diff --git a/src/NetAnalyzers/CSharp/Microsoft.NetCore.Analyzers/Performance/CSharpRecommendCaseInsensitiveStringComparisonFixer.cs b/src/NetAnalyzers/CSharp/Microsoft.NetCore.Analyzers/Performance/CSharpRecommendCaseInsensitiveStringComparisonFixer.cs new file mode 100644 index 0000000000..61fef280f9 --- /dev/null +++ b/src/NetAnalyzers/CSharp/Microsoft.NetCore.Analyzers/Performance/CSharpRecommendCaseInsensitiveStringComparisonFixer.cs @@ -0,0 +1,101 @@ +// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information. + +using System.Collections.Generic; +using System.Composition; +using System.Diagnostics; +using Microsoft.CodeAnalysis; +using Microsoft.CodeAnalysis.CodeFixes; +using Microsoft.CodeAnalysis.CSharp.Syntax; +using Microsoft.CodeAnalysis.Editing; +using Microsoft.CodeAnalysis.Operations; +using Microsoft.NetCore.Analyzers.Performance; + +namespace Microsoft.NetCore.CSharp.Analyzers.Performance +{ + using RCISCAnalyzer = RecommendCaseInsensitiveStringComparisonAnalyzer; + + [ExportCodeFixProvider(LanguageNames.CSharp), Shared] + public sealed class CSharpRecommendCaseInsensitiveStringComparisonFixer : RecommendCaseInsensitiveStringComparisonFixer + { + protected override List GetNewArguments(SyntaxGenerator generator, IInvocationOperation mainInvocationOperation, + INamedTypeSymbol stringComparisonType, out SyntaxNode? mainInvocationInstance) + { + List arguments = new(); + bool isAnyArgumentNamed = false; + + InvocationExpressionSyntax invocationExpression = (InvocationExpressionSyntax)mainInvocationOperation.Syntax; + + string? caseChangingApproachName = null; + bool isChangingCaseInArgument = false; + + mainInvocationInstance = null; + + if (invocationExpression.Expression is MemberAccessExpressionSyntax memberAccessExpression) + { + var internalExpression = memberAccessExpression.Expression is ParenthesizedExpressionSyntax parenthesizedExpression ? + parenthesizedExpression.Expression : + memberAccessExpression.Expression; + + if (internalExpression is InvocationExpressionSyntax internalInvocationExpression && + internalInvocationExpression.Expression is MemberAccessExpressionSyntax internalMemberAccessExpression) + { + mainInvocationInstance = internalMemberAccessExpression.Expression; + caseChangingApproachName = GetCaseChangingApproach(internalMemberAccessExpression.Name.Identifier.ValueText); + } + else + { + mainInvocationInstance = memberAccessExpression.Expression; + isChangingCaseInArgument = true; + } + } + + foreach (ArgumentSyntax node in invocationExpression.ArgumentList.Arguments) + { + string? argumentName = node.NameColon?.Name.Identifier.ValueText; + isAnyArgumentNamed |= argumentName != null; + + ExpressionSyntax argumentExpression = node.Expression is ParenthesizedExpressionSyntax argumentParenthesizedExpression ? + argumentParenthesizedExpression.Expression : + node.Expression; + + MemberAccessExpressionSyntax? argumentMemberAccessExpression = null; + if (argumentExpression is InvocationExpressionSyntax argumentInvocationExpression && + (argumentMemberAccessExpression = argumentInvocationExpression.Expression as MemberAccessExpressionSyntax) != null) + { + caseChangingApproachName = GetCaseChangingApproach(argumentMemberAccessExpression.Name.Identifier.ValueText); + } + + SyntaxNode newArgumentNode; + if (isChangingCaseInArgument) + { + if (argumentMemberAccessExpression != null) + { + newArgumentNode = argumentName == RCISCAnalyzer.StringParameterName ? + generator.Argument(RCISCAnalyzer.StringParameterName, RefKind.None, argumentMemberAccessExpression.Expression) : + generator.Argument(argumentMemberAccessExpression.Expression); + } + else + { + newArgumentNode = node; + } + } + else + { + newArgumentNode = node; + } + + arguments.Add(newArgumentNode); + } + + Debug.Assert(caseChangingApproachName != null); + Debug.Assert(mainInvocationInstance != null); + + SyntaxNode stringComparisonArgument = GetNewStringComparisonArgument(generator, + stringComparisonType, caseChangingApproachName!, isAnyArgumentNamed); + + arguments.Add(stringComparisonArgument); + + return arguments; + } + } +} \ No newline at end of file diff --git a/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md b/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md index 272ba8e499..22bd3e1a23 100644 --- a/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md +++ b/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md @@ -14,6 +14,7 @@ CA1858 | Performance | Info | UseStartsWithInsteadOfIndexOfComparisonWithZero, [ CA1859 | Performance | Info | UseConcreteTypeAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1859) CA1860 | Performance | Info | PreferLengthCountIsEmptyOverAnyAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1860) CA1861 | Performance | Info | AvoidConstArrays, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1861) +CA1862 | Performance | Info | RecommendCaseInsensitiveStringComparison, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1862) CA2021 | Reliability | Warning | DoNotCallEnumerableCastOrOfTypeWithIncompatibleTypesAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2021) ### Removed Rules diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx index ac1d44a9e0..06e7d24b24 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx @@ -2054,4 +2054,25 @@ Widening and user defined conversions are not supported with generic types. Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + Use the 'string.{0}(string, StringComparison)' overload + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + \ No newline at end of file diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Analyzer.cs b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Analyzer.cs new file mode 100644 index 0000000000..584672eb5b --- /dev/null +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Analyzer.cs @@ -0,0 +1,238 @@ +// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information. + +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Linq; +using Analyzer.Utilities; +using Analyzer.Utilities.Extensions; +using Microsoft.CodeAnalysis; +using Microsoft.CodeAnalysis.Diagnostics; +using Microsoft.CodeAnalysis.Operations; + +namespace Microsoft.NetCore.Analyzers.Performance +{ + using static MicrosoftNetCoreAnalyzersResources; + + /// + /// CA1862: Prefer the StringComparison method overloads to perform case-insensitive string comparisons. + /// + [DiagnosticAnalyzer(LanguageNames.CSharp, LanguageNames.VisualBasic)] + public sealed class RecommendCaseInsensitiveStringComparisonAnalyzer : DiagnosticAnalyzer + { + internal const string RuleId = "CA1862"; + + internal const string StringComparisonInvariantCultureIgnoreCaseName = "InvariantCultureIgnoreCase"; + internal const string StringComparisonCurrentCultureIgnoreCaseName = "CurrentCultureIgnoreCase"; + internal const string StringToLowerMethodName = "ToLower"; + internal const string StringToUpperMethodName = "ToUpper"; + internal const string StringToLowerInvariantMethodName = "ToLowerInvariant"; + internal const string StringToUpperInvariantMethodName = "ToUpperInvariant"; + internal const string StringContainsMethodName = "Contains"; + internal const string StringIndexOfMethodName = "IndexOf"; + internal const string StringStartsWithMethodName = "StartsWith"; + internal const string StringCompareToMethodName = "CompareTo"; + internal const string StringComparerCompareMethodName = "Compare"; + internal const string StringParameterName = "value"; + internal const string StringComparisonParameterName = "comparisonType"; + + internal static readonly DiagnosticDescriptor RecommendCaseInsensitiveStringComparisonRule = DiagnosticDescriptorHelper.Create( + RuleId, + CreateLocalizableResourceString(nameof(RecommendCaseInsensitiveStringComparisonTitle)), + CreateLocalizableResourceString(nameof(RecommendCaseInsensitiveStringComparisonMessage)), + DiagnosticCategory.Performance, + RuleLevel.IdeSuggestion, + CreateLocalizableResourceString(nameof(RecommendCaseInsensitiveStringComparisonDescription)), + isPortedFxCopRule: false, + isDataflowRule: false); + + internal static readonly DiagnosticDescriptor RecommendCaseInsensitiveStringComparerRule = DiagnosticDescriptorHelper.Create( + RuleId, + CreateLocalizableResourceString(nameof(RecommendCaseInsensitiveStringComparerTitle)), + CreateLocalizableResourceString(nameof(RecommendCaseInsensitiveStringComparerMessage)), + DiagnosticCategory.Performance, + RuleLevel.IdeSuggestion, + CreateLocalizableResourceString(nameof(RecommendCaseInsensitiveStringComparerDescription)), + isPortedFxCopRule: false, + isDataflowRule: false); + + public override ImmutableArray SupportedDiagnostics { get; } = ImmutableArray.Create( + RecommendCaseInsensitiveStringComparisonRule, RecommendCaseInsensitiveStringComparerRule); + + public override void Initialize(AnalysisContext context) + { + context.EnableConcurrentExecution(); + context.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.None); + context.RegisterCompilationStartAction(AnalyzeCompilationStart); + } + + private void AnalyzeCompilationStart(CompilationStartAnalysisContext context) + { + // Retrieve the essential types: string, StringComparison, StringComparer + + INamedTypeSymbol stringType = context.Compilation.GetSpecialType(SpecialType.System_String); + INamedTypeSymbol int32Type = context.Compilation.GetSpecialType(SpecialType.System_Int32); + + if (!context.Compilation.TryGetOrCreateTypeByMetadataName(WellKnownTypeNames.SystemStringComparison, out INamedTypeSymbol? stringComparisonType)) + { + return; + } + + if (!context.Compilation.TryGetOrCreateTypeByMetadataName(WellKnownTypeNames.SystemStringComparer, out INamedTypeSymbol? stringComparerType)) + { + return; + } + + // Retrieve the offending parameterless methods: ToLower, ToLowerInvariant, ToUpper, ToUpperInvariant + + IMethodSymbol? toLowerParameterlessMethod = stringType.GetMembers(StringToLowerMethodName).OfType().GetFirstOrDefaultMemberWithParameterInfos(); + if (toLowerParameterlessMethod == null) + { + return; + } + + IMethodSymbol? toLowerInvariantParameterlessMethod = stringType.GetMembers(StringToLowerInvariantMethodName).OfType().GetFirstOrDefaultMemberWithParameterInfos(); + if (toLowerInvariantParameterlessMethod == null) + { + return; + } + + IMethodSymbol? toUpperParameterlessMethod = stringType.GetMembers(StringToUpperMethodName).OfType().GetFirstOrDefaultMemberWithParameterInfos(); + if (toUpperParameterlessMethod == null) + { + return; + } + + IMethodSymbol? toUpperInvariantParameterlessMethod = stringType.GetMembers(StringToUpperInvariantMethodName).OfType().GetFirstOrDefaultMemberWithParameterInfos(); + if (toUpperInvariantParameterlessMethod == null) + { + return; + } + + // Create the different expected parameter combinations + + ParameterInfo[] stringParameter = new[] + { + ParameterInfo.GetParameterInfo(stringType) + }; + + ParameterInfo[] stringInt32Parameters = new[] + { + ParameterInfo.GetParameterInfo(stringType), + ParameterInfo.GetParameterInfo(int32Type) + }; + + ParameterInfo[] stringInt32Int32Parameters = new[] + { + ParameterInfo.GetParameterInfo(stringType), + ParameterInfo.GetParameterInfo(int32Type), + ParameterInfo.GetParameterInfo(int32Type) + }; + + // Retrieve the diagnosable string overload methods: Contains, IndexOf (3 overloads), StartsWith, CompareTo + + // Contains(string) + IMethodSymbol? containsStringMethod = stringType.GetMembers(StringContainsMethodName).OfType().GetFirstOrDefaultMemberWithParameterInfos(stringParameter); + if (containsStringMethod == null) + { + return; + } + + // StartsWith(string) + IMethodSymbol? startsWithStringMethod = stringType.GetMembers(StringStartsWithMethodName).OfType().GetFirstOrDefaultMemberWithParameterInfos(stringParameter); + if (startsWithStringMethod == null) + { + return; + } + + IEnumerable indexOfMethods = stringType.GetMembers(StringIndexOfMethodName).OfType(); + + // IndexOf(string) + IMethodSymbol? indexOfStringMethod = indexOfMethods.GetFirstOrDefaultMemberWithParameterInfos(stringParameter); + if (indexOfStringMethod == null) + { + return; + } + + // IndexOf(string, int startIndex) + IMethodSymbol? indexOfStringInt32Method = indexOfMethods.GetFirstOrDefaultMemberWithParameterInfos(stringInt32Parameters); + if (indexOfStringInt32Method == null) + { + return; + } + + // IndexOf(string, int startIndex, int count) + IMethodSymbol? indexOfStringInt32Int32Method = indexOfMethods.GetFirstOrDefaultMemberWithParameterInfos(stringInt32Int32Parameters); + if (indexOfStringInt32Int32Method == null) + { + return; + } + + // CompareTo(string) + IMethodSymbol? compareToStringMethod = stringType.GetMembers(StringCompareToMethodName).OfType().GetFirstOrDefaultMemberWithParameterInfos(stringParameter); + if (compareToStringMethod == null) + { + return; + } + + // Retrieve the StringComparer properties that need to be flagged: CurrentCultureIgnoreCase, InvariantCultureIgnoreCase + + IEnumerable ccicPropertyGroup = stringComparerType.GetMembers(StringComparisonCurrentCultureIgnoreCaseName).OfType(); + if (!ccicPropertyGroup.Any()) + { + return; + } + + IEnumerable icicPropertyGroup = stringComparerType.GetMembers(StringComparisonInvariantCultureIgnoreCaseName).OfType(); + if (!icicPropertyGroup.Any()) + { + return; + } + + context.RegisterOperationAction(context => + { + IInvocationOperation caseChangingInvocation = (IInvocationOperation)context.Operation; + IMethodSymbol caseChangingMethod = caseChangingInvocation.TargetMethod; + + if (!caseChangingMethod.Equals(toLowerParameterlessMethod) && + !caseChangingMethod.Equals(toLowerInvariantParameterlessMethod) && + !caseChangingMethod.Equals(toUpperParameterlessMethod) && + !caseChangingMethod.Equals(toUpperInvariantParameterlessMethod)) + { + return; + } + + // Ignore parenthesized operations + IOperation? ancestor = caseChangingInvocation.WalkUpParentheses().WalkUpConversion().Parent; + + IInvocationOperation diagnosableInvocation; + if (ancestor is IInvocationOperation invocationAncestor) + { + diagnosableInvocation = invocationAncestor; + } + else if (ancestor is IArgumentOperation argumentAncestor && argumentAncestor.Parent is IInvocationOperation argumentInvocationAncestor) + { + diagnosableInvocation = argumentInvocationAncestor; + } + else + { + return; + } + + IMethodSymbol diagnosableMethod = diagnosableInvocation.TargetMethod; + + if (diagnosableMethod.Equals(containsStringMethod) || + diagnosableMethod.Equals(startsWithStringMethod) || + diagnosableMethod.Equals(indexOfStringMethod) || + diagnosableMethod.Equals(indexOfStringInt32Method) || + diagnosableMethod.Equals(indexOfStringInt32Int32Method)) + { + context.ReportDiagnostic(diagnosableInvocation.CreateDiagnostic(RecommendCaseInsensitiveStringComparisonRule, diagnosableMethod.Name)); + } + else if (diagnosableMethod.Equals(compareToStringMethod)) + { + context.ReportDiagnostic(diagnosableInvocation.CreateDiagnostic(RecommendCaseInsensitiveStringComparerRule)); + } + }, OperationKind.Invocation); + } + } +} diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Fixer.cs b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Fixer.cs new file mode 100644 index 0000000000..f2a012402f --- /dev/null +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Fixer.cs @@ -0,0 +1,143 @@ +// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information. + +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Diagnostics; +using System.Threading; +using System.Threading.Tasks; +using Analyzer.Utilities; +using Analyzer.Utilities.Extensions; +using Microsoft.CodeAnalysis; +using Microsoft.CodeAnalysis.CodeActions; +using Microsoft.CodeAnalysis.CodeFixes; +using Microsoft.CodeAnalysis.Editing; +using Microsoft.CodeAnalysis.Operations; + +namespace Microsoft.NetCore.Analyzers.Performance +{ + using RCISCAnalyzer = RecommendCaseInsensitiveStringComparisonAnalyzer; + + /// + /// CA1862: Prefer the StringComparison method overloads to perform case-insensitive string comparisons. + /// + public abstract class RecommendCaseInsensitiveStringComparisonFixer : CodeFixProvider + { + protected abstract List GetNewArguments(SyntaxGenerator generator, IInvocationOperation mainInvocationOperation, + INamedTypeSymbol stringComparisonType, out SyntaxNode? mainInvocationInstance); + + public override ImmutableArray FixableDiagnosticIds { get; } = ImmutableArray.Create(RCISCAnalyzer.RuleId); + + public sealed override FixAllProvider GetFixAllProvider() => WellKnownFixAllProviders.BatchFixer; + + public override async Task RegisterCodeFixesAsync(CodeFixContext context) + { + CancellationToken ct = context.CancellationToken; + + Document doc = context.Document; + + SyntaxNode root = await doc.GetSyntaxRootAsync(ct).ConfigureAwait(false); + + if (root.FindNode(context.Span, getInnermostNodeForTie: true) is not SyntaxNode node) + { + return; + } + + SemanticModel model = await doc.GetSemanticModelAsync(ct).ConfigureAwait(false); + + if (model.GetOperation(node, ct) is not IInvocationOperation invocation) + { + return; + } + + if (model.Compilation.GetOrCreateTypeByMetadataName(WellKnownTypeNames.SystemStringComparison) + is not INamedTypeSymbol stringComparisonType) + { + return; + } + + Task createChangedDocument(CancellationToken _) => FixInvocationAsync(doc, root, + invocation, stringComparisonType, invocation.TargetMethod.Name); + + string title = string.Format( + MicrosoftNetCoreAnalyzersResources.RecommendCaseInsensitiveStringComparerStringComparisonCodeFixTitle, invocation.TargetMethod.Name); + + context.RegisterCodeFix( + CodeAction.Create( + title, + createChangedDocument, + equivalenceKey: nameof(MicrosoftNetCoreAnalyzersResources.RecommendCaseInsensitiveStringComparerStringComparisonCodeFixTitle)), + context.Diagnostics); + } + + private Task FixInvocationAsync(Document doc, SyntaxNode root, IInvocationOperation mainInvocation, + INamedTypeSymbol stringComparisonType, string diagnosableMethodName) + { + // Defensive check: The max number of arguments is held by IndexOf + Debug.Assert(mainInvocation.Arguments.Length <= 3); + + // For the Diagnosable methods Contains(string) and StartsWith(string) + // If we have this code ('a' and 'b' are string instances): + // A) a.CaseChanging().Diagnosable(b); + // B) a.Diagnosable(b.CaseChanging()); + // We want to convert any of them to: + // a.Diagnosable(b, StringComparison.DesiredCultureDesiredCase); + + // For IndexOf we have 3 options: + // A.1) a.CaseChanging().IndexOf(b) + // A.2) a.IndexOf(b.CaseChanging()) + // B.1) a.CaseChanging().IndexOf(b, startIndex: n) + // B.2) a.IndexOf(b.CaseChanging(), startIndex: n) + // C.1) a.CaseChanging().IndexOf(b, startIndex: n, count: m) + // C.2) a.IndexOf(b.CaseChanging(), startIndex: n, count: m) + // We want to convert them to: + // A) a.IndexOf(b, StringComparison.Desired) + // B) a.IndexOf(b, startIndex: n, StringComparison.Desired) + // C) a.IndexOf(b, startIndex: n, count: m, StringComparison.Desired) + + SyntaxGenerator generator = SyntaxGenerator.GetGenerator(doc); + + // Defensive check: Should not fix string.CompareTo + Debug.Assert(diagnosableMethodName is + RCISCAnalyzer.StringContainsMethodName or + RCISCAnalyzer.StringIndexOfMethodName or + RCISCAnalyzer.StringStartsWithMethodName); + + List newArguments = GetNewArguments(generator, mainInvocation, stringComparisonType, out SyntaxNode? mainInvocationInstance); + + SyntaxNode stringMemberAccessExpression = generator.MemberAccessExpression(mainInvocationInstance, mainInvocation.TargetMethod.Name); + + SyntaxNode newInvocation = generator.InvocationExpression(stringMemberAccessExpression, newArguments).WithTriviaFrom(mainInvocation.Syntax); + + SyntaxNode newRoot = generator.ReplaceNode(root, mainInvocation.Syntax, newInvocation); + return Task.FromResult(doc.WithSyntaxRoot(newRoot)); + } + + protected static SyntaxNode GetNewStringComparisonArgument(SyntaxGenerator generator, + INamedTypeSymbol stringComparisonType, string caseChangingApproachName, bool isAnyArgumentNamed) + { + // Generate the enum access expression for "StringComparison.DesiredCultureDesiredCase" + SyntaxNode stringComparisonEnumValueAccess = generator.MemberAccessExpression( + generator.TypeExpressionForStaticMemberAccess(stringComparisonType), + generator.IdentifierName(caseChangingApproachName)); + + // Convert the above into an argument node, then append it to the argument list: "b, StringComparison.DesiredCultureDesiredCase" + // If at least one of the pre-existing arguments is named, then the StringComparison enum value needs to be named too + SyntaxNode stringComparisonArgument = isAnyArgumentNamed ? + generator.Argument(name: RCISCAnalyzer.StringComparisonParameterName, RefKind.None, stringComparisonEnumValueAccess) : + generator.Argument(stringComparisonEnumValueAccess); + + return stringComparisonArgument; + } + + protected static string GetCaseChangingApproach(string methodName) + { + if (methodName is RCISCAnalyzer.StringToLowerMethodName or RCISCAnalyzer.StringToUpperMethodName) + { + return RCISCAnalyzer.StringComparisonCurrentCultureIgnoreCaseName; + } + + Debug.Assert(methodName is RCISCAnalyzer.StringToLowerInvariantMethodName or RCISCAnalyzer.StringToUpperInvariantMethodName); + return RCISCAnalyzer.StringComparisonInvariantCultureIgnoreCaseName; + } + } +} \ No newline at end of file diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf index d7dd5c1b25..e3b4c24d5c 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - Přidejte k tomuto poli atribut NonSerialized + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Přidat atribut Serializable + Add Serializable attribute Review cipher mode usage with cryptography experts - Zkontrolovat využití režimu šifrování s odborníky na kryptografii + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Tyto režimy šifrování můžou být ohrožené útoky. Zvažte možnost použít doporučené režimy (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Zkontrolujte využití režimu šifrování {0} s odborníky na kryptografii. Zvažte možnost použít doporučené režimy (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - Pro adresu URL, identifikátor GUID nebo verzi se nesprávně parsuje parametr literálu řetězce nějakého atributu. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - V konstruktoru {0} změňte hodnotu argumentu {1}, která je aktuálně {2}, na hodnotu, která se dá správně parsovat jako {3}. + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - V konstruktoru {0} změňte hodnotu argumentu {1}, která je aktuálně prázdný řetězec (""), na hodnotu, která se dá správně parsovat jako {2}. + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Literály řetězců atributů by se měly správně parsovat + Attribute string literals should parse correctly Extract to static readonly field - Extrahovat do statického pole jen pro čtení + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - Konstantní pole předaná jako argumenty se při opakovaném volání znovu nepoužívají, což znamená, že se pokaždé vytvoří nové pole. Zvažte možnost extrahovat je do polí static readonly, aby se zlepšil výkon, pokud předané pole není mutované v rámci volané metody. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - Upřednostňovat pole „static readonly“ před argumenty konstantního pole, pokud se volaná metoda volá opakovaně a nemutuje předané pole + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - Vyhněte se konstantním polím jako argumentům + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - Zařazením parametru StringBuilder se vždy vytvoří kopie nativní vyrovnávací paměti, která bude mít za následek vícenásobné přidělení pro jednu operaci zařazování. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Nepoužívejte parametry StringBuilder pro volání nespravovaného kódu (P/Invokes). Místo toho zvažte možnost použít vyrovnávací paměť znaků. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - Nepoužívejte parametry StringBuilder pro volání nespravovaného kódu + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - Knihovna tříd .NET Framework poskytuje metody pro načítání vlastních atributů. Ve výchozím nastavení tyto metody prohledávají hierarchii dědičnosti atributů. Zapečetění atributu eliminuje prohledávání hierarchie dědičnosti a může zvýšit výkon. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Vyhněte se nezapečetěným atributům + Avoid unsealed attributes Avoid unsealed attributes - Vyhněte se nezapečetěným atributům + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Vyhněte se nepotřebným alokacím polí s nulovou délkou. Použijte místo toho {0}. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Vyhněte se alokacím polí s nulovou délkou + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Když se deserializují nedůvěryhodná data bez SerializationBinderu, který omezí typ objektu v grafu deserializovaných objektů, není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Než zavoláte BinaryFormatter.Deserialize, ujistěte se, že je nastavený BinaryFormatter.Binder + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Když se deserializují nedůvěryhodná data bez SerializationBinderu, který omezí typ objektu v grafu deserializovaných objektů, není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - Nevolat BinaryFormatter.Deserialize dříve, než se nastaví BinaryFormatter.Binder + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. Pokud místo toho potřebujete zjišťovat deserializaci BinaryFormatteru bez nastaveného SerializationBinderu, zakažte pravidlo CA2300 a povolte pravidla CA2301 a CA2302. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Nepoužívat nezabezpečený deserializátor BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - Buffer.BlockCopy očekává počet bajtů, které se mají zkopírovat pro argument count. Použití array.Length se nemusí shodovat s počtem bajtů, které je potřeba zkopírovat. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - Buffer.BlockCopy očekává počet bajtů, které se mají zkopírovat pro argument count. Použití array.Length se nemusí shodovat s počtem bajtů, které je potřeba zkopírovat. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - Buffer.BlockCopy očekává počet bajtů, které se mají zkopírovat pro argument count. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Metoda, která je implementací metody Dispose, nevolá GC.SuppressFinalize, nebo metoda, která není implementací metody Dispose, volá GC.SuppressFinalize, nebo metoda volá GC.SuppressFinalize a předává něco jiného než this (Me v jazyce Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Změňte {0} tak, aby volalo %({1}). Díky tomu odvozené typy, které zavádějí finalizační metodu, nebudou muset znovu implementovat rozhraní IDisposable, aby ji mohly zavolat. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Změňte {0} tak, aby volalo %({1}). To zabrání zbytečné finalizaci objektu poté, co se uvolnil a už není v oboru. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} volá {1} na něco jiného než sebe. Změňte lokalitu volání tak, aby místo toho předávala this (Me ve Visual Basicu). + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} volá {1}, což je metoda, která se obvykle volá jen v implementaci metody IDisposable.Dispose. Další informace najdete ve vzoru IDisposable. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Metody Dispose by měly volat SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - Atribut ConstantExpected není u parametru použit správně. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Nesprávné použití atributu ConstantExpected + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - Atribut ConstantExpected je pro parametr vyžadován z důvodu poznámky nadřazené metody. + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - Hodnota {0} není kompatibilní s typem parametru {1}. + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - Hodnota {0} se nevejde do mezí hodnot parametru od {1} do {2}. + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - Konstanta nemá stejný typ {0} jako parametr. + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Hodnoty Min a Max jsou obrácené. + The Min and Max values are inverted The argument should be a constant for optimal performance - Aby parametr fungoval optimálně, měl by být konstantou. + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - Typ {0} není pro atribut ConstantExpected podporován. + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - Konstanta se nevejde do mezí hodnot od {0} do {1}. + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - Aby parametr fungoval optimálně, očekává konstantu. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Pro parametr se očekává konstanta. + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Při deserializaci nedůvěryhodného vstupu není deserializace objektu {0} bezpečná. Objekt {1} je buď objektem {0}, nebo je z tohoto objektu odvozený. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - V grafu deserializovatelných objektů se našel nebezpečný typ DataSet nebo DataTable + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - Při deserializaci nedůvěryhodného vstupu pomocí serializátoru založeného na rozhraní IFormatter není deserializace objektu {0} bezpečná. Objekt {1} je buď objektem {0}, nebo je z tohoto objektu odvozený. Zajistěte, aby automaticky generovaný typ nikdy nebyl deserializovaný s nedůvěryhodnými daty. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Nebezpečné DataSet nebo DataTable v automaticky generovaném serializovatelném typu můžou být ohrožené útoky spuštěním vzdáleného kódu + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Při deserializaci nedůvěryhodného vstupu není deserializace objektu {0} bezpečná. Objekt {1} je buď objektem {0}, nebo je z tohoto objektu odvozený. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Nebezpečné DataSet nebo DataTable v grafu deserializovaných objektů můžou být ohrožené útoky spuštěním vzdáleného kódu + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - Při deserializaci nedůvěryhodného vstupu pomocí serializátoru založeného na rozhraní IFormatter není deserializace objektu {0} bezpečná. Objekt {1} je buď objektem {0}, nebo je z tohoto objektu odvozený. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Nebezpečné DataSet nebo DataTable v serializovatelném typu můžou být ohrožené útoky spuštěním vzdáleného kódu + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Při deserializaci nedůvěryhodného vstupu není deserializace objektu {0} bezpečná. Objekt {1} je buď objektem {0}, nebo je z tohoto objektu odvozený. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - Nebezpečné DataSet nebo DataTable v serializovatelném typu + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Při deserializaci nedůvěryhodného vstupu není deserializace objektu {0} bezpečná. Objekt {1} je buď objektem {0}, nebo je z tohoto objektu odvozený. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - V grafu deserializovatelných objektů webu je nebezpečný typ DataSet nebo DataTable + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. Zajistěte, aby automaticky generovaná třída obsahující volání {0} nebyla deserializovaná s nedůvěryhodnými daty. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Zajistěte, aby se automaticky generovaná třída obsahující DataSet.ReadXml() nepoužívala s nedůvěryhodnými daty + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - Nepoužívejte DataSet.ReadXml() s nedůvěryhodnými daty + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - Nepoužívejte DataTable.ReadXml() s nedůvěryhodnými daty + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - Komponenty HttpClient by měly povolit kontroly seznamu odvolaných certifikátů. + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient se vytvoří bez povolení vlastnosti CheckCertificateRevocationList. + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Nepřidávat certifikáty do kořenového úložiště + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - Když se certifikáty přidají mezi důvěryhodné kořenové certifikáty operačního systému, zvýší se riziko, že se nesprávně ověří nelegitimní certifikát. + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - Nepoužívat CreateEncryptor s nevýchozím inicializačním vektorem + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - Symetrické šifrování používá nevýchozí inicializační vektor, který by se potenciálně mohl dát opakovat. + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Používat zabezpečené soubory cookie v ASP.NET Core + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Při nastavování souboru cookie nastavte CookieOptions.Secure = true. + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - Nepoužívat slabou funkci odvození klíče (KDF) s nedostatečným počtem iterací + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Při odvozování kryptografického klíče z hesla používejte alespoň {0} iterací. Ve výchozím nastavení má atribut IterationCount pro Rfc2898DeriveByte hodnotu pouze 1000. + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Starší verze protokolu zabezpečení TLS (Transport Layer Security) jsou méně bezpečné než TLS 1.2 a TLS 1.3 a mají větší pravděpodobnost výskytu nových ohrožení zabezpečení. Nepoužívejte starší verze protokolu, aby se riziko minimalizovalo. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Verze protokolu TLS (Transport Layer Security) {0} je zastaralá. Pokud chcete, aby operační systém mohl zvolit verzi, použijte možnost None. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - Nepoužívat zastaralé hodnoty SslProtocols + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {0} je odvozen od třídy preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}{0} je odvozen od třídy preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Sestavení musí před jejich použitím vyjádřit výslovný souhlas s funkcemi ve verzi Preview. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - Použití {0} vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {1}. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} Použití {0} vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {1}. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Toto rozhraní API vyžaduje vyjádření výslovného souhlasu s funkcemi ve verzi Preview. + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Typ, který implementuje System.IDisposable, deklaruje pole, která mají typ, který IDisposable implementuje taky. Metoda Dispose deklarujícího typu nevolá metodu Dispose daného pole. Pokud chcete porušení tohoto pravidla opravit a je vaší odpovědností přidělovat a uvolňovat nespravované prostředky, které pole uchovává, zavolejte Dispose pro pole s typy, které implementují IDisposable. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - {0} obsahuje pole {1}, které má typ IDisposable {2}, ale nikdy se nevyřazuje. Změňte metodu Dispose v {0} tak, aby pro toto pole volala Close nebo Dispose. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Pole, která se dají uvolnit, by se měla uvolňovat + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Typ, který implementuje System.IDisposable a má pole, která naznačují, že se používají nespravované prostředky, neimplementuje finalizační metodu, jak se popisuje v Object.Finalize. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Uvolnitelné typy by měly deklarovat finalizační metodu + Disposable types should declare finalizer Disposable types should declare finalizer - Uvolnitelné typy by měly deklarovat finalizační metodu + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Typ, který implementuje System.IDisposable, dědí z typu, který IDisposable implementuje taky. Metoda Dispose dědícího typu nevolá metodu Dispose nadřazeného typu. Pokud chcete porušení tohoto pravidla opravit, zavolejte ve své metodě Dispose metodu base.Dispose. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Zajistěte, aby metoda {0} volala {1} na všech možných cestách toku řízení. + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Metody Dispose by měly volat uvolnění základní třídy + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Pokud uvolnitelný objekt není explicitně uvolněn před tím, než jsou všechny odkazy na něj mimo obor, objekt bude uvolněn v neurčité době, když systém uvolňování paměti spustí finalizační metodu objektu. Protože může dojít k mimořádné události, která zabrání spuštění finalizační metody objektu, měl by být objekt místo toho objekt explicitně uvolněn. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Použijte doporučený vzor vyřazení, abyste měli jistotu, že objekt vytvořený pomocí {0} se vyřadí na všech cestách. Pokud je to možné, zabalte vytváření do příkazu nebo deklarace using. Jinak použijte vzor try-finally s vyhrazenou místní proměnnou deklarovanou před oblastí try a nepodmíněným voláním Dispose pro hodnotu, která není null, v oblasti finally, třeba x?.Dispose(). Pokud se objekt explicitně vyřadí v oblasti try nebo se vlastnictví vyřazení převede na jiný objekt nebo metodu, přiřaďte ihned po takové operaci místní proměnné hodnotu null, aby ve finally nedošlo k dvojímu vyřazení. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Použijte doporučený vzor vyřazení, abyste měli jistotu, že objekt vytvořený pomocí {0} se vyřadí na všech cestách výjimky. Pokud je to možné, zabalte vytváření do příkazu nebo deklarace using. Jinak použijte vzor try-finally s vyhrazenou místní proměnnou deklarovanou před oblastí try a nepodmíněným voláním Dispose pro hodnotu, která není null, v oblasti finally, třeba x?.Dispose(). Pokud se objekt explicitně vyřadí v oblasti try nebo se vlastnictví vyřazení převede na jiný objekt nebo metodu, přiřaďte ihned po takové operaci místní proměnné hodnotu null, aby ve finally nedošlo k dvojímu vyřazení. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Zavolejte System.IDisposable.Dispose pro objekt vytvořený pomocí {0} dříve, než budou všechny odkazy na něj mimo obor. + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - Objekt vytvořený pomocí {0} není vyřazený na všech cestách výjimky. Zavolejte System.IDisposable.Dispose pro tento objekt dříve, než budou všechny odkazy na něj mimo obor. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Uvolňujte objekty před ztrátou oboru + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Nepřidávejte cestu k položce archivu do systémové cesty k cílovému souboru. + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Při extrahování souborů z archivu a použití cesty k položce archivu zkontrolujte, jestli je cesta bezpečná. Cesta k archivu může být relativní a může umožnit přístup k systému souborů mimo očekávanou cílovou cestu k systému souborů, což může vést ke škodlivým změnám konfigurace a vzdálenému spuštění kódu prostřednictvím metody nastražení a čekání. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Pokud vytváříte cestu pro {0} v metodě {1} z relativní cesty k položce archivu za účelem extrahování souboru a daný zdroj je nedůvěryhodný archiv zip, zajistěte sanitizaci relativní cesty k položce archivu {2} v metodě {3}. + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - Nepřidávejte schéma pomocí adresy URL. + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - Toto přetížení metody XmlSchemaCollection.Add vnitřně povolí zpracování DTD v použité instanci čtečky XML a pomocí UrlResolveru překládá externí entity XML. Výsledkem je zpřístupnění informací. Je možné, že se útočníkovi odhalí obsah ze souborového systému nebo sdílených síťových složek počítače, který zpracovává kód XML. Kromě toho to může útočník použít jako vektor útoku DoS. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Toto přetížení metody Add je potenciálně nebezpečné, protože může překládat nebezpečné externí odkazy. + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Nastavením důležitých delegátů ověřování TokenValidationParameter na hodnotu True zakážete důležitou bezpečnostní ochranu, což může vést k nesprávnému ověření tokenů od jakéhokoli vystavitele nebo tokenů s prošlou platností. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} je nastaven na funkci, která vždycky vrací hodnotu True. Nastavením tohoto ověřovacího delegáta přepisujete výchozí ověřování a tím, že se vždy vrátí hodnota True, je toto ověřování zcela zakázáno. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Vždy nepřeskakovat ověření tokenu v delegátech + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - Nezabezpečená deserializace je ohrožení zabezpečení, které nastane, když se nedůvěryhodná data použijí ke zneužití logiky aplikace, vyvolání útoku na dostupnost služby (DoS), nebo dokonce spuštění libovolného kódu při deserializaci. Možnost zneužití funkcí deserializace se pro kyberzločince často vyskytne, když aplikace deserializuje nedůvěryhodná data, která jsou pod jejich kontrolou. Konkrétně se stane to, že při deserializaci vyvoláte nebezpečné metody. Úspěšné útoky na nezabezpečenou deserializaci by mohly útočníkovi umožnit provedení útoků, jako jsou útoky DoS, obcházení ověřování a vzdálené spuštění kódu. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - Při deserializaci instance třídy{{0} může metoda{1} přímo nebo nepřímo volat nebezpečnou metodu {2}. + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Nevolejte nebezpečné metody při deserializaci + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Metody Enumerable.Cast<T> a Enumerable.OfType<T> vyžadují k očekávané funkci kompatibilní typy. -Obecné přetypování (IL unbox.any) používané sekvencí vrácenou metodou Enumerable.Cast<T> vyvolá výjimku InvalidCastException za běhu u prvků zadaných typů. - Ověření obecného typu (operátor is v jazyce C# /isinst převodního jazyka IL) metodou Enumerable.OfType<T> nebude nikdy úspěšné s prvky zadaných typů a výsledkem bude prázdná sekvence. - Rozšíření a uživatelem definované převody se u obecných typů nepodporují. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - Typ {0} není kompatibilní s typem {1} a pokusy o přetypování vyvolají výjimku InvalidCastException za běhu. + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - Výsledkem tohoto volání bude vždy prázdná sekvence, protože typ {0} není kompatibilní s typem {1}. + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Nevolejte metodu Enumerable.Cast<T> nebo Enumerable.OfType<T> s nekompatibilními typy + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - Nevolejte {0} pro hodnotu {1}. + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - Nevolejte ToImmutableCollection pro hodnotu ImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource má konstruktory, které přijímají možnosti TaskCreationOptions určující příslušnou úlohu, a konstruktory, které přijímají stav objektu uložený v úloze. Když se místo TaskCreationOptions omylem předá TaskContinuationOptions, způsobí to, že volání bude možnosti považovat za stav. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Nahraďte TaskContinuationOptions za TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - Argument obsahuje výčet TaskContinuationsOptions místo výčtu TaskCreationOptions. + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - Argument předaný konstruktoru TaskCompletionSource by měl být výčet TaskCreationOptions, nikoli výčet TaskContinuationOptions + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Nevytvářejte úlohy, pokud nepoužíváte jedno z přetížení, která využívají Plánovač úloh. Výchozí chování je nastavení plánu u TaskScheduler.Current, což by vedlo ke vzájemnému zablokování. Buď použijte TaskScheduler.Default pro nastavení plánu u fondu vláken, nebo explicitně předejte TaskScheduler.Current, aby bylo zcela jasné, co máte v úmyslu. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Nevytvářejte úlohy bez předání Plánovače úloh + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Nevytvářejte úlohy bez předání Plánovače úloh + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - Když se do typu odvozeného z MemoryManager<T> přidá finalizační metoda, může to umožnit, aby se paměť uvolnila i přesto, že ji stále používá typ Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - Když se do typu odvozeného z MemoryManager<T> přidá finalizační metoda, může to umožnit, aby se paměť uvolnila i přesto, že ji stále používá typ Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - Pro typy odvozené z MemoryManager<T> nedefinujte finalizační metody + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Nezakazovat ověření certifikátu + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Certifikát může pomoci ověřit identitu serveru. Klienti by měli certifikát serveru ověřovat, aby měli jistotu, že se požadavky odesílají na zamýšlený server. Pokud ServerCertificateValidationCallback vždy vrátí hodnotu true, projde ověřením jakýkoliv certifikát. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - Vlastnost ServerCertificateValidationCallback je nastavená na funkci, která přijímá libovolný certifikát serveru, protože vždy vrací hodnotu true. Dbejte na to, aby se certifikáty serverů ověřovaly a měli jste jistotu o identitě serveru přijímajícího požadavky. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - Použití třídy HttpClient bez poskytnutí obslužné rutiny specifické pro platformu (WinHttpHandler nebo CurlHandler nebo HttpClientHandler), kde je vlastnost CheckCertificateRevocationList nastavena na hodnotu true, umožní přijmout odvolané certifikáty třídou HttpClient jako platné. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - Nezakazovat kontrolu hlaviček HTTP + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - Kontrola hlaviček HTTP umožňuje kódovat znaky návratu na začátek řádku a nového řádku \r a \n, které se nacházejí v hlavičkách odpovědí. Toto kódování může pomoct při prevenci útoků injektáží, které zneužívají aplikaci, která vypisuje nedůvěryhodná data obsažená v hlavičce. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - Nezakazovat kontrolu hlaviček HTTP + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - Nezakazovat ověřování požadavků + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - Ověřování požadavků je funkce v ASP.NET, která kontroluje požadavky HTTP a určuje, jestli neobsahují potenciálně nebezpečný obsah. Tato kontrola přidává ochranu před značkami nebo kódem v řetězci dotazu adresy URL, souborech cookie nebo odeslaných hodnotách formuláře, které se mohly přidat pro škodlivé účely. Proto je obecně žádoucí a pro důkladnou obranu by se měla nechat povolená. