sonarsource.atlassian.net/browse/NET-882) - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation\n\n### Improvements\n\n* [NET-2095](https://sonarsource.atlassian.net/browse/NET-2095) - Improve incremental PR analysis path detection\n* SE: S2259 - Improve secondary locations\n\n\n\n## 10.12\n\nThis release brings the VB version of S6418 and a few FP and FN fixes.\n\n### New Rule\n\n* [NET-1379](https://sonarsource.atlassian.net/browse/NET-1379) - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET\n\n### False Positive\n\n* [NET-1526](https://sonarsource.atlassian.net/browse/NET-1526) - Fix S3267 FP: Only raise on IEnumerable\n\n### False Negative\n\n* [NET-1260](https://sonarsource.atlassian.net/browse/NET-1260) - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called \n* [NET-1258](https://sonarsource.atlassian.net/browse/NET-1258) - Fix S6678 FN: Lowercase placeholders in interpolated string\n* [NET-1255](https://sonarsource.atlassian.net/browse/NET-1255) - Fix S3267 FN: Logical operators are not supported\n\n### Task\n\n* [NET-2060](https://sonarsource.atlassian.net/browse/NET-2060) - Update RSPEC before 11.12 release\n\n\n## 10.11\n\nHello everyone!\nIn this release we fixed a bunch of false positives and false negatives.\nAdditionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.\n\n\n### False Positive\n\n* [NET-1522](https://sonarsource.atlassian.net/browse/NET-1522) - Fix S2068 FP: Do not raise on `password:secret`\n* [NET-1149](https://sonarsource.atlassian.net/browse/NET-1149) - Fix S3626 FP: Add exception when return statement is preceding local functions\n\n### False Negative\n\n* [NET-1263](https://sonarsource.atlassian.net/browse/NET-1263) - Fix S1871 FN: Nested if .. else if chain\n* [NET-1256](https://sonarsource.atlassian.net/browse/NET-1256) - S2068: Remove word boundary(\\b) from regex\n* [NET-1254](https://sonarsource.atlassian.net/browse/NET-1254) - Fix S3878 FN: When params are passed as array through an attribute\n* [NET-1252](https://sonarsource.atlassian.net/browse/NET-1252) - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration\n* [NET-459](https://sonarsource.atlassian.net/browse/NET-459) - Fix S1168 FN: Add support for partial indexers\n\n\n\n## 10.10.1\n\nBugfix release to fix combability with SonarQube Cloud + a simplification to the `ProfileRegistrar`\n\n### Task\n\n* [NET-1463](https://sonarsource.atlassian.net/browse/NET-1463) - Update RSPEC before 10.10.1 release\n* [NET-1461](https://sonarsource.atlassian.net/browse/NET-1461) - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar\n\n\n\n## 10.10\n\nHey everyone, this release mostly focuses on internal and technical things.\n\n### General\n\n* [NET-1444](https://sonarsource.atlassian.net/browse/NET-1444) - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api\n* [NET-1326](https://sonarsource.atlassian.net/browse/NET-1326) - Update RSPEC before 10.10 release\n\n### Internal Styling Rules\n\n* [NET-1378](https://sonarsource.atlassian.net/browse/NET-1378) - New Rule T0045: Use var\n* [NET-1359](https://sonarsource.atlassian.net/browse/NET-1359) - New Rule T0043: Avoid primary constructors on normal classes and structs\n* [NET-1358](https://sonarsource.atlassian.net/browse/NET-1358) - New Rule T0042: Indent raw string literal +4\n* [NET-1357](https://sonarsource.atlassian.net/browse/NET-1357) - New Rule T0041: Use raw string literals for multiline strings\n* [NET-1356](https://sonarsource.atlassian.net/browse/NET-1356) - New Rule T0040: Use minimum necessary interpolation characters\n* [NET-1355](https://sonarsource.atlassian.net/browse/NET-1355) - New Rule T0039: Protected field should start with lower case letter\n* [NET-1354](https://sonarsource.atlassian.net/browse/NET-1354) - New Rule T0038: Use fields instead of auto-implemented private or protected properties\n* [NET-1347](https://sonarsource.atlassian.net/browse/NET-1347) - New Rule T0000: Don't use Get prefixes\n* [NET-1346](https://sonarsource.atlassian.net/browse/NET-1346) - New Rule T0037: Use .Test suffix namespace\n* [NET-1345](https://sonarsource.atlassian.net/browse/NET-1345) - New rule T0046: Move extension method to dedicated class\n* [NET-1344](https://sonarsource.atlassian.net/browse/NET-1344) - New Rule T0035: Do not use var for this deconstruction\n* [NET-1343](https://sonarsource.atlassian.net/browse/NET-1343) - New Rule T0034: Do not embed var into this condition\n* [NET-1342](https://sonarsource.atlassian.net/browse/NET-1342) - New Rule T0033: Swap the logic to use positive conditions instead\n* [NET-1341](https://sonarsource.atlassian.net/browse/NET-1341) - New Rule T0032: Move the method body to the next line\n* [NET-1339](https://sonarsource.atlassian.net/browse/NET-1339) - New