private static DiagnosticDescriptor CreateDiagnosticDescriptor(LocalizableResourceString messageFormat, LocalizableResourceString description)
{
return(DiagnosticDescriptorHelper.Create(RuleId,
SecurityDiagnosticHelpers.GetLocalizableResourceString(nameof(MicrosoftNetFrameworkAnalyzersResources.InsecureDtdProcessingInApiDesign)),
messageFormat,
DiagnosticCategory.Security,
RuleLevel.IdeHidden_BulkConfigurable,
description,
isPortedFxCopRule: false,
isDataflowRule: false));
}
private static DiagnosticDescriptor CreateDiagnosticDescriptor(LocalizableResourceString messageFormat, LocalizableResourceString description)
{
return(DiagnosticDescriptorHelper.Create(RuleId,
SecurityDiagnosticHelpers.GetLocalizableResourceString(nameof(MicrosoftNetFrameworkAnalyzersResources.InsecureXsltScriptProcessingMessage)),
messageFormat,
DiagnosticCategory.Security,
RuleLevel.BuildWarning,
description,
isPortedFxCopRule: false,
isDataflowRule: false));
}
/// <summary>
/// Creates a DiagnosticDescriptor with <see cref="LocalizableResourceString"/>s from the specified resource source type.
/// </summary>
/// <param name="id">Diagnostic identifier.</param>
/// <param name="resourceSource">Type containing the resource strings.</param>
/// <param name="titleResourceStringName">Name of the resource string inside <paramref name="resourceSource"/> for the diagnostic's title.</param>
/// <param name="messageResourceStringName">Name of the resource string inside <paramref name="resourceSource"/> for the diagnostic's message.</param>
/// <param name="ruleLevel">Indicates the <see cref="RuleLevel"/> for this rule.</param>
/// <param name="descriptionResourceStringName">Name of the resource string inside <paramref name="resourceSource"/> for the diagnostic's descrption.</param>
/// <param name="isPortedFxCopRule">Flag indicating if this is a rule ported from legacy FxCop.</param>
/// <param name="isDataflowRule">Flag indicating if this is a dataflow analysis based rule.</param>
/// <returns>new DiagnosticDescriptor</returns>
public static DiagnosticDescriptor CreateDiagnosticDescriptor(
string id,
Type resourceSource,
string titleResourceStringName,
string messageResourceStringName,
RuleLevel ruleLevel,
bool isPortedFxCopRule,
bool isDataflowRule,
string?descriptionResourceStringName = null)
{
return(DiagnosticDescriptorHelper.Create(
id,
GetResourceString(resourceSource, titleResourceStringName),
GetResourceString(resourceSource, messageResourceStringName),
DiagnosticCategory.Security,
ruleLevel,
descriptionResourceStringName != null ? GetResourceString(resourceSource, descriptionResourceStringName) : null,
isPortedFxCopRule,
isDataflowRule,
isEnabledByDefaultInFxCopAnalyzers: ruleLevel != RuleLevel.Disabled));
}
/// <summary>
/// Creates a DiagnosticDescriptor with <see cref="LocalizableResourceString"/>s from the specified resource source type.
/// </summary>
/// <param name="id">Diagnostic identifier.</param>
/// <param name="titleResourceStringName">Name of the resource string for the diagnostic's title.</param>
/// <param name="messageResourceStringName">Name of the resource string for the diagnostic's message.</param>
/// <param name="ruleLevel">Indicates the <see cref="RuleLevel"/> for this rule.</param>
/// <param name="descriptionResourceStringName">Name of the resource string for the diagnostic's description.</param>
/// <param name="isPortedFxCopRule">Flag indicating if this is a rule ported from legacy FxCop.</param>
/// <param name="isDataflowRule">Flag indicating if this is a dataflow analysis based rule.</param>
/// <returns>new DiagnosticDescriptor</returns>
public static DiagnosticDescriptor CreateDiagnosticDescriptor(
string id,
string titleResourceStringName,
string messageResourceStringName,
RuleLevel ruleLevel,
bool isPortedFxCopRule,
bool isDataflowRule,
bool isReportedAtCompilationEnd,
string?descriptionResourceStringName = null)
{
return(DiagnosticDescriptorHelper.Create(
id,
CreateLocalizableResourceString(titleResourceStringName),
CreateLocalizableResourceString(messageResourceStringName),
DiagnosticCategory.Security,
ruleLevel,
descriptionResourceStringName != null ? CreateLocalizableResourceString(descriptionResourceStringName) : null,
isPortedFxCopRule,
isDataflowRule,
isReportedAtCompilationEnd: isReportedAtCompilationEnd));
}