Rule T0030: Move the field initializer on the same line\n* [NET-1338](https://sonarsource.atlassian.net/browse/NET-1338) - New Rule T0029: Indent all arguments +4 further than the invocation line\n* [NET-1337](https://sonarsource.atlassian.net/browse/NET-1337) - New Rule T0028: Move all arguments on the same line, or wrap all of them\n* [NET-1336](https://sonarsource.atlassian.net/browse/NET-1336) - New Rule T0027: Move subsequent expressions on separate lines\n* [NET-1335](https://sonarsource.atlassian.net/browse/NET-1335) - New Rule T0026: Indent member access +4 further than the initial line\n* [NET-1334](https://sonarsource.atlassian.net/browse/NET-1334) - New Rule T0025: Indent ‘?’ and ‘:’ +4 further than the condition line\n* [NET-1333](https://sonarsource.atlassian.net/browse/NET-1333) - New Rule T0024: Place multiline ‘?’ and ‘:’ on separate lines\n* [NET-1332](https://sonarsource.atlassian.net/browse/NET-1332) - New Rule T0022: Indent all parameters with the first one\n* [NET-1331](https://sonarsource.atlassian.net/browse/NET-1331) - New Rule T0021: Use extension methods for Linq\n* [NET-1329](https://sonarsource.atlassian.net/browse/NET-1329) - New Rule T0019: Indent operator correctly\n* [NET-1328](https://sonarsource.atlassian.net/browse/NET-1328) - New Rule T0018: Move the operator to the beginning of the next line\n* [NET-1327](https://sonarsource.atlassian.net/browse/NET-1327) - New Rule T0015: Move local function at the end of the method\n* [NET-1237](https://sonarsource.atlassian.net/browse/NET-1237) - New Rule T0044: Don't add Arrange, Act, and Assert(s) comments\n* [NET-1325](https://sonarsource.atlassian.net/browse/NET-1325) - Improve T0007: Raise on nondeclaring is { } check\n\n\n\n## 10.9\n\nHello everyone! \n\nThis is a mega-hardening release! Enjoy 😄 \n\n### False Positive\n\n* [NET-1309](https://sonarsource.atlassian.net/browse/NET-1309) - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember\n* [NET-1308](https://sonarsource.atlassian.net/browse/NET-1308) - Fix S2583 FP: Add support for AdressOf operator\n* [NET-1302](https://sonarsource.atlassian.net/browse/NET-1302) - Fix S4158 FP: Don't raise on GetEnumerator() calls\n* [NET-1295](https://sonarsource.atlassian.net/browse/NET-1295) - Fix S3236 FP: Exclude Debug.Assert \n* [NET-1290](https://sonarsource.atlassian.net/browse/NET-1290) - Fix S4158 FP: Support RouteValueDictionary in AspNetCore\n* [NET-1289](https://sonarsource.atlassian.net/browse/NET-1289) - Fix S4158 FP: Adding methods with well defined sematics\n* [NET-1288](https://sonarsource.atlassian.net/browse/NET-1288) - Fix S4158 FP: Recognize Add methods with bool return type\n* [NET-1287](https://sonarsource.atlassian.net/browse/NET-1287) - Fix S4158 FP: Don't raise on SetValue\n* [NET-1280](https://sonarsource.atlassian.net/browse/NET-1280) - Fix S2342 FP: Flaky reports\n* [NET-1278](https://sonarsource.atlassian.net/browse/NET-1278) - Fix S3440 FP: Variable assignment and switch expression\n* [NET-1246](https://sonarsource.atlassian.net/browse/NET-1246) - Fix S1481 FP: Don't report on discard like looking variables\n* [NET-1242](https://sonarsource.atlassian.net/browse/NET-1242) - Fix S2583/S4158 FP: Support for collections that are initialized with object\n* [NET-1241](https://sonarsource.atlassian.net/browse/NET-1241) - Fix S2589 FP: Don't track concurrent collections\n* [NET-1230](https://sonarsource.atlassian.net/browse/NET-1230) - Fix S4158 FP: Immutable collections\n* [NET-1223](https://sonarsource.atlassian.net/browse/NET-1223) - Fix S3267 FP: ref struct types cannot leave the stack\n* [NET-1214](https://sonarsource.atlassian.net/browse/NET-1214) - Fix S2259 FP: Foreach loop over empty collection\n* [NET-1212](https://sonarsource.atlassian.net/browse/NET-1212) - Fix S2259 FP: Learn bool from NotNull constraint and Null value\n* [NET-1208](https://sonarsource.atlassian.net/browse/NET-1208) - Fix S2589 FP: Rule ignores case guards\n* [NET-1207](https://sonarsource.atlassian.net/browse/NET-1207) -  Fix S3966 FP: disposing element of indexable after declaration pattern\n* [NET-1203](https://sonarsource.atlassian.net/browse/NET-1203) -  Fix S3966 FP: Enumerating a collection of tuples\n* [NET-1202](https://sonarsource.atlassian.net/browse/NET-1202) - Fix S2259 FP: Foreach nested in try, nested in loop\n* [NET-1188](https://sonarsource.atlassian.net/browse/NET-1188) - Improve S4158 - Empty Collections should not be Enumerated\n* [NET-1088](https://sonarsource.atlassian.net/browse/NET-1088) - Fix S3240 FP: Ignore when a conditional block contains a ternary\n* [NET-800](https://sonarsource.atlassian.net/browse/NET-800) - Fix S2259 FP: FlowCaptures in loops and try-regions\n\n### False Negative\n\n* [NET-1299](https://sonarsource.atlassian.net/browse/NET-1299) - Fix S2053 FN: Support Copy methods\n* [NET-1257](https://sonarsource.atlassian.net/browse/NET-1257) - Fix S4790 FN: New HashData overloads not recognized\n* [NET-1194](https://sonarsource.atlassian.net/browse/NET-1194) - Fix S4158 FN: Collection Expressions (C# 12)\n* [NET-357](https://sonarsource.atlassian.net/browse/NET-357) - Fix S2068 FN: does not consider `launchSettings.json` files\n* [NET-210](https://sonarsource.atlassian.net/browse/NET-210) - Fix S4158 FN: AddRange with empty collection\n\n### Bug\n\n* [NET-1267](https://sonarsource.atlassian.net/browse/NET-1267) - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace\n* [NET-1184](https://sonarsource.atlassian.net/browse/NET-1184) - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server\n\n### Improvement\n\n* [NET-1217](https://sonarsource.atlassian.net/browse/NET-1217) - Improve S3996: Set location to the property instead of record\n\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.8.0.113526\u0026new-version=10.23.0.137933)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DKorablin/Plugin.ApkImageView/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DKorablin%2FPlugin.ApkImageView/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"10.22.0.136894","new_version":"10.23.0.137933","update_type":"minor","path":null,"pr_created_at":"2026-04-13T03:27:08.000Z","version_change":"10.22.0.136894 → 10.23.0.137933","issue":{"uuid":"4251050306","node_id":"PR_kwDOIyEMH87R204f","number":557,"state":"open","title":"Bump SonarAnalyzer.CSharp from 10.22.0.136894 to 10.23.0.137933","user":"dependabot[bot]","labels":["dependencies",".NET","nuget","size/XS","packages","☑️ auto-merge","🤖 bot"],"assignees":["guibranco"],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-13T03:27:08.000Z","updated_at":"2026-04-13T06:13:40.382Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"SonarAnalyzer.CSharp","old_version":"10.22.0.136894","new_version":"10.23.0.137933","repository_url":"https://github.com/SonarSource/sonar-dotnet"}],"path":null,"ecosystem":"nuget"},"body":"Updated [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 10.22.0.136894 to 10.23.0.137933.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\n_Sourced from [SonarAnalyzer.CSharp's releases](https://github.com/SonarSource/sonar-dotnet/releases)._\n\n## 10.23\n\nThis release brings a bunch of fixes! Enjoy.\n\n  ### Bug Fixes\n\n  - [NET-3557](https://sonarsource.atlassian.net/browse/NET-3557) - Fix SE AD0001 when SyntaxTreeOptionsProvider is null\n  - [NET-3519](https://sonarsource.atlassian.net/browse/NET-3519) - Fix AD0001: NRE in PropertiesAccessCorrectField\n\n  ### False Positives\n\n  - [NET-3532](https://sonarsource.atlassian.net/browse/NET-3532) - Fix S2583 FP: Any called two times\n  - [NET-3468](https://sonarsource.atlassian.net/browse/NET-3468) - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer\n  - [NET-3454](https://sonarsource.atlassian.net/browse/NET-3454) - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda\n  - [NET-3164](https://sonarsource.atlassian.net/browse/NET-3164) - Fix S125 FP: Improve semicolon heuristic\n  - [NET-2559](https://sonarsource.atlassian.net/browse/NET-2559) - Fix S5944 FP: When method name is also a class name of generic argument\n  - [NET-2438](https://sonarsource.atlassian.net/browse/NET-2438) - Fix S1067 FP: Do not raise an issue inside Equals() implementation\n  - [NET-1565](https://sonarsource.atlassian.net/browse/NET-1565) - Fix S1192 FP: Shouldn't raise on Dapper parameters\n  - [NET-1168](https://sonarsource.atlassian.net/browse/NET-1168) - Fix S1172 FP: When parameter conditionally used in local function\n  - [NET-52](https://sonarsource.atlassian.net/browse/NET-52) - Fix S4017 FP: Do not raise when implementing abstract class/interface\n\n  ### False Negatives\n\n  - [NET-1642](https://sonarsource.atlassian.net/browse/NET-1642) - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0\n  - [NET-348](https://sonarsource.atlassian.net/browse/NET-348) - Fix S4144 FN: Methods with generic return types\n\n\nCommits viewable in [compare view](https://github.com/SonarSource/sonar-dotnet/commits).\n\u003c/details\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=SonarAnalyzer.CSharp\u0026package-manager=nuget\u0026previous-version=10.22.0.136894\u0026new-version=10.23.0.137933)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guibranco/Sankhya-SDK-dotnet/pull/557","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guibranco%2FSankhya-SDK-dotnet/issues/557","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/557/packages"}}]}