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - {0} má zakázané ověřování žádostí. + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Nezakazovat zprostředkovateli SChannel použití silného šifrování + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - Počínaje .NET Framework 4.6 se doporučuje, aby třídy System.Net.ServicePointManager a System.Net.Security.SslStream používaly nové protokoly. Staré protokoly mají slabá místa a nejsou podporovány. Po nastavení Switch.System.Net.DontEnableSchUseStrongCrypto na hodnotu true se použije stará slabá kryptografická kontrola a výslovný nesouhlas s migrací protokolů. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} zakazuje TLS 1.2 a povoluje SSLv3. + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - Kontroly ověřování tokenů zajišťují, že při ověřování tokenů se analyzují a ověřují všechny aspekty. Vypnutí ověřování může vést k mezerám v zabezpečení tím, že umožňuje nedůvěryhodným tokenům projít přes ověření. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters. Hodnota {0} by neměla být nastavena na False, protože to zakáže důležité ověřování. + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Nezakazujte kontroly ověřování tokenů + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Nenastavujte přepínač Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols na hodnotu true. Nastavení tohoto přepínače omezuje architekturu Windows Communication Framework (WCF) na používání protokolu Transport Layer Security (TLS) 1.0, který je nezabezpečený a zastaralý. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - Nezakazujte ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - Nebránit Dictionary.Remove(key) s Dictionary.ContainsKey(key). Předchozí už kontroluje, jestli klíč existuje, a pokud ne, nevyvolá ho. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - Nechránit Dictionary.Remove(key) s Dictionary.ContainsKey(key) + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Nepotřebné volání Dictionary.ContainsKey(key) + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Nepoužívejte pevně zakódovaný certifikát + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Pevně zakódované certifikáty ve zdrojovém kódu jsou zranitelné vůči zneužití. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - Našlo se potenciální ohrožení zabezpečení, kde {0} v metodě {1} je možné poškodit pevně zakódovaným certifikátem z {2} v metodě {3}. + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Nepoužívejte pevně zakódovaný šifrovací klíč + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - Vlastnost .Key objektu SymmetricAlgorithm ani parametr rgbKey metody by nikdy neměly mít pevně zakódované hodnoty. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - Našlo se potenciální ohrožení zabezpečení, kde {0} v metodě {1} je možné poškodit pevně zakódovaným klíčem z {2} v metodě {3}. + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - Standardně je úložiště certifikátů důvěryhodných kořenových certifikačních autorit nakonfigurované na sadu veřejných CA, které splnily požadavky programu Microsoft Root Certificate Program. Vzhledem k tomu, že všechny důvěryhodné kořenové CA můžou vystavovat certifikáty pro libovolnou doménu, útočník si může vybrat slabou nebo zranitelnou CA, kterou si sami nainstalujete na cíl útoku – a jedna ohrožená, škodlivá nebo zranitelná CA ohrožuje zabezpečení celého systému. A co je horší, tyto útoky se dají vcelku snadno skrýt. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Objekt má slabou identitu, když se k němu dá přistoupit přímo přes hranice domény aplikace. Vlákno, které se pokusí získat zámek na objekt se slabou identitou, může být zablokováno jiným vláknem v jiné doméně aplikace, které má zámek na stejný objekt. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Nepoužívejte zámky na objekty se slabou identitou + Do not lock on objects with weak identity Do not lock on objects with weak identity - Nepoužívejte zámky na objekty se slabou identitou + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Metoda předává jako parametr do konstruktoru nebo metody v knihovně tříd .NET Framework řetězcový literál, který by měl být lokalizovatelný. Pokud chcete porušení tohoto pravidla opravit, nahraďte řetězcový literál řetězcem načteným přes instanci třídy ResourceManager. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - Metoda {0} předává řetězcový literál jako parametr {1} volání {2}. Místo toho načtěte následující řetězce z tabulky prostředků: {3} + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Nepředávejte literály jako lokalizované parametry + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Uživatelský kód by nikdy neměl vyvolat výjimku typu, který není dostatečně konkrétní nebo je rezervovaný modulem runtime. V takovém případě je totiž obtížné zjistit a ladit původní chybu. Pokud může dojít k vyvolání této instance výjimky, použijte jiný typ výjimky. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - Výjimka typu {0} je rezervovaná modulem runtime. + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - Výjimka typu {0} není dost konkrétní. + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Nevyvolávejte rezervované typy výjimek + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - Neserializujte typy s poli ukazatelů. + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Ukazatelé nezajišťují bezpečnost typů. To znamená, že není možné zaručit správnost paměti, na kterou ukazují. Proto je serializace typů s poli ukazatelů nebezpečná, může totiž umožnit útočníkovi ovládat ukazatele. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Pole ukazatele {0} v serializovatelném typu + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Nepoužívat sdílený přístupový podpis účtu + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Sdílené přístupové podpisy (SAS) jsou důležitou součástí modelu zabezpečení pro jakoukoli aplikaci, která používá Azure Storage. Měly by poskytovat omezená a bezpečná oprávnění k účtu úložiště klientům, kteří nemají klíč účtu. Všechny operace, které jsou k dispozici prostřednictvím SAS služby, jsou k dispozici také prostřednictvím SAS účtu. SAS účtu je velmi silný nástroj. Při delegování přístupu se doporučuje používat SAS služby s rozvahou. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Pokud chcete využívat jemně odstupňované řízení přístupu a zásady přístupu na úrovni kontejneru, místo SAS účtu použijte SAS služby. + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Nepoužívejte prolomené kryptografické algoritmy + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - Existuje útok, který je výpočetně dostatečně výkonný na to, aby prolomil tento algoritmus. Díky tomu můžou útočníci překonat kryptografické zabezpečení, které má algoritmus poskytovat. Podle typu aplikace a kryptografického algoritmu to může útočníkovi umožnit číst šifrované zprávy, upravovat je, falšovat digitální podpisy, upravovat hodnotu hash obsahu nebo jinak útočit na kryptografický systém založený na tomto algoritmu. Nahraďte místa, kde se používá šifrování, algoritmem AES (přípustné jsou varianty AES-256, AES-192 a AES-128) s délkou klíče alespoň 128 bitů. Nahraďte místa, kde se používá algoritmus hash, hashovací funkcí řady SHA-2, třeba SHA512, SHA384 nebo SHA256. Nahraďte místa, kde se používá digitální podpis, šifrováním RSA s délkou klíče alespoň 2048 bitů nebo algoritmem ECDSA s délkou klíče alespoň 256 bitů. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} používá prolomený kryptografický algoritmus {1}. + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - U neprázdných kolekcí CountAsync() a LongCountAsync() zobrazí výčet celé sekvence, zatímco AnyAsync() se zastaví u první položky nebo u první položky, která splňuje podmínku. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - {0}() se používá tam, kde se dá kvůli zvýšení výkonu použít AnyAsync(). + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - Nepoužívat CountAsync() nebo LongCountAsync(), pokud se dá použít AnyAsync() + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - U neprázdných kolekcí Count() a LongCount() zobrazí výčet celé sekvence, zatímco Any() se zastaví u první položky nebo u první položky, která splňuje podmínku. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - {0}() se používá tam, kde se dá kvůli zvýšení výkonu použít Any(). + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Nepoužívat Count() nebo LongCount(), pokud se dá použít Any() + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - Symetrické šifrování by mělo vždy používat inicializační vektor, který nelze opakovat, aby se zabránilo slovníkovým útokům. - - - - Do Not Use Deprecated Security Protocols - Nepoužívejte zastaralé protokoly zabezpečení. - - - - Using a deprecated security protocol rather than the system default is risky. - Používání zastaralých protokolů zabezpečení místo systémových výchozích protokolů představuje riziko. - - - - Hard-coded use of deprecated security protocol {0} - Pevně zakódované použití zastaralého protokolu zabezpečení {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Nepoužívejte algoritmus DSA (Digital Signature Algorithm) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - Algoritmus DSA je příliš slabý a jeho použití se nedoporučuje. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Algoritmus asymetrického šifrování {0} je slabý. Použijte radši algoritmus RSA s velikostí klíče alespoň 2048, ECDH nebo ECDSA. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Tato kolekce se dá přímo indexovat. Procházení kódu LINQ na tomto místě způsobuje zbytečné alokace a vytížení procesoru. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - Nepoužívejte metody Enumerable nebo indexovatelné kolekce. Použijte místo toho kolekci napřímo. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - Nepoužívejte metody Enumerable nebo indexovatelné kolekce + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Nepoužívat nezabezpečenou náhodnost + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - Použití generátoru kryptograficky slabých pseudonáhodných čísel může útočníkovi umožnit předpovědět, jaká hodnota citlivá z hlediska zabezpečení se vygeneruje. Použijte generátor kryptograficky silných náhodných čísel, pokud se vyžaduje nepředvídatelná hodnota, nebo zajistěte, aby se slabá pseudonáhodná čísla nepoužívala způsobem citlivým z hlediska zabezpečení. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} je nezabezpečený generátor náhodných čísel. Pokud se pro zabezpečení vyžaduje náhodnost, používejte kryptograficky zabezpečené generátory náhodných čísel. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Nepoužívat zastaralou funkci pro odvození klíče + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - Odvození klíče na bázi hesla by mělo používat PBKDF2 s SHA-2. Nepoužívejte PasswordDeriveBytes, protože generuje klíč PBKDF1. Nepoužívejte Rfc2898DeriveBytes.CryptDeriveKey, protože nepoužívá počet iterací nebo řetězec salt. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Volání zastaralé funkce pro odvození klíče {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - Parametry řetězce předané do OutAttribute hodnotou můžou omezit správnou funkci modulu runtime, pokud řetězec bude interní. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - Nepoužívejte OutAttribute pro parametr řetězce {0}, který se předává hodnotou. Pokud je zapotřebí předat upravená data zpět volajícímu, použijte klíčové slovo out, pomocí kterého se řetězec předá odkazem. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - Nepoužívat OutAttribute v parametrech řetězce pro volání nespravovaného kódu + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - Nepředávejte argument s hodnotou {0} metodě Equals u třídy ReferenceEqualityComparer. Z důvodu zabalení hodnoty může toto volání Equals vrátit neočekávaný výsledek. Zvažte použití EqualityComparer nebo předejte argumenty odkazu, pokud chcete použít ReferenceEqualityComparer. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - Argumenty typu hodnoty se jedinečně balí pro každé volání této metody, proto může být výsledek neočekávaný. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - Nepředávejte argument s hodnotou {0} do metody ReferenceEquals. Z důvodu zabalení hodnoty může toto volání ReferenceEquals vrátit neočekávaný výsledek. Zvažte použití Equals nebo předejte argumenty odkazu, pokud chcete použít ReferenceEquals. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - Nepoužívejte ReferenceEquals s typy hodnot + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - Prostor zásobníku přidělený operací stackalloc se uvolní jen na konci volání aktuální metody. Když se použije ve smyčce, může to způsobit neomezený růst zásobníku a nakonec i jeho přetečení. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Možné přetečení zásobníku. Přesuňte stackalloc mimo smyčku. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - Nepoužívat stackalloc ve smyčkách + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Častější pravidelná aktivita bude zatěžovat procesor a ovlivňovat časovače neaktivity, které šetří energii a vypínají displej a pevné disky. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Nepoužívejte časovače, které znemožňují změnit stav napájení + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Nepoužívejte časovače, které znemožňují změnit stav napájení + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Nepoužívat nebezpečnou hodnotu DllImportSearchPath + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - Ve výchozích adresářích pro vyhledávání DLL se může nacházet škodlivá knihovna DLL. Anebo v závislosti na tom, odkud se aplikace spouští, se může škodlivá knihovna DLL nacházet v adresáři aplikace. Použijte hodnotu DllImportSearchPath, která místo toho určuje explicitní vyhledávací cestu. Příznaky DllImportSearchPath, které toto pravidlo hledá, se dají nakonfigurovat v .editorconfig. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Použití nebezpečné hodnoty DllImportSearchPath {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - Použití WaitAll s jednou úlohou může vést ke ztrátě výkonu, čekání nebo vrácení úlohy. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - Nahradit WaitAll s jedním Wait + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - Nepoužívejte WaitAll s jednou úlohou. + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Nepoužívejte slabé kryptografické algoritmy + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Výkonnost kryptografických algoritmů časem klesá, protože útoky se stávají stále sofistikovanější a útočníci získávají přístup k vyššímu výpočetnímu výkonu. Podle typu aplikace a kryptografického algoritmu může další snižování jeho kryptografické síly umožnit útočníkovi číst šifrované zprávy, upravovat je, falšovat digitální podpisy, upravovat hodnotu hash obsahu nebo jinak útočit na kryptografický systém založený na tomto algoritmu. Nahraďte místa, kde se používá šifrování, algoritmem AES (přípustné jsou varianty AES-256, AES-192 a AES-128) s délkou klíče alespoň 128 bitů. Nahraďte místa, kde se používá algoritmus hash, hashovací funkcí řady SHA-2, třeba SHA-2 512, SHA-2 384 nebo SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} používá slabý kryptografický algoritmus {1}. + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Ujistěte se, že algoritmus KDF (key derivation function) je dostatečně silný. + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Některé implementace třídy Rfc2898DeriveBytes umožňují, aby se algoritmus hash zadal v parametru konstruktoru nebo přepsal ve vlastnosti HashAlgorithm. V případě zadání algoritmu hash by se mělo jednat o SHA-256 nebo vyšší. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0} možná používá slabý algoritmus hash. Pokud chcete vytvořit silný klíč z hesla, použijte SHA256, SHA384 nebo SHA512. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Při odvozování kryptografických klíčů z uživatelem zadaných vstupů, jako je například heslo, používejte dostatečný počet iterací (alespoň 100 000). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - Použití whenall s jednou úlohou může vést ke ztrátě výkonu, čekání nebo vrácení úlohy. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Nahradit volání WhenAll argumentem + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - Nepoužívejte WhenAll s jedním úkolem. + Do not use 'WhenAll' with a single task Do Not Use XslTransform - Nepoužívat XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - Nepoužije XslTransform. Neomezí se tím potenciálně nebezpečné externí odkazy. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - Poskytnutí funkčního rozhraní DynamicInterfaceCastableImplementationAttribute s atributem vyžaduje funkci Výchozí členové rozhraní, kterou Visual Basic nepodporuje. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Poskytování rozhraní DynamicInterfaceCastableImplementation se ve Visual Basic nepodporuje. + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Poskytování rozhraní DynamicInterfaceCastableImplementation se ve Visual Basic nepodporuje. + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - Používání funkcí, které vyžadují zařazování modulu runtime, když je zařazování modulu runtime zakázané, bude mít za následek výjimky modulu runtime. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - Typy s „[StructLayout(LayoutKind.Auto)]“ vyžadují, aby bylo povoleno zařazování modulu runtime + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - Parametry By-ref vyžadují, aby bylo povoleno zařazování modulu runtime + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Delegáti se spravovanými typy jako parametry nebo návratovým typem vyžadují povolení zařazování modulu runtime v sestavení, kde je definován delegát. + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - HResult-swapping vyžaduje, aby bylo povoleno zařazování modulu runtime + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - Používání „LCIDConversionAttribute“ vyžadují, aby bylo povoleno zařazování modulu runtime + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Spravovaný parametr nebo typy vratek vyžadují, aby bylo povoleno zařazování modulu runtime + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - Nastavení SetLastError na „true“ vyžaduje, aby bylo povoleno zařazování modulu runtime + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Varadic P/Invoke signatures vyžaduje, aby bylo povoleno zařazování modulu runtime + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - Vlastnost, typ nebo atribut vyžaduje zařazování modulu runtime + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Typ {0} obsahuje typ preview {1} a vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Typ {3}{0} obsahuje typ preview {1} a vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Přepošlete parametr CancellationToken do metod, aby se zajistilo, že se správně rozšíří oznámení o zrušení operací. Nebo můžete předat explicitně CancellationToken.None a označit tak, že se token záměrně nebude šířit. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Přepošlete parametr {0} metodě {1}, nebo předejte explicitně CancellationToken.None a označte tak, že se token záměrně nebude šířit. + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Přeposlat parametr CancellationToken do metod + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Vyhněte se pevnému zakódování hodnoty SecurityProtocolType {0}. Místo toho použijte SecurityProtocolType.SystemDefault, aby mohl operační systém sám zvolit nejlepší protokol TLS (Transport Layer Security), který se má použít. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Vyhněte se pevnému zakódování hodnoty SecurityProtocolType + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Po zjištění ohrožení zabezpečení můžou aktuální verze protokolu TLS (Transport Layer Security) zastarat. Aby aplikace zůstala zabezpečená, nepoužívejte pevně zakódované hodnoty SslProtocols. Pokud chcete, aby operační systém mohl zvolit verzi, použijte možnost None. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Abyste zajistili, že aplikace zůstane v budoucnu zabezpečená, nepoužívejte pevně zakódované hodnoty SslProtocols {0}. Pokud chcete, aby operační systém mohl zvolit verzi, použijte možnost None. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Nepoužívat pevně zakódované hodnoty SslProtocols + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Obecná matematická rozhraní vyžadují, aby se pro parametr typu s vlastním opakováním použil samotný odvozený typ. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - {0} vyžaduje, aby parametr typu {1} byl vyplněn odvozeným typem {2}. + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Použít správný parametr typu + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Pokud chcete porušení tohoto pravidla opravit, nastavte metodu GetObjectData jako viditelnou a přepsatelnou a ujistěte se, že všechna pole instance jsou součástí procesu serializace nebo explicitně označená atributem NonSerializedAttribute. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Přidejte implementaci GetObjectData k typu {0}. + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Učiňte {0}.GetObjectData virtuální a přepisovatelnou. + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Zvýšit přístupnost {0}.GetObjectData tak, že je viditelná pro odvozené typy. + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - Implementujte správně ISerializable + Implement ISerializable correctly Implement inherited interfaces - Implementace zděděných rozhraní + Implement inherited interfaces Implement Serialization constructor - Naimplementovat konstruktor Serialization + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Pokud chcete porušení tohoto pravidla opravit, naimplementujte serializační konstruktor. Pro zapečetěné třídy nastavte konstruktor jako private, jinak jako protected. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Přidejte konstruktor k {0} s následující signaturou: 'protected {0}(SerializationInfo info, StreamingContext context)'. + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Deklarujte serializační konstruktor {0}, zapečetěný typ, jako soukromý. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Deklarujte serializační konstruktor {0}, zapečetěný typ, jako chráněný. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Implementovat serializační konstruktory + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Metoda, která zpracovává událost serializace, nemá správnou signaturu, návratový typ nebo viditelnost. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Protože {0} je označená pomocí OnSerializing, OnSerialized, OnDeserializing nebo OnDeserialized, změňte její signaturu tak, že již není nadále obecná. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Protože {0} je označená pomocí OnSerializing, OnSerialized, OnDeserializing nebo OnDeserialized, změňte její signaturu tak, že vyžaduje jeden parametr typu 'System.Runtime.Serialization.StreamingContext'. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Protože {0} je označená pomocí OnSerializing, OnSerialized, OnDeserializing nebo OnDeserialized, změňte její návratový typ z {1} na void (Sub v jazyce Visual Basic). + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Protože {0} je označená pomocí OnSerializing, OnSerialized, OnDeserializing nebo OnDeserialized, změňte ji ze statické (sdílené v jazyce Visual Basic) na instanční metodu. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Protože {0} je označená pomocí OnSerializing, OnSerialized, OnDeserializing nebo OnDeserialized, změňte její přístupnost na soukromou. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Implementujte správně metody serializace + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {0} je implementuje rozhraní preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}{0} implementuje rozhraní preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {0} je implementuje metodu preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}{0} implementuje metodu preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Typ odkazu deklaruje explicitní statický konstruktor. Pokud chcete napravit porušení tohoto pravidla, inicializujte všechna statická data při jejich deklaraci a odeberte statický konstruktor. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Inicializujte statická pole typu odkazů jako vložená + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Inicializujte všechna statická pole v {0} ve chvíli, kdy se tato pole deklarují, a odeberte explicitní statický konstruktor. + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Typ hodnoty deklaruje explicitní statický konstruktor. Pokud chcete napravit porušení tohoto pravidla, inicializujte všechna statická data při jejich deklaraci a odeberte statický konstruktor. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Inicializujte statická pole typu hodnot jako vložená + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Změňte volání tak, aby se volal konstruktor se dvěma parametry, a jako zprávu předejte null. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - Zavolal se výchozí konstruktor (bez parametrů) typu výjimky, který je třídou ArgumentException nebo je z ní odvozený, nebo se do jeho konstruktoru s parametry předal nesprávný argument řetězce. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Prohodit pořadí argumentů + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - Metoda {0} předává název parametru {1} jako argument {2} konstruktoru {3}. Nahraďte tento argument popisnou zprávou a předejte název parametru na správné pozici. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - Metoda {0} předává {1} jako argument {2} konstruktoru {3}. Nahraďte tento argument jedním z názvů parametrů metody. Poznámka: Poskytnutý název parametru by měl přesně dodržovat velikost písmen tak, jak je deklarovaný v metodě. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Zavolejte konstruktor {0}, který obsahuje zprávu a/nebo parametr paramName. + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Vytvářejte správně instanci výjimek argumentů + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - Typy s atributem DynamicInterfaceCastableImplementationAttribute se chovají jako implementace rozhraní pro typ, který implementuje typ IDynamicInterfaceCastable. V důsledku toho musí poskytovat implementaci všech členů definovaných ve zděděných rozhraních, protože typ, který implementuje IDynamicInterfaceCastable, je jinak neposkytne. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - Pro typ {0} je aplikovaná vlastnost DynamicInterfaceCastableImplementationAttribute, ale neposkytuje implementaci všech členů rozhraní definovaných ve zděděných rozhraních. + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Všichni členové deklarovaní v nadřazených rozhraních musí mít implementaci v rozhraní s atributem DynamicInterfaceCastableImplementation. + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda {0} není bezpečná při deserializaci nedůvěryhodných dat přes JavaScriptSerializer inicializovaný s nástrojem SimpleTypeResolver. Zajistěte, aby byl JavaScriptSerializer inicializovaný bez zadání nástroje JavaScriptTypeResolver nebo aby byl inicializovaný s nástrojem JavaScriptTypeResolver, který omezuje typy objektů v grafu deserializovaných objektů. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Zajistěte, aby se před deserializací neinicializoval JavaScriptSerializer s nástrojem SimpleTypeResolver. + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda {0} není bezpečná při deserializaci nedůvěryhodných dat přes JavaScriptSerializer inicializovaný s nástrojem SimpleTypeResolver. Inicializujte JavaScriptSerializer bez zadání nástroje JavaScriptTypeResolver nebo ho inicializujte s nástrojem JavaScriptTypeResolver, který omezuje typy objektů v grafu deserializovaných objektů. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - Nedeserializovat přes JavaScriptSerializer s použitím nástroje SimpleTypeResolver + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud k deserializaci používáte JsonSerializer, použijte TypeNameHandling.None, nebo pro hodnoty jiné než None omezte deserializované typy pomocí SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Nepoužívat při deserializaci JsonSerializer s nezabezpečenou konfigurací + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud používáte JsonSerializerSettings, použijte TypeNameHandling.None, nebo pro hodnoty jiné než None omezte deserializované typy pomocí SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - Nepoužívat nezabezpečená nastavení JsonSerializerSettings + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud k deserializaci používáte JsonSerializer, použijte TypeNameHandling.None, nebo pro hodnoty jiné než None omezte deserializované typy pomocí SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Zajistit, aby měl JsonSerializer při deserializaci zabezpečenou konfiguraci + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Když se deserializuje nedůvěryhodný vstup, není bezpečné povolit deserializaci libovolných typů. Pokud používáte JsonSerializerSettings, ujistěte se, že je zadaná možnost TypeNameHandling.None, nebo pro hodnoty jiné než None se ujistěte, že se zadala možnost SerializationBinder, aby se omezily deserializované typy. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Ujistěte se, že nastavení JsonSerializerSettings jsou zabezpečená + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializace JSON při použití hodnoty TypeNameHandling jiné než None nemůže být nebezpečné. Pokud místo toho potřebujete zjistit deserializaci Json.NET, když není zadané SerializationBinder, zakažte pravidlo CA2326 a povolte pravidla CA2327, CA2328, CA2329 a CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializace JSON při použití hodnoty TypeNameHandling jiné než None nemůže být nebezpečné. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - Nepoužívat jiné hodnoty TypeNameHandling než None + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Nepoužívat nezabezpečený deserializátor LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - Převést na statickou metodu + Convert to static method Converting an instance method to a static method may produce invalid code - Převod instanční metody na statickou metodu může způsobit neplatný kód. + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Nastavte konstruktor, který přijímá nulové parametry public. + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Pole instance typu, který se nedá serializovat, je deklarované v typu, který se serializovat dá. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - Pole {0} je členem typu {1}, který je serializovatelný, ale je typu {2}, který serializovatelný není. + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Označte všechny neserializovatelná pole + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - Atribut NeutralResourcesLanguage informuje Správce prostředků o jazyce, který byl použit k zobrazení prostředků neutrální jazykové verze sestavení. Tím zlepší výkon vyhledávání prvního načítaného prostředku a může redukovat pracovní sadu. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Označení sestavení atributem NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Označení sestavení atributem NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - Logický datový typ má v nespravovaném kódu více reprezentací. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Přidejte MarshalAsAttribute do parametru {0} metody P/Invoke {1}. Pokud odpovídající nespravovaný parametr je 4bajtová hodnota Win32 BOOL, použijte [MarshalAs(UnmanagedType.Bool)]. Pro 1bajtovou hodnotu C++ bool použijte MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Přidejte MarshalAsAttribute do návratového typu metody P/Invoke {0}. Pokud odpovídající nespravovaný návratový typ je 4bajtová hodnota Win32 BOOL, použijte MarshalAs(UnmanagedType.Bool). Pro 1bajtovou hodnotu C++ bool použijte MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Označení logických argumentů PInvoke pomocí MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Aby modul CLR (Common Language Runtime) mohl typy rozpoznat jako serializovatelné, musí se tyto typy označit atributem SerializableAttribute, a to i v případě, že typ používá vlastní serializační rutinu prostřednictvím implementace rozhraní ISerializable. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Přidejte [Serializable] k {0}, protože tento typ implementuje ISerializable. + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - Označit typy ISerializable jako serializable + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Zkontrolujte, že kontrola seznamu odvolaných certifikátů HttpClient není vypnutá. + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - Třída HttpClient může být vytvořena bez povolení vlastnosti CheckCertificateRevocationList. + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Zajistit, aby se certifikáty nepřidávaly do kořenového úložiště + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - Přidávání certifikátů mezi důvěryhodné kořenové certifikáty operačního systému není bezpečné. Ujistěte se, že cílové úložiště není kořenové. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Použít CreateEncryptor s výchozím inicializačním vektorem + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - V šifrování se používá nevýchozí inicializační vektor, který by se potenciálně mohl dát opakovat. Zajistěte použití výchozího nastavení. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Zajistit používání zabezpečených souborů cookie v ASP.NET Core + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Při nastavování souboru cookie nezapomeňte nastavit CookieOptions.Secure = true. + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Při použití slabé funkce odvození klíče (KDF) zajistěte dostatečný počet iterací. + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Při odvozování kryptografického klíče z hesla zajistěte, aby byl počet iterací alespoň {0}. Ve výchozím nastavení má atribut IterationCount pro Rfc2898DeriveByte hodnotu pouze 1000. + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Vzhledem k tomu, že typ, který implementuje rozhraní IDynamicInterfaceCastable, nesmí implementovat dynamické rozhraní v metadatech, volání člena rozhraní instance, který není explicitní implementací definovanou pro tento typ, pravděpodobně selžou za běhu. Označte nové členy rozhraní static, abyste se vyhnuli chybám modulu runtime. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - Člen {0} v typu {1} by měl být označen jako static, protože {1} používa atribut DynamicInterfaceImplementationAttribute. + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Členy definované v rozhraní s atributem DynamicInterfaceCastableImplementationAttribute by měly mít hodnotu Static. + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {0} vrací typ preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}{0} vrací typ preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {0} používá typ preview {1} a vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3}{0} používá typ preview {1} a vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Tato metoda používá zařazování modulu runtime i tehdy, když je zařazování modulu runtime zakázáno, což může mít za následek neočekávané rozdíly v chování během doby spuštění vzhledem k různým očekáváním nativního rozložení typu. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - {0} používá zařazování modulu runtime i tehdy, když se používá „DisableRuntimeMarshallingAttribute“. Abyste zajistili přesné výsledky, použijte funkce jako „sizeof“ a ukazatele. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Tato metoda používá vyžaduje zařazování modulu runtime i tehdy, když se používá „DisableRuntimeMarshallingAttribute“. + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Chybějící atribut HttpVerb pro metody akce + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Všechny metody, které vytvářejí, upravují, odstraňují nebo jinak modifikují data, tak činí při přetížení metody [HttpPost], což vyžaduje ochranu pomocí atributu proti padělkům v požadavku. Provedení operace GET by mělo představovat bezpečnou operaci, která nemá žádné vedlejší účinky a neupravuje trvalá data. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - Metoda akce {0} musí explicitně určit druh požadavku HTTP. + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Inicializátory modulů jsou určeny pro použití kódem aplikace k zajištění, aby byly komponenty aplikace inicializovány před tím, než se začne kód aplikace spouštět. Pokud kód knihovny deklaruje metodu s ModuleInitializerAttribute, může narušovat inicializaci aplikace a také vést k omezením schopností oříznutí dané aplikace. Knihovna by proto neměla používat metody s označením ModuleInitializerAttribute, ale namísto toho by měla zpřístupnit metody, které lze použít k inicializaci všech komponent v rámci knihovny a umožnit aplikaci vyvolat metodu během inicializace aplikace. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - Atribut ModuleInitializer je určen pouze pro použití ve scénářích kódu aplikace nebo pokročilého generátoru zdrojů. + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - Atribut ModuleInitializer by se v knihovnách neměl používat. + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Když se deserializují nedůvěryhodná data bez SerializationBinderu, který omezí typ objektu v grafu deserializovaných objektů, není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Před deserializací se ujistěte, že je nastavený NetDataContractSerializer.Binder + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Když se deserializují nedůvěryhodná data bez SerializationBinderu, který omezí typ objektu v grafu deserializovaných objektů, není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - Nedeserializovat dříve, než se nastaví NetDataContractSerializer.Binder + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. Pokud místo toho potřebujete zjišťovat deserializaci NetDataContractSerializeru bez nastaveného SerializationBinderu, zakažte pravidlo CA2310 a povolte pravidla CA2311 a CA2312. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Nepoužívat nezabezpečený deserializátor NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Řetězce by se měly normalizovat na velká písmena. Pro určitou malou skupinu znaků nejde po převodu na malá písmena provést dvojí převod. Dvojí převod znamená, že se znaky převedou z jednoho národního prostředí do jiného, které reprezentuje data znaků jinak, a pak se z těchto převedených znaků správně získají zpět původní znaky. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - V metodě {0} nahraďte volání {1} voláním {2}. + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Normalizujte řetězce na velká písmena + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - Při deserializaci nedůvěryhodných dat není metoda {0} bezpečná. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Nepoužívat nezabezpečený deserializátor ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {0} přepíše metodu preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}{0} přepíše metodu preview {1} a proto vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Veřejná nebo chráněná metoda ve veřejném typu má atribut System.Runtime.InteropServices.DllImportAttribute (také implementovaný klíčovým slovem Declare ve Visual Basicu). Tyto metody by neměly být vystaveny. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - Metoda P/Invoke {0} by neměla být viditelná + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - Metody P/Invoke nemají být viditelné + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - a všechny ostatní platformy + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - Všechny verze {0} + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - Když se pro komponentu použije závislé rozhraní API, kód už nebude fungovat na všech platformách. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - {0} od verze {1} do {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Toto místo volání je k dispozici na všech platformách. {0} je zastaralé na {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Toto místo volání je k dispozici na {2}. {0} je zastaralé na {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Toto místo volání je k dispozici na všech platformách. {0} se podporuje jen na {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Toto místo volání je k dispozici na {2}. {0} se podporuje jen na {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - Toto místo volání není k dispozici na {2}. {0} se podporuje jen na {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Toto místo volání je k dispozici na všech platformách. {0} se podporuje na {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Toto místo volání je k dispozici na {2}. {0} se podporuje na {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Ověřit kompatibilitu platformy + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Toto místo volání je k dispozici na všech platformách. {0} se nepodporuje na {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Toto místo volání je k dispozici na {2}. {0} se nepodporuje na {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - {0} {1} a starších + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - {0} {1} a novějších + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Zkontrolujte kód, který zpracovává nedůvěryhodná deserializovaná data pro zpracování neočekávaných cyklů odkazů. Neočekávaný cyklus odkazů by neměl způsobit, aby se kód zasekl do nekonečné smyčky. V opačném případě může neočekávaný cyklus odkazů při deserializaci nedůvěryhodných dat umožnit útočníkovi útok typu odepření služby (DOS) nebo vyčerpání paměti procesu. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} se účastní potenciálního cyklu odkazů. + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Potenciální cyklus odkazů v deserializovaném grafu objektů + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - Nahradit Substring hodnotou AsSpan. + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - AsSpan je efektivnější než Substring. Substring provádí kopírování řetězce O(n), zatímco AsSpan ho neprovádí a má konstantní náklady. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Pokud jsou k dispozici přetížení založená na rozsahu, upřednostňujte AsSpan před Substring. + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - Preferovat AsSpan místo Substring + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - K ověření použijte metodu Count místo Any() + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Upřednostňujte porovnání vlastnosti Count s 0 místo použití metody Any(), a to jak pro přehlednost, tak pro výkon. + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - Použít ContainsKey + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - ContainsKey je obvykle O(1), zatímco Keys.Contains může být v některých případech V(n). Kromě toho mnoho slovníkových implementací laxně inicializuje kolekci Keys, aby se omezilo přidělení. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Pro typ slovníku{0} preferovat ContainsKey před Keys.Contains + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Preferovat metody Dictionary.Contains + Prefer Dictionary.Contains methods Use 'ContainsValue' - Použít ContainsValue + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Mnoho slovníkových implementací laxně inicializuje kolekci Values. Pokud nechcete, aby nedocházelo k zbytečnému přidělení, upřednostňujte ContainsValue před Values.Contains. + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Pro typ slovníku{0} preferovat ContainsValue před Values.Contains + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Nahraďte metodou HashData. + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - Při vytváření a správě instance HashAlgorithm k volání ComputeHash je efektivnější používat statickou metodu HashData. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Preferovat statickou metodu {0}.HashData před ComputeHash + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Preferovat statickou metodu .HashData před ComputeHash + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - K ověření použijte metodu IsEmpty místo Any() + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Upřednostňujte k ověření metodu IsEmpty místo použití metody Any(), a to jak pro přehlednost, tak pro výkon. + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Upřednostňujte použití vlastnosti IsEmpty, Count nebo Length podle toho, která je k dispozici, namísto volání metody Enumerable.Any(). Záměr je jasnější a je výkonnější než použití rozšiřující metody Enumerable.Any(). + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Nepoužívejte rozšiřující metodu Enumerable.Any(). + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - K ověření použijte metodu Length místo Any() + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Upřednostňujte porovnání vlastnosti Length s 0 místo použití metody Any(), a to jak pro přehlednost, tak pro výkon. + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - Stream má přetížení ReadAsync, které jako první argument přijímá Memory<Byte>, a přetížení WriteAsync, které jako první argument přijímá ReadOnlyMemory<Byte>. Upřednostňujte volání přetížení založených na paměti, která jsou efektivnější. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Pokud chcete určit, jestli objekt obsahuje nějaké položky, nebo ne, namísto načtení počtu položek z vlastnosti Count a porovnání s hodnotami 0 nebo 1 používejte raději vlastnost IsEmpty. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Při zjišťování, jestli je objekt prázdný, používejte spíše než Count vlastnost IsEmpty. - - - - Prefer IsEmpty over Count - Upřednostňovat IsEmpty před Count + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Změňte volání metody {0} tak, aby se použilo přetížení {1}. + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Pro ReadAsync a WriteAsync upřednostňovat přetížení založená na Memory + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Nahraďte řetězcem string.Contains + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Volání metody string.IndexOf, kde se pomocí výsledku kontroluje přítomnost nebo nepřítomnost podřetězce, se dá nahradit metodou string.Contains. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Pro lepší čitelnost použijte místo string.IndexOf metodu string.Contains. + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Zvážit možnost místo string.IndexOf použít string.Contains + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append a StringBuilder.Insert nabízejí přetížení kromě System.String i několika dalším typům. Kdykoli je to možné, upřednostňujte před metodou ToString() přetížení silného typu a přetížení založené na řetězcích. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Odeberte volání ToString, aby se používalo přetížení StringBuilder silného typu. + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - Odeberte volání ToString. + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Upřednostňovat pro StringBuilder přetížení metod Append a Insert silného typu - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - Když je string jen jeden znak, je StringBuilder.Append(char) efektivnější než StringBuilder.Append(string). Při volání Append s konstantou dávejte přednost možnosti použít konstantní typ char namísto konstantního typu string, který bude obsahovat jen jeden znak. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Když je vstup konstantní jednotkový řetězec, použijte místo StringBuilder.Append(string) metodu StringBuilder.Append(char). - - - - Consider using 'StringBuilder.Append(char)' when applicable - Zvažte možnost použít metodu StringBuilder.Append(char) tam, kde je to možné + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - Počínaje rozhraním .NET 7 se explicitní převod {0} při přetečení v nezaškrtnutém kontextu nevyvolá. Pokud chcete obnovit chování rozhraní .NET 6, zabalte výraz příkazem checked. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Počínaje rozhraním .NET 7 se explicitní převod {0} vyvolá při přetečení v zaškrtnutém kontextu. Pokud chcete obnovit chování rozhraní .NET 6, zabalte výraz příkazem unchecked. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Některé předdefinované operátory přidané v rozhraní .NET 7 se při přetečení chovají jinak než odpovídající uživatelem definované operátory v rozhraní .NET 6 a starších verzích. Některé operátory, které dříve vyvolaly nezkontrolovaný kontext, teď nevyvolají výjimku, pokud nejsou zabalené ve zkontrolovaném kontextu. Kromě toho některé operátory, které dříve nevyvolaly zkontrolovaný kontext, teď vyvolávají výjimku, pokud nejsou zabalené v nezkontrolovaném kontextu. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Počínaje rozhraním .NET 7 se při přetečení v zaškrtnutém kontextu vyvolá operátor{0}. Pokud chcete obnovit chování rozhraní .NET 6, zabalte výraz příkazem unchecked. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Prevence změny chování + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - Metoda Enum.HasFlag očekává, že argument enum bude mít stejný typ enum jako instance, ve které se metoda zavolala, a že tento výčet enum bude označený jako System.FlagsAttribute. Pokud existuje více různých typů enum, vyvolá se za běhu neošetřená výjimka. Pokud se typ enum neoznačí jako System.FlagsAttribute, volání vždy vrátí false. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - Typ argumentu {0} musí být stejný jako typ výčtu {1}. + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Poskytněte prosím do Enum.HasFlag správný argument enum + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - Argument formátu, který se předává do System.String.Format, neobsahuje položku formátování, která odpovídá jednotlivým argumentům objektů, nebo naopak. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Poskytněte metodám formátování správné argumenty + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Poskytněte metodám formátování správné argumenty + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Typ má pole, které je označené atributem System.Runtime.Serialization.OptionalFieldAttribute, ale tento typ neposkytuje metody pro zpracování události deserializace. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Přidejte metodu 'private void OnDeserialized(StreamingContext)' k typu {0} a označte ji pomocí System.Runtime.Serialization.OnDeserializedAttribute. + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Přidejte metodu 'private void OnDeserializing(StreamingContext)' k typu {0} a označte ji pomocí System.Runtime.Serialization.OnDeserializingAttribute. + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Poskytujte metody deserializace pro volitelné pole + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - Poskytnutí konstruktoru bez parametrů, který je viditelný jako nadřazený typ pro typ odvozený od System.Runtime.InteropServices.SafeHandle, umožňuje lepší výkon a využití s řešeními spolupráce generovanými zdroji. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Zadejte konstruktor bez parametrů, kkterý je viditelný jako nadřazený typ pro typ {0}, který je odvozen od třídy System.Runtime.InteropServices.SafeHandle. + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Zadejte konstruktor bez parametrů, který je viditelný jako nadřazený typ pro konkrétní typy odvozené od třídy System.Runtime.InteropServices.SafeHandle. + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Pokud chcete zvýšit výkon, přepište asynchronní metody založené na paměti při vytvoření podtříd Stream. Potom implementujte metody založené na poli z hlediska metod založených na paměti. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - {0} přepisuje {1} založené na poli ale nepřepisuje{2} na základě paměti. Pokud chcete zlepšit výkon, zvažte možnost přepsání {2} na základě paměti. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Poskytněte přepisování asynchronních metod na základě paměti při podtřídování Stream. + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Odebrat redundantní volání + Remove redundant call Remove unnecessary call - Odebrat nepotřebné volání + Remove unnecessary call Replace string literal with char literal - Nahradit řetězcový literál s literálem char + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží knihovny DLL, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Zkontrolovat ohrožení zabezpečení injektáží knihovny DLL v kódu + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží cesty k souboru, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Zkontrolovat ohrožení zabezpečení injektáží cesty k souboru v kódu + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení zpřístupněním informací, kde {0} v metodě {1} může neúmyslně obsahovat informace z {2} v metodě {3}. + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Zkontrolovat ohrožení zabezpečení zpřístupněním informací + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží protokolu LDAP, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Zkontrolovat ohrožení zabezpečení injektáží protokolu LDAP v kódu + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení otevřeným přesměrováním, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Zkontrolovat ohrožení zabezpečení otevřeným přesměrováním + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží příkazu procesu, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Zkontrolovat ohrožení zabezpečení injektáží příkazu procesu v kódu + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží regulárního výrazu, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Zkontrolovat ohrožení zabezpečení injektáží regulárního výrazu v kódu + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží SQL, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Zkontrolujte ohrožení zabezpečení injektáží SQL v kódu + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží XAML, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Zkontrolujte ohrožení zabezpečení injektáží XAML v kódu + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží XML, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Zkontrolujte ohrožení zabezpečení injektáží XML v kódu - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení injektáží XPath, kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. - - - - Review code for XPath injection vulnerabilities - Zkontrolujte ohrožení zabezpečení injektáží XPath v kódu + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Našlo se potenciální ohrožení zabezpečení skriptováním mezi weby (XSS), kde {0} v metodě {1} je možné poškodit uživatelem řízenými daty z {2} v metodě {3}. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Zkontrolujte ohrožení zabezpečení proti XSS v kódu + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - Dotazy SQL, které přímo používají uživatelský vstup, můžou být ohrožené útoky injektáží SQL. Zkontrolujte možná ohrožení zabezpečení tohoto dotazu SQL a zvažte možnost použít parametrizovaný dotaz SQL. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Zkontrolujte, jestli řetězec dotazu, který se předává do {0} v {1}, přijímá uživatelský vstup. + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - Zkontrolujte dotazy SQL pro chyby zabezpečení + Review SQL queries for security vulnerabilities Seal class - Třída zapečetění + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Pokud typ není přístupný mimo své sestavení a nemá v rámci svého obsaženého sestavení žádné podtypy, lze jej bezpečně zapečetit. Typy zapečetění můžou zlepšit výkon. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - Typ {0} lze zapečetit, protože ve svém obsaženém sestavení nemá žádné podtypy a není externě viditelný. + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Zapečetění interních typů + Seal internal types Set HttpOnly to true for HttpCookie - Nastavit HttpOnly na hodnotu true pro HttpCookie + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - Jako opatření důkladné ochrany zajistěte, aby soubory cookie protokolu HTTP, které jsou citlivé na zabezpečení, byly označeny jako HttpOnly. Tím se indikuje, že webové prohlížeče by neměly povolovat přístup skriptů k těmto souborům cookie. Vložené škodlivé skripty představují běžný způsob krádeže souborů cookie. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - Při použití HttpCookie je HttpCookie.HttpOnly nastaveno na hodnotu false nebo není vůbec nastaveno. Zajistěte, aby soubory cookie, které jsou citlivé na zabezpečení, byly označeny jako HttpOnly. Zabráníte tak v krádeži těchto souborů cookie škodlivými skripty. + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Pro třídy odvozené z Page nastavte ViewStateUserKey. + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - Nastavení vlastnosti ViewStateUserKey může pomoct zabránit útokům na aplikaci tak, že vám umožní přiřadit identifikátor k proměnné stavu zobrazení pro jednotlivé uživatele. Díky tomu nebude možné proměnnou použít k útoku. Jinak bude zabezpečení aplikace ohrožené útokem CSRF. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - Třída {0}, která je odvozená ze System.Web.UI.Page, nenastavuje vlastnost ViewStateUserKey v metodě OnInit nebo Page_Init. + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Zadejte jazykovou verzi, která vám pomůže vyhnout se neúmyslné implicitní závislosti na aktuální jazykové verzi. Použití neutrální verze zajišťuje konzistentní výsledky bez ohledu na jazykovou verzi aplikace. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Zadejte jazykovou verzi nebo použijte neutrální verzi, abyste se vyhnuli implicitní závislosti na aktuální jazykové verzi. + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Zadejte jazykovou verzi nebo použijte neutrální verzi. + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Metoda nebo konstruktor volá člen, který je přetížením přijímajícím parametr System.Globalization.CultureInfo, ale metoda nebo konstruktor nevolá přetížení, které přijímá parametr CultureInfo. Když se nezadá CultureInfo ani objekt System.IFormatProvider, výchozí hodnota, kterou poskytuje přetížený člen, nemusí mít ve všech národních prostředích požadovaný účinek. Pokud se výsledek zobrazí uživateli, zadejte jako parametr CultureInfo hodnotu CultureInfo.CurrentCulture. V opačném případě, pokud software výsledek uloží a přistupuje k němu, třeba při jeho trvalém uložení na disk nebo do databáze, zadejte CultureInfo.InvariantCulture. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Chování {0} se může lišit podle aktuálních nastavení národního prostředí uživatele. Nahraďte toto volání v {1} voláním {2}. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - Zadejte CultureInfo + Specify CultureInfo Specify current culture - Zadejte aktuální jazykovou verzi. + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Metoda nebo konstruktor volá nejméně jeden člen, který má přetížení přijímající parametr System.IFormatProvider, ale metoda nebo konstruktor nevolá přetížení, které přijímá parametr IFormatProvider. Když se nezadá System.Globalization.CultureInfo ani objekt IFormatProvider, výchozí hodnota, kterou poskytuje přetížený člen, nemusí mít ve všech národních prostředích požadovaný účinek. Pokud se výsledek zakládá na vstupu od uživatele nebo na výstupu, který se mu zobrazí, zadejte jako parametr IFormatProvider hodnotu CultureInfo.CurrentCulture. V opačném případě, pokud software výsledek uloží a přistupuje k němu, třeba při jeho trvalém uložení na disk nebo do databáze nebo při jeho načtení z nich, zadejte CultureInfo.InvariantCulture. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Chování {0} se může lišit podle aktuálních nastavení národního prostředí uživatele. Nahraďte toto volání v {1} voláním {2}. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Chování {0} se může lišit podle aktuálních nastavení národního prostředí uživatele. Nahraďte toto volání v {1} voláním {2}. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - Chování {0} se může lišit v závislosti na místní nastavení aktuálního uživatele. Zadejte hodnotu argumentu IFormatProvider. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - {0} předává {1} jako parametr IFormatProvider do {2}. Tato vlastnost vrací jazykovou verzi, která není vhodná pro metody formátování. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - {0} předává {1} jako parametr IFormatProvider do {2}. Tato vlastnost vrací jazykovou verzi, která není vhodná pro metody formátování. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - Zadejte IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Člen invoke platformy povoluje částečně důvěryhodné volající, má parametr řetězce a daný řetězec explicitně nezařazuje. To může potenciálně způsobit ohrožení zabezpečení. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Zadání zařazení pro argumenty řetězce P/Invoke + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Operace porovnání řetězců používá přetížení metody, které nenastavuje parametr StringComparison. Doporučuje se použít přetížení s parametrem StringComparison, aby nebyly pochyby o záměru. Pokud se výsledek zobrazí uživateli, třeba při řazení seznamu položek před zobrazením v seznamu, zadejte jako parametr StringComparison StringComparison.CurrentCulture nebo StringComparison.CurrentCultureIgnoreCase. Pokud porovnáváte identifikátory, které nerozlišují velikost písmen, třeba cesty k souborům, proměnné prostředí nebo klíče a hodnoty registru, zadejte StringComparison.OrdinalIgnoreCase. Jinak pokud porovnáváte identifikátory s rozlišováním velikosti písmen, zadejte StringComparison.Ordinal. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - {0} má přetížení metody, které přijímá parametr StringComparison. Nahraďte toto volání v {1} voláním metody {2}, aby nebyly pochyby o záměru. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Zadejte StringComparison, aby nebyly pochyby + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Operace porovnání řetězců používá přetížení metody, které nenastavuje parametr StringComparison, proto se její chování může lišit podle aktuálního nastavení národního prostředí uživatele. Důrazně se doporučuje použít přetížení s parametrem StringComparison, aby byla zaručena správnost a nebyly pochyby o záměru. Pokud se výsledek zobrazí uživateli, třeba při řazení seznamu položek před zobrazením v seznamu, zadejte jako parametr StringComparison StringComparison.CurrentCulture nebo StringComparison.CurrentCultureIgnoreCase. Pokud porovnáváte identifikátory, které nerozlišují velikost písmen, třeba cesty k souborům, proměnné prostředí nebo klíče a hodnoty registru, zadejte StringComparison.OrdinalIgnoreCase. Jinak pokud porovnáváte identifikátory s rozlišováním velikosti písmen, zadejte StringComparison.Ordinal. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Chování {0} se může lišit podle aktuálních nastavení národního prostředí uživatele. Nahraďte toto volání v {1} voláním {2}. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Zadejte StringComparison pro správnost + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - Použití modifikátorů static i abstract vyžaduje vyjádření výslovného souhlasu s funkcemi ve verzi Preview. Další informace najdete v https://aka.ms/dotnet-warnings/preview-features. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - Porovnávání řetězců pomocí vlastnosti String.Length nebo metody String.IsNullOrEmpty je výrazně rychlejší než pomocí Equals. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Ke kontrole, jestli jsou řetězce prázdné, použijte namísto kontroly rovnosti vlastnost string.Length nebo metodu string.IsNullOrEmpty. + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Prázdné řetězce testujte pomocí jejich délky + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Tento výraz otestuje, jestli hodnota není Single.Nan nebo Double.Nan. Otestujte hodnotu pomocí Single.IsNan(Single) nebo Double.IsNan(Double). + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Testujte správně hodnotu NaN + Test for NaN correctly Test for NaN correctly - Testujte správně hodnotu NaN + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - Pole ThreadStatic by se měla inicializovat laxně při použití, ne s vloženou inicializací ani explicitně ve statickém konstruktoru, což by inicializovalo pole jenom ve vlákně, které spouští statický konstruktor typu. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - Pole ThreadStatic by neměla používat vloženou inicializaci. + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Nesprávná inicializace pole ThreadStatic + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - ThreadStatic má vliv jenom na statická pole. Když se pole instance použijí, nemá to žádný vliv na chování. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Ujistěte se, že ThreadStatic se používá jenom se statickými poli. + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - ThreadStatic má vliv jenom na statická pole. + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - Použití pomocné rutiny vyvolání ArgumentException + Use ArgumentException throw helper Use ArgumentNullException throw helper - Použití pomocné rutiny vyvolání ArgumentNullException + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - Použití pomocné rutiny vyvolání ArgumentOutOfRangeException + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Použijte Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - Indexer hodnot pole založený na rozsahu vytváří kopii požadované části pole. Když se implicitně používá jako hodnota Span nebo Memory, je tato kopie často nežádoucí. Pokud se jí chcete vyhnout, použijte metodu AsSpan. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - V {2} místo indexeru založeného na {1} použijte {0}, nebudou se tak vytvářet nepotřebné kopie dat. + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Použít {0} namísto indexerů založených na rozsahu na řetězci + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Použít {0} namísto indexerů založených na rozsahu na poli + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Tam, kde je to možné, používat místo indexerů založených na rozsahu metody AsSpan nebo AsMemory + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Indexer hodnot řetězců založený na rozsahu vytváří kopii požadované části řetězce. Když se implicitně používá jako hodnota ReadOnlySpan nebo ReadOnlyMemory, je tato kopie obvykle zbytečná. Pokud se jí chcete vyhnout, použijte metodu AsSpan. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Indexer hodnot pole založený na rozsahu vytváří kopii požadované části pole. Když se implicitně používá jako hodnota ReadOnlySpan nebo ReadOnlyMemory, je tato kopie obvykle zbytečná. Pokud se jí chcete vyhnout, použijte metodu AsSpan. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Když se nacházíte v metodě vracející Task, použijte asynchronní verzi metod (pokud existují). + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - {0} provádí synchronní blokování. Místo toho použít Await {1}. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - {0} provádí synchronní blokování. Místo toho použijte await. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Volání asynchronních metod v asynchronní metodě + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Používat tokeny proti padělkům v kontrolerech MVC ASP.NET Core + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Zpracování požadavku POST, PUT, PATCH nebo DELETE bez ověřování tokenu proti padělkům může představovat ohrožení zabezpečení vůči útokům CSRF. Útok CSRF může odesílat na váš kontroler MVC ASP.NET Core škodlivé požadavky od ověřeného uživatele. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Metoda {0} zpracovává požadavek {1} bez ověřování tokenu proti padělkům. Je potřeba také zajistit, aby váš formulář HTML odesílal tokeny proti padělkům. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Nahradit výrazem CancellationToken.ThrowIfCancellationRequested + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - ThrowIfCancellationRequested automaticky kontroluje, jestli se token zrušil, a pokud ano, vyvolá výjimku OperationCanceledException. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Místo kontroly IsCancellationRequested a vyvolání operationCanceledException použijte ThrowIfCancellationRequested. + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - Použijte ThrowIfCancellationRequested + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - Použití konkrétních typů zabraňuje režii virtuálního volání nebo volání rozhraní a umožňuje vkládání. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Pokud chcete zlepšit výkon, změňte typ pole {0} z {1} na {2}. + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Pokud chcete zlepšit výkon, změňte typ proměnné {0} z {1} na {2}. + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Pokud chcete zlepšit výkon, změňte návratový typ metody {0} z {1} na {2}. + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Pokud chcete zlepšit výkon, změňte typ parametru {0} z {1} na {2}. + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Pro zlepšení výkonu změňte typ vlastnosti {0} z {1} na {2}. + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Pokud je to možné, používejte konkrétní typy pro zvýšení výkonu. + Use concrete types when possible for improved performance Use Container Level Access Policy - Použít zásady přístupu na úrovni kontejneru + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Není zadaný žádný identifikátor zásad přístupu, a tokeny jsou proto neodvolatelné. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Pokud je to možné, zvažte použití řízení přístupu Azure na základě role namísto sdíleného přístupového podpisu (SAS). Pokud i přesto potřebujete používat sdílený přístupový podpis, použijte při jeho vytváření zásady přístupu na úrovni kontejneru. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - Používat při voláních nespravovaného kódu atribut DefaultDllImportSearchPaths + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - Ve výchozím nastavení se při voláních nespravovaného kódu s atributem DllImportAttribute prohledává několik adresářů včetně aktuálního pracovního adresáře pro načtení knihovny. U určitých aplikací to představuje problém zabezpečení, který může vést k napadení DLL. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - Metoda {0} nepoužila při voláních nespravovaného kódu atribut DefaultDllImportSearchPaths. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Použít ekvivalentní kód, který funguje při zakázání zařazování + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - Environment.CurrentManagedThreadId je jednodušší a rychlejší než Thread.CurrentThread.ManagedThreadId. + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - Použít Environment.CurrentManagedThreadId + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Místo Thread.CurrentThread.ManagedThreadId použít Environment.CurrentManagedThreadId. + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - Použít Environment.CurrentManagedThreadId + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - Environment.ProcessId je jednodušší a rychlejší než Process.GetCurrentProcess().Id. + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - Použijte Environment.ProcessId. + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Namísto Process.GetCurrentProcess().Id použijte Environment.ProcessId. + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - Použít Environment.ProcessId + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - Environment.ProcessPath je jednodušší a rychlejší než Process.GetCurrentProcess(). MainModule.FileName. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Použít Environment.ProcessPath + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Místo Process.GetCurrentProcess() použít Environment.ProcessPath. MainModule.FileName' + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Použít Environment.ProcessPath + Use 'Environment.ProcessPath' Use indexer - Použít indexer + Use indexer Use an invariant version - Použít neutrální verzi + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Metoda invoke operačního systému je definována a metoda, která má ekvivalentní funkci, se nachází v knihovně tříd .NET Framework. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Použití spravovaných ekvivalentů rozhraní Win32 API + Use managed equivalents of win32 api Use managed equivalents of win32 api - Použití spravovaných ekvivalentů rozhraní Win32 API + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - Použití pomocné rutiny vyvolání ObjectDisposedException + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Operace porovnání řetězců, která není jazyková, nenastavuje parametr StringComparison na hodnotu Ordinal nebo OrdinalIgnoreCase. Explicitním nastavením parametru na hodnotu StringComparison.Ordinal nebo StringComparison.OrdinalIgnoreCase se kód často urychlí a bývá správnější a spolehlivější. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Použít porovnání ordinálních řetězců + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() může vytvořit výčet sekvence, zatímco vlastnost Length/Count stanoví přímý přístup. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Použijte vlastnost {0} namísto Enumerable.Count(). + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Pokud je k dispozici, použijte vlastnost Length/Count namísto Count() + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Použijte algoritmus RSA (Rivest-Shamir-Adleman) s dostatečnou velikostí klíče + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Šifrovací algoritmy jsou zranitelné vůči útokům hrubou silou, pokud se použije příliš malá velikost klíče. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Velikost klíče algoritmu asymetrického šifrování {0} je menší než 2048. Použijte radši algoritmus RSA s velikostí klíče alespoň 2048, ECDH nebo ECDSA. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Aplikace, které jsou k dispozici přes HTTPS, musí používat zabezpečené soubory cookie. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - Použít SharedAccessProtocol HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - Protokol HTTPS šifruje síťový provoz. Pokud chcete zajistit, aby byl síťový přenos vždy zašifrovaný, aby se zabránilo odhalení citlivých dat, použijte HttpsOnly, ne HttpOrHttps. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Pokud je to možné, zvažte použití řízení přístupu Azure na základě role namísto sdíleného přístupového podpisu (SAS). Pokud i přesto potřebujete používat sdílený přístupový podpis, zadejte SharedAccessProtocol.HttpsOnly. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Použít Clear() + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - Použití možnosti Vymazat místo možnosti Vyplnit výchozí hodnotou je efektivnější. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - Preferovat Span<T>.Clear() místo Span<T>.Fill(default) + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - Preferovat možnost Vymazat před možností Fill + Prefer 'Clear' over 'Fill' Use 'StartsWith' - Použít StartsWith + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - Oproti porovnání výsledku IndexOf s hodnotou nula je použití startsWith srozumitelnější a rychlejší. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Místo porovnání výsledku IndexOf s hodnotou 0 použijte StartsWith. + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - Namísto IndexOf použijte StartsWith + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - Použít string.Equals + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - Použití string.Equals je jasnější a pravděpodobně rychlejší namísto porovnávání výsledku string.Compare s nulou. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Použít string.Equals místo porovnání výsledku string.Compare s 0 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - Použít string.Equals - - - - Use 'AsSpan' with 'string.Concat' - Použít AsSpan se string.Concat - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - Je efektivnější místo Subsrting a operátoru zřetězení používat AsSpan a String.Concat. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Použijte výraz založený na rozsahu string.Concat a AsSpan místo Substring - - - - Use span-based 'string.Concat' - Použít řetězec založený na rozsahu string.Concat - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - string.Contains(char) je k dispozici jako výkonnější přetížení pro vyhledávání s jedním znakem. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Při hledání jednoho znaku použijte string.Contains(char) místo string.Contains(řetězec) - - - - Use char literal for a single character lookup - Použít znakový literál pro vyhledávání s jedním znakem + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Pomocné rutiny vyvolání jsou jednodušší a efektivnější než blok if vytvářející novou instanci výjimky. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - Použít {0}.{1} + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Místo explicitního vyvolání nové instance výjimky použijte {0}.{1}. + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - Analyzátor kompatibility platformy vyžaduje platný název a verzi platformy. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - Verze {0} není pro platformu {1} platná. Pro tuto platformu použijte verzi se 2 {2} částmi. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - Verze {0} není platná pro platformu {1}. Nepoužívejte verze pro tuto platformu. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Použít platný řetězec platformy + Use valid platform string The platform '{0}' is not a known platform name - Platforma {0} není známý název platformy. + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - Hodnoty ValueTask vrácené z vyvolání členů jsou určené k tomu, aby byly přímo očekávané. Pokusy o vícenásobné využití ValueTask nebo o přímý přístup k výsledku úkolu před tím, než je známo, že je dokončený, můžou způsobit výjimku nebo poškození. Ignorování takové hodnoty ValueTask je pravděpodobně indikací funkční chyby a může snížit výkon. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - S výsledky instancí ValueTask by se nemělo pracovat přímo, pokud instance ještě nebyla dokončena. Na rozdíl od hodnoty Tasks není u volání metody Result nebo GetAwaiter().GetResult() u hodnoty ValueTask zaručeno zablokování, dokud se operace nedokončí. Pokud jednoduše nemůžete očekávat instanci, zvažte, jestli nejprve nezkontrolujete její vlastnost IsCompleted (nebo se nepřesvědčíte, že je to pravda, pokud víte, že jde o tento případ). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - Instance ValueTask by se měly využít jenom jednou, například přes očekávání. Vícenásobné využití stejné instance ValueTask může způsobit výjimky nebo poškození dat. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Instance ValueTask vrácené z volání metod by měly být přímo očekávány, vráceny nebo předány jako argument jinému volání metody. Další použití, například uložení instance do místního úložiště nebo pole, pravděpodobně znamená chybu, protože instance ValueTask musí být vždy využity jenom jednou. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Instance ValueTask vrácené z volání metod by měly být vždy využity, obvykle pomocí očekávání. Pokud k tomu nedochází, často to představuje funkční chybu, ale i v případě, že ne, může to způsobit snížení výkonu, pokud cílová metoda vytváří fondy objektů pro použití s hodnotami ValueTask. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - Správně použít hodnot ValueTask + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Zpracování kódu XML z nedůvěryhodných dat může načíst nebezpečné externí odkazy, což by se mělo omezit tím, že se použije XmlReader se zabezpečeným překladačem nebo se zakázaným zpracováním DTD. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - Použít XmlReader pro DataSet.ReadXml() + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - Použít XmlReader pro XmlSerializer.Deserialize() + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - Použít XmlReader pro XmlSchema.Read() + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - Použít XmlReader pro konstruktor XmlValidatingReader + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - Použít XmlReader pro konstruktor XPathDocument + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - Toto přetížení metody {0}.{1} může být nebezpečné. Může povolit specifikaci DTD, která může být ohrožená útoky DoS (Denial of Service) nebo může používat XmlResolver, který představuje riziko odhalení informací. Použijte místo toho přetížení, které přijímá instanci XmlReader, má zakázané zpracování DTD a nepoužívá XmlResolver. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {0} používá typ preview {1} a vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3}{0} používá typ preview {1} a vyžaduje vyjádření výslovného souhlasu s funkcemi preview. Další informace najdete v {2}. - - - - Use 'TryGetValue(TKey, out TValue)' - Použít TryGetValue(TKey, out TValue) - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Preferovat metodu IDictionary.TryGetValue(TKey, out TValue) - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Upřednostňovat volání TryGetValue před přístupem indexeru slovníku chráněným kontrolou ContainsKey, aby se zabránilo dvojitému vyhledávání - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Upřednostňujte volání TryGetValue před přístupem indexeru slovníku chráněným kontrolou ContainsKey. ContainsKey i indexer by hledaly klíč na pozadí, takže použití TryGetValue odebere dodatečné vyhledávání. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf index 4eb70e2ac9..32cb3f7304 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - Fügen Sie diesem Feld das Attribut "NonSerialized" hinzu. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Serializable-Attribut hinzufügen + Add Serializable attribute Review cipher mode usage with cryptography experts - Verwendung des Verschlüsselungsmodus mit Kryptografieexperten überprüfen + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Diese Verschlüsselungsmodi sind möglicherweise anfällig für Angriffe. Erwägen Sie die Verwendung empfohlener Modi (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Überprüfen Sie die Verwendung des Verschlüsselungsmodus "{0}" mit Kryptografieexperten. Erwägen Sie die Verwendung empfohlener Modi (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - Der Zeichenfolgenliteralparameter eines Attributs wird für eine URL, eine GUID oder eine Version nicht richtig analysiert. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - Ändern Sie im Konstruktor von "{0}" den Wert des Arguments "{1}", zurzeit "{2}", in einen Wert, der korrekt als "{3}" analysiert werden kann. + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - Ändern Sie im Konstruktor von "{0}" den Wert des Arguments "{1}", zurzeit eine leere Zeichenfolge (""), in einen Wert, der korrekt als "{2}" analysiert werden kann. + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Attributzeichenfolgenliterale müssen richtig analysiert werden + Attribute string literals should parse correctly Extract to static readonly field - In statisches schreibgeschütztes Feld extrahieren + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - Konstantenarrays, die als Argumente übergeben werden, werden beim wiederholten Aufruf nicht wiederverwendet, was bedeutet, dass jedes Mal ein neues Array erstellt wird. Ziehen Sie in Betracht, sie in "static readonly"-Felder zu extrahieren, um die Leistung zu verbessern, wenn das übergebene Array nicht innerhalb der aufgerufenen Methode mutiert wird. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - "static readonly"-Felder gegenüber konstanten Arrayargumenten bevorzugen, wenn die aufgerufene Methode wiederholt aufgerufen wird und das übergebene Array nicht mutiert + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - Konstantenmatrizen als Argumente vermeiden + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - Beim Marshalling von "StringBuilder" wird immer eine native Pufferkopie erstellt, sodass mehrere Zuordnungen für einen Marshallingvorgang vorhanden sind. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Vermeiden Sie StringBuilder-Parameter für "P/Invokes". Erwägen Sie stattdessen die Verwendung eines Zeichenpuffers. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - StringBuilder-Parameter für "P/Invokes" vermeiden + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - Die .NET Framework-Klassenbibliothek stellt Methoden zum Abrufen benutzerdefinierter Attribute bereit. Standardmäßig durchsuchen diese Methoden die Attributvererbungshierarchie. Durch das Versiegeln des Attributs entfällt das Durchsuchen der Vererbungshierarchie, und die Leistung kann gesteigert werden. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Nicht versiegelte Attribute vermeiden + Avoid unsealed attributes Avoid unsealed attributes - Nicht versiegelte Attribute vermeiden + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Vermeiden Sie unnötige Arrayzuordnungen mit einer Länge von null. Warten Sie stattdessen auf "{0}". + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Arrayzuordnungen mit einer Länge von null vermeiden + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten deserialisiert werden, ohne dass der Typ von Objekten im deserialisierten Objektgraphen durch einen SerializationBinder beschränkt wird. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Festlegung von BinaryFormatter.Binder vor dem Aufruf von BinaryFormatter.Deserialize sicherstellen + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten deserialisiert werden, ohne dass der Typ von Objekten im deserialisierten Objektgraphen durch einen SerializationBinder beschränkt wird. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - BinaryFormatter.Deserialize nicht ohne Festlegung von BinaryFormatter.Binder aufrufen + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. Wenn Sie stattdessen die BinaryFormatter-Deserialisierung ohne Festlegung von SerializationBinder erkennen müssen, deaktivieren Sie die Regel "CA2300", und aktivieren Sie die Regeln "CA2301" und "CA2302". + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Nicht den unsicheren BinaryFormatter zur Deserialisierung verwenden + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - "Buffer.BlockCopy" erwartet die Anzahl von Bytes, die für das Argument "count" kopiert werden sollen. Die Verwendung von "Array.Length" stimmt möglicherweise nicht mit der Anzahl zu kopierender Bytes überein. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - "Buffer.BlockCopy" erwartet die Anzahl von Bytes, die für das Argument "count" kopiert werden sollen. Die Verwendung von "Array.Length" stimmt möglicherweise nicht mit der Anzahl zu kopierender Bytes überein. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - "Buffer.BlockCopy" erwartet die Anzahl von Bytes, die für das Argument "count" kopiert werden sollen + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Eine Methode, die eine Implementierung von "Dispose" ist, ruft "GC.SuppressFinalize" nicht auf, oder eine Methode, die keine Implementierung von "Dispose" ist, ruft "GC.SuppressFinalize" auf, oder eine Methode ruft "GC.SuppressFinalize" auf und übergibt etwas anderes als dies ("Me" in Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Ändern Sie "{0}" in den Aufruf von "{1}". So wird vermieden, dass abgeleitete Typen, die einen Finalizer einführen, "IDisposable" neu implementieren müssen, um ihn aufzurufen. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Ändern Sie "{0}" in den Aufruf von "{1}". So wird die unnötige Finalisierung des Objekts vermieden, nachdem es verworfen wurde und außerhalb des relevanten Bereichs liegt. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - "{0}" ruft "{1}" für etwas anderes als sich selbst auf. Ändern Sie die Aufrufsite so, dass stattdessen "this" ("Me" in Visual Basic) übergeben wird. + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - "{0}" ruft "{1}" auf, eine Methode, die normalerweise nur innerhalb einer Implementierung von "IDisposable.Dispose" aufgerufen wird. Weitere Informationen finden Sie im IDisposable-Muster. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Dispose-Methoden müssen SuppressFinalize aufrufen + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - Das ConstantExpected-Attribut wird nicht ordnungsgemäß auf den Parameter angewendet. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Falsche Verwendung des ConstantExpected-Attributs + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - Das ConstantExpected-Attribut ist für den Parameter aufgrund der Anmerkung der übergeordneten Methode erforderlich. + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - Der Wert "{0}" ist nicht mit dem Parametertyp "{1}" kompatibel. + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - Der Wert "{0}" passt nicht in die Parameterwertgrenzen von "{1}" bis "{2}". + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - Die Konstante weist nicht denselben Typ "{0}" wie der Parameter auf. + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Die Werte "Min" und "Max" werden invertiert. + The Min and Max values are inverted The argument should be a constant for optimal performance - Das Argument sollte eine Konstante sein, um eine optimale Leistung zu erzielen. + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - Der Typ "{0}" wird für das ConstantExpected-Attribut nicht unterstützt. + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - Die Konstante passt nicht in die Wertebegrenzungen von "{0}" bis "{1}". + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - Der Parameter erwartet eine Konstante, um eine optimale Leistung zu erzielen. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Für den Parameter wird eine Konstante erwartet. + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Beim Deserialisieren einer nicht vertrauenswürdigen Eingabe ist die Deserialisierung eines {0}-Objekts unsicher. "{1}" ist entweder "{0}" oder davon abgeleitet. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - Unsicherer DataSet- oder DataTable-Typ in deserialisiertem Objektgraph gefunden + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - Beim Deserialisieren einer nicht vertrauenswürdigen Eingabe mit einem IFormatter-basierten Serialisierungsmodul ist die Deserialisierung eines {0}-Objekts unsicher. "{1}" ist entweder "{0}" oder wird davon abgeleitet. Stellen Sie sicher, dass der automatisch generierte Typ ausschließlich mit vertrauenswürdigen Daten deserialisiert wird. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Ein unsicheres DataSet- oder DataTable-Element in einem automatisch generierten, serialisierbaren Typ kann für Angriffe durch Remotecodeausführung anfällig sein + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Beim Deserialisieren einer nicht vertrauenswürdigen Eingabe ist die Deserialisierung eines {0}-Objekts unsicher. "{1}" ist entweder "{0}" oder davon abgeleitet. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Ein unsicherer DataSet- oder DataTable-Typ in einem deserialisierten Objektgraph kann für Angriffe durch Remotecodeausführung anfällig sein + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - Beim Deserialisieren nicht vertrauenswürdiger Eingaben mit einem IFormatter-basierten Serialisierungsmodul ist die Deserialisierung eines {0}-Objekts unsicher. "{1}" ist entweder "{0}" oder davon abgeleitet. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Ein unsicheres DataSet- oder DataTable-Element in einem serialisierbaren Typ kann für Angriffe durch Remotecodeausführung anfällig sein + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Beim Deserialisieren einer nicht vertrauenswürdigen Eingabe ist die Deserialisierung eines {0}-Objekts unsicher. "{1}" ist entweder "{0}" oder davon abgeleitet. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - Unsicheres DataSet oder unsichere DataTable in serialisierbarem Typ + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Beim Deserialisieren einer nicht vertrauenswürdigen Eingabe ist die Deserialisierung eines {0}-Objekts unsicher. "{1}" ist entweder "{0}" oder davon abgeleitet. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Unsicherer DataSet- oder DataTable-Typ in webserialisiertem Objektgraph + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - Die Methode "{0}" ist beim Deserialisieren nicht vertrauenswürdiger Daten unsicher. Stellen Sie sicher, dass die automatisch generierte Klasse, die den {0}-Aufruf enthält, ausschließlich mit vertrauenswürdigen Daten deserialisiert wird. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Sicherstellen, dass die automatisch generierte Klasse mit DataSet.ReadXml() ausschließlich mit vertrauenswürdigen Daten verwendet wird + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - DataSet.ReadXml() nicht mit nicht vertrauenswürdigen Daten verwenden + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - DataTable.ReadXml() nicht mit nicht vertrauenswürdigen Daten verwenden + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients muss die Überprüfungen der Zertifikatsperrliste aktivieren. + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient wird ohne Aktivieren von CheckCertificateRevocationList erstellt. + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Zertifikate nicht zum Stammspeicher hinzufügen + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - Durch das Hinzufügen von Zertifikaten zu den vertrauenswürdigen Stammzertifikaten des Betriebssystems erhöht sich das Risiko, dass ein unzulässiges Zertifikat fälschlicherweise authentifiziert wird. + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - CreateEncryptor nicht mit Nicht-Standard-Initialisierungsvektoren verwenden + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - Die symmetrische Verschlüsselung verwendet einen nicht standardmäßigen Initialisierungsvektor, der potenziell wiederholbar sein könnte. + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Sichere Cookies in ASP.NET Core verwenden + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Beim Festlegen eines Cookies "CookieOptions.Secure = true" festlegen + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - Schwache Schlüsselableitungsfunktion nicht mit unzureichender Iterationsanzahl verwenden + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Verwenden Sie mindestens {0} Iterationen, wenn Sie einen kryptografischen Schlüssel aus einem Kennwort ableiten. Standardmäßig beträgt IterationCount von Rfc2898DeriveByte nur 1000. + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Ältere Protokollversionen von Transport Layer Security (TLS) sind weniger sicher als TLS 1.2 und TLS 1.3 und weisen eine höhere Wahrscheinlichkeit für neue Sicherheitsrisiken auf. Vermeiden Sie ältere Protokollversionen, um das Risiko zu minimieren. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Die Transport Layer Security-Protokollversion {0} ist veraltet. Verwenden Sie "None", um dem Betriebssystem die Auswahl einer Version zu ermöglichen. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - Keine veralteten SslProtocols-Werte verwenden + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}“ wird von der Vorschauklasse „{1}“ abgeleitet, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}“ wird von der Vorschauklasse „{1}“ abgeleitet, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Eine Assembly muss Vorschaufeatures abonnieren, damit sie diese verwenden kann. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - Die Verwendung von „{0}“ erfordert das Abonnieren von Vorschaufeatures. Weitere Informationen finden Sie unter {1}. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} Die Verwendung von „{0}“ erfordert das Abonnieren von Vorschaufeatures. Weitere Informationen finden Sie unter {1}. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Für diese API müssen Vorschaufeatures abonniert werden + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Ein Typ, der System.IDisposable implementiert, deklariert Felder, die Typen aufweisen, die ebenfalls IDisposable implementieren. Die Dispose-Methode des Felds wird nicht von der Dispose-Methode des deklarierenden Typs aufgerufen. Wenn Sie für das Zuordnen und Freigeben nicht verwalteter Ressourcen zuständig sind, die von diesem Feld belegt werden, rufen Sie zum Beheben eines Verstoßes gegen diese Regel Dispose für Felder auf, die Typen aufweisen, welche IDisposable implementieren. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - "{0}" enthält das Feld "{1}", das den IDisposable-Typ "{2}" aufweist, aber nie verworfen wird. Ändern Sie die Dispose-Methode in "{0}", um "Close" oder "Dispose" für dieses Feld aufzurufen. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Verwerfbare Felder verwerfen + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Ein Typ, der "System.IDisposable" implementiert und Felder aufweist, die auf die Verwendung nicht verwalteter Ressourcen hinweisen, implementiert keinen Finalizer wie durch "Object.Finalize" beschrieben. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Verwerfbare Typen sollten einen Finalizer deklarieren + Disposable types should declare finalizer Disposable types should declare finalizer - Verwerfbare Typen sollten einen Finalizer deklarieren + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Ein Typ, der System.IDisposable implementiert, erbt von einem Typ, der auch IDisposable implementiert. Die Dispose-Methode des erbenden Typs ruft nicht die Dispose-Methode des übergeordneten Typs auf. Um einen Verstoß gegen diese Regel zu beheben, rufen Sie base.Dispose in Ihrer Dispose-Methode auf. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Stellen Sie sicher, dass die {0}-Methode "{1}" in allen möglichen Ablaufsteuerungspfaden aufruft. + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Dispose-Methoden müssen die Dispose-Funktion der Basisklasse aufrufen. + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Wenn ein verwerfbares Objekt nicht explizit verworfen wird, bevor alle Verweise darauf außerhalb des gültigen Bereichs liegen, wird das Objekt zu einer unbestimmten Zeit verworfen, wenn der Garbage Collector den Finalizer des Objekts ausführt. Da möglicherweise ein Ausnahmeereignis auftritt, durch das die Ausführung des Finalizers des Objekts verhindert wird, muss das Objekt stattdessen explizit verworfen werden. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Verwenden Sie das empfohlene Dispose-Muster, um sicherzustellen, dass das von "{0}" erstellte Objekt in allen Pfaden verworfen wird. Umschließen Sie die Erstellung nach Möglichkeit mit einer using-Anweisung oder einer using-Deklaration. Verwenden Sie andernfalls ein try-finally-Muster mit einer vor dem try-Bereich deklarierten dedizierten lokalen Variablen und einem Dispose-Aufruf ohne Bedingung für den Nicht-NULL-Wert im finally-Bereich, beispielsweise "x?.Dispose()". Wenn das Objekt explizit innerhalb des try-Bereichs verworfen oder der Dispose-Besitz auf ein anderes Objekt oder eine andere Methode übertragen wird, weisen Sie der lokalen Variablen gleich nach einem solchen Vorgang NULL zu, um ein doppeltes Verwerfen in "finally" zu vermeiden. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Verwenden Sie das empfohlene Dispose-Muster, um sicherzustellen, dass das von "{0}" erstellte Objekt in allen Ausnahmepfaden verworfen wird. Umschließen Sie die Erstellung nach Möglichkeit mit einer using-Anweisung oder einer using-Deklaration. Verwenden Sie andernfalls ein try-finally-Muster mit einer vor dem try-Bereich deklarierten dedizierten lokalen Variablen und einem Dispose-Aufruf ohne Bedingung für den Nicht-NULL-Wert im finally-Bereich, beispielsweise "x?.Dispose()". Wenn das Objekt explizit innerhalb des try-Bereichs verworfen oder der Dispose-Besitz auf ein anderes Objekt oder eine andere Methode übertragen wird, weisen Sie der lokalen Variablen gleich nach einem solchen Vorgang NULL zu, um ein doppeltes Verwerfen in "finally" zu vermeiden. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Rufen Sie "System.IDisposable.Dispose" für das von "{0}" erstellte Objekt auf, bevor alle Verweise darauf außerhalb des gültigen Bereichs liegen. + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - Das von "{0}" erstellte Objekt wird nicht entlang aller Ausnahmepfade verworfen. Rufen Sie System.IDisposable.Dispose für das Objekt auf, bevor alle Verweise darauf außerhalb des gültigen Bereichs liegen. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Objekte verwerfen, bevor Bereich verloren geht + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Dem Zieldateisystempfad nicht den Pfad des Archivelements hinzufügen + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Wenn Dateien aus einem Archiv extrahiert werden und der Pfad des Archivelements verwendet wird, überprüfen Sie, ob der Pfad sicher ist. Der Archivpfad ist möglicherweise relativ und ermöglicht so den Dateisystemzugriff außerhalb des erwarteten Dateisystemzielpfads. Dies kann zu schädlichen Konfigurationsänderungen und zur Remotecodeausführung über die Lay-and-Wait-Technik führen. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Wenn Sie einen Pfad für "{0} in Methode {1}" aus dem relativen Archivelementpfad zur Extraktionsdatei erstellen und die Quelle ein nicht vertrauenswürdiges ZIP-Archiv ist, stellen Sie sicher, dass der relative Archivelementpfad "{2} in Methode {3}" bereinigt wird. + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - Schema nicht nach URL hinzufügen + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - Diese Überladung der XmlSchemaCollection.Add-Methode aktiviert intern die DTD-Verarbeitung in der verwendeten XML-Reader-Instanz und verwendet UrlResolver zum Auflösen externer XML-Entitäten. Das Ergebnis ist die Offenlegung von Informationen. Inhalte aus Dateisystem- oder Netzwerkfreigaben für den Computer, der die XML-Daten verarbeitet, können für Angreifer verfügbar gemacht werden. Darüber hinaus kann ein Angreifer sie als DoS-Vektor verwenden. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Diese Überladung der Add-Methode ist möglicherweise unsicher, weil dadurch gefährliche externe Verweise aufgelöst werden können. + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Durch Festlegen wichtiger TokenValidationParameter-Validierungsdelegaten auf TRUE, werden wichtige Authentifizierungssicherheitsmaßnahmen deaktiviert, was dazu führen kann, dass Token von jedem Aussteller oder abgelaufene Token falsch überprüft werden. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} ist auf eine Funktion festgelegt, die immer TRUE zurückgibt. Wenn Sie den Validierungsdelegaten festlegen, überschreiben Sie die Standardvalidierung, und wenn Sie immer TRUE zurückgeben, ist diese Validierung vollständig deaktiviert. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Tokenvalidierung in Delegaten nicht immer überspringen + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - Bei der unsicheren Deserialisierung handelt es sich um ein Sicherheitsrisiko, das auftreten kann, wenn nicht vertrauenswürdige Daten verwendet werden, um die Logik einer Anwendung auf nicht beabsichtigte Weise zu verwenden, einen Denial-of-Service-Angriff (DoS) durchzuführen oder beliebigen Code auszuführen, um diese zu deserialisieren. Angreifer nutzen diese Deserialisierungsfeatures häufig aus, indem sie ihre nicht vertrauenswürdigen Daten von der Anwendung deserialisieren lassen. Während der Deserialisierung werden so insbesondere gefährliche Methoden aufgerufen. Eine erfolgreich durchgeführte unsichere Deserialisierung kann dazu führen, dass der Angreifer DoS-Angriffe durchführen, die Authentifizierung umgehen oder Code remote ausführen kann. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - Beim Deserialisieren einer Instanz der Klasse „{0}“ kann die Methode „{1}“ die gefährliche Methode „{2}“ direkt oder indirekt aufrufen. + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Keine gefährlichen Methoden bei der Deserialisierung aufrufen + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> und Enumerable.OfType<T> erfordern kompatible Typen, um ordnungsgemäß zu funktionieren. -Die generische Umwandlung (IL „unbox.any“), die der von der von Enumerable.Cast<T> zurückgegebenen Sequenz verwendet wird, löst zur Laufzeit bei Elementen der angegebenen Typen eine InvalidCastException-Ausnahme aus. -Die von Enumerable.OfType<T> verwendete generische Typüberprüfung (C# „is“-Operator/IL „isinst“) wird nie erfolgreich ausgeführt, wenn Elemente von Typen angegeben werden, die in einer leeren Sequenz resultieren. -Erweiterungen und benutzerdefinierte Konvertierungen werden bei generischen Typen nicht unterstützt. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - Der Typ „{0}“ ist nicht mit dem Typ „{1}“ kompatibel, und Umwandlungsversuche verursachen zur Laufzeit eine InvalidCastException-Ausnahme. + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - Dieser Aufruf führt immer zu einer leeren Sequenz, weil der Typ „{0}“ nicht mit dem Typ „{1}“ kompatibel ist. + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Enumerable.Cast<T>- oder Enumerable.OfType-<T> nicht mit inkompatiblen Typen aufrufen + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - "{0}" nicht für einen {1}-Wert aufrufen + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - "ToImmutableCollection" nicht für einen ImmutableCollection-Wert aufrufen + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource verfügt über Konstruktoren, die TaskCreationOptions zum Steuern der zugrunde liegenden Aufgabe akzeptieren, und Konstruktoren, die den in der Aufgabe gespeicherten Objektzustand übernehmen. Das versehentliche Übergeben von TaskContinuationOptions anstelle von TaskCreationOptions führt dazu, dass der Aufruf die Optionen als Zustand behandelt. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Ersetzen Sie TaskContinuationOptions durch TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - Das Argument enthält die TaskContinuationsOptions-Enumeration anstelle der TaskCreationOptions-Enumeration. + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - Anstelle einer TaskContinuationOptions-Enumeration muss eine TaskCreationOptions-Enumeration als Argument an den TaskCompletionSource-Konstruktor übergeben werden + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Erstellen Sie Tasks nur dann, wenn Sie eine der Überladungen verwenden, die einen TaskScheduler akzeptieren. Standardmäßig wird mit TaskScheduler.Current geplant, was zu Deadlocks führt. Verwenden Sie entweder TaskScheduler.Default, um für den Threadpool zu planen, oder übergeben Sie TaskScheduler.Current explizit, um Ihre Absicht zu verdeutlichen. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Keine Tasks ohne Übergabe eines TaskSchedulers erstellen + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Keine Tasks ohne Übergabe eines TaskSchedulers erstellen + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - Durch das Hinzufügen eines Finalizers zu einem von MemoryManager<T> abgeleiteten Typ wird möglicherweise Arbeitsspeicher freigegeben, der noch von einem Span<T>-Element verwendet wird. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - Durch das Hinzufügen eines Finalizers zu einem von MemoryManager<T> abgeleiteten Typ wird möglicherweise Arbeitsspeicher freigegeben, der noch von einem Span<T>-Element verwendet wird. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - Keine Finalizer für von MemoryManager<T> abgeleitete Typen definieren + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Deaktivieren Sie die Zertifikatüberprüfung nicht + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Mithilfe von Zertifikaten können Sie die Identität des Servers authentifizieren. Clients sollten das Serverzertifikat überprüfen, um sicherzustellen, dass die Anforderungen an den richtigen Server gesendet werden. Wenn die Eigenschaft "ServerCertificateValidationCallback" immer "true" zurückgibt, werden alle Zertifikate als gültig eingestuft. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - Die ServerCertificateValidationCallback-Eigenschaft wurde auf eine Funktion festgelegt, die alle Serverzertifikate akzeptiert, indem immer "true" zurückgegeben wird. Stellen Sie sicher, dass die Serverzertifikate darauf ausgelegt sind, die Identität des Servers zu überprüfen, der Anforderungen erhält. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - Die Verwendung von HttpClient ohne Bereitstellen eines plattformspezifischen Handlers (WinHttpHandler, CurlHandler oder HttpClientHandler), bei dem die CheckCertificateRevocationList-Eigenschaft auf TRUE festgelegt ist, ermöglicht, dass gesperrte Zertifikate vom HttpClient als gültig akzeptiert werden. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - Deaktivieren Sie nicht die Überprüfung von HTTP-Headern. + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - Durch die Überprüfung von HTTP-Headern wird die Codierung der Wagenrücklauf- und Zeilenumbruchzeichen (\r und \n) ermöglicht, die im Antwortheader enthalten sind. Durch diese Codierung können Angriffe durch Einschleusung von Befehlen vermieden werden, bei denen eine Anwendung ausgenutzt wird, die nicht vertrauenswürdige, im Header enthaltene Daten zurückgibt. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - Deaktivieren Sie nicht die Überprüfung von HTTP-Headern. + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - Deaktivieren Sie nicht die Anforderungsüberprüfung. + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - Die Anforderungsüberprüfung ist ein Feature in ASP.NET, das HTTP-Anforderungen untersucht und ermittelt, ob sie potenziell gefährliche Inhalte enthalten. Diese Überprüfung fügt Schutz vor Markup oder Code in der URL-Abfragezeichenfolge, in Cookies oder in bereitgestellten Formularwerten hinzu, das bzw. der möglicherweise zu böswilligen Zwecken hinzugefügt wurden. Deshalb wird sie allgemein empfohlen und sollte für eine detaillierte Verteidigung aktiviert bleiben. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - Für "{0}" wurde die Anforderungsüberprüfung deaktiviert. + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Deaktivieren Sie die starke Verschlüsselung für Schannel nicht + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - Ab .NET Framework 4.6 wird empfohlen, dass die Klassen System.Net.ServicePointManager und System.Net.Security.SslStream neue Protokolle verwenden. Bei den alten Klassen liegen Protokollschwächen vor, weshalb sie nicht unterstützt werden. Wenn Sie Switch.System.Net.DontEnableSchUseStrongCrypto auf TRUE festlegen, wird die alte, schwache Verschlüsselungsprüfung verwendet und die Protokollmigration verhindert. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} deaktiviert TLS 1.2 und aktiviert SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - Durch Tokenvalidierungsprüfungen wird sichergestellt, dass beim Überprüfen von Token alle Aspekte analysiert und überprüft werden. Das Deaktivieren der Validierung kann zu Sicherheitslücken führen, da nicht vertrauenswürdige Token die Überprüfung durchführen können. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters.{0}soll nicht auf FALSE festgelegt werden, da die wichtige Überprüfung deaktiviert wird. + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Tokenvalidierungsprüfungen nicht deaktivieren + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Legen Sie Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols nicht auf TRUE fest. Durch das Festlegen dieses Schalters wird WCF (Windows Communication Framework) auf die Verwendung von TLS 1.0 (Transport Layer Security) eingeschränkt, das unsicher und veraltet ist. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - ServicePointManagerSecurityProtocols nicht deaktivieren + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - Schützen Sie “Dictionary.Remove(key)” nicht mit “Dictionary.ContainsKey(key)”. Der erste Schlüssel überprüft bereits, ob der Schlüssel vorhanden ist, und gibt keinen Fehler aus, wenn dies nicht der Fall ist. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - “Dictionary.Remove(key)” nicht mit “Dictionary.ContainsKey(key)” schützen + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Nicht erforderlicher Aufruf von “Dictionary.ContainsKey(key)” + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Keine Hartcodierung von Zertifikaten + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Hartcodierte Zertifikate im Quellcode sind anfällig für Exploits. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - Es wurde ein potenzielles Sicherheitsrisiko ermittelt. "{0}" in Methode "{1}" wurde möglicherweise durch einen hartcodierten Schlüssel aus "{2}" in Methode "{3}" verfälscht. + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Keine Hartcodierung von Verschlüsselungsschlüsseln + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - Die .Key-Eigenschaft von SymmetricAlgorithm oder der rgbKey-Parameter einer Methode darf niemals ein hartcodierter Wert sein. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - Es wurde ein potenzielles Sicherheitsrisiko ermittelt. "{0}" in der Methode "{1}" wurde möglicherweise durch einen hartcodierten Schlüssel aus "{2}" in Methode "{3}" verfälscht. + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - Standardmäßig ist der Zertifikatspeicher der vertrauenswürdigen Stammzertifizierungsstellen mit einem Satz öffentlicher Zertifizierungsstellen konfiguriert, die die Anforderungen des Microsoft-Programms für Stammzertifikate erfüllen. Da alle vertrauenswürdigen Stammzertifizierungsstellen Zertifikate für eine beliebige Domäne ausstellen können, kann ein Angreifer eine schwache oder zwingende Zertifizierungsstelle, die Sie selbst installieren, als Ziel für einen Angriff auswählen. Auf diese Weise kann eine einzelne unsichere, schädliche oder zwingende Zertifizierungsstelle die Sicherheit des gesamten Systems untergraben. Hinzu kommt, dass diese Angriffe leicht unbemerkt bleiben können. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Ein Objekt besitzt eine schwache Identität, wenn es direkt über Anwendungsdomänengrenzen hinweg zugänglich ist. Ein Thread, der versucht, eine Sperre für ein Objekt mit einer schwachen Identität abzurufen, kann von einem zweiten Thread in einer anderen Anwendungsdomäne blockiert werden, der eine Sperre für dasselbe Objekt besitzt. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Auf Objekten mit schwacher Identität nicht sperren + Do not lock on objects with weak identity Do not lock on objects with weak identity - Auf Objekten mit schwacher Identität nicht sperren + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Eine Methode übergibt ein Zeichenfolgenliteral als Parameter an einen Konstruktor oder eine Methode in der .NET Framework-Klassenbibliothek, und diese Zeichenfolge muss lokalisierbar sein. Um einen Verstoß gegen diese Regel zu beheben, ersetzen Sie das Zeichenfolgenliteral durch eine Zeichenfolge, die durch eine Instanz der ResourceManager-Klasse abgerufen wird. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - Die Methode "{0}" übergibt eine Literalzeichenfolge als Parameter "{1}" eines Aufrufs an "{2}". Rufen Sie die folgende(n) Zeichenfolge(n) stattdessen aus einer Ressourcentabelle ab: {3}. + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Literale nicht als lokalisierte Parameter übergeben + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Eine Ausnahme eines Typs, der nicht ausreichend spezifisch ist oder durch die Runtime reserviert wurde, sollte niemals von Benutzercode ausgelöst werden. Dadurch ist der ursprüngliche Fehler schwierig zu erkennen und zu debuggen. Wenn diese Ausnahmeinstanz ausgelöst werden könnte, verwenden Sie einen anderen Ausnahmetyp. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - Der Ausnahmetyp "{0}" wurde durch die Runtime reserviert. + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - Der Ausnahmetyp "{0}" ist nicht ausreichend spezifisch. + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Keine reservierten Ausnahmetypen auslösen + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - Typen mit Zeigerfeldern dürfen nicht serialisiert werden. + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Zeiger sind nicht "typensicher", insofern als Sie nicht garantieren können, dass auf den richtigen Arbeitsspeicher verwiesen wird. Daher ist das Serialisieren von Typen mit Zeigerfeldern gefährlich, weil ein Angreifer dadurch möglicherweise den Zeiger steuern kann. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Zeigerfeld "{0}" für serialisierbaren Typ + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Shared Access Signature des Kontos nicht verwenden + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - SAS (Shared Access Signatures) sind ein wichtiger Bestandteil des Sicherheitsmodells für jede Anwendung, die Azure Storage verwendet. Sie müssen eingeschränkte und sichere Berechtigungen für Ihr Speicherkonto für Clients bereitstellen, die nicht über den Kontoschlüssel verfügen. Alle über eine Dienst-SAS verfügbaren Vorgänge sind auch über eine Konto-SAS verfügbar. Die Konto-SAS besitzt daher zu hohe Berechtigungen. Es empfiehlt sich, die Dienst-SAS zu verwenden und den Zugriff detaillierter zu delegieren. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Für detailliertere Zugriffssteuerung und Zugriffsrichtlinie auf Containerebene die Dienst-SAS anstelle der Konto-SAS verwenden + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Keine beschädigten kryptografischen Algorithmen verwenden + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - Es ist ein Angriff vorhanden, der es rechnerisch möglich macht, diesen Algorithmus zu zerstören. So können Angreifer die kryptografischen Garantien durchbrechen, für deren Bereitstellung er entwickelt wurde. Je nach Typ und Anwendung dieses kryptografischen Algorithmus können Angreifer verschlüsselte Nachrichten lesen, verschlüsselte Nachrichten manipulieren, digitale Signaturen fälschen, Hashinhalte manipulieren oder jedes auf diesem Algorithmus basierende Verschlüsselungssystem in anderer Hinsicht kompromittieren. Ersetzen Sie die Verwendung von Verschlüsselungen durch den AES-Algorithmus (AES-256, AES-192 und AES-128 sind zulässig) mit einer Schlüssellänge von mindestens 128 Bit. Ersetzen Sie die Verwendung von Hashing durch eine Hashfunktion in der SHA-2-Familie, beispielsweise SHA512, SHA384 oder SHA256. Ersetzen Sie die Verwendung digitaler Signaturen durch RSA mit einer Schlüssellänge von mindestens 2048 Bit oder durch ECDSA mit einer Schlüssellänge von mindestens 256 Bit. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - "{0}" verwendet einen beschädigten kryptografischen Algorithmus: {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - Bei nicht leeren Sammlungen listen CountAsync() und LongCountAsync() die gesamte Sequenz auf, während AnyAsync() beim ersten Element oder bei dem ersten Element, das eine Bedingung erfüllt, beendet wird. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - "{0}()" wird verwendet, obwohl "AnyAsync()" stattdessen verwendet werden kann, um die Leistung zu verbessern. + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - CountAsync() oder LongCountAsync() nicht verwenden, wenn AnyAsync() verwendet werden kann + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - Bei nicht leeren Sammlungen listen Count() und LongCount() die gesamte Sequenz auf, während Any() beim ersten Element oder bei dem ersten Element, das eine Bedingung erfüllt, beendet wird. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - "{0}()" wird verwendet, obwohl "Any()" stattdessen verwendet werden kann, um die Leistung zu verbessern. + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Count() oder LongCount() nicht verwenden, wenn Any() verwendet werden kann + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - Für die symmetrische Verschlüsselung muss immer ein nicht wiederholbarer Initialisierungsvektor verwendet werden, um Wörterbuchangriffe zu verhindern. - - - - Do Not Use Deprecated Security Protocols - Verwenden Sie keine veralteten Sicherheitsprotokolle. - - - - Using a deprecated security protocol rather than the system default is risky. - Die Verwendung eines veralteten Sicherheitsprotokolls anstelle des Systemstandards ist riskant. - - - - Hard-coded use of deprecated security protocol {0} - Hartcodierte Verwendung des veralteten Sicherheitsprotokolls "{0}" + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Digitalen Signaturalgorithmus (DSA) nicht verwenden + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - DSA ist zu schwach für die Verwendung. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Der asymmetrische Verschlüsselungsalgorithmus "{0}" ist schwach. Wechseln Sie stattdessen zu einer RSA-Verschlüsselung mit ECDH- oder ECDSA-Algorithmus mit einer Schlüsselgröße von mindestens 2048. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Diese Sammlung kann direkt indiziert werden. Der Umweg über LINQ verursacht in diesem Fall unnötige Zuordnungen und CPU-Last. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - Verwenden Sie keine Enumerable-Methoden für indizierbare Sammlungen. Verwenden Sie die Sammlung stattdessen direkt. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - Keine Enumerable-Methoden für indizierbare Sammlungen verwenden + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Keine unsichere Zufälligkeitsstufe verwenden + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - Bei Verwendung eines kryptografisch schwachen Pseudozufallszahlen-Generators kann ein Angreifer möglicherweise vorhersagen, welcher sicherheitsrelevante Wert generiert wird. Verwenden Sie einen kryptografisch starken Zufallszahlen-Generator, wenn ein nicht vorhersehbarer Wert erforderlich ist, oder stellen Sie sicher, dass schwache Pseudozufallszahlen nicht auf sicherheitsrelevante Weise verwendet werden. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - "{0}" ist ein unsicherer Zufallszahlen-Generator. Verwenden Sie kryptografisch sichere Zufallszahlen-Generatoren, wenn Zufallszahlen für die Sicherheit erforderlich sind. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Keine veraltete Schlüsselableitungsfunktion verwenden + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - Die kennwortbasierte Schlüsselableitung sollte PBKDF2 mit SHA-2 verwenden. Verwenden Sie nicht PasswordDeriveBytes, da hierbei ein PBKDF1-Schlüssel generiert wird. Verwenden Sie nicht Rfc2898DeriveBytes.CryptDeriveKey, da hierbei weder Iterationszählung noch Salt verwendet werden. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Aufruf der veralteten Schlüsselableitungsfunktion {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - Mit dem Wert "OutAttribute" übergebene Zeichenfolgenparameter können die Runtime destabilisieren, wenn die Zeichenfolge eine internalisierte Zeichenfolge ist. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - Verwenden Sie "OutAttribute" nicht für den Zeichenfolgenparameter "{0}", der als Wert übergeben wird. Wenn ein Marshalling geänderter Daten zurück an den Aufrufer erforderlich ist, verwenden Sie das Schlüsselwort "out", um die Zeichenfolge stattdessen als Verweis zu übergeben. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - "OutAttribute" nicht für Zeichenfolgenparameter für P/Invokes verwenden + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - Übergeben Sie kein Argument mit dem Werttyp „{0}“ an die „Equals“-Methode für „ReferenceEqualityComparer“. Aufgrund des Boxings der Werte kann dieser Aufruf von „Equals“ ein unerwartetes Ergebnis zurückgeben. Verwenden Sie stattdessen „EqualityComparer“, oder übergeben Sie Argumente mit einem Verweistyp, wenn Sie „ReferenceEqualityComparer“ verwenden möchten. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - Für mit einem Werttyp typisierte Argumente erfolgt für jeden Aufruf dieser Methode ein eindeutiges Boxing, daher kann ein unerwartet Ergebnis auftreten. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - Übergeben Sie kein Argument mit dem Werttyp „{0}“ an „ReferenceEqualityComparer“. Aufgrund des Boxings der Werte kann dieser Aufruf von „Equals“ ein unerwartetes Ergebnis zurückgeben. Verwenden Sie stattdessen „EqualityComparer“, oder übergeben Sie Argumente mit einem Verweistyp, wenn Sie „ReferenceEqualityComparer“ verwenden möchten. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - ReferenceEquals nicht mit Werttypen verwenden + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - Der über stackalloc zugewiesene Stapelspeicherplatz wird erst am Ende des Aufrufs der aktuellen Methode freigegeben. Die Verwendung in einer Schleife kann zu einer unbegrenzten Stapelvergrößerung und letztlich zu Stapelüberlaufbedingungen führen. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Möglicher Stapelüberlauf. Verschieben Sie stackalloc aus der Schleife. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - stackalloc nicht in Schleifen verwenden + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Regelmäßige Aktivitäten mit einer höheren Frequenz belasten die CPU und beeinflussen energiesparende Leerlauftimer, mit denen die Anzeige sowie die Festplatten ausgeschaltet werden. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Keine Timer verwenden, die Änderungen am Energiezustand verhindern + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Keine Timer verwenden, die Änderungen am Energiezustand verhindern + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Keinen unsicheren DllImportSearchPath-Wert verwenden + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - Die Standard-DLL-Suchverzeichnisse enthalten möglicherweise eine schädliche DLL. Je nachdem, von wo aus Ihre Anwendung ausgeführt wird, befindet sich möglicherweise auch eine schädliche DLL im Anwendungsverzeichnis. Verwenden Sie einen DllImportSearchPath-Wert, der stattdessen einen expliziten Suchpfad angibt. Die DllImportSearchPath-Flags, nach denen diese Regel sucht, können in .editorconfig konfiguriert werden. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Verwendung eines unsicheren DllImportSearchPath-Werts "{0}" + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - Die Verwendung von "WaitAll" mit einer einzelnen Aufgabe kann zu Leistungseinbußen führen. Verwenden Sie stattdessen "await", oder geben Sie die Aufgabe zurück. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - "WaitAll" durch einzelnes "Wait" ersetzen + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - "WaitAll" nicht mit einer einzelnen Aufgabe verwenden + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Keine schwachen kryptografischen Algorithmen verwenden + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Kryptografische Algorithmen verlieren mit der Zeit ihre Wirkung, weil Angreifer ihre Methoden verbessern und Zugang zu umfangreicheren Berechnungsalgorithmen erhalten. Je nach Typ und Anwendung dieses kryptografischen Algorithmus können Angreifer durch eine weitere Herabsetzung der kryptografischen Stärke verschlüsselte Nachrichten lesen, verschlüsselte Nachrichten manipulieren, digitale Signaturen fälschen, Hashinhalte manipulieren oder jedes auf diesem Algorithmus basierende Verschlüsselungssystem in anderer Hinsicht kompromittieren. Ersetzen Sie die Verwendung von Verschlüsselungen durch den AES-Algorithmus (AES-256, AES-192 und AES-128 sind zulässig) mit einer Schlüssellänge von mindestens 128 Bit. Ersetzen Sie die Verwendung von Hashing durch eine Hashfunktion in der SHA-2-Familie, beispielsweise SHA-2 512, SHA-2 384 oder SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - "{0}" verwendet einen schwachen kryptografischen Algorithmus: {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Sicherstellen eines ausreichend starken Algorithmus für die Schlüsselableitungsfunktion + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Einige Implementierungen der Rfc2898DeriveBytes-Klasse ermöglichen das Angeben eines Hashalgorithmus in einem Konstruktorparameter oder das Überschreiben in der HashAlgorithm-Eigenschaft. Wird ein Hashalgorithmus angegeben, muss SHA-256 oder höher verwendet werden. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - "{0}" verwendet möglicherweise einen schwachen Hashalgorithmus. Verwenden Sie SHA256, SHA384 oder SHA512, um einen sicheren Schlüssel aus einem Kennwort zu erstellen. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Verwenden Sie beim Ableiten kryptografischer Schlüssel aus Benutzereingaben (z. B. Kennwort) eine ausreichende Anzahl von Iterationen (mindestens 100.000). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - Die Verwendung von "WhenAll" mit einer einzelnen Aufgabe kann zu Leistungseinbußen führen. Verwenden Sie stattdessen "await", oder geben Sie die Aufgabe zurück. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Aufruf von "WhenAll" durch Argument ersetzen + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - "WhenAll" nicht mit einer einzelnen Aufgabe verwenden + Do not use 'WhenAll' with a single task Do Not Use XslTransform - Kein XslTransform verwenden + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - Verwenden Sie kein XslTransform. Es schränkt potenziell gefährliche externe Verweise nicht ein. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - Für die Bereitstellung einer funktionalen Schnittstelle mit dem Attribut "DynamicInterfaceCastableImplementationAttribute" ist das Feature der Standardschnittstellenmember erforderlich, das in Visual Basic nicht unterstützt wird. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Die Bereitstellung einer DynamicInterfaceCastableImplementation-Schnittstelle in Visual Basic wird nicht unterstützt. + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Die Bereitstellung einer DynamicInterfaceCastableImplementation-Schnittstelle in Visual Basic wird nicht unterstützt + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - Die Verwendung von Features, die Runtime-Marshalling erfordern, wenn das Runtime-Marshalling deaktiviert ist, führt zu Runtime-Ausnahmen. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - Für Typen mit „[StructLayout(LayoutKind.Auto)]“ muss das Runtime-Marshalling aktiviert sein. + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - „By-ref“-Parameter erfordern die Aktivierung von Runtime-Marshalling. + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Delegates mit verwalteten Typen als Parameter oder der Rückgabetyp erfordern, dass das Marshalling der Runtime in der Assembly aktiviert ist, in der das Delegat definiert ist. + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - Für den HResult-Austausch muss das Runtime-Marshalling aktiviert sein + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - Für die Verwendung von „LCIDConversionAttribute“ muss das Runtime-Marshalling aktiviert sein. + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Für verwaltete Parameter oder Rückgabetypen muss das Runtime-Marshalling aktiviert sein + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - Wenn „SetLastError“ auf TRUE festgelegt wird, muss das Runtime Marshalling aktiviert sein. + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Für Varadic-P/Invoke-Signaturen muss das Runtime-Marshalling aktiviert sein + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - Eigenschaft, Typ oder Attribut erfordert Runtime-Marshalling. + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Der Typ von „{0}“ enthält den Vorschautyp „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3} Der Typ von „{0}“ enthält den Vorschautyp „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Hiermit wird der Parameter "CancellationToken" an Methoden weitergeleitet. So stellen Sie sicher, dass Benachrichtigungen zum Abbruch des Vorgangs ordnungsgemäß verteilt werden. Alternativ dazu können Sie explizit "CancellationToken.None" übergeben, um festzulegen, dass das Token nicht verteilt werden soll. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Leiten Sie den Parameter "{0}" an die Methode "{1}" weiter, oder übergeben Sie explizit "CancellationToken.None", um festzulegen, dass das Token nicht verteilt werden soll. + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Parameter "CancellationToken" an Methoden weiterleiten + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Vermeiden Sie eine Hartcodierung von SecurityProtocolType "{0}", und verwenden Sie stattdessen "SecurityProtocolType.SystemDefault", um dem Betriebssystem die Auswahl des besten TLS-Protokolls (Transport Layer Security) zu ermöglichen. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Hartcodierung des SecurityProtocolType-Werts vermeiden + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Aktuelle Transport Layer Security-Protokollversionen werden möglicherweise als veraltet markiert, wenn Sicherheitsrisiken gefunden werden. Vermeiden Sie das Hartcodieren von SslProtocols-Werten, um Ihre Anwendung zu schützen. Verwenden Sie "None", um dem Betriebssystem die Auswahl einer Version zu ermöglichen. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Vermeiden Sie die Hartcodierung von SslProtocols "{0}", um sicherzustellen, dass Ihre Anwendung in Zukunft sicher bleibt. Verwenden Sie "None", um dem Betriebssystem die Auswahl einer Version zu ermöglichen. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Hartcodierte SslProtocols-Werte vermeiden + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Generische mathematische Schnittstellen erfordern, dass der abgeleitete Typ selbst für den sich wiederholenden Typparameter verwendet wird. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - Für "{0}" muss der Typparameter "{1}" mit dem abgeleiteten Typ "{2}" gefüllt werden + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Richtigen Typparameter verwenden + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Um einen Verstoß gegen diese Regel zu beheben, legen Sie die GetObjectData-Methode als sichtbar und überschreibbar fest, und stellen Sie sicher, dass alle Instanzfelder in den Serialisierungsvorgang eingeschlossen oder durch das NonSerializedAttribute-Attribut explizit markiert werden. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Fügen Sie Typ "{0}" eine Implementierung von "GetObjectData" hinzu. + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Markieren Sie "{0}.GetObjectData" als virtuell und überschreibbar. + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Vergrößern Sie den Zugriff auf "{0}.GetObjectData" für abgeleitete Typen als sichtbar. + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - ISerializable ordnungsgemäß implementieren + Implement ISerializable correctly Implement inherited interfaces - Geerbte Schnittstellen implementieren + Implement inherited interfaces Implement Serialization constructor - Serialisierungskonstruktor implementieren + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Um einen Verstoß gegen diese Regel zu beheben, implementieren Sie den Serialisierungskonstruktor. Definieren Sie den Konstruktor bei einer versiegelten Klasse als privat und in anderen Fällen als geschützt. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Fügen Sie {0} einen Konstruktor mit der folgenden Signatur hinzu: "protected {0}(SerializationInfo info, StreamingContext context)". + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Deklarieren Sie den Serialisierungskonstruktor von {0} (versiegelter Typ) als privat. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Deklarieren Sie den Serialisierungskonstruktor von {0} (nicht versiegelter Typ) als geschützt. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Serialisierungskonstruktoren implementieren + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Eine Methode, die ein Serialisierungsereignis behandelt, besitzt nicht die richtige Signatur, den richtigen Rückgabetyp oder die richtige Sichtbarkeit. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Da "{0}" mit "OnSerializing", "OnSerialized", "OnDeserializing" oder "OnDeserialized" markiert ist, ändern Sie die zugehörige Signatur so, dass sie nicht mehr generisch ist. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Da "{0}" mit "OnSerializing", "OnSerialized", "OnDeserializing" oder "OnDeserialized" markiert ist, ändern Sie die zugehörige Signatur so, dass ein einzelner Parameter vom Typ "System.Runtime.Serialization.StreamingContext" akzeptiert wird. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Da "{0}" mit "OnSerializing", "OnSerialized", "OnDeserializing" oder "OnDeserialized" markiert ist, ändern Sie dessen Rückgabetyp von "{1}" in "void" ("Sub" in Visual Basic). + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Da "{0}" mit "OnSerializing", "OnSerialized", "OnDeserializing" oder "OnDeserialized" markiert ist, nehmen Sie eine Änderung von "static" ("Shared" in Visual Basic) in eine Instanzmethode vor. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Da "{0}" mit "OnSerializing", "OnSerialized", "OnDeserializing" oder "OnDeserialized" markiert ist, ändern Sie den Zugriff in privat. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Serialisierungsmethoden korrekt implementieren + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}“ implementiert die Vorschauschnittstelle „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}“ implementiert die Vorschauschnittstelle „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}“ implementiert die Vorschaumethode „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}“ implementiert die Vorschaumethode „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Ein Referenztyp deklariert einen expliziten statischen Konstruktor. Um eine Verletzung dieser Regel zu korrigieren, initialisieren Sie alle statischen Daten, wenn sie deklariert wurden, und entfernen Sie den statischen Konstruktor. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Statische Felder für Referenztyp inline initialisieren + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Initialisieren Sie alle statischen Felder in "{0}", wenn diese Felder deklariert wurden, und entfernen Sie den expliziten statischen Konstruktor. + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Ein Werttyp deklariert einen expliziten statischen Konstruktor. Um eine Verletzung dieser Regel zu korrigieren, initialisieren Sie alle statischen Daten, wenn sie deklariert wurden, und entfernen Sie den statischen Konstruktor. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Statische Felder für Werttyp inline initialisieren + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Ändern Sie diese Option, um den Konstruktor mit zwei Argumenten aufzurufen und NULL als Nachricht zu übergeben. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - Ein Aufruf erfolgt an den (parameterlosen) Standardkonstruktur eines Ausnahmetyps, der einer ArgumentException entspricht oder von dieser ableitet, oder ein falsches Zeichenfolgenargument wurde an einen parametrisierten Konstruktor eines Ausnahmetyps übergeben, der einer ArgumentException entspricht oder von dieser ableitet. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Argumentreihenfolge tauschen + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - Die Methode "{0}" übergibt den Parameternamen "{1}" als {2}-Argument an einen {3}-Konstruktor. Ersetzen Sie dieses Argument durch eine aussagekräftige Nachricht, und übergeben Sie den Parameternamen an der richtigen Position. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - Die Methode "{0}" übergibt "{1}" als {2}-Argument an einen {3}-Konstruktor. Ersetzen Sie dieses Argument durch einen der Parameternamen der Methode. Beachten Sie, dass der bereitgestellte Parametername genau dieselbe Schreibweise aufweisen muss wie für die Methode deklariert. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Rufen Sie den Konstruktur "{0}" auf, der eine Nachricht und/oder einen paramName-Parameter enthält. + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Argumentausnahmen korrekt instanziieren + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - Typen mit dem Attribut "DynamicInterfaceCastableImplementationAttribute" fungieren als Schnittstellenimplementierung für einen Typ, der den Typ "IDynamicInterfaceCastable" implementiert. Als Ergebnis muss eine Implementierung aller in den geerbten Schnittstellen definierten Member bereitgestellt werden, weil der Typ, der "IDynamicInterfaceCastable" implementiert, sie nicht anderweitig bereitstellt. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - Auf den Typ "{0}" wird "DynamicInterfaceCastableImplementationAttribute" angewendet, aber es wird keine Implementierung aller Schnittstellenmember bereitgestellt, die in geerbten Schnittstellen definiert sind. + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Alle in übergeordneten Schnittstellen deklarierten Member müssen über eine Implementierung in einer Schnittstelle mit dem Attribut "DynamicInterfaceCastableImplementation" verfügen + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten mit einem JavaScriptSerializer deserialisiert werden, der mit einem SimpleTypeResolver initialisiert wurde. Stellen Sie sicher, dass der JavaScriptSerializer ohne Angabe eines JavaScriptTypeResolver oder mit einem JavaScriptTypeResolver initialisiert wird, der die Objekttypen im deserialisierten Objektgraphen einschränkt. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Vor der Deserialisierung sicherstellen, dass JavaScriptSerializer nicht mit SimpleTypeResolver initialisiert wurde + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten mit einem JavaScriptSerializer deserialisiert werden, der mit einem SimpleTypeResolver initialisiert wurde. Initialisieren Sie den JavaScriptSerializer ohne Angabe eines JavaScriptTypeResolver oder mit einem JavaScriptTypeResolver, der die Objekttypen im deserialisierten Objektgraphen einschränkt. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - Nicht mit JavaScriptSerializer und SimpleTypeResolver deserialisieren + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializer zum Deserialisieren "TypeNameHandling.None" an, oder schränken Sie deserialisierte Typen für andere Werte als "None" mit einem SerializationBinder ein. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - JsonSerializer nicht zum Deserialisieren mit einer unsicheren Konfiguration verwenden + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializerSettings "TypeNameHandling.None" an, oder schränken Sie deserialisierte Typen für andere Werte als "None" mit einem SerializationBinder ein. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - Keine unsicheren JsonSerializerSettings verwenden + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializer zum Deserialisieren "TypeNameHandling.None" an, oder schränken Sie deserialisierte Typen für andere Werte als "None" mit einem SerializationBinder ein. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Bei der Deserialisierung mit JsonSerializer eine sichere Konfiguration sicherstellen + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Beim Deserialisieren nicht vertrauenswürdiger Eingaben ist das Zulassen der Deserialisierung beliebiger Typen unsicher. Geben Sie bei Verwendung von JsonSerializerSettings "TypeNameHandling.None" an, oder stellen Sie für andere Werte als "None" sicher, dass ein SerializationBinder zum Einschränken deserialisierter Typen angegeben wird. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Sicherheit von JsonSerializerSettings sicherstellen + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Die Deserialisierung von JSON bei Verwendung eines anderen TypeNameHandling-Werts als "None" kann unsicher sein. Wenn Sie stattdessen die Json.NET-Deserialisierung ermitteln müssen, wenn kein SerializationBinder angegeben wird, deaktivieren Sie Regel CA2326, und aktivieren Sie die Regeln CA2327, CA2328, CA2329 und CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Die Deserialisierung von JSON bei Verwendung eines anderen TypeNameHandling-Werts als "None" kann unsicher sein. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - Verwenden Sie keinen anderen TypeNameHandling-Wert als "None". + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Nicht den unsicheren LosFormatter zur Deserialisierung verwenden + Do not use insecure deserializer LosFormatter Convert to static method - In statische Methode konvertieren + Convert to static method Converting an instance method to a static method may produce invalid code - Durch das Konvertieren einer Instanzmethode in eine statische Methode wird möglicherweise ungültiger Code generiert. + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Konstruktor ohne Parameter als "public" festlegen + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Ein Instanzfeld eines Typs, der nicht serialisierbar ist, wurde in einem Typ deklariert, der serialisierbar ist. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - Das Feld "{0}" ist ein Member des Typs "{1}", der serialisierbar ist. Das Feld selbst weist jedoch Typ "{2}" auf, der nicht serialisierbar ist. + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Alle nicht serialisierbaren Felder markieren + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - Das NeutralResourcesLanguage-Attribut informiert den ResourceManager über die Sprache, die zum Anzeigen der Ressourcen einer neutralen Kultur für eine Assembly verwendet wurde. Dadurch wird die Suchleistung für die erste von Ihnen geladene Ressource verbessert, und Ihr Arbeitssatz wird möglicherweise reduziert. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Assemblys mit NeutralResourcesLanguageAttribute markieren + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Assemblys mit NeutralResourcesLanguageAttribute markieren + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - Der boolesche Datentyp verfügt über mehrere Darstellungen in nicht verwaltetem Code. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Fügen Sie dem Parameter "{0}" von P/Invoke "{1}" das MarshalAsAttribute hinzu. Wenn der entsprechende nicht verwaltete Parameter "BOOL" für Win32 mit 4 Byte ist, verwenden Sie [MarshalAs(UnmanagedType.Bool)]. Für "bool" für C++ mit 1 Byte verwenden Sie "MarshalAs(UnmanagedType.U1)". + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Fügen Sie dem Rückgabetyp von P/Invoke "{0}" das MarshalAsAttribute hinzu. Wenn der entsprechende nicht verwaltete Rückgabetyp "BOOL" für Win32 mit 4 Byte ist, verwenden Sie "MarshalAs(UnmanagedType.Bool)". Für "bool" für C++ mit 1 Byte verwenden Sie "MarshalAs(UnmanagedType.U1)". + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Boolesche PInvoke-Argumente mit MarshalAs markieren + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Um von der Common Language Runtime als serialisierbar erkannt zu werden, müssen Typen auch dann mit dem SerializableAttribute-Attribut markiert werden, wenn der Typ eine Routine zur benutzerdefinierten Serialisierung durch Implementierung der ISerializable-Schnittstelle verwendet. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Fügen Sie "{0}" [Serializable] hinzu, da dieser Typ ISerializable implementiert. + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - ISerializable-Typen mit "serializable" markieren + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Stellen Sie sicher, dass die Überprüfung der HttpClient-Zertifikatsperrliste nicht deaktiviert ist. + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient wird möglicherweise ohne Aktivieren von CheckCertificateRevocationList erstellt. + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Stellen Sie sicher, dass Zertifikate nicht zum Stammspeicher hinzugefügt werden. + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - Das Hinzufügen von Zertifikaten zu den vertrauenswürdigen Stammzertifikaten des Betriebssystems stellt ein Sicherheitsrisiko dar. Stellen Sie sicher, dass der Zielspeicher kein Stammspeicher ist. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - CreateEncryptor mit Standard-Initialisierungsvektoren verwenden + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - Für die Verschlüsselung wird ein nicht standardmäßiger Initialisierungsvektor verwendet, der potenziell wiederholbar sein kann. Stellen Sie sicher, dass der Standardvektor verwendet wird. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Verwendung sicherer Cookies in ASP.NET Core sicherstellen + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Stellen Sie sicher, dass beim Festlegen eines Cookies "CookieOptions.Secure = true" festgelegt wird. + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Bei Verwendung einer schwachen Schlüsselableitungsfunktion ausreichende Iterationsanzahl sicherstellen + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Stellen Sie eine Iterationsanzahl von mindestens {0} sicher, wenn Sie einen kryptografischen Schlüssel aus einem Kennwort ableiten. Standardmäßig beträgt IterationCount von Rfc2898DeriveByte nur 1000. + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Da ein Typ, der "IDynamicInterfaceCastable" implementiert, möglicherweise keine dynamische Schnittstelle in Metadaten implementiert, treten bei Aufrufen eines Instanzschnittstellenmembers, der keine explizite, für diesen Typ definierte Implementierung ist, zur Laufzeit wahrscheinlich Fehler auf. Markieren Sie neue Schnittstellenmember als "static", um Laufzeitfehler zu vermeiden. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - Der Member "{0}" für den Typ "{1}" sollte als "static" gekennzeichnet werden, weil auf "{1}" das Attribut "DynamicInterfaceImplementationAttribute" angewendet wird. + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Die für eine Schnittstelle mit dem "DynamicInterfaceCastableImplementationAttribute" definierten Member müssen "static" sein + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}“ gibt den Vorschautyp „{1}“ zurück, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}“ gibt den Vorschautyp „{1}“ zurück, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter{2}. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - „{0}“ akzeptiert den Vorschauparametertyp „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} „{0}“ akzeptiert den Vorschauparametertyp „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Diese Methode verwendet Runtime-Marshalling auch dann, wenn das Runtime-Marshalling deaktiviert ist. Dies kann aufgrund unterschiedlicher Erwartungen an das native Layout eines Typs zu unerwarteten Verhaltensunterschieden zur Runtime führen. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - „{0}“ verwendet das Runtime-Marshalling auch dann, wenn das „DisableRuntimeMarshallingAttribute“ angewendet wird. Verwenden Sie Features wie „sizeof“ und Zeiger direkt, um genaue Ergebnisse sicherzustellen. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Diese Methode verwendet das Runtime-Marshalling auch dann, wenn „DisableRuntimeMarshallingAttribute“ angewendet wird. + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Fehlendes HttpVerb-Attribut für Aktionsmethoden + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Alle Methoden, die Daten erstellen, bearbeiten, löschen oder anderweitig ändern, führen diese Vorgänge in der [HttpPost]-Überladung der Methode durch, die mit dem Fälschungssicherheitsattribut vor Anforderungsfälschung geschützt werden muss. Das Ausführen eines GET-Vorgangs muss ein sicherer Vorgang sein, der keine Nebenwirkungen hat und Ihre persistenten Daten nicht ändert. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - Die Aktionsmethode "{0}" muss die Art der HTTP-Anforderung explizit angeben. + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Modulinitialisierer sollen vom Anwendungscode verwendet werden, um sicherzustellen, dass die Komponenten einer Anwendung initialisiert werden, bevor der Anwendungscode ausgeführt wird. Wenn Bibliothekscode eine Methode mit \"ModuleInitializerAttribute\" deklariert, kann dies die Anwendungsinitialisierung beeinträchtigen und auch zu Einschränkungen in den Kürzungsfähigkeiten dieser Anwendung führen. Anstatt Methoden zu verwenden, die mit \"ModuleInitializerAttribute\" gekennzeichnet sind, sollte die Bibliothek Methoden verfügbar machen, mit denen alle Komponenten innerhalb der Bibliothek initialisiert werden können, und der Anwendung das Aufrufen der Methode während der Anwendungsinitialisierung ermöglichen. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - Das Attribut "ModuleInitializer" ist nur für die Verwendung in Anwendungscode oder erweiterten Quell-Generator-Szenarios vorgesehen. + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - Attribut "ModuleInitializer" nicht in Bibliotheken verwenden + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten deserialisiert werden, ohne dass der Typ von Objekten im deserialisierten Objektgraphen durch einen SerializationBinder beschränkt wird. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Vor der Deserialisierung sicherstellen, dass NetDataContractSerializer.Binder festgelegt ist + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Die Methode "{0}" ist unsicher, wenn nicht vertrauenswürdige Daten deserialisiert werden, ohne dass der Typ von Objekten im deserialisierten Objektgraphen durch einen SerializationBinder beschränkt wird. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - Nicht ohne Festlegung von NetDataContractSerializer.Binder deserialisieren + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. Wenn Sie stattdessen die NetDataContractSerializer-Deserialisierung ohne Festlegung von SerializationBinder erkennen müssen, deaktivieren Sie die Regel "CA2310", und aktivieren Sie die Regeln "CA2311" und "CA2312". + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Nicht den unsicheren NetDataContractSerializer zur Deserialisierung verwenden + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Zeichenfolgen müssen in Großbuchstaben normalisiert werden. Eine kleine Gruppe von Zeichen kann keinen Roundtrip durchführen, wenn sie in Kleinbuchstaben konvertiert wird. Bei einem Roundtrip werden die Zeichen von einem Gebietsschema in ein anderes konvertiert, in dem die Zeichen anders dargestellt werden. Anschließend werden die ursprünglichen Zeichen exakt aus den konvertierten Zeichen abgerufen. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - Ersetzen Sie in der Methode "{0}" den Aufruf von "{1}" durch "{2}". + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Zeichenfolgen in Großbuchstaben normalisieren + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - Die Methode "{0}" ist bei der Deserialisierung nicht vertrauenswürdiger Daten unsicher. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Nicht den unsicheren ObjectStateFormatter zur Deserialisierung verwenden + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}“ überschreibt die Vorschaumethode „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}“ überschreibt die Vorschaumethode „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Eine öffentliche oder geschützte Methode in einem öffentlichen Typ weist das Attribut "System.Runtime.InteropServices.DllImportAttribute" auf (auch durch das Declare-Schlüsselwort in Visual Basic implementiert). Solche Methoden dürfen nicht verfügbar gemacht werden. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - Die P/Invoke-Methode "{0}" darf nicht sichtbar sein. + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - P/Invokes dürfen nicht sichtbar sein + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - und alle anderen Plattformen + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - {0}, alle Versionen + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - Durch die Verwendung einer plattformabhängigen API für eine Komponente funktioniert der Code nicht mehr auf allen Plattformen. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - {0}, Version {1} bis {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Diese Aufrufsite ist auf allen Plattformen erreichbar. „{0}“ ist veraltet für: {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Diese Aufrufsite ist erreichbar für: {2}. „{0}“ ist veraltet für: {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Diese Aufrufsite ist auf allen Plattformen erreichbar. "{0}" nur unterstützt für: {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Diese Aufrufsite ist erreichbar für: {2}. "{0}" nur unterstützt für: {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - Diese Aufrufsite ist nicht erreichbar für: {2}. "{0}" nur unterstützt für: {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Diese Aufrufsite ist auf allen Plattformen erreichbar. "{0}" unterstützt für: {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Diese Aufrufsite ist erreichbar für: {2}. "{0}" unterstützt für: {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Plattformkompatibilität überprüfen + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Diese Aufrufsite ist auf allen Plattformen erreichbar. "{0}" nicht unterstützt für: {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Diese Aufrufsite ist erreichbar für: {2}. "{0}" nicht unterstützt für: {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - {0}, {1} und vorherige Versionen + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - {0}, {1} und höhere Versionen + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Überprüfen Sie, auf welche Weise der Code zum Verarbeiten von nicht vertrauenswürdigen deserialisierten Daten unerwartete Verweiszyklen behandelt. Ein unerwarteter Verweiszyklus sollte nicht dazu führen, dass der Code in eine Endlosschleife eintritt. Andernfalls kann ein unerwarteter Verweiszyklus durch einen Angreifer für einen DoS-Angriff oder eine Arbeitsspeicherüberlastung des Prozesses genutzt werden, während nicht vertrauenswürdige Daten deserialisiert werden. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} ist Teil eines potenziellen Verweiszyklus + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Potenzieller Verweiszyklus in deserialisiertem Objektgraph + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - "Substring" durch "AsSpan" ersetzen + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - "AsSpan" ist effizienter als "Substring". Im Gegensatz zu "Substring" führt "AsSpan" keine O(n)-Zeichenfolgenkopie durch und bietet daher konstante Kosten. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Bevorzugen Sie "AsSpan" gegenüber "Substring", wenn span-basierte Überladungen verfügbar sind. + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - "AsSpan" gegenüber "Substring" bevorzugen + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - „Count“ anstelle von „Any()“ verwenden + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Sowohl aus Gründen der Klarheit als auch der Leistung ist der Vergleich von „Count“ mit 0 der Verwendung von „Any()“ vorzuziehen + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - "ContainsKey" verwenden + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - "ContainsKey" lautet normalerweise O(1), während "Keys.Contains" in einigen Fällen O(n) lauten kann. Außerdem wird bei vielen Wörterbuchimplementierungen die Keys-Sammlung verzögert initialisiert, um Zuordnungen einzuschränken. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Bevorzugen Sie "ContainsKey" gegenüber "Keys.Contains" für den Wörterbuchtyp "{0}". + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Dictionary.Contains-Methoden bevorzugen + Prefer Dictionary.Contains methods Use 'ContainsValue' - "ContainsValue" verwenden + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Bei vielen Wörterbuchimplementierungen wird die Values-Sammlung verzögert initialisiert. Um unnötige Zuordnungen zu vermeiden, bevorzugen Sie "ContainsValue" gegenüber "Values.Contains". + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Bevorzugen Sie "ContainsValue" gegenüber "Values.Contains" für den Wörterbuchtyp "{0}". + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Ersetzen Sie dies durch die Methode „HashData“. + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - Es ist effizienter, die statische Methode „HashData“ zu verwenden, als eine HashAlgorithm-Instanz zum Aufrufen von „ComputeHash“ zu erstellen und zu verwalten. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Statische Methode „{0}.HashData“ gegenüber „ComputeHash“ bevorzugen. + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Statische Methode „HashData“ gegenüber „ComputeHash“ bevorzugen. + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - Überprüfung mit „IsEmpty“ anstelle von „Any()“ verwenden + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Sowohl aus Gründen der Klarheit als auch der Leistung ist eine Überprüfung mit „IsEmpty“ der Verwendung von „Any()“ vorzuziehen + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Verwenden Sie lieber die Eigenschaften „IsEmpty“, „Count“ oder „Length“, sofern verfügbar, statt „Enumerable.Any()“ aufzurufen. Die Absicht ist klarer und das Ausführungsverhalten besser als bei Verwendung der Erweiterungsmethode „Enumerable.Any()“. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Verwendung der Erweiterungsmethode „Enumerable.Any()“ vermeiden + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - Überprüfung mit „Length“ anstelle von „Any()“ verwenden + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Sowohl aus Gründen der Klarheit als auch der Leistung ist der Vergleich von „Length“ mit 0 der Verwendung von „Any()“ vorzuziehen + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - Stream verfügt über eine Überladung "ReadAsync", die "Memory<Byte>" als erstes Argument akzeptiert, sowie über eine Überladung "WriteAsync", die "ReadOnlyMemory<Byte>" als erstes Argument akzeptiert. Rufen Sie möglichst arbeitsspeicherbasierte Überladungen auf, da diese effizienter sind. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Wenn Sie bestimmen möchten, ob das Objekt Elemente enthält oder nicht, verwenden Sie die Eigenschaft "IsEmpty", anstatt die Anzahl von Elementen aus der Eigenschaft "Count" abzurufen und mit 0 oder 1 zu vergleichen. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Verwenden Sie "IsEmpty" anstelle von "Count", um zu bestimmen, ob das Objekt leer ist. - - - - Prefer IsEmpty over Count - Ziehen Sie "IsEmpty" gegenüber "Count" vor + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Ändern Sie den Methodenaufruf "{0}" so, dass die Überladung "{1}" verwendet wird. + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Für "ReadAsync" und "WriteAsync" auf "Memory" basierende Überladungen bevorzugen + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Durch "string.Contains" ersetzen + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Aufrufe von "string.IndexOf", um das Ergebnis auf das Vorhandensein/Fehlen einer Teilzeichenfolge zu überprüfen, können durch "string.Contains" ersetzt werden. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Verwenden Sie "string.Contains" anstelle von "string.IndexOf", um die Lesbarkeit zu verbessern. + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Erwägen Sie die Verwendung von "string.Contains" anstelle von "string.IndexOf" + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append und StringBuilder.Insert stellen Überladungen für verschiedene Typen über System.String hinaus bereit. Sofern möglich, geben Sie den stark typisierten Überladungen Vorrang vor einer Verwendung von ToString() und zeichenfolgenbasierten Überladungen. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Entfernen Sie den Aufruf von "ToString", um eine stark typisierte StringBuilder-Überladung zu verwenden. + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - ToString-Aufruf entfernen + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Stark typisierte Append- und Insert-Methodenüberladungen für StringBuilder bevorzugen - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - "StringBuilder.Append(char)" ist effizienter als "StringBuilder.Append(string)", wenn die Zeichenfolge ein einzelnes Zeichen enthält. Wenn "Append" mit einer Konstante aufgerufen wird, verwenden Sie eher ein konstantes Zeichen anstelle einer konstanten Zeichenfolge, die nur ein Zeichen enthält. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Verwenden Sie "StringBuilder.Append(char)" anstelle von "StringBuilder.Append(string)", wenn es sich bei der Eingabe um eine konstante Einheitenzeichenfolge handelt. - - - - Consider using 'StringBuilder.Append(char)' when applicable - Verwendung von "StringBuilder.Append(char)" erwägen + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - Beginnend mit .NET 7 löst die explizite Konvertierung „{0}“ nicht aus, wenn sie in einem ungeprüften Kontext überläuft. Schließen Sie den Ausdruck in eine „checked“-Anweisung ein, um das .NET 6-Verhalten wiederherzustellen. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Beginnend mit .NET 7 löst die explizite Konvertierung „{0}“ aus, wenn sie in einem geprüften Kontext überläuft. Schließen Sie den Ausdruck in eine „unchecked“-Anweisung ein, um das .NET 6-Verhalten wiederherzustellen. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Einige integrierte Operatoren, die in .NET 7 hinzugefügt wurden, verhalten sich beim Überlauf anders als die entsprechenden benutzerdefinierten Operatoren in .NET 6 und früheren Versionen. Einige Operatoren, die zuvor einen nicht überprüften Kontext ausgelöst haben, lösen jetzt keine Auslösung aus, es sei denn, sie werden innerhalb eines überprüften Kontexts umschlossen. Außerdem lösen einige Operatoren, die zuvor nicht in einem überprüften Kontext ausgelöst wurden, jetzt aus, es sei denn, sie werden in einen nicht markierten Kontext eingeschlossen. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Ab .NET 7 wird der Operator „{0}“ ausgelöst, wenn er in einem überprüften Kontext überläuft. Schließen Sie den Ausdruck in eine „unchecked“-Anweisung ein, um das .NET 6-Verhalten wiederherzustellen. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Verhaltensänderungen verhindern + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - Die Enum.HasFlag-Methode erwartet, dass das enum-Argument den gleichen enum-Typ aufweist wie die Instanz, für die die Methode aufgerufen wird, und dass "enum" mit "System.FlagsAttribute" gekennzeichnet ist. Wenn es sich um unterschiedliche enum-Typen handelt, wird zur Laufzeit ein Ausnahmefehler ausgelöst. Wenn der enum-Typ nicht mit "System.FlagsAttribute" gekennzeichnet ist, gibt der Aufruf zur Laufzeit immer FALSE zurück. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - Der Argumenttyp, "{0}", stimmt nicht mit dem enum-Typ "{1}" überein. + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Geben Sie das richtige enum-Argument für "Enum.HasFlag" an + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - Das an "System.String.Format" übergebene Formatargument enthält kein Formatelement, das den einzelnen Objektargumenten entspricht bzw. umgekehrt. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Geeignete Argumente für Formatierungsmethoden angeben + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Geeignete Argumente für Formatierungsmethoden angeben + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Ein Typ weist ein Feld auf, das mit dem System.Runtime.Serialization.OptionalFieldAttribute-Attribut gekennzeichnet ist, und der Typ stellt keine Behandlungsmethoden für Deserialisierungsereignisse bereit. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Fügen Sie dem Typ "{0}" eine private Methode "void OnDeserialized(StreamingContext)" hinzu, und weisen Sie "System.Runtime.Serialization.OnDeserializedAttribute" zu. + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Fügen Sie dem Typ "{0}" eine Methode "private void OnDeserializing(StreamingContext)" hinzu, und weisen Sie "System.Runtime.Serialization.OnDeserializingAttribute" zu. + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Deserialisierungsmethoden für optionale Felder angeben + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - Indem Sie für einen von "System.Runtime.InteropServices.SafeHandle" abgeleiteten Typ einen parameterlosen Konstruktor bereitstellen, der ebenso sichtbar ist wie der enthaltende Typ, erzielen Sie eine bessere Leistung und Nutzung mit aus der Quelle generierten Interop-Lösungen. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Stellen Sie für den Typ "{0}", der von "System.Runtime.InteropServices.SafeHandle" abgeleitet wird, einen parameterlosen Konstruktor bereit, der ebenso sichtbar ist wie der enthaltende Typ. + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Für konkrete Typen, die von "System.Runtime.InteropServices.SafeHandle" abgeleitet werden, einen parameterlosen Konstruktor bereitstellen, der ebenso sichtbar ist wie der enthaltende Typ + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Um die Leistung zu verbessern, setzen Sie die arbeitsspeicherbasierten Async-Methoden beim Erstellen von Unterklassen von "Stream" außer Kraft. Implementieren Sie dann die arraybasierten Methoden im Sinne der arbeitsspeicherbasierten Methoden. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - "{0}" überschreibt die arraybasierte Methode "{1}", aber nicht die arbeitsspeicherbasierte Methode "{2}". Sie sollten die arbeitsspeicherbasierte Methode "{2}" außer Kraft setzen, um die Leistung zu verbessern. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Arbeitsspeicherbasierte asynchrone Methoden beim Erstellen von Unterklassen von „Stream“ außer Kraft setzen + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Redundanten Aufruf entfernen + Remove redundant call Remove unnecessary call - Nicht erforderlichen Aufruf entfernen + Remove unnecessary call Replace string literal with char literal - Zeichenfolgenliteral durch Zeichenliteral ersetzen + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch DLL-Einschleusung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" verändert. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Code auf Sicherheitsrisiken durch DLL-Einschleusung überprüfen + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch Dateipfadeinschleusung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" verändert. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Code auf Sicherheitsrisiken durch Dateipfadeinschleusung überprüfen + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch Informationsoffenlegung gefunden. "{0}" in der Methode "{1}" enthält möglicherweise nicht beabsichtigte Informationen aus "{2}" in Methode "{3}". + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Code auf Sicherheitsrisiken durch Informationsoffenlegung überprüfen + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch LDAP-Einschleusung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" verändert. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Code auf Sicherheitsrisiken durch LDAP-Einschleusung überprüfen + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch offene Umleitung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" verändert. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Code auf Sicherheitsrisiken durch offene Umleitung überprüfen + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch Prozessbefehlseinschleusung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" verändert. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Code auf Sicherheitsrisiken durch Prozessbefehlseinschleusung überprüfen + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch Einschleusung regulärer Ausdrücke gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" verändert. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Code auf Sicherheitsrisiken durch Einschleusung regulärer Ausdrücke überprüfen + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch Einschleusung von SQL-Befehlen gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" verändert. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Code auf Sicherheitsrisiken durch Einschleusung von SQL-Befehlen überprüfen + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch XAML-Einschleusung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" erweitert. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Code auf Sicherheitsrisiken durch XAML-Einschleusung überprüfen + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch XML-Einschleusung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" erweitert. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Code auf Sicherheitsrisiken durch XML-Einschleusung überprüfen - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch XPath-Einschleusung gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" erweitert. - - - - Review code for XPath injection vulnerabilities - Code auf Sicherheitsrisiken durch XPath-Einschleusung überprüfen + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Es wurde ein potenzielles Sicherheitsrisiko durch XSS (Cross-Site Scripting) gefunden. "{0}" in der Methode "{1}" wurde möglicherweise durch benutzergesteuerte Daten aus "{2}" in Methode "{3}" erweitert. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Code auf Sicherheitsrisiken durch XSS überprüfen + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - SQL-Abfragen, die eine Benutzereingabe direkt verwenden, können für Angriffe durch Einschleusung von SQL-Befehlen anfällig sein. Prüfen Sie diese SQL-Abfrage auf potenzielle Sicherheitsrisiken, und ziehen Sie die Verwendung einer parametrisierten SQL-Abfrage in Betracht. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Überprüfen Sie, ob die in "{1}" an "{0}" übergebene Abfragezeichenfolge Benutzereingaben akzeptiert. + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - SQL-Abfragen auf Sicherheitsrisiken überprüfen + Review SQL queries for security vulnerabilities Seal class - Siegelklasse + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Wenn auf einen Typ außerhalb seiner Assembly nicht zugegriffen werden kann und keine Untertypen innerhalb seiner enthaltenden Assembly vorhanden sind, kann er sicher versiegelt werden. Dichtungsarten können die Leistung verbessern. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - Der Typ '{0}' kann versiegelt werden, da er keine Untertypen in der enthaltenden Assembly enthält und nicht extern sichtbar ist + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Interne Typen versiegeln + Seal internal types Set HttpOnly to true for HttpCookie - HttpOnly für HttpCookie auf TRUE festlegen + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - Stellen Sie als effektive Abwehrmaßnahme sicher, dass die sicherheitsrelevanten HTTP-Cookies als "HttpOnly" gekennzeichnet sind. Dadurch werden Webbrowser angewiesen, Skripts den Zugriff auf die Cookies zu verwehren. Eingefügte schädliche Skripts sind eine gängige Methode zum Stehlen von Cookies. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly ist bei Verwendung eines HttpCookie auf FALSE oder gar nicht festgelegt. Stellen Sie sicher, dass sicherheitsrelevante Cookies als HttpOnly gekennzeichnet sind, um zu verhindern, dass sie von schädlichen Skripts gestohlen werden. + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Legen Sie ViewStateUserKey für von der Seite abgeleitete Klassen fest. + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - Durch Festlegen der ViewStateUserKey-Eigenschaft können Sie Angriffe auf Ihre Anwendung verhindern, indem Sie der view-state-Variablen für einzelne Benutzer einen Bezeichner zuweisen können, damit diese die Variable nicht zum Generieren eines Angriffs verwenden können. Andernfalls besteht das Sicherheitsrisiko der websiteübergreifenden Anforderungsfälschung. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - Die von System.Web.UI.Page abgeleitete Klasse "{0}" legt nicht die ViewStateUserKey-Eigenschaft in der OnInit-Methode oder der Page_Init-Methode fest. + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Geben Sie die Kultur an, um eine versehentliche implizite Abhängigkeit von der aktuellen Kultur zu vermeiden. Die Verwendung einer unveränderlichen Version führt unabhängig von der Kultur einer Anwendung zu konsistenten Ergebnissen. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Geben Sie eine Kultur an oder verwenden Sie eine unveränderliche Version, um eine implizite Abhängigkeit von der aktuellen Kultur zu vermeiden + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Geben Sie eine Kultur an oder verwenden Sie eine invariante Version + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Eine Methode oder ein Konstruktor ruft einen Member mit einer Überladung auf, die einen System.Globalization.CultureInfo-Parameter akzeptiert, aber die Methode bzw. der Konstruktor ruft nicht die Überladung auf, die den CultureInfo-Parameter annimmt. Wenn kein CultureInfo- oder System.IFormatProvider-Objekt bereitgestellt wird, hat der von dem überladenen Member bereitgestellte Standardwert möglicherweise nicht die gewünschten Auswirkungen in allen Gebietsschemas. Wenn das Ergebnis dem Benutzer angezeigt wird, geben Sie "CultureInfo.CurrentCulture" als CultureInfo-Parameter an. Wird das Ergebnis hingegen gespeichert (beispielsweise auf einem Datenträger oder in einer Datenbank) und von Software abgerufen, geben Sie "CultureInfo.InvariantCulture" an. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Das Verhalten von "{0}" kann je nach den Gebietsschemaeinstellungen des Benutzers variieren. Ersetzen Sie diesen Aufruf in "{1}" durch einen Aufruf an "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - CultureInfo angeben + Specify CultureInfo Specify current culture - Geben Sie die aktuelle Kultur an + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Eine Methode oder ein Konstruktor ruft mindestens einen Member mit Überladungen auf, die einen Parameter "System.IFormatProvider" akzeptieren, aber die Methode bzw. der Konstruktor ruft nicht die Überladung auf, die den Parameter "IFormatProvider" akzeptiert. Wenn kein Objekt "System.Globalization.CultureInfo" oder "IFormatProvider" bereitgestellt wird, hat der von dem überladenen Member bereitgestellte Standardwert möglicherweise nicht die gewünschten Auswirkungen in allen Gebietsschemas. Wenn das Ergebnis auf der Eingabe des Benutzers beruht oder die Ausgabe dem Benutzer angezeigt wird, geben Sie "CultureInfo.CurrentCulture" als IFormatProvider an. Wird das Ergebnis hingegen gespeichert und von Software abgerufen (beispielsweise von einem Datenträger oder einer Datenbank geladen und auf einem Datenträger/in einer Datenbank gespeichert), geben Sie "CultureInfo.InvariantCulture" an. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Das Verhalten von "{0}" kann je nach den Gebietsschemaeinstellungen des Benutzers variieren. Ersetzen Sie diesen Aufruf in "{1}" durch einen Aufruf an "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Das Verhalten von "{0}" kann je nach den Gebietsschemaeinstellungen des Benutzers variieren. Ersetzen Sie diesen Aufruf in "{1}" durch einen Aufruf an "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - Das Verhalten von '{0}' kann je nach den Gebietsschemaeinstellungen des aktuellen Benutzers variieren. Geben Sie einen Wert für das Argument ‚IFormatProvider‘ an. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - "{0}" übergibt "{1}" als IFormatProvider-Parameter an "{2}". Diese Eigenschaft gibt eine Kultur zurück, die für Formatierungsmethoden nicht geeignet ist. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - "{0}" übergibt "{1}" als IFormatProvider-Parameter an "{2}". Diese Eigenschaft gibt eine Kultur zurück, die für Formatierungsmethoden nicht geeignet ist. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - IFormatProvider angeben + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Ein Member zum Plattformaufruf ermöglicht teilweise vertrauenswürdige Aufrufer, weist einen Zeichenfolgenparameter auf und führt kein explizites Marshalling der Zeichenfolge durch. Dies kann ein potenzielles Sicherheitsrisiko darstellen. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Marshalling für P/Invoke-Zeichenfolgenargumente angeben + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Ein Vorgang für den Zeichenfolgenvergleich verwendet eine Methodenüberladung, die keinen StringComparison-Parameter festlegt. Es empfiehlt sich, die Überladung mit dem StringComparison-Parameter zu verwenden, um die Absicht zu verdeutlichen. Wenn das Ergebnis dem Benutzer angezeigt wird, beispielsweise beim Sortieren einer Liste von Elementen für die Anzeige in einem Listenfeld, geben Sie "StringComparison.CurrentCulture" oder "StringComparison.CurrentCultureIgnoreCase" als StringComparison-Parameter an. Beim Vergleichen von Bezeichnern, bei denen die Groß-/Kleinschreibung keine Rolle spielt (beispielsweise Dateipfade, Umgebungsvariablen oder Registrierungsschlüsseln und -werte), geben Sie "StringComparison.OrdinalIgnoreCase" an. Wenn Sie hingegen Bezeichner mit relevanter Groß-/Kleinschreibung vergleichen, geben Sie "StringComparison.Ordinal" an. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - "{0}" weist eine Methodenüberladung auf, die einen StringComparison-Parameter akzeptiert. Ersetzen Sie diesen Aufruf in "{1}" durch einen Aufruf von "{2}", um die Absicht zu verdeutlichen. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - "StringComparison" zur Verdeutlichung angeben + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Ein Vorgang für den Zeichenfolgenvergleich verwendet eine Methodenüberladung, die keinen StringComparison-Parameter festlegt. Das Verhalten kann daher je nach den Gebietsschemaeinstellungen des aktuellen Benutzers variieren. Es wird dringend empfohlen, die Überladung mit dem StringComparison-Parameter zu verwenden, um Richtigkeit zu gewährleisten und die Absicht zu verdeutlichen. Wenn das Ergebnis dem Benutzer angezeigt wird, beispielsweise beim Sortieren einer Liste von Elementen für die Anzeige in einem Listenfeld, geben Sie "StringComparison.CurrentCulture" oder "StringComparison.CurrentCultureIgnoreCase" als StringComparison-Parameter an. Beim Vergleichen von Bezeichnern, bei denen die Groß-/Kleinschreibung keine Rolle spielt (beispielsweise Dateipfade, Umgebungsvariablen oder Registrierungsschlüsseln und -werte), geben Sie "StringComparison.OrdinalIgnoreCase" an. Wenn Sie hingegen Bezeichner mit relevanter Groß-/Kleinschreibung vergleichen, geben Sie "StringComparison.Ordinal" an. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Das Verhalten von "{0}" kann je nach den Gebietsschemaeinstellungen des Benutzers variieren. Ersetzen Sie diesen Aufruf in "{1}" durch einen Aufruf an "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - "StringComparison" für Richtigkeit angeben + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - Zur Verwendung der Modifizierer "static" und "abstract" müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter https://aka.ms/dotnet-warnings/preview-features. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - Der Zeichenfolgenvergleich mithilfe der String.Length-Eigenschaft oder der String.IsNullOrEmpty-Methode ist erheblich schneller als der Vergleich über "Equals". + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Führen Sie den Test auf leere Zeichenfolgen über die Eigenschaft "string.Length" oder die Methode "string.IsNullOrEmpty" anstelle der Gleichheitsprüfung durch. + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Anhand der Zeichenfolgenlänge auf leere Zeichenfolgen prüfen + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Dieser Ausdruck testet einen Wert anhand von "Single.Nan" oder "Double.Nan". Verwenden Sie "Single.IsNan(Single)" oder "Double.IsNan(Double)", um den Wert zu testen. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Ordnungsgemäß auf NaN testen + Test for NaN correctly Test for NaN correctly - Ordnungsgemäß auf NaN testen + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - \"ThreadStatic\"-Felder sollten bei der Verwendung verzögert initialisiert werden, nicht mit Inlineinitialisierung oder explizit in einem statischen Konstruktor, der nur das Feld in dem Thread initialisieren würde, der den statischen Konstruktor des Typs ausführt. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - \"ThreadStatic\"-Felder dürfen keine Inlineinitialisierung verwenden. + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Ungültige Initialisierung des \"ThreadStatic\"-Feldes + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - \"ThreadStatic\" wirkt sich nur auf statische Felder aus. Bei Anwendung auf Instanzfelder hat dies keine Auswirkungen auf das Verhalten. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Sicherstellen, dass \"ThreadStatic\" nur mit statischen Feldern verwendet wird + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - \"ThreadStatic\" wirkt sich nur auf statische Felder aus + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - ArgumentException-Throw-Hilfsprogramm verwenden + Use ArgumentException throw helper Use ArgumentNullException throw helper - ArgumentNullException-Throw-Hilfsprogramm verwenden + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - ArgumentOutOfRangeException-Throw-Hilfsprogramm verwenden + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Array.Empty verwenden + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - Der Range-basierte Indexer für Arraywerte erstellt eine Kopie des angeforderten Bereichs des Arrays. Diese Kopie ist bei einer impliziten Verwendung als Span- oder Memory-Wert häufig unerwünscht. Verwenden Sie die Methode "AsSpan", um das Erstellen einer Kopie zu vermeiden. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Verwenden Sie "{0}" anstelle des {1}-basierten Indexers für "{2}", um das Erstellen nicht erforderlicher Datenkopien zu vermeiden. + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - "{0}" anstelle von bereichsbasierten Indexern in einer Zeichenfolge verwenden + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - "{0}" anstelle von bereichsbasierten Indexern in einem Array verwenden + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Verwenden Sie bei Bedarf anstelle von Range-basierten Indexern "AsSpan" oder "AsMemory". + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Der Range-basierte Indexer für Zeichenfolgenwerte erzeugt eine Kopie des angeforderten Teils der Zeichenfolge. Diese Kopie ist bei der impliziten Verwendung als ReadOnlySpan- oder ReadOnlyMemory-Wert in der Regel nicht notwendig. Verwenden Sie die AsSpan-Methode, um die nicht benötigte Kopie zu vermeiden. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Der Range-basierte Indexer für Arraywerte erzeugt eine Kopie des angeforderten Teils des Arrays. Diese Kopie ist bei der impliziten Verwendung als ReadOnlySpan- oder ReadOnlyMemory-Wert in der Regel nicht notwendig. Verwenden Sie die AsSpan-Methode, um die nicht benötigte Kopie zu vermeiden. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Verwenden Sie innerhalb einer Methode, die einen Task zurückgibt, die asynchrone Version von Methoden (sofern vorhanden). + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - "{0}" synchron blockiert. Verwenden Sie stattdessen "await" für "{1}". + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - "{0}" führt zu einer synchronen Blockierung. Verwenden Sie stattdessen "await". + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Asynchrone Methoden in einer asynchronen Methode aufrufen + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Fälschungssicherheitstoken in ASP.NET Core MVC-Controllern verwenden + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Die Verarbeitung einer POST-, PUT-, PATCH- oder DELETE-Anforderung ohne Überprüfung eines Fälschungssicherheitstokens ist möglicherweise anfällig für Angriffe durch websiteübergreifende Anforderungsfälschung. Bei einem Angriff durch websiteübergreifende Anforderungsfälschung können schädliche Anforderungen von einem authentifizierten Benutzer an den ASP.NET Core MVC-Controller gesendet werden. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Die Methode "{0}" verarbeitet eine {1}-Anforderung ohne Überprüfung eines Fälschungssicherheitstokens. Sie müssen außerdem sicherstellen, dass Ihr HTML-Formular ein Fälschungssicherheitstoken sendet. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Durch "CancellationToken.ThrowIfCancellationRequested" ersetzen + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - "ThrowIfCancellationRequested" überprüft automatisch, ob das Token storniert wurde, und löst in diesem Fall "OperationCanceledException" aus. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Verwenden Sie "ThrowIfCancellationRequested", anstatt "IsCancellationRequested" zu überprüfen und "OperationCanceledException" auszulösen. + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - "ThrowIfCancellationRequested()" verwenden + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - Die Verwendung von konkreten Typen vermeidet den Mehraufwand für virtuelle Aufrufe oder Schnittstellenaufrufe und ermöglicht das Inlining. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Ändern Sie den Typ des Felds "{0}" von "{1}" in "{2}", um die Leistung zu verbessern. + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Ändern Sie den Typ der Variablen "{0}" von "{1}" in "{2}", um die Leistung zu verbessern. + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Ändern Sie den Rückgabetyp der Methode "{0}" von "{1}" in "{2}", um die Leistung zu verbessern. + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Ändern Sie den Typ des Parameters "{0}" von "{1}" in "{2}", um die Leistung zu verbessern. + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Ändern Sie den Typ der Eigenschaft „{0}“ von „{1}“ in „{2}“, um die Leistung zu verbessern. + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Verwenden Sie nach Möglichkeit konkrete Typen, um die Leistung zu verbessern. + Use concrete types when possible for improved performance Use Container Level Access Policy - Zugriffsrichtlinie auf Containerebene verwenden + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Es ist kein Zugriffsrichtlinienbezeichner angegeben, dadurch können Token nicht widerrufen werden. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Erwägen Sie (sofern möglich) die Verwendung der rollenbasierten Zugriffssteuerung von Azure anstelle einer Shared Access Signature (SAS). Wenn Sie weiterhin eine SAS benötigen, verwenden Sie beim Erstellen einer SAS eine Zugriffsrichtlinie auf Containerebene. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - DefaultDllImportSearchPaths-Attribut für P/Invokes verwenden + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - Standardmäßig wird von P/Invokes über DllImportAttribute eine Reihe von Verzeichnissen getestet, einschließlich des aktuellen Arbeitsverzeichnisses für die zu ladende Bibliothek. Dies kann für bestimmte Anwendungen ein Sicherheitsproblem darstellen, das zu DLL-Hijacking führt. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - Die Methode "{0}" hat das DefaultDllImportSearchPaths-Attribut für P/Invokes nicht verwendet. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Verwenden Sie äquivalenten Code, der funktioniert, wenn Marshalling deaktiviert ist + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - "Environment.CurrentManagedThreadId" ist einfacher und schneller als "Thread.CurrentThread.ManagedThreadId". + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - "Environment.CurrentManagedThreadId" verwenden + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Verwenden Sie "Environment.CurrentManagedThreadId" anstelle von "Thread.CurrentThread.ManagedThreadId". + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - "Environment.CurrentManagedThreadId" verwenden + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - "Environment.ProcessId" ist einfacher und schneller als "Process.GetCurrentProcess().Id". + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - "Environment.ProcessId" verwenden + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Verwenden Sie "Environment.ProcessId" anstelle von "Process.GetCurrentProcess().Id" + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - "Environment.ProcessId" verwenden + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - "Environment.ProcessPath" ist einfacher und schneller als "Process.GetCurrentProcess().MainModule.FileName". + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - "Environment.ProcessPath" verwenden + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Verwenden Sie "Environment.ProcessPath' anstelle von "Process.GetCurrentProcess().MainModule.FileName". + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - "Environment.ProcessPath" verwenden + Use 'Environment.ProcessPath' Use indexer - Indexer verwenden + Use indexer Use an invariant version - Verwenden Sie eine unveränderliche Version + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Eine Methode zum Betriebssystemaufruf ist definiert, und eine Methode mit der entsprechenden Funktionalität befindet sich in der .NET Framework-Klassenbibliothek. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Verwaltete Entsprechungen der Win32-API verwenden + Use managed equivalents of win32 api Use managed equivalents of win32 api - Verwaltete Entsprechungen der Win32-API verwenden + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - ObjectDisposedException-Throw-Hilfsprogramm verwenden + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Bei einem nicht linguistischen Vorgang zum Zeichenfolgenvergleich wird der StringComparison-Parameter nicht auf "Ordinal" oder "OrdinalIgnoreCase" festgelegt. Indem der Parameter explizit auf "StringComparison.Ordinal" oder "StringComparison.OrdinalIgnoreCase" festgelegt wird, gewinnt Ihr Code häufig an Geschwindigkeit und ist zudem korrekter und zuverlässiger. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Ordinalzeichenfolgenvergleich verwenden + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() listet möglicherweise die Sequenz auf, während es sich bei einer Length/Count-Eigenschaft um Direktzugriff handelt. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Verwenden Sie die Eigenschaft "{0}" anstelle von "Enumerable.Count()". + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Length/Count-Eigenschaft anstelle von Count() verwenden, wenn verfügbar + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Verwenden Sie den RSA-Algorithmus (Rivest – Shamir – Adleman) mit einer ausreichenden Schlüsselgröße + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Verschlüsselungsalgorithmen sind anfällig für Brute-Force-Angriffe, wenn eine zu geringe Schlüsselgröße verwendet wird. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Die Schlüsselgröße des asymmetrischen Verschlüsselungsalgorithmus "{0}" beträgt weniger als 2048. Wechseln Sie stattdessen zu einer RSA-Verschlüsselung mit ECDH- oder ECDSA-Algorithmus mit einer Schlüsselgröße von mindestens 2048. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Anwendungen, die über HTTPS verfügbar sind, müssen sichere Cookies verwenden. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - SharedAccessProtocol.HttpsOnly verwenden + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS verschlüsselt den Netzwerkdatenverkehr. Verwenden Sie HttpsOnly anstelle von HttpOrHttps, um sicherzustellen, dass der Netzwerkdatenverkehr immer verschlüsselt ist. So können Sie die Offenlegung vertraulicher Daten verhindern. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Erwägen Sie (sofern möglich) die Verwendung der rollenbasierten Zugriffssteuerung von Azure anstelle einer Shared Access Signature (SAS). Wenn Sie weiterhin eine SAS benötigen, verwenden Sie "SharedAccessProtocol.HttpsOnly". + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Verwenden von „Clear()“ + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - Es ist effizienter, „Clear“ anstelle von „Fill“ mit dem Standardwert zu verwenden. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - „Span<T>.Clear()“ anstelle von „Span<T>.Fill(default)“ bevorzugen + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - „Clear“ vor „Fill“ bevorzugen + Prefer 'Clear' over 'Fill' Use 'StartsWith' - „StartsWith“ verwenden + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - Es ist übersichtlicher und schneller, „StartsWith“ zu verwenden, statt das Ergebnis von „IndexOf“ mit null zu vergleichen. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Verwenden Sie „StartsWith“, statt das Ergebnis von „IndexOf“ mit 0 zu vergleichen + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - „StartsWith“ statt „IndexOf“ verwenden + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - "string.Equals" verwenden + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - Die Verwendung von "string.Equals" ist sowohl klarer als auch wahrscheinlich schneller als das Vergleichen des Ergebnisses von "string.Compare" mit null. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Verwenden Sie "string.Equals", statt das Ergebnis von "string.Compare" mit 0 zu vergleichen. + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - "string.Equals" verwenden - - - - Use 'AsSpan' with 'string.Concat' - "AsSpan" mit "string.Concat" verwenden - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - Die Verwendung von "AsSpan" und "string.Concat" ist effizienter als "Substring" und ein Verkettungsoperator. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Verwenden Sie "string.Concat" und "AsSpan" auf span-Basis anstelle von "Substring". - - - - Use span-based 'string.Concat' - "string.Concat" auf span-Basis verwenden - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - "string.Contains(char)" ist als leistungsfähigere Überladung für die Suche nach einzelnen Zeichen verfügbar. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Verwenden Sie "string.Contains(char)" anstelle von "string.Contains(string)" bei der Suche nach einem einzelnen Zeichen. - - - - Use char literal for a single character lookup - Zeichenliteral für die Suche nach einem einzelnen Zeichen verwenden + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Throw-Hilfsprogramme sind einfacher und effizienter als If-Blöcke, die eine neue Ausnahmeinstanz erstellen. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - "{0}.{1}" verwenden + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Verwenden Sie "{0}.{1}", anstatt explizit eine neue Ausnahmeinstanz auszulösen. + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - Das Analysetool für Plattformkompatibilität erfordert einen gültigen Plattformnamen und eine gültige Version. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - Version {0} ist für die Plattform "{1}" ungültig. Verwenden Sie für diese Plattform eine Version mit 2{2} Teilen. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - Die Version "{0}" ist für die Plattform "{1}" ungültig. Verwenden Sie keine Versionen für diese Plattform. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Gültige Plattformzeichenfolge verwenden + Use valid platform string The platform '{0}' is not a known platform name - Plattform "{0}" ist kein bekannter Plattformname. + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - Von Memberaufrufen zurückgegebene ValueTasks sind so konzipiert, dass sie direkt erwartet werden sollten. Versuche, einen ValueTask mehrmals zu nutzen oder direkt auf das Ergebnis zuzugreifen, bevor er offiziell abgeschlossen wurde, können zu einer Ausnahme oder zur Beschädigung führen. Das Ignorieren eines solchen ValueTask ist wahrscheinlich ein Hinweis auf einen Funktionsfehler und kann zu Leistungseinbußen führen. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - Auf die Ergebnisse von ValueTask-Instanzen darf nur dann direkt zugegriffen werden, wenn die Instanz bereits abgeschlossen ist. Im Gegensatz zu Tasks wird beim Aufruf von "Result" oder "GetAwaiter().GetResult()" für einen ValueTask nicht unbedingt eine Sperre eingerichtet, bis der Vorgang abgeschlossen ist. Wenn Sie nicht einfach auf die Instanz warten können, sollten Sie zunächst die zugehörige IsCompleted-Eigenschaft überprüfen (oder durch Assertion bestätigen, dass sie TRUE lautet, sofern Sie sich dessen sicher sind). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - ValueTask-Instanzen dürfen nur einmal verwendet werden, z. B. über einen await-Vorgang. Das mehrfache Verwenden derselben ValueTask-Instanz kann zu Ausnahmen und zur Datenbeschädigung führen. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Von Methodenaufrufen zurückgegebene ValueTask-Instanzen müssen direkt erwartet, zurückgegeben oder als Argument an einen anderen Methodenaufruf übergeben werden. Eine andere Verwendung, z. B. das Speichern einer Instanz an einem lokalen Speicherort oder in einem Feld, ist wahrscheinlich ein Hinweis auf einen Fehler, weil ValueTask-Instanzen immer nur einmal verwendet werden dürfen. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Von Methodenaufrufen zurückgegebene ValueTask-Instanzen müssen immer verwendet werden, normalerweise erwartet. Ein anderes Vorgehen stellt häufig einen Funktionsfehler oder dar oder kann zumindest zu Leistungseinbußen führen, wenn die Zielmethode Objekte für die Verwendung mit ValueTasks in Pools gruppiert. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - ValueTasks ordnungsgemäß verwenden + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Durch das Verarbeiten von XML aus nicht vertrauenswürdigen Daten werden möglicherweise gefährliche externe Verweise geladen, die mithilfe eines XmlReaders mit sicherem Konfliktlöser oder mit deaktivierter DTD-Verarbeitung eingeschränkt werden müssen. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - XmlReader für "DataSet.ReadXml()" verwenden + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - XmlReader für "XmlSerializer.Deserialize()" verwenden + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - XmlReader für "XmlSchema.Read()" verwenden + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - XmlReader für XmlValidatingReader-Konstruktor verwenden + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - XmlReader für XPathDocument-Konstruktor verwenden + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - Diese Überladung der {0}.{1}-Methode ist potenziell unsicher. Sie kann die Dokumenttypdefinition (DTD) aktivieren, die für DoS-Angriff (Denial of Service) anfällig ist, oder einen XmlResolver verwenden, der anfällig für eine Offenlegung von Informationen sein kann. Verwenden Sie eine Überladung, die stattdessen eine XmlReader-Instanz nutzt, und bei der die DTD-Verarbeitung deaktiviert ist und kein XmlResolver-Vorgang ausgeführt wird. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - „{0}“ verwendet den Vorschautyp „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} „{0}“ verwendet den Vorschautyp „{1}“, daher müssen Vorschaufeatures abonniert werden. Weitere Informationen finden Sie unter {2}. - - - - Use 'TryGetValue(TKey, out TValue)' - „TryGetValue(TKey, out TValue)“ verwenden - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Methode „IDictionary.TryGetValue(TKey, out TValue)“ bevorzugen - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Ziehen Sie einen „TryGetValue“-Aufruf einem Wörterbuchindexerzugriff vor, der durch eine „ContainsKey“-Überprüfung geschützt wird, um eine doppelte Suche zu vermeiden - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Ziehen Sie einen „TryGetValue“-Aufruf einem Wörterbuchindexerzugriff vor, der durch eine „ContainsKey“-Überprüfung geschützt wird. „ContainsKey“ und der Indexer würden beide den Schlüssel im Hintergrund suchen; die Verwendung von „TryGetValue“ entfernt die zusätzliche Suche. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf index 69825ae35e..2b78cc1f3c 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - Agregue el atributo "NonSerialized" a este campo. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Agregar el atributo Serializable + Add Serializable attribute Review cipher mode usage with cryptography experts - Revisar el uso del modo de cifrado con expertos en criptografía + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Estos modos de cifrado pueden ser vulnerables a ataques. Use los modos recomendados (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Revise el uso del modo de cifrado "{0}" con expertos en criptografía. Use los modos recomendados (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - El parámetro de literal de cadena de un atributo no se analiza correctamente para una dirección URL, un GUID o una versión. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - En el constructor de "{0}", cambie el valor del argumento "{1}", que es actualmente "{2}", a otro que se pueda analizar correctamente como "{3}". + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - En el constructor de "{0}", cambie el valor del argumento "{1}", que es actualmente una cadena vacía (""), a otro que se pueda analizar correctamente como "{2}". + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Los literales de cadena de atributo se deben analizar correctamente + Attribute string literals should parse correctly Extract to static readonly field - Extraer en campo estático de solo lectura + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - Las matrices constantes pasadas como argumentos no se reutilizan cuando se llaman repetidamente, lo que implica que se cree una nueva matriz cada vez. Considere la posibilidad de extraerlas a campos "static readonly" para mejorar el rendimiento si la matriz pasada no se muta dentro del método llamado. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - Preferir campos "static readonly" frente a argumentos de matriz constantes si se llama repetidamente al método llamado y no muta la matriz pasada + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - Evitar matrices constantes como argumentos + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - Al serializar "StringBuilder" siempre se crea una copia del búfer nativo, lo que da lugar a varias asignaciones para una operación de serialización. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Evite los parámetros "StringBuilder" para los elementos P/Invoke. Considere la posibilidad de usar un búfer de caracteres en su lugar. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - Evitar los parámetros "StringBuilder" para los elementos P/Invoke + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - La biblioteca de clases de .NET Framework proporciona los métodos para recuperar los atributos personalizados. De forma predeterminada, estos métodos buscan la jerarquía de herencia del atributo. Al sellar el atributo, se elimina la búsqueda a través de la jerarquía de herencia y puede mejorarse el rendimiento. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Evitar atributos no sellados + Avoid unsealed attributes Avoid unsealed attributes - Evitar atributos no sellados + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Evite las asignaciones de matriz de longitud cero innecesarias. Use {0} en su lugar. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Evite las asignaciones de matriz de longitud cero + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza sin un elemento SerializationBinder para restringir el tipo de objetos en el grafo de objetos deserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Asegurarse de que BinaryFormatter.Binder se ha establecido antes de llamar a BinaryFormatter.Deserialize + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza sin un elemento SerializationBinder para restringir el tipo de objetos en el grafo de objetos deserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - No llame a BinaryFormatter.Deserialize sin establecer primero BinaryFormatter.Binder + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza. Si necesita detectar la deserialización de BinaryFormatter sin establecer un elemento SerializationBinder, deshabilite la regla CA2300 y habilite las reglas CA2301 y CA2302. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - El método "{0}" no es seguro al deserializar datos que no son de confianza. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - No usar el deserializador no seguro BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' espera que se copie el número de bytes para el argumento 'count'. El uso de 'Array.Length' puede no coincidir con el número de bytes que se deben copiar. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' espera que se copie el número de bytes para el argumento 'count'. El uso de 'Array.Length' puede no coincidir con el número de bytes que se deben copiar. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - 'Buffer.BlockCopy' espera que se copie el número de bytes para el argumento 'count' + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Un método que es una implementación de Dispose no llama a GC.SuppressFinalize, o un método que no es una implementación de Dispose llama a GC.SuppressFinalize, o un método llama a GC.SuppressFinalize y pasa algo distinto de "this" (Me en Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Cambie "{0}" para llamar a {1}. Con esto se evitará que los tipos derivados que introducen un finalizador tengan que volver a implementar "IDisposable" para llamarlo. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Cambie "{0}" para llamar a {1}. Esto evita la finalización no necesaria del objeto una vez que se ha desechado y ha quedado fuera de ámbito. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} llama a {1} sobre algo diferente de sí mismo. Cambie el sitio de llamada para que pase "this" ("Me" en Visual Basic). + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} llama a {1}, un método al que normalmente solo se llama en una implementación de "IDisposable.Dispose". Consulte el modelo de IDisposable para obtener más información. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Los métodos Dispose deberían llamar a SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - El atributo ConstantExpected no se aplica correctamente en el parámetro. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Uso incorrecto del atributo ConstantExpected + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - El atributo ConstantExpected es necesario para el parámetro debido a la anotación del método primario + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - El valor '{0}' no es compatible con el tipo de parámetro de '{1}' + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - El valor '{0}' no cabe dentro de los límites de valor de parámetro de '{1}' a '{2}' + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - La constante no es del mismo tipo '{0}' que el parámetro + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Los valores Mínimo y Máximo están invertidos + The Min and Max values are inverted The argument should be a constant for optimal performance - El argumento debe ser una constante para obtener un rendimiento óptimo + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - No se admite el tipo '{0}' para el atributo ConstantExpected + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - La constante no cabe dentro de los límites de valor de '{0}' a '{1}' + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - El parámetro espera una constante para un rendimiento óptimo. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Se espera una constante para el parámetro + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Cuando se deserializa una entrada que no es de confianza, no es segura la deserialización de un objeto {0}. "{1}" es {0} o se deriva de este. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - Se encontró un tipo DataSet o DataTable no seguro en el gráfico de objetos deserializable + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - Cuando se deserializa una entrada que no es de confianza con un serializador basado en IFormatter, no es segura la deserialización de un objeto {0}. "{1}" es {0} o se deriva de este. Asegúrese de que el tipo autogenerado nunca se deserialice con datos que no son de confianza. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Un elemento DataSet o DataTable no seguro en un tipo serializable autogenerado puede ser vulnerable a ataques de ejecución remota de código + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Cuando se deserializa una entrada que no es de confianza, no es segura la deserialización de un objeto {0}. "{1}" es {0} o se deriva de este. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Un elemento DataSet o DataTable no seguro en un gráfico de objetos deserializados puede ser vulnerable a ataques de ejecución remota de código + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - Al deserializar la entrada que no es de confianza con un serializador basado en IFormatter, la deserialización de un objeto {0} no es segura. "{1}" es {0} o se deriva de él. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Un elemento DataSet o DataTable no seguro en un tipo serializable puede ser vulnerable a ataques de ejecución remota de código + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Cuando se deserializa una entrada que no es de confianza, no es segura la deserialización de un objeto {0}. "{1}" es {0} o se deriva de este. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - Elemento DataSet o DataTable no seguro en un tipo serializable + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Cuando se deserializa una entrada que no es de confianza, no es segura la deserialización de un objeto {0}. "{1}" es {0} o se deriva de este. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Tipo DataSet o DataTable no seguro en el gráfico de objetos deserializables web + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - El método "{0}" no es seguro al deserializar datos que no son de confianza. Asegúrese de que la clase autogenerada que contiene la llamada a "{0}" no se deserialice con dicho tipo de datos. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Asegurarse de que la clase autogenerada que contiene DataSet.ReadXml() no se use con datos que no son de confianza + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - El método "{0}" no es seguro al deserializar datos que no son de confianza. + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - No usar DataSet.ReadXml() con datos que no son de confianza + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - El método "{0}" no es seguro al deserializar datos que no son de confianza. + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - No usar DataTable.ReadXml() con datos que no son de confianza + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients debe habilitar las comprobaciones de la lista de revocación de certificados. + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient se crea sin habilitar CheckCertificateRevocationList. + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - No agregar certificados al almacén raíz + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - La adición de certificados a los certificados raíz de confianza del sistema operativo aumenta el riesgo de autenticar incorrectamente un certificado ilegítimo + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - No usar CreateEncryptor con un vector de inicialización no predeterminado + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - La clave de cifrado simétrica usa un vector de inicialización no predeterminado, que puede repetirse + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Usar cookies seguras en ASP.NET Core + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Establecer CookieOptions.Secure en true al establecer una cookie + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - No usar una función de derivación de claves débiles con un recuento de iteraciones insuficiente + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Use al menos {0} iteraciones al derivar una clave criptográfica de una contraseña. De forma predeterminada, el valor IterationCount de Rfc2898DeriveByte es solo 1000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Las versiones anteriores del protocolo Seguridad de la capa de transporte (TLS) son menos seguras que las versiones TLS 1.2 y TLS 1.3, y es más probable que tengan nuevas vulnerabilidades. Evite las versiones anteriores del protocolo para minimizar el riesgo. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - La versión "{0}" del protocolo Seguridad de la capa de transporte está en desuso. Utilice "None" para permitir que el sistema operativo elija una versión. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - No usar valores de SslProtocols en desuso + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' deriva de la clase de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' deriva de la clase de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Un ensamblado tiene que participar en las características en versión preliminar antes de usarlos. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - El uso de '{0}' requiere la participación en las características en versión preliminar. Consulte {1} para obtener más información. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} El uso de '{0}' requiere la participación en las características en versión preliminar. Consulte {1} para obtener más información. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Esta API requiere la participación en las características en versión preliminar. + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Un tipo que implementa System.IDisposable declara campos de tipos que también implementan IDisposable. El método Dispose del tipo declarativo no llama al método Dispose del campo. Para corregir una infracción de esta regla, llame a Dispose en campos que sean de tipos que implementan IDisposable si usted es el responsable de asignar y liberar los recursos no administrados que contiene el campo. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - "{0}" contiene el campo "{1}" que es de tipo IDisposable "{2}", pero nunca se desecha. Cambie el método Dispose en "{0}" para llamar a Close o Dispose en este campo. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Aplicar Dispose a los campos a los que se pueda + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Un tipo que implementa System.IDisposable y tiene campos que sugieren el uso de recursos no administrados no implementa un finalizador descrito por Object.Finalize. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Los tipos a los que se puede aplicar Dispose deben declarar el finalizador + Disposable types should declare finalizer Disposable types should declare finalizer - Los tipos a los que se puede aplicar Dispose deben declarar el finalizador + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Un tipo que implementa System.IDisposable hereda de otro tipo que también implementa IDisposable. El método Dispose del tipo heredado no llama al método Dispose del tipo primario. Para corregir una infracción de esta regla, llame a base.Dispose en su método Dispose. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Asegúrese de que el método "{0}" llama a "{1}" en todas las rutas de acceso de flujo de control posibles. + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Los métodos Dispose deben llamar al método Dispose de la clase base + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Si un objeto que se puede desechar (método Dispose) no se desecha de forma explícita antes de que todas las referencias a él estén fuera de ámbito, el objeto se desechará en algún momento indeterminado cuando el recolector de elementos no utilizados ejecute el finalizador del objeto. Puesto que podría producirse un evento excepcional que impida que se ejecute el finalizador del objeto, el objeto debe desecharse de forma explícita. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Use el patrón Dispose recomendado para asegurarse de que el objeto creado por "{0}" se desecha en todas las rutas de acceso. Si es posible, incluya la creación en una instrucción "using" o una declaración "using". En caso contrario, use un patrón try-finally, con la declaración de una variable local dedicada antes de la región "try" y una invocación de Dispose incondicional en un valor no nulo en la región "finally", por ejemplo, "x?.Dispose()". Si el objeto se desecha de forma explícita en la región "try" o la pertenencia de Dispose se transfiere a otro objeto o método, asigne "null" a la variable local justo después de tal operación para evitar un doble Dispose en "finally". + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Use el patrón Dispose recomendado para asegurarse de que el objeto creado por "{0}" se desecha en todas las rutas de acceso de excepción. Si es posible, incluya la creación en una instrucción "using" o una declaración "using". En caso contrario, use un patrón try-finally, con la declaración de una variable local dedicada antes de la región "try" y una invocación de Dispose incondicional en un valor no nulo en la región "finally", por ejemplo, "x?.Dispose()". Si el objeto se desecha de forma explícita en la región "try" o la pertenencia de Dispose se transfiere a otro objeto o método, asigne "null" a la variable local justo después de tal operación para evitar un doble Dispose en "finally". + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Llame a System.IDisposable.Dispose en el objeto que "{0}" ha creado antes de que todas las referencias a él estén fuera de ámbito. + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - El objeto que "{0}" ha creado no se desecha (Dispose) en todas las rutas de acceso de excepciones. Llame a System.IDisposable.Dispose en el objeto antes de que todas las referencias a él estén fuera de ámbito. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Desechar (Dispose) objetos antes de perder el ámbito + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - No agregar la ruta de acceso del elemento de archivo a la ruta de acceso del sistema de archivos de destino + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Al extraer archivos de un elemento de archivo y usar la ruta de acceso de dicho elemento, compruebe si la ruta es segura. La ruta de acceso de archivo puede ser relativa y dirigir el acceso del sistema de archivos fuera de la ruta de destino esperada del sistema de archivos, lo que provoca cambios malintencionados de la configuración y la ejecución remota de código mediante la técnica que consiste en establecer y esperar. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Cuando se crea la ruta de acceso para "{0}" en el método {1} desde la ruta de acceso relativa del elemento de archivo para extraer el archivo y el origen es un archivo zip que no es de confianza, asegúrese de corregir la ruta relativa del elemento de archivo "{2}" en el método "{3}". + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - No agregar el esquema por dirección URL + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - Esta sobrecarga del método XmlSchemaCollection.Add habilita internamente el procesamiento de DTD en la instancia de lector XML que se usa y utiliza UrlResolver para resolver entidades XML externas. El resultado es la divulgación de información. El contenido del sistema de archivos o de los recursos compartidos de red de la máquina que procesa el código XML puede exponerse al atacante. Además, un atacante puede usar esto como vector de ataque por denegación de servicio. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Esta sobrecarga del método Add es potencialmente insegura porque puede resolver referencias externas peligrosas. + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Al establecer los delegados de validación de TokenValidationParameter críticos en true, se deshabilitan las protecciones de autenticación importantes, lo que puede conducir a tokens de cualquier emisor o a que los tokens expirados se validen erróneamente. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} se ha establecido en una función que siempre devuelve true. Al establecer el delegado de validación, reemplaza la validación predeterminada y devuelve siempre true, por lo que esta validación está completamente deshabilitada. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - No omitir siempre la validación de tokens en delegados + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - La Deserialización insegura es un problema de vulnerabilidad que se produce cuando se utilizan datos no fiables para abusar de la lógica de una aplicación, inflige un ataque de Denegacíón de servicio (DoS) o incluso ejecuta código arbitrario sobre la propia deserialización. A menudo, los usuarios malintencionados pueden abusar de estas funciones de deserialización cuando la aplicación deserializa datos no fiables que están bajo su control. Específicamente, pueden invocar métodos peligrosos para el proceso de deserialización. Los ataques de deserialización insegura que logran su cometido pueden permitir al atacante llevar a cabo ataques DoS, omisiones del método de autenticación y la ejecución remota de código. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - Al deserializar una instancia de la clase "{0}", el método "{1}" puede llamar directa o indirectamente a un método peligroso "{2}". + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - No llame a métodos peligrosos durante la deserialización + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> y Enumerable.OfType<T> requieren tipos compatibles para funcionar de manera esperada. -La conversión genérica ("unbox.any" de IL) usada por la secuencia devuelta por Enumerable.Cast<T> iniciará InvalidCastException en tiempo de ejecución en los elementos de los tipos especificados. -La comprobación de tipos genéricos (operador "is" de C# o "isinst" de IL) usada por Enumerable.OfType<T> nunca se completará correctamente con los elementos de tipos especificados, lo que provocará una secuencia vacía. -La ampliación y las conversiones definidas por el usuario no se admiten con tipos genéricos. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - El tipo "{0}" es incompatible con el tipo "{1}", y los intentos de conversión producirán InvalidCastException en tiempo de ejecución. + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - Esta llamada siempre dará lugar a una secuencia vacía, ya que el tipo "{0}" es incompatible con el tipo "{1}". + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - No llamar a Enumerable.Cast<T> ni Enumerable.OfType<T> con tipos incompatibles + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - No llame a {0} en un valor {1} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - No llame a ToImmutableCollection en un valor ImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource tiene constructores que toman elementos TaskCreationOption para controlar la tarea subyacente y constructores que toman el estado del objeto que se almacena en la tarea. Si se pasa accidentalmente un elemento TaskContinuationOption en lugar de un objeto TaskCreationOption, la llamada trata las opciones como estado. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Reemplace TaskContinuationOptions por TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - El argumento contiene la enumeración TaskContinuationsOptions en lugar de la enumeración TaskCreationOptions. + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - El argumento pasado al constructor TaskCompletionSource debe ser una enumeración TaskCreationOptions en lugar de TaskContinuationOptions + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - No cree tareas a menos que esté utilizando una de las sobrecargas que toma un TaskScheduler. El valor predeterminado es programar en TaskScheduler.Current, lo cual provocaría interbloqueos. Utilice TaskScheduler.Default para programar en el grupo de subprocesos, o pase explícitamente TaskScheduler.Current para que sus intenciones queden claras. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - No crear tareas sin pasar un TaskScheduler + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - No crear tareas sin pasar un TaskScheduler + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - Agregar un finalizador a un tipo derivado de MemoryManager<T> puede permitir que se libere memoria mientras aún la esté usando un elemento Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - Agregar un finalizador a un tipo derivado de MemoryManager<T> puede permitir que se libere memoria mientras aún la esté usando un elemento Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - No definir finalizadores para los tipos derivados de MemoryManager<T> + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - No deshabilitar la validación de certificado + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Un certificado puede ayudar a autenticar la identidad del servidor. Los clientes deben validar el certificado del servidor para asegurarse de que las solicitudes se envían al servidor elegido. Si ServerCertificateValidationCallback devuelve siempre el valor "true", cualquier certificado pasará la validación. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - ServerCertificateValidationCallback está establecido en una función que acepta cualquier certificado de servidor, devolviendo siempre el valor "true". Asegúrese de que los certificados de servidor estén validados para verificar la identidad del servidor que recibe las peticiones. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - Si se usa HttpClient sin proporcionar un controlador específico de la plataforma (WinHttpHandler, CurlHandler o HttpClientHandler), donde la propiedad CheckCertificateRevocationList se establece en true, se permitirá que HttpClient acepte los certificados revocados como válidos. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - No deshabilitar la comprobación de encabezados HTTP + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - La comprobación de encabezados HTTP habilita la codificación de los caracteres de retorno de carro y nueva línea, \r y \n, que se encuentran en los encabezados de respuesta. Esta codificación puede ayudar a evitar los ataques por inyección que aprovecha una aplicación que repite datos que no son de confianza incluidos en el encabezado. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - No deshabilitar la comprobación de encabezados HTTP + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - No deshabilitar la validación de solicitudes + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - La validación de solicitudes es una característica de ASP.NET que examina las solicitudes HTTP y determina si incluyen contenido potencialmente peligroso. Esta comprobación agrega protección para marcado o código en los valores de formularios publicados, cookies o cadenas de consulta de URL que puedan haberse agregado con fines malintencionados. Por tanto, se recomienda su uso y debería dejarse habilitada para una defensa en profundidad. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - {0} tiene deshabilitada la validación de solicitudes. + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - No deshabilitar el uso de cifrado seguro de SChannel + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - A partir de .NET Framework 4.6, se recomienda que las clases System.Net.ServicePointManager y System.Net.Security.SslStream usen nuevos protocolos. Los anteriores presentan vulnerabilidades y no se admiten. Al establecer Switch.System.Net.DontEnableSchUseStrongCrypto en true, se usará la comprobación de cifrado poco seguro anterior y no se aplicará la migración de protocolo. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} deshabilita TLS 1.2 y habilita SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - Las comprobaciones de validación de tokens garantizan que, al validar los tokens, se analicen y comprueben todos los aspectos. La desactivación de la validación puede conducir a vulnerabilidades de seguridad al permitir que los tokens que no son de confianza lo hagan durante la validación. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters. {0} no se debe establecer en false porque deshabilita una validación importante + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - No deshabilitar comprobaciones de validación de tokens + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - No establezca Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols en true. Al establecer este modificador, se limita a Windows Communication Framework (WCF) a usar la Seguridad de la capa de transporte (TLS) 1.0, que no es segura y está obsoleta. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - No deshabilitar ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - No restrinja 'Dictionary.Remove(key)' con 'Dictionary.ContainsKey(key)'. El primero ya comprueba si la clave existe y no se iniciará si no existe. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - No restrinja 'Dictionary.Remove(key)' con 'Dictionary.ContainsKey(key)' + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Llamada innecesaria a 'Dictionary.ContainsKey(key)' + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - No codificar el certificado de forma rígida + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Los certificados codificados de forma rígida en el código fuente son vulnerables a un uso abusivo. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - Se encontró una posible vulnerabilidad de seguridad por la que podría contaminarse "{0}" en el método "{1}" con un certificado codificado de forma rígida de "{2}" en el método "{3}". + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - No codificar la clave de cifrado de forma rígida + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - La propiedad .Key de SymmetricAlgorithm o el parámetro rgbKey de un método no deben ser nunca un valor codificado de forma rígida. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - Se encontró una posible vulnerabilidad de seguridad por la que podría contaminarse "{0}" en el método "{1}" con una clave codificada de forma rígida de "{2}" en el método "{3}". + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - De forma predeterminada, el almacén de certificados de entidades de certificación raíz de confianza está configurado con un conjunto de entidades de certificación públicas que cumplen los requisitos del programa de certificados raíz de Microsoft. Dado que todas las entidades de certificación raíz de confianza pueden emitir certificados para cualquier dominio, un atacante puede elegir una entidad de certificación coaccionable o débil que instale por su cuenta para destinar un ataque, y una única entidad de certificación vulnerable, malintencionada o convertible socava la seguridad de todo el sistema. Para empeorar las cosas, estos ataques pueden pasar desapercibidos con bastante facilidad. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Se dice que un objeto tiene una identidad débil cuando se puede tener acceso a él directamente a través de los límites del dominio de aplicación. Un subproceso que intenta obtener un bloqueo en un objeto que tiene identidad débil se puede bloquear con un segundo subproceso en un dominio de aplicación diferente que tenga bloqueado el mismo objeto. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - No bloquear objetos con identidad débil + Do not lock on objects with weak identity Do not lock on objects with weak identity - No bloquear objetos con identidad débil + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Un método pasa un literal de cadena como parámetro a un constructor o método en la biblioteca de clases .NET Framework y esa cadena debe ser localizable. Para corregir una infracción de esta regla, reemplace el literal de cadena por una cadena recuperada mediante una instancia de la clase ResourceManager. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - El método "{0}" pasa una cadena literal como parámetro "{1}" de una llamada a "{2}". En su lugar, recupere las cadenas siguientes de una tabla de recursos: "{3}". + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - No pasar cadenas literal como parámetros localizados + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - El código de usuario nunca debe provocar una excepción de tipo que no sea suficientemente específica o esté reservada por el tiempo de ejecución. Esto provoca que el error original sea difícil de detectar y depurar. Si puede iniciarse esta instancia de excepción, utilice un tipo de excepción diferente. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - El tipo de excepción {0} está reservado por el tiempo de ejecución. + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - El tipo de excepción {0} no es suficientemente específico. + Exception type {0} is not sufficiently specific Do not raise reserved exception types - No provocar tipos de excepción reservados + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - No serializar los tipos con campos de puntero + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Los punteros no tienen "seguridad de tipos", es decir, no se puede garantizar que la memoria a la que apuntan sea correcta. Por lo tanto, la serialización de tipos con campos de puntero es peligrosa, ya que puede permitir que un atacante controle el puntero. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Campo de puntero {0} en el tipo serializable + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - No usar la firma de acceso compartido de la cuenta + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Las firmas de acceso compartido (SAS) son una parte fundamental del modelo de seguridad para cualquier aplicación que use Azure Storage, por lo que deben proporcionar permisos limitados y seguros a su cuenta de almacenamiento para los clientes que no dispongan de la clave de la cuenta. Todas las operaciones disponibles a través de una SAS de servicio también están disponibles a través de una SAS de cuenta; con lo que se demuestra la elevada eficacia de las SAS de cuenta. Por lo tanto, se recomienda usar SAS de servicio para delegar el acceso con más atención. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Use la SAS de servicio en lugar de la SAS de cuenta para el control de acceso detallado y la directiva de acceso de nivel de contenedor + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - No usar algoritmos criptográficos dañados + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - Existe un ataque que hace factible a nivel computacional romper este algoritmo. Esto permite a los atacantes romper la garantía criptográfica que debe proporcionar. En función del tipo y la aplicación de este algoritmo criptográfico, esto podría permitir a los atacantes leer mensajes cifrados, alterar con mensajes cifrados, forzar firmas digitales, alterar con contenido con hash o poner en riesgo de otro modo cualquier sistema criptográfico basado en este algoritmo. Reemplace los usos del cifrado por el algoritmo AES (se aceptan AES-256, AES-192 y AES-128) con una longitud de clave igual o superior a 128 bits. Reemplace los usos del hash por una función hash de la familia de SHA-2, como SHA512, SHA384 o SHA256. Reemplace los usos de la firma digital por RSA con una longitud de clave igual o superior a 2048 bits, o ECDSA con una longitud de clave igual o superior a 256 bits. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} usa un algoritmo criptográfico dañado {1}. + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - Para colecciones no vacías, CountAsync() y LongCountAsync() enumeran la secuencia completa, mientras que AnyAsync() se detiene en el primer elemento o en el primer elemento que satisface una condición. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - Se usa {0}() donde podría usarse AnyAsync() para mejorar el rendimiento. + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - No usar CountAsync() ni LongCountAsync() si se puede usar AnyAsync() + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - Para colecciones no vacías, Count() y LongCount() enumeran la secuencia completa, mientras que Any() se detiene en el primer elemento o en el primer elemento que satisface una condición. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - Se usa {0}() donde podría usarse Any() para mejorar el rendimiento. + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - No usar Count() ni LongCount() si se puede usar Any() + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - La clave de cifrado simétrica debe usar siempre un vector de inicialización que no se repita para evitar los ataques por diccionario. - - - - Do Not Use Deprecated Security Protocols - No usar protocolos de seguridad en desuso - - - - Using a deprecated security protocol rather than the system default is risky. - El uso de un protocolo de seguridad en desuso en lugar del predeterminado del sistema supone un riesgo. - - - - Hard-coded use of deprecated security protocol {0} - Uso codificado de forma rígida de un protocolo de seguridad en desuso {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - No usar el algoritmo de firma digital (DSA) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - El algoritmo de firma digital no es suficientemente seguro para usarlo. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - El algoritmo de cifrado asimétrico {0} no es seguro. Cambie a un algoritmo de ECDSA o ECDH con RSA que tenga un tamaño de clave mínimo de 2048. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Esta colección es directamente indexable. Pasar por LINQ en este caso genera asignaciones y trabajo de CPU innecesarios. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - No utilice métodos Enumerable en colecciones indexables. Use la colección directamente. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - No usar métodos Enumerable en las colecciones indexables + Do not use Enumerable methods on indexable collections Do not use insecure randomness - No usar aleatoriedad no segura + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - El uso de un generador de números pseudoaleatorios no seguro criptográficamente puede permitir a un atacante predecir el valor relativo a la seguridad que se va a generar. Use un generador de números aleatorios fuertemente cifrado si se requiere un valor impredecible, o bien asegúrese de que no se usan números pseudoaleatorios poco seguros de forma que afecte a la seguridad. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} es un generador de números aleatorios no seguro. Use generadores de números aleatorios que sean criptográficamente seguros cuando se requiera aleatoriedad por seguridad. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - No utilizar la función de derivación de claves obsoleta + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - La derivación de claves basada en contraseña debe utilizar PBKDF2 con SHA-2. Evite usar PasswordDeriveBytes ya que genera una clave PBKDF1. Evite usar Rfc2898DeriveBytes.CryptDeriveKey puesto que no utiliza el recuento de iteración o salt. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Llamada a la función de derivación de claves obsoleta {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - Los parámetros de cadena pasados por valor con "OutAttribute" pueden desestabilizar el tiempo de ejecución si la cadena es una cadena interna. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - No use "OutAttribute" en el parámetro de cadena "{0}", que se pasa por valor. Si se necesita serializar los datos modificados para el autor de la llamada, utilice la palabra clave "out" para pasar mejor la cadena por referencia + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - No usar "OutAttribute" en los parámetros de cadena de P/Invokes + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - No pase un argumento con el tipo de valor "{0}" al método "Equals" en "ReferenceEqualityComparer". Debido a la conversión boxing de valores, esta llamada a "Equals" puede devolver un resultado inesperado. Considere la posibilidad de usar "EqualityComparer" en su lugar, o pase argumentos de tipo de referencia si tiene pensado usar "ReferenceEqualityComparer". + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - A los argumentos con tipo de valor se les aplica la conversión boxing de forma única para cada llamada a este método, por lo que el resultado puede ser inesperado. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - No pase un argumento con el tipo de valor "{0}" a "ReferenceEquals". Debido a la conversión boxing de valores, esta llamada a "ReferenceEquals" puede devolver un resultado inesperado. Considere la posibilidad de usar "Equals" en su lugar, o pase argumentos de tipo de referencia si tiene pensado usar "ReferenceEquals". + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - No use ReferenceEquals con tipos de valor + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - El espacio de pila asignado por una instancia de stackalloc solo se libera al final de la invocación del método actual. Si se usa en un bucle, puede producirse un crecimiento ilimitado de la pila y alcanzar condiciones de desbordamiento de esta. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Posible desbordamiento de la pila. Mueva la instancia de stackalloc fuera del bucle. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - No utilizar stackalloc en los bucles + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Una actividad periódica más frecuente ocupará la CPU e interferirá con los temporizadores de inactividad para ahorro de energía que apagan el monitor y los discos duros. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - No usar temporizadores que impidan los cambios de estado de energía + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - No usar temporizadores que impidan los cambios de estado de energía + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - No usar un valor de DllImportSearchPath no seguro + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - Puede haber un archivo .dll malintencionado en los directorios de búsqueda de archivos .dll predeterminados. O bien, según desde dónde se ejecute la aplicación, puede haber un archivo .dll malintencionado en el directorio de la aplicación. Use un valor de DllImportSearchPath que especifique una ruta de acceso de búsqueda explícita. Las marcas de DllImportSearchPath que busca esta regla se pueden configurar en el archivo .editorconfig. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Se está usando un valor de DllImportSearchPath ({0}) que no es seguro + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - El uso de "WaitAll" con una sola tarea puede provocar una pérdida de rendimiento, esperar o devolver la tarea en su lugar. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - Reemplace "WaitAll" por un único elemento "Wait" + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - No usar "WaitAll" con una sola tarea + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - No usar algoritmos criptográficos poco seguros + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Los algoritmos criptográficos se degradan con el tiempo a medida que los ataques evolucionan y permiten al atacante obtener mayor cantidad de computación. En función del tipo y la aplicación de este algoritmo criptográfico, una mayor degradación de la solidez criptográfica podría permitir a los atacantes leer mensajes cifrados, alterar con mensajes cifrados, forzar firmas digitales, alterar con contenido con hash o poner en riesgo de otro modo cualquier sistema criptográfico basado en este algoritmo. Reemplace los usos del cifrado por el algoritmo AES (se aceptan AES-256, AES-192 y AES-128) con una longitud de clave igual o superior a 128 bits. Reemplace los usos del hash por una función hash de la familia de SHA-2, como SHA-2 512, SHA-2 384 o SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} usa un algoritmo criptográfico poco seguro {1}. + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Asegurarse de que el algoritmo de función de derivación de claves es suficientemente seguro + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Algunas implementaciones de la clase Rfc2898DeriveBytes permiten especificar un algoritmo hash en un parámetro de constructor o sobrescribirlo en la propiedad HashAlgorithm. Si se especifica un algoritmo hash, debe ser SHA-256 o una versión posterior. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - Puede que {0} esté usando un algoritmo hash débil. Use SHA256, SHA384 o SHA512 para crear una clave segura a partir de una contraseña. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Al derivar claves criptográficas de entradas proporcionadas por el usuario, como la contraseña, use un recuento de iteraciones suficiente (al menos 100 k). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - El uso de "WhenAll" con una sola tarea puede provocar una pérdida de rendimiento, esperar o devolver la tarea en su lugar. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Reemplazar la llamada 'WhenAll' por el argumento + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - No usar "WhenAll" con una sola tarea + Do not use 'WhenAll' with a single task Do Not Use XslTransform - No utilizar XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - No utilice XslTransform. No restringe las referencias externas potencialmente peligrosas. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - Proporcionar una interfaz con atributos "DynamicInterfaceCastableImplementationAttribute" funcional requiere la característica Miembros de interfaz predeterminada, que no se admite en Visual Basic. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - No se admite el suministro de una interfaz "DynamicInterfaceCastableImplementation" en Visual Basic + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - No se admite el suministro de una interfaz "DynamicInterfaceCastableImplementation" en Visual Basic + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - El uso de características que requieren marshalling en tiempo de ejecución cuando el marshalling en tiempo de ejecución está deshabilitada producirá excepciones en tiempo de ejecución. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - Los tipos con \"[StructLayout(LayoutKind.Auto)]\" requieren que se habilite el marshalling en tiempo de ejecución. + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - Los parámetros por referencia requieren que se habilite el marshalling en tiempo de ejecución. + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Los delegados con tipos administrados como parámetros o el tipo de retorno requieren que se habilite el marshalling en tiempo de ejecución en el ensamblaje donde se define el delegado + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - El intercambio de HResult requiere que se habilite el marshalling en tiempo de ejecución. + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - El uso de \"LCIDConversionAttribute\" requiere que se habilite el marshalling en tiempo de ejecución. + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Los tipos de parámetros administrados o de valor devuelto requieren que se habilite el mashalling en tiempo de ejecución. + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - Establecer SetLastError en \"true\" requiere que el marshalling en tiempo de ejecución esté habilitado + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Las firmas Varadic P/Invoke en tiempo de ejecución requieren que se habilite el marshalling en tiempo de ejecución. + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - La propiedad, el tipo o el atributo requiere marshalling en tiempo de ejecución + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - '{0}''s type contiene el tipo de vista previa '{1}' y requiere la participación en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3} '{0}''' contiene el tipo de vista previa '{1}' y requiere la participación en las características en versión preliminar. Consulte {2} para obtener más información. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Reenvíe el parámetro "CancellationToken" a los métodos para garantizar que las notificaciones de cancelación de operaciones se propagan correctamente, o bien pase "CancellationToken.None" explícitamente para indicar que no se propagará el token intencionalmente. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Reenviar el parámetro "{0}" al método "{1}" o pasar "CancellationToken.None" de forma explícita para indicar que no se propagó el token intencionalmente + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Reenviar el parámetro "CancellationToken" a los métodos + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Evite codificar SecurityProtocolType {0} de forma rígida y, en su lugar, use SecurityProtocolType.SystemDefault para permitir que el sistema operativo elija el mejor protocolo de Seguridad de la capa de transporte que se puede usar. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Evitar codificar el valor SecurityProtocolType de forma rígida + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Las versiones actuales del protocolo Seguridad de la capa de transporte pueden dejar de usarse si se encuentran vulnerabilidades. No codifique los valores de SslProtocols de forma rígida para mantener la aplicación segura. Use "None" para permitir que el sistema operativo elija una versión. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Evite codificar el valor "{0}" de SslProtocols de forma rígida para que la aplicación se mantenga segura en el futuro. Use "None" para permitir que el sistema operativo elija una versión. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Evitar valores de SslProtocols codificados de forma rígida + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Las interfaces matemáticas genéricas requieren que se use el tipo derivado para el parámetro de tipo periódico. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - El "{0}" requiere que el parámetro de tipo "{1}" se rellene con el tipo derivado "{2}" + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Use el parámetro de tipo correcto + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Para corregir una infracción de esta regla, haga que el método GetObjectData sea visible y se pueda reemplazar; además, asegúrese de que todos los campos de la instancia se incluyen en el proceso de serialización o se marcan explícitamente con el atributo NonSerializedAttribute. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Agregue una implementación de GetObjectData al tipo {0}. + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Hacer que {0}.GetObjectData sea virtual y reemplazable. + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Aumente la accesibilidad de {0}.GetObjectData para que esté visible para los tipos derivados. + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - Implementar ISerializable correctamente + Implement ISerializable correctly Implement inherited interfaces - Implementación de interfaces heredadas + Implement inherited interfaces Implement Serialization constructor - Implementar un constructor de serialización + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Para corregir una infracción de esta regla, implemente el constructor de serialización. Para una clase sealed, convierta el constructor en privado; de lo contrario, haga que esté protegido. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Agregue un constructor a {0} con la siguiente signatura: 'información protegida de {0}(SerializationInfo, contexto de StreamingContext)'. + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Declare el constructor de serialización de {0}, un tipo sellado, como privado. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Declare el constructor de serialización de {0}, un tipo no sellado, como protegido. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Implementar constructores de serialización + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Un método que controla un evento de serialización no tiene la signatura, el tipo de valor devuelto o la visibilidad correctos. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Puesto que {0} está marcado con OnSerializing, OnSerialized, OnDeserializing u OnDeserialized, cambie su signatura para que deje de ser genérico. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Puesto que {0} está marcado con OnSerializing, OnSerialized, OnDeserializing u OnDeserialized, cambie su signatura para que tome un solo parámetro de tipo "System.Runtime.Serialization.StreamingContext". + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Puesto que {0} está marcado con OnSerializing, OnSerialized, OnDeserializing u OnDeserialized, cambie su tipo de datos devueltos de {1} a void (Sub en Visual Basic). + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Puesto que {0} está marcado con OnSerializing, OnSerialized, OnDeserializing u OnDeserialized, cámbielo de static (Shared en Visual Basic) a un método de instancia. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Puesto que {0} está marcado con OnSerializing, OnSerialized, OnDeserializing u OnDeserialized, cambie su accesibilidad a private. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Implementar métodos de serialización correctamente + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' implementa la interfaz de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' implementa la interfaz de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' implementa el método de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' implementa el método de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Un tipo de referencia declara un constructor estático explícito. Para corregir una infracción de esta regla, inicialice todos los datos estáticos cuando se declara y quite el constructor estático. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Inicializar campos estáticos de tipo de referencia insertados + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Inicialice todos los campos estáticos de "{0}" cuando estos campos se declaran y quite el constructor estático explícito. + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Un tipo de valor declara un constructor estático explícito. Para corregir una infracción de esta regla, inicialice todos los datos estáticos cuando se declara y quite el constructor estático. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Inicializar campos estáticos de tipo de valor insertados + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Cámbielo para llamar al constructor con dos argumentos; pase un valor NULL para el mensaje. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - Se realiza una llamada al constructor predeterminado (sin parámetros) de un tipo de excepción que es o se deriva de ArgumentException, o se pasa un argumento de cadena incorrecto a un constructor con parámetros de un tipo de excepción que es o se deriva de ArgumentException. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Intercambiar el orden de los argumentos + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - El método {0} pasa un nombre de parámetro "{1}" como argumento {2} a un constructor {3}. Reemplace este argumento por un mensaje descriptivo y pase el nombre del parámetro en la posición correcta. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - El método {0} pasa "{1}" como argumento {2} a un constructor {3}. Reemplace este argumento por uno de los nombres de parámetros del método. Tenga en cuenta que el nombre del parámetro debe corresponderse completamente (mayúsculas y minúsculas) con lo declarado en el método. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Llame al constructor {0} que contiene un mensaje o un parámetro paramName. + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Crear instancias de las excepciones del argumento correctamente + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - Los tipos con atributos "DynamicInterfaceCastableImplementationAttribute" actúan como una implementación de interfaz para un tipo que implementa el tipo "IDynamicInterfaceCastable". Como resultado, debe proporcionar una implementación de todos los miembros definidos en las interfaces heredadas, ya que el tipo que implementa 'IDynamicInterfaceCastable' no los proporcionará de lo contrario. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - El tipo '{0}' tiene el atributo 'DynamicInterfaceCastableImplementationAttribute' aplicado, pero no proporciona una implementación de todos los miembros de interfaz definidos en interfaces heredadas. + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Todos los miembros declarados en interfaces primarias deben tener una implementación en una interfaz con atributos DynamicInterfaceCastableImplementation + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza con JavaScriptSerializer inicializado con SimpleTypeResolver. Asegúrese de que se ha inicializado JavaScriptSerializer sin especificar JavaScriptTypeResolver o de que se ha inicializado con un elemento JavaScriptTypeResolver que limite los tipos de objetos del grafo de objetos deserializado. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Asegúrese de que no se ha inicializado JavaScriptSerializer con SimpleTypeResolver antes de deserializar + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza con JavaScriptSerializer inicializado con SimpleTypeResolver. Inicialice JavaScriptSerializer sin especificar JavaScriptTypeResolver, o bien inicialícelo con un elemento JavaScriptTypeResolver que limite los tipos de objetos del grafo de objetos deserializado. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - No deserializar con JavaScriptSerializer mediante un SimpleTypeResolver + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice la deserialización de JsonSerializer, use TypeNameHandling.None, o bien, para valores distintos de None, restrinja los tipos deserializados con SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - No deserializar con JsonSerializer usando una configuración no segura + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice JsonSerializerSettings, utilice TypeNameHandling.None, o bien, para valores distintos de None, restrinja los tipos deserializados con SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - No use clases JsonSerializerSettings no seguras + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice la deserialización de JsonSerializer, use TypeNameHandling.None, o bien, para valores distintos de None, restrinja los tipos deserializados con SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Asegurarse de que JsonSerializer tiene una configuración segura al deserializar + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Cuando se deserializa una entrada que no es de confianza, no es seguro permitir la deserialización de tipos arbitrarios. Cuando utilice JsonSerializerSettings, asegúrese de que se especifica TypeNameHandling.None, o bien, para valores distintos de None, asegúrese de que se especifica un SerializationBinder que restrinja los tipos deserializados. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Asegúrese de que las clases JsonSerializerSettings son seguras + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - La deserialización de JSON cuando se usa un valor TypeNameHandling distinto de None puede no ser segura. Si necesita detectar la deserialización de Json.NET cuando no se especifica un objeto SerializationBinder, deshabilite la regla CA2326 y habilite las reglas CA2327, CA2328, CA2329 y CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - La deserialización de JSON cuando se usa un valor TypeNameHandling distinto de None puede no ser segura. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - No usar valores TypeNameHandling distintos de None + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - El método "{0}" no es seguro al deserializar datos que no son de confianza. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - No usar el deserializador no seguro LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - Convertir en método estático + Convert to static method Converting an instance method to a static method may produce invalid code - Convertir un método de instancia en un método estático puede producir código no válido + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Convertir el constructor que toma cero parámetros 'public' + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Un campo de instancia de un tipo que no es serializable se declara en un tipo que es serializable. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - El campo {0} es un miembro de tipo {1}, que es serializable, pero es de tipo {2}, que no es serializable. + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Marcar todos los campos no serializables + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - El atributo NeutralResourcesLanguage informa a ResourceManager del lenguaje que se utilizó para mostrar los recursos de una cultura neutral para un ensamblado. Esto mejora el rendimiento de la búsqueda para el primer recurso que cargue y puede reducir el espacio de trabajo. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Marcar ensamblados con NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Marcar ensamblados con NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - El tipo de datos booleano tiene múltiples representaciones en código sin administrar. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Agregue el atributo MarshalAsAttribute al parámetro {0} de P/Invoke {1}. Si el correspondiente parámetro sin asignar es un "BOOL" de Win32 de 4 bytes, utilice [MarshalAs(UnmanagedType.Bool)]. Para un valor "bool" de C++ de 1 byte, utilice MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Agregue el atributo MarshalAsAttribute al tipo de devolución de P/Invoke {0}. Si el correspondiente tipo de devolución sin asignar es un "BOOL" de Win32 de 4 bytes, utilice [MarshalAs(UnmanagedType.Bool)]. Para un valor "bool" de C++ de 1 byte, utilice MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Marcar los argumentos booleanos de PInvoke con MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Para que Common Language Runtime reconozca los tipos como serializables, estos se deben marcar con el atributo SerializableAttribute, incluso cuando usan una rutina de serialización personalizada mediante la implementación de la interfaz ISerializable. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Agregue [Serializable] a {0}, ya que este tipo implementa ISerializable. + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - Marcar los tipos ISerializable con serializable + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Garantizar que la comprobación de la lista de revocación de certificados HttpClient no está deshabilitada + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient se puede crear sin habilitar CheckCertificateRevocationList. + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Asegurarse de que los certificados no se agregan al almacén raíz + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - La adición de certificados a los certificados raíz de confianza del sistema operativo no es segura. Asegúrese de que el almacén de destino no es un almacén raíz. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Usar CreateEncryptor con el vector de inicialización predeterminado + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - El vector de inicialización no predeterminado, que puede repetirse, se usa en el cifrado. Asegúrese de usar el valor predeterminado. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Asegurarse de usar cookies seguras en ASP.NET Core + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Asegurarse de que CookieOptions.Secure es true al establecer una cookie + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Garantizar un recuento de iteraciones suficiente al usar una función de derivación de claves débiles + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Asegúrese de que el recuento de iteraciones es de al menos {0} al derivar una clave criptográfica de una contraseña. De forma predeterminada, el valor IterationCount de Rfc2898DeriveByte es solo 1000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Dado que un tipo que implementa 'IDynamicInterfaceCastable' no puede implementar una interfaz dinámica en metadatos, es probable que las llamadas a un miembro de interfaz de instancia que no sea una implementación explícita definida en este tipo generen errores en tiempo de ejecución. Marque los nuevos miembros de interfaz como "estáticos" para evitar errores en tiempo de ejecución. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - El miembro '{0}' del tipo "{1}debe marcarse como "static" como "{1}" tiene aplicado "DynamicInterfaceImplementationAttribute". + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Los miembros definidos en una interfaz con 'DynamicInterfaceCastableImplementationAttribute' deben ser 'static' + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' devuelve el tipo de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' devuelve el tipo de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' toma un parámetro de vista previa de tipo '{1}' y debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' toma un parámetro de vista previa de tipo '{1}' y debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Este método usa el marshalling en tiempo de ejecución incluso cuando el marshalling en tiempo de ejecución está deshabilitado, lo que puede provocar diferencias de comportamiento inesperadas durante el tiempo de ejecución debido a diferentes expectativas del diseño nativo de un tipo. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - \"{0}\" usa el marshalling en tiempo de ejecución incluso cuando se aplica \"DisableRuntimeMarshallingAttribute\". Use características como \"sizeof\" y punteros directamente para garantizar resultados precisos. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Este método usa el mashalling en tiempo de ejecución incluso cuando se aplica \"DisableRuntimeMarshallingAttribute\". + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Falta el atributo HttpVerb para los métodos de acción + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Todos los métodos que crean, editan, eliminan o modifican de otro modo los datos, lo hacen en la sobrecarga de [HttpPost] del método, que debe protegerse de la falsificación de solicitudes con el atributo antifalsificación. La ejecución de GET debe ser una operación segura que no tenga efectos secundarios y no modifique los datos guardados. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - El método de acción {0} debe especificar la variante de solicitud HTTP de forma explícita. + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Los inicializadores de módulo están diseñados para que los use el código de aplicación para asegurarse de que los componentes de una aplicación se inicializan antes de que el código de la aplicación comience a ejecutarse. Si el código de biblioteca declara un método con \"ModuleInitializerAttribute\", puede interferir con la inicialización de la aplicación y también provocar limitaciones en las capacidades de recorte de esa aplicación. En lugar de usar métodos marcados con \"ModuleInitializerAttribute\", la biblioteca debe exponer métodos que se pueden usar para inicializar cualquier componente dentro de la biblioteca y permitir que la aplicación invoque el método durante la inicialización de la aplicación. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - El atributo 'ModuleInitializer' solo está pensado para usarse en escenarios de código de aplicación o generador de código fuente avanzado + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - El atributo 'ModuleInitializer' no debe usarse en bibliotecas + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza sin un elemento SerializationBinder para restringir el tipo de objetos en el grafo de objetos deserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Asegurarse de que NetDataContractSerializer.Binder se ha establecido antes de deserializar + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza sin un elemento SerializationBinder para restringir el tipo de objetos en el grafo de objetos deserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - No deserializar sin establecer primero NetDataContractSerializer.Binder + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - El método "{0}" no es seguro cuando se deserializan datos que no son de confianza. Si necesita detectar la deserialización de NetDataContractSerializer sin establecer un elemento SerializationBinder, deshabilite la regla CA2310 y habilite las reglas CA2311 y CA2312. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - El método "{0}" no es seguro al deserializar datos que no son de confianza. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - No usar el deserializador no seguro NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Las cadenas se deberían normalizar para que se escriban en letras mayúsculas. Hay un grupo reducido de caracteres que no pueden realizar un recorrido de ida y vuelta cuando se convierten a minúsculas. Realizar un recorrido de ida y vuelta significa convertir los caracteres de una configuración regional a otra configuración regional que representa los datos de caracteres de manera diferente y, a continuación, recuperar con precisión los caracteres originales de los caracteres convertidos. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - En el método "{0}", reemplace la llamada a "{1}" por "{2}". + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Normalizar las cadenas en mayúsculas + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - El método "{0}" no es seguro al deserializar datos que no son de confianza. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - No usar el deserializador no seguro ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' invalida el método de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' invalida el método de vista previa '{1}' y, por lo tanto, debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Un método público o protegido en un tipo público tiene el atributo System.Runtime.InteropServices.DllImportAttribute (también se implementa por la palabra clave Declare en Visual Basic). Estos métodos no deben exponerse. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - El método P/Invoke "{0}" no debe ser visible + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - Los elementos P/Invoke no deben estar visibles + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - y el resto de plataformas + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - Todas las versiones de "{0}" + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - El uso de una API dependiente de la plataforma en un componente hace que el código deje de funcionar en todas las plataformas. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - "{0}" de la versión {1} a la {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Este sitio de llamada es accesible en todas las plataformas. '{0}' está obsoleto en: {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Este sitio de llamada es accesible en: {2}. '{0}' está obsoleto en: {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Se puede acceder a este sitio de llamada en todas las plataformas. "{0}" solo se admite en {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Se puede acceder a este sitio de llamada en {2}. "{0}" solo se admite en {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - No se puede acceder a este sitio de llamada en {2}. "{0}" solo se admite en {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Se puede acceder a este sitio de llamada en todas las plataformas. "{0}" se admite en {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Se puede acceder a este sitio de llamada en {2}. "{0}" se admite en {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Validar la compatibilidad de la plataforma + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Se puede acceder a este sitio de llamada en todas las plataformas. "{0}" no se admite en {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Se puede acceder a este sitio de llamada en {2}. "{0}" no se admite en {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - "{0}" {1} y versiones anteriores + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - "{0}" {1} y versiones posteriores + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Revise el código que procesa datos deserializados que no son de confianza para controlar ciclos de referencia inesperados. Un ciclo de referencia inesperado no debe hacer que el código entre en un bucle infinito. De lo contrario, este tipo de ciclo puede permitir un ataque a DOS o agotar la memoria del proceso al deserializar datos que no son de confianza. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} participa en un ciclo de referencia potencial + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Posible ciclo de referencia en el gráfico de objetos deserializados + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - Reemplazar "Substring" por "AsSpan" + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - 'AsSpan' es más eficaz que 'Substring'. 'Substring' realiza una copia de cadena O(n), mientras que 'AsSpan' no lo hace y tiene un costo constante. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Preferir "AsSpan" a "Substring" cuando hay sobrecargas basadas en intervalos disponibles + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - Preferir "AsSpan" a "Substring" + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - Usar la comprobación "Count" en lugar de "Any()" + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Es preferible comparar "Count" con 0 en lugar de usar "Any()", tanto por claridad como por rendimiento. + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - Usar 'ContainsKey' + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey' suele ser O(1), mientras que 'Keys.Contains' puede ser O(n) en algunos casos. Además, muchas implementaciones de diccionario inicializan la colección Keys de forma diferida para reducir las asignaciones. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Preferir "ContainsKey" a "Keys.Contains" para el tipo de diccionario "{0}" + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Preferir métodos Dictionary.Contains + Prefer Dictionary.Contains methods Use 'ContainsValue' - Usar 'ContainsValue' + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Muchas implementaciones de diccionario inicializan la colección Values de forma diferida. Para evitar asignaciones innecesarias, se prefiere "ContainsValue" a "Values.Contains". + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Preferir 'ContainsValue' a 'Values.Contains' para el tipo de diccionario '{0}' + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Reemplazar por el método 'HashData' + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - Es más eficaz usar el método estático "HashData" para crear y administrar una instancia de HashAlgorithm para llamar a "ComputeHash". + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Preferir "{0}" estático. Método HashData' sobre 'ComputeHash' + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Preferir el método estático "HashData" a "ComputeHash" + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - Usar la comprobación "IsEmpty" en lugar de "Any()" + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Es preferible una comprobación "IsEmpty" en lugar de usar "Any()", tanto por claridad como por rendimiento. + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Es preferible usar las propiedades "IsEmpty", "Count" o "Length", si hay alguna disponible, en lugar de llamar a "Enumerable.Any()". La intención es más clara y tiene un mejor rendimiento que usar el método de extensión "Enumerable.Any()". + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Evitar usar el método de extensión "Enumerable.Any()" + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - Usar la comprobación "Length" en lugar de "Any()" + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Es preferible comparar "Length" con 0 en lugar de usar "Any()", tanto por claridad como por rendimiento. + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - "Stream" tiene una sobrecarga "ReadAsync" que toma "Memory<Byte>" como primer argumento y una sobrecarga "WriteAsync" que toma "ReadOnlyMemory<Byte>" como primer argumento. Es preferible llamar a las sobrecargas basadas en memory, que son más eficaces. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Para determinar si el objeto contiene o no cualquier elemento, opte por la propiedad "IsEmpty" en lugar de recuperar el número de elementos de la propiedad "Count" y compararlo con 0 o 1. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Elegir "IsEmpty" en vez de "Count" para determinar si el objeto está vacío - - - - Prefer IsEmpty over Count - Elegir IsEmpty en vez de Count + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Cambie la llamada de método "{0}" para usar la sobrecarga "{1}" + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Elija preferentemente las sobrecargas basadas en "Memory" para "ReadAsync" y "WriteAsync". + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Reemplazar por "string.Contains" + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Las llamadas a "string.IndexOf" donde el resultado se usa para comprobar la presencia o ausencia de una subcadena pueden reemplazarse por "string.Contains". + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Usar "string.Contains" en lugar de "string.IndexOf" para mejorar la legibilidad + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Considere la posibilidad de usar "string.Contains" en lugar de "string.IndexOf" + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append y StringBuilder.Insert proporcionan sobrecargas para varios tipos aparte de System.String. Cuando sea posible, elija preferentemente las sobrecargas fuertemente tipadas frente al uso de ToString() y la sobrecarga basada en cadenas. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Quite la llamada a ToString para usar una sobrecarga StringBuilder fuertemente tipada. + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - Quitar la llamada a ToString + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Prefiera las sobrecargas de método Append e Insert fuertemente tipadas en StringBuilder - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - "StringBuilder.Append(char)" es más eficaz que "StringBuilder.Append(string)" cuando la cadena es de un solo carácter. Cuando se llama a "Append" con una constante, es preferible usar una constante char en lugar de una cadena de constante que contenga un carácter. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Use "StringBuilder.Append(char)" en lugar de "StringBuilder.Append(string)" cuando la entrada es una cadena de unidad constante. - - - - Consider using 'StringBuilder.Append(char)' when applicable - Puede usar "StringBuilder.Append(char)" cuando sea aplicable + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - A partir de .NET 7, la conversión explícita "{0}" no se iniciará cuando se desborde en un contexto no comprobado. Ajuste la expresión con una instrucción "checked" para restaurar el comportamiento de .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - A partir de .NET 7, la conversión explícita "{0}" se iniciará cuando se desborde en un contexto comprobado. Ajuste la expresión con una instrucción "unchecked" para restaurar el comportamiento de .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Algunos operadores integrados agregados en .NET 7 se comportan de forma diferente al desbordarse que los operadores definidos por el usuario correspondientes en .NET 6 y versiones anteriores. Algunos operadores que anteriormente se iniciaban en un contexto desactivado ahora no se inician a menos que se ajusten dentro de un contexto activado. Además, algunos operadores que no se iniciaban anteriormente en un contexto activado ahora se inician a menos que se ajusten en un contexto no activado. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - A partir de .NET 7, el operador "{0}" se iniciará cuando se desborde en un contexto comprobado. Ajuste la expresión con una instrucción "unchecked" para restaurar el comportamiento de .NET 6. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Evitar cambios de comportamiento + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - El método "Enum.HasFlag" espera que el argumento "enum" sea del mismo tipo "enum" que la instancia en la que se invoca el método y que este "enum" se marque con "System.FlagsAttribute". Si se trata de tipos "enum" diferentes, se producirá una excepción no controlada en tiempo de ejecución. Si el tipo "enum" no está marcado con "System.FlagsAttribute"', la llamada devolverá siempre "false" en tiempo de ejecución. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - El tipo de argumento, "{0}", debe ser igual que el tipo de enumeración "{1}". + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Proporcione el argumento "enum" correcto para "Enum.HasFlag" + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - El argumento de cadena format pasado a System.String.Format no contiene un elemento de formato que corresponda a cada argumento de objeto o viceversa. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Proporcionar argumentos correctos para los métodos de formato + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Proporcionar argumentos correctos para los métodos de formato + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Un tipo tiene un campo marcado con el atributo System.Runtime.Serialization.OptionalFieldAttribute y el tipo no proporciona ningún método de control de eventos de deserialización. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Agregue un método "private void OnDeserialized(StreamingContext)" al tipo {0} y asígnele el atributo System.Runtime.Serialization.OnDeserializedAttribute. + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Agregue un método "private void OnDeserializing(StreamingContext)" al tipo {0} y asígnele el atributo System.Runtime.Serialization.OnDeserializingAttribute. + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Proporcionar métodos de deserialización para campos opcionales + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - Proporcionar un constructor sin parámetros tan visible como el tipo contenedor para un tipo derivado de 'System.Runtime.InteropServices.SafeHandle' permite un mejor rendimiento y uso con soluciones de interoperabilidad generadas por el origen. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Proporcione un constructor sin parámetros que sea tan visible como el tipo contenedor para el tipo '{0}' derivado de 'System.Runtime.InteropServices.SafeHandle' + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Proporcione un constructor sin parámetros que sea tan visible como el tipo contenedor para los tipos concretos derivados de "System.Runtime.InteropServices.SafeHandle". + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Para mejorar el rendimiento, invalide los métodos asincrónicos basados en memoria al crear subclases "Stream". A continuación, implemente los métodos basados en matrices en términos de los métodos basados en memoria. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - '{0}' invalida '' basada en matriz, {1} pero no invalida '{2}' basada en memoria. Considere la posibilidad de invalidar "" basado en memoria {2} para mejorar el rendimiento. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Proporcionar invalidaciones basadas en memoria de métodos asincrónicos al crear subclases de 'Stream' + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Quitar llamada redundante + Remove redundant call Remove unnecessary call - Quitar llamada innecesaria + Remove unnecessary call Replace string literal with char literal - Reemplazar literal de cadena por literal char + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de DLL en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Revisar vulnerabilidades de inyección de DLL en el código + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de rutas de acceso de archivos en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Revisar vulnerabilidades de inyección de rutas de acceso de archivos en el código + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de divulgación de información en la que "{0}" en el método "{1}" puede contener información no deseada de "{2}" en el método "{3}". + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Revisar vulnerabilidades de divulgación de información en el código + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de LDAP en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Revisar vulnerabilidades de inyección de LDAP en el código + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de redireccionamiento abierto en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Revisar vulnerabilidades de redireccionamiento abierto en el código + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de comandos de proceso en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Revisar vulnerabilidades de inyección de comandos de proceso en el código + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de expresiones regulares en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Revisar vulnerabilidades de inyección de expresiones regulares en el código + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de SQL en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Revisar vulnerabilidades de inyección de SQL en el código + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de XAML en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Revisar vulnerabilidades de inyección de XAML en el código + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de XML en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Revisar vulnerabilidades de inyección de XML en el código - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de inyección de XPath en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". - - - - Review code for XPath injection vulnerabilities - Revisar vulnerabilidades de inyección de XPath en el código + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Se encontró una vulnerabilidad potencial de ataque de scripts de sitios (XSS) en la que "{0}" en el método "{1}" puede contaminarse por datos controlados por el usuario de "{2}" en el método "{3}". + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Revisar vulnerabilidades de XSS en el código + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - Las consultas SQL que usan los datos del usuario directamente pueden ser vulnerables a ataques por inyección de código SQL. Revise la consulta SQL en busca de posibles vulnerabilidades y considere la posibilidad de usar una consulta SQL parametrizada. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Revise si la cadena de consulta que se pasó a "{0}" en "{1}" acepta datos proporcionados por el usuario. + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - Revisar consultas SQL para comprobar si tienen vulnerabilidades de seguridad + Review SQL queries for security vulnerabilities Seal class - Clase de sello + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Cuando un tipo no es accesible fuera de su ensamblado y no tiene subtipos dentro de su ensamblado contenedor, se puede sellar de forma segura. Los tipos de sellado pueden mejorar el rendimiento. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - El tipo '{0}' se puede sellar porque no tiene subtipos en su ensamblado contenedor y no es visible externamente + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Sellar tipos internos + Seal internal types Set HttpOnly to true for HttpCookie - Establecer HttpOnly en true para HttpCookie + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - Como medida de defensa exhaustiva, asegúrese de que las cookies HTTP sensibles a la seguridad estén marcadas como HttpOnly. Esto indica que los exploradores web deben impedir que posibles scripts tengan acceso a las cookies. Los scripts malintencionados insertados son una forma habitual de robar cookies. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly se establece en false o no se establece cuando se usa HttpCookie. Asegúrese de que las cookies sensibles a la seguridad se marcan como HttpOnly para evitar que posibles scripts malintencionados roben las cookies + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Establecer ViewStateUserKey para clases derivadas de página + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - Establecer la propiedad ViewStateUserKey puede ayudarle a evitar ataques en la aplicación, ya que le permite asignar un identificador a la variable de estado de vista para los usuarios individuales, de forma que no puedan usar la variable para generar un ataque. De lo contrario, habrá vulnerabilidades de falsificación de solicitud entre sitios. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - La clase {0} derivada de System.Web.UI.Page no establece la propiedad ViewStateUserKey en el método OnInit o el método Page_Init. + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Especifique la referencia cultural para ayudar a evitar la dependencia implícita accidental en la referencia cultural actual. El uso de una versión invariable produce resultados coherentes independientemente de la referencia cultural de la aplicación. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Especifique una referencia cultural o use una versión invariable para evitar la dependencia implícita de la referencia cultural actual + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Especificar una referencia cultural o usar una versión invariable + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Un método o constructor llama a un miembro que tiene una sobrecarga que acepta un parámetro System.Globalization.CultureInfo y el método o constructor no llama a la sobrecarga que toma el parámetro CultureInfo. Cuando el objeto CultureInfo o System.IFormatProvider no se suministra, el valor predeterminado que se suministra por el miembro sobrecargado puede no tener el efecto que desea en todas las configuraciones regionales. Si se mostrará el resultado al usuario, especifique "CultureInfo.CurrentCulture" como parámetro "CultureInfo". De lo contrario, si el resultado se almacenará y se accederá a él mediante software, como los casos en que se guarda en un disco o una base de datos, especifique "CultureInfo.InvariantCulture". + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - El comportamiento de "{0}" podría variar dependiendo de la configuración regional del usuario local. Reemplace esta llamada en "{1}" por una llamada a "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - Especificar CultureInfo + Specify CultureInfo Specify current culture - Especificar la referencia cultural actual + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Un método o constructor llama a uno o más miembros que tienen sobrecargas que aceptan un parámetro System.IFormatProvider y el método o constructor no llama a la sobrecarga que toma el parámetro IFormatProvider. Cuando el objeto System.Globalization.CultureInfo o IFormatProvide no se suministra, el valor predeterminado que suministra el miembro sobrecargado puede no tener el efecto que desea en todas las configuraciones regionales. Si el resultado se va a basar en la entrada desde/salida que se muestra al usuario, especifique "CultureInfo.CurrentCulture" como "IFormatProvider". De lo contrario, si el resultado se va a almacenar y se va a acceder a él mediante software, como los casos en que se carga desde el disco o la base de datos y en que se guarda en un disco o una base de datos, especifique "CultureInfo.InvariantCulture". + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - El comportamiento de "{0}" podría variar dependiendo de la configuración regional del usuario local. Reemplace esta llamada en "{1}" por una llamada a "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - El comportamiento de "{0}" podría variar dependiendo de la configuración regional del usuario local. Reemplace esta llamada en "{1}" por una llamada a "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - El comportamiento de '{0}' puede variar en función de la configuración regional del usuario actual. Proporcione un valor para el argumento 'IFormatProvider'. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - "{0}" pasa "{1}" como parámetro de "IFormatProvider" a "{2}". Esta propiedad devuelve una cultura que no es apropiada para los métodos de formato. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - "{0}" pasa "{1}" como parámetro de "IFormatProvider" a "{2}". Esta propiedad devuelve una cultura que no es apropiada para los métodos de formato. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - Especificar IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Un miembro de invocación de plataforma permite llamadores que no son de plena confianza, tiene un parámetro de cadena y no calcula explícitamente las referencias a la cadena. Esto puede provocar una potencial vulnerabilidad de seguridad. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Especificar cálculo de referencias para argumentos de cadena P/Invoke + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Una operación de comparación de cadenas usa una sobrecarga de método que no establece un parámetro StringComparison. Se recomienda usar la sobrecarga con el parámetro StringComparison para mayor claridad. Si el resultado se va a mostrar al usuario, como los casos en que se ordena una lista de elementos para mostrarlos en un cuadro de lista, especifique "StringComparison.CurrentCulture" o "StringComparison.CurrentCultureIgnoreCase" como parámetro "StringComparison". Si está comparando identificadores que no distinguen mayúsculas de minúsculas, como rutas de acceso de archivos, variables de entorno o claves y valores del Registro, especifique "StringComparison.OrdinalIgnoreCase". De lo contrario, si compara identificadores que distinguen mayúsculas de minúsculas, especifique "StringComparison.Ordinal". + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - "{0}" tiene una sobrecarga de método que admite un parámetro "StringComparison". Reemplace esta llamada en "{1}" con una llamada a "{2}" para mayor claridad de la intención. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Especificar StringComparison para mayor claridad + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Una operación de comparación de cadenas usa una sobrecarga de método que no establece un parámetro StringComparison, por lo que su comportamiento puede variar en función de la configuración regional del usuario actual. Se recomienda encarecidamente usar la sobrecarga con el parámetro StringComparison para mayor corrección y claridad de la intención. Si el resultado se va a mostrar al usuario, como los casos en que se ordena una lista de elementos para mostrarlos en un cuadro de lista, especifique "StringComparison.CurrentCulture" o "StringComparison.CurrentCultureIgnoreCase" como parámetro "StringComparison". Si está comparando identificadores que no distinguen mayúsculas de minúsculas, como rutas de acceso de archivos, variables de entorno o claves y valores del Registro, especifique "StringComparison.OrdinalIgnoreCase". De lo contrario, si compara identificadores que distinguen mayúsculas de minúsculas, especifique "StringComparison.Ordinal". + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - El comportamiento de "{0}" podría variar dependiendo de la configuración regional del usuario local. Reemplace esta llamada en "{1}" por una llamada a "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Especificar StringComparison para mayor corrección + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - El uso de modificadores "static" y "abstract" requiere la participación en las características de versión preliminar. Consulte https://aka.ms/dotnet-warnings/preview-features para obtener más información. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - La comparación de cadenas utilizando la propiedad String.Length o el método String.IsNullOrEmpty es significativamente más rápida que si se utilizara Equals. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Compruebe si las cadenas están vacías mediante la propiedad "string.Length" o el método "string.IsNullOrEmpty" en lugar de una comprobación de Equality. + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Probar si las cadenas están vacías mediante la longitud de cadena + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Esta expresión prueba un valor con Single.Nan o Double.Nan. Use Single.IsNan(Single) o Double.IsNan(Double) para probar el valor. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Probar NaN correctamente + Test for NaN correctly Test for NaN correctly - Probar NaN correctamente + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - Los campos “ThreadStatic” deben inicializarse de forma diferida al usarse, no con inicialización insertada ni explícitamente en un constructor estático, lo que solo inicializaría el campo en el subproceso que ejecuta el constructor estático del tipo. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - Los campos “ThreadStatic” no deben usar la inicialización insertada + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Inicialización de campo “ThreadStatic” incorrecta + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - “ThreadStatic” solo afecta a campos estáticos. Cuando se aplica a campos de instancia, no afecta al comportamiento. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Asegúrese de que “ThreadStatic” solo se usa con campos estáticos + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - “ThreadStatic” solo afecta a campos estáticos + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - Uso del asistente de inicio ArgumentException + Use ArgumentException throw helper Use ArgumentNullException throw helper - Uso del asistente de inicio ArgumentNullException + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - Uso del asistente de inicio ArgumentOutOfRangeException + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Usar Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - El indizador basado en intervalos en los valores de matriz genera una copia de la parte solicitada de la matriz. Esta copia suele ser no deseada cuando se usa implícitamente como valor Span o Memory. Use el método AsSpan para evitar la copia. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Use "{0}" en lugar del indizador basado en "{1}" en "{2}" para evitar la creación de copias de datos innecesarias. + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Usar "{0}" en lugar de indizadores basados en intervalos en una cadena + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Usar "{0}" en lugar de indizadores basados en intervalos en una matriz + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Usar AsSpan o AsMemory en lugar de indizadores basados en intervalos cuando proceda + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - El indizador basado en intervalos en los valores de cadena genera una copia de la parte solicitada de la cadena. Esta copia suele ser innecesaria cuando se usa implícitamente como valor ReadOnlySpan o ReadOnlyMemory. Use el método AsSpan para evitar la copia innecesaria. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - El indizador basado en intervalos en los valores de matriz genera una copia de la parte solicitada de la matriz. Esta copia suele ser innecesaria cuando se usa implícitamente como valor ReadOnlySpan o ReadOnlyMemory. Use el método AsSpan para evitar la copia innecesaria. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Cuando esté dentro de un método de devolución de Task, use la versión asincrónica de los métodos, si existen. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - {0} bloquea sincrónicamente.'Await '{1} en su lugar. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - {0} bloquea sincrónicamente. Use await en su lugar. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Llame a métodos asincrónicos cuando esté en un método asincrónico + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Usar tokens antifalsificación en los controladores de ASP.NET Core MVC + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Controlar una solicitud POST, PUT, PATCH o DELETE sin validar un token antifalsificación puede suponer una vulnerabilidad a los ataques de falsificación de solicitudes entre sitios. En este tipo de ataques, se pueden enviar solicitudes malintencionadas de un usuario autenticado al controlador de ASP.NET Core MVC. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - El método {0} controla una solicitud de {1} sin validar un token antifalsificación. También debe asegurarse de que el formulario HTML envíe un token antifalsificación. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Reemplazar por "CancellationToken.ThrowIfCancellationRequested" + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - "ThrowIfCancellationRequested" comprueba automáticamente si el token se ha cancelado y produce una excepción "OperationCanceledException" si lo ha hecho. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Use "ThrowIfCancellationRequested" en lugar de comprobar "IsCancellationRequested" y producir "OperationCanceledException". + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - Usar "ThrowIfCancellationRequested" + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - El uso de tipos concretos evita la sobrecarga de llamadas virtuales o de interfaz y habilita la inserción. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Cambiar el tipo de campo '{0}' de '{1}' a '{2}' para mejorar el rendimiento + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Cambiar el tipo de variable '{0}' de '{1}' a '{2}' para mejorar el rendimiento + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Cambiar el tipo de valor devuelto del método '{0}' de '{1}' a '{2}' para mejorar el rendimiento + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Cambiar el tipo de parámetro '{0}' de '{1}' a '{2}' para mejorar el rendimiento + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Cambie el tipo de propiedad "{0}" de "{1}" a "{2}" para mejorar el rendimiento. + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Usar tipos concretos cuando sea posible para mejorar el rendimiento + Use concrete types when possible for improved performance Use Container Level Access Policy - Usar una directiva de acceso de nivel de contenedor + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - No se ha especificado ningún identificador de directiva de acceso, por lo que los tokens no son revocables. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Considere la posibilidad de usar el control de acceso basado en rol de Azure en lugar de una firma de acceso compartido (SAS), si es posible. Si tiene que usar una firma de acceso compartido, utilice una directiva de acceso de nivel de contenedor al crear dicha firma. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - Usar el atributo DefaultDllImportSearchPaths para P/Invoke + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - De forma predeterminada, los métodos de P/Invoke que usan DllImportAttribute sondean una serie de directorios, incluido el directorio de trabajo actual para cargar la biblioteca. Esto puede suponer un problema de seguridad para algunas aplicaciones y dar lugar a que se intercepten archivos .dll. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - El método {0} no ha usado el atributo DefaultDllImportSearchPaths para P/Invoke. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Usar código equivalente que funciona cuando el marshalling está deshabilitado + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - 'Environment.CurrentManagedThreadId' es más sencillo y rápido que 'Thread.CurrentThread.ManagedThreadId'. + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - Usar "Environment.CurrentManagedThreadId" + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Use "Environment.CurrentManagedThreadId" en lugar de "Thread.CurrentThread.ManagedThreadId". + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - Usar "Environment.CurrentManagedThreadId" + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - "Environment.ProcessId" es más rápido y sencillo que "Process.GetCurrentProcess().Id" + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - Usar "Environment.ProcessId" + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Use "Environment.ProcessId" en lugar de "Process.GetCurrentProcess().Id". + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - Usar "Environment.ProcessId" + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - "Environment.ProcessPath" es más sencillo y rápido que "Process.GetCurrentProcess(). MainModule.FileName'. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Uso de "Environment.ProcessPath" + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Use "Environment.ProcessPath" en lugar de "Process.GetCurrentProcess(). MainModule.FileName' + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Uso de "Environment.ProcessPath" + Use 'Environment.ProcessPath' Use indexer - Usar el indizador + Use indexer Use an invariant version - Usar una versión invariable + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Se define un método de invocación de sistema operativo y hay un método con la funcionalidad equivalente en la biblioteca de clases de .NET Framework. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Utilizar equivalentes administrados de la API Win32 + Use managed equivalents of win32 api Use managed equivalents of win32 api - Utilizar equivalentes administrados de la API Win32 + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - Uso del asistente de inicio ObjectDisposedException + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Una operación no lingüística de comparación de cadenas no establece el parámetro StringComparison en Ordinal ni en OrdinalIgnoreCase. Si se establece explícitamente el parámetro en StringComparison.Ordinal o StringComparison.OrdinalIgnoreCase, el código será más rápido y ganará en precisión y confiabilidad. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Usar una comparación de cadena ordinal + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() posiblemente enumera la secuencia, mientras que una propiedad Length/Count es un acceso directo. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Use la propiedad "{0}" en lugar de Enumerable.Count(). + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Usar la propiedad Length/Count en lugar de Count() cuando esté disponible + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Usar un algoritmo de Rivest-Shamir-Adleman (RSA) con un tamaño de clave suficiente + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Los algoritmos de cifrado son vulnerables a los ataques por fuerza bruta cuando se usa un tamaño de clave demasiado pequeño. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - El tamaño de clave del algoritmo de cifrado asimétrico {0} es inferior a 2048. Cambie a un algoritmo de ECDSA o ECDH con RSA que tenga un tamaño de clave mínimo de 2048. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Las aplicaciones disponibles a través de HTTPS deben usar cookies seguras. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - Usar HttpsOnly con SharedAccessProtocol + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS cifra el tráfico de red. Use HttpsOnly, en lugar de HttpOrHttps, para asegurarse de que el tráfico de red se cifra siempre y ayudar a evitar la divulgación de información confidencial. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Considere la posibilidad de usar el control de acceso basado en rol de Azure en lugar de una firma de acceso compartido (SAS), si es posible. Si tiene que usar una firma de acceso compartido, especifique SharedAccessProtocol.HttpsOnly. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Usar "Clear()" + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - Es más eficaz usar "Clear", en lugar de 'Fill' con el valor predeterminado. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - Preferir "Span<T>.Clear()" en lugar de "Span<T>.Fill(default)" + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - Preferir "Clear" en lugar de "Fill" + Prefer 'Clear' over 'Fill' Use 'StartsWith' - Usar "StartsWith" + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - Es más claro y rápido usar "StartsWith" en lugar de comparar el resultado de "IndexOf" con cero. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Use "StartsWith" en lugar de comparar el resultado de "IndexOf" con 0. + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - Usar "StartsWith" en lugar de "IndexOf" + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - Use 'string.Equals' + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - Es más claro y probablemente más rápido usar 'string.Equals' en lugar de comparar el resultado de 'string.Compare' con cero. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Use 'string.Equals' en lugar de comparar el resultado de 'string.Compare' con 0 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - Use 'string.Equals' - - - - Use 'AsSpan' with 'string.Concat' - Use 'AsSpan' con 'string.Concat' - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - Es más eficaz usar "AsSpan" y "string.Concat, en lugar de 'Substring' y un operador de concatenación. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Use la cadena basada en 'string.Concat' y "AsSpan" en lugar de 'Substring' - - - - Use span-based 'string.Concat' - Use la cadena basada en 'string.Concat' - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - 'string.Contains(char)' está disponible como una sobrecarga de mejor rendimiento para la búsqueda de caracteres únicos. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Use 'string.Contains(char)' en lugar de 'string.Contains(string)' al buscar un solo carácter - - - - Use char literal for a single character lookup - Usar literal de carácter para una búsqueda de caracteres individuales + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Los asistentes de inicio son más sencillos y eficaces que un bloque if que construye una nueva instancia de excepción. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - Use '{0}.{1}' + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Use '{0}.{1}' en lugar de iniciar explícitamente una nueva instancia de excepción + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - El analizador de compatibilidad de plataforma requiere un nombre de plataforma y una versión válidos. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - La versión "{0}" no es válida para la plataforma "{1}". Use una versión con 2{2}parts para esta plataforma. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - La versión "{0}" no es válida para la plataforma "{1}". No use versiones para esta plataforma. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Usar cadena de plataforma válida + Use valid platform string The platform '{0}' is not a known platform name - La plataforma '{0}' no es un nombre de plataforma conocido + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - Los elementos ValueTask devueltos por invocaciones de miembros están diseñados para esperarlos directamente. Los intentos de consumir un ValueTask varias veces o de acceder directamente al resultado de uno antes de que se sepa que se ha completado pueden producir una excepción o daños en los datos. La omisión de un ValueTask en este caso indica probablemente un error funcional y puede degradar el rendimiento. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - No se debe acceder directamente al resultado de una instancia de ValueTask a menos que la instancia se haya completado. A diferencia de Task, no hay garantía de que una llamada a Result o GetAwaiter().GetResult() en un elemento ValueTask se bloquee hasta que la operación se complete. Si no puede simplemente esperar a la instancia, considere la posibilidad de comprobar primero su propiedad IsCompleted (o indicar que es true si sabe que ese es el caso). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - Las instancias de ValueTask solo deben consumirse una vez, por ejemplo, con await. El consumo de la misma instancia de ValueTask varias veces puede producir excepciones y daños en los datos. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Las instancias de ValueTask devueltas por llamadas de método deben esperarse directamente, devolverse o pasarse como argumento a otra llamada de método. Otro uso, como el almacenamiento de una instancia en una variable local o un campo, puede ser indicativo de un error, ya que las instancias de ValueTask solo deben consumirse una vez. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Las instancias de ValueTask devueltas por llamadas de método deben usarse siempre, normalmente con await. Si no se hace así, suele suponer un error funcional pero, incluso si no lo es, puede degradar el rendimiento si el método de destino agrupa objetos para usarlos con elementos ValueTask. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - Usar ValueTask correctamente + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Al procesar el código XML desde datos en los que no se confía, se pueden cargar referencias externas peligrosas, que se deben restringir usando un objeto XmlReader con una resolución segura o con el procesamiento de DTD deshabilitado. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - Usar XmlReader para "DataSet.ReadXml()" + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - Usar XmlReader para "XmlSerializer.Deserialize()" + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - Usar XmlReader para "XmlSchema.Read()" + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - Usar XmlReader para el constructor XmlValidatingReader + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - Usar XmlReader para el constructor XPathDocument + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - Es posible que la sobrecarga del método "{0}.{1}" no sea segura. Puede habilitar la definición de tipo de documento (DTD), que puede ser vulnerable a los ataques por denegación de servicio, o bien usar un elemento XmlResolver que puede ser vulnerable a la divulgación de información. Use una sobrecarga que tome una instancia de XmlReader, con el procesamiento de DTD deshabilitado y sin XmlResolver. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' usa el tipo de vista previa '{1}' y debe participar en las características en versión preliminar. Consulte {2} para obtener más información. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' usa el tipo de vista previa '{1}' y debe participar en las características en versión preliminar. Consulte {2} para obtener más información. - - - - Use 'TryGetValue(TKey, out TValue)' - Use "TryGetValue(TKey, out TValue)" - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Preferir el método "IDictionary.TryGetValue(TKey, out TValue)" - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Preferir una llamada "TryGetValue" en lugar de un acceso al indexador del diccionario protegido por una comprobación "ContainsKey" para evitar la doble búsqueda - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Preferir una llamada "TryGetValue" a un acceso al indexador del diccionario protegido por una comprobación "ContainsKey". Tanto "ContainsKey" como el indexador buscarían de forma exhaustiva, por lo que el uso de "TryGetValue" elimina la búsqueda adicional. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf index 1c14bb70f8..236e516add 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - Ajoutez l'attribut 'NonSerialized' à ce champ. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Ajouter l'attribut Serializable + Add Serializable attribute Review cipher mode usage with cryptography experts - Passer en revue l'utilisation du mode de chiffrement avec des experts en chiffrement + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Ces modes de chiffrement peuvent être vulnérables aux attaques. Utilisez les modes recommandés (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Passez en revue l'utilisation du mode de chiffrement '{0}' avec des experts en chiffrement. Utilisez les modes recommandés (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - Le paramètre de littéral de chaîne d'un attribut n'est pas correctement analysé pour une URL, un GUID ou une version. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - Dans le constructeur de '{0}', changez la valeur de l'argument '{1}', qui correspond à "{2}", et remplacez-la par une valeur pouvant être analysée correctement en tant que '{3}' + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - Dans le constructeur de '{0}', changez la valeur de l'argument '{1}', qui correspond à une chaîne vide (""), et remplacez-la par une valeur pouvant être analysée correctement en tant que '{2}' + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Les littéraux de chaîne d'attribut doivent être analysés correctement + Attribute string literals should parse correctly Extract to static readonly field - Extraire dans un champ readonly statique + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - Les tableaux constants passés en argument ne sont pas réutilisés en cas d’appels répétés, ce qui implique la création d’un nouveau tableau à chaque fois. Envisagez de les extraire vers des champs « static readonly » pour améliorer le niveau de performance si le tableau passé n’est pas modifié au sein de la méthode appelée. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - Préférer les champs 'static readonly' aux arguments de tableau de constantes si la méthode appelée est appelée à plusieurs reprises et ne mute pas le tableau passé + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - Éviter les tableaux constants en tant qu’arguments + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - Le marshaling de 'StringBuilder' crée toujours une copie de la mémoire tampon native, ce qui entraîne plusieurs allocations pour une seule opération de marshaling. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Évitez les paramètres 'StringBuilder' pour les P/Invoke. À la place, utilisez une mémoire tampon de caractères. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - Éviter les paramètres 'StringBuilder' pour les P/Invoke + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - La bibliothèque de classes .NET Framework fournit des méthodes pour récupérer les attributs personnalisés. Par défaut, ces méthodes effectuent des recherches dans la hiérarchie d'héritage des attributs. Le scellement de l'attribut permet d'éviter les recherches dans la hiérarchie d'héritage et contribue à l'amélioration des performances. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Éviter les attributs unsealed + Avoid unsealed attributes Avoid unsealed attributes - Éviter les attributs unsealed + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Évitez les allocations inutiles de tableaux dont la longueur est égale à zéro. Utilisez {0} à la place. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Évitez les allocations de tableaux dont la longueur est égale à zéro + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables sans SerializationBinder pour restreindre le type des objets dans le graphe d'objets désérialisé. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Vérifiez que BinaryFormatter.Binder est défini avant d'appeler BinaryFormatter.Deserialize + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables sans SerializationBinder pour restreindre le type des objets dans le graphe d'objets désérialisé. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - N'appelez pas BinaryFormatter.Deserialize sans avoir défini d'abord BinaryFormatter.Binder + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables. Si vous devez plutôt détecter la désérialisation BinaryFormatter sans avoir défini SerializationBinder, désactivez la règle CA2300, puis activez les règles CA2301 et CA2302. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Ne pas utiliser le désérialiseur non sécurisé BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer. BlockCopy’ s’attend à ce que le nombre d’octets soient copiés pour l’argument ’Count'. L’utilisation de’Array. Length’ peut ne pas correspondre au nombre d’octets qui doivent être copiés. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer. BlockCopy’ s’attend à ce que le nombre d’octets soient copiés pour l’argument ’Count'. L’utilisation de’Array. Length’ peut ne pas correspondre au nombre d’octets qui doivent être copiés. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - 'Buffer. BlockCopy’ s’attend à ce que le nombre d’octets soient copiés pour l’argument’Count' + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Une méthode qui est une implémentation de Dispose n'appelle pas GC.SuppressFinalize. Ou bien, une méthode qui n'est pas une implémentation de Dispose appelle GC.SuppressFinalize. Ou encore, une méthode appelle GC.SuppressFinalize et passe autre chose que this (Me en Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Changez {0} pour appeler {1}. Cette opération empêche les types dérivés qui introduisent un finaliseur d'avoir à réimplémenter 'IDisposable' pour l'appeler. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Changez {0} pour appeler {1}. Cela empêche une finalisation inutile de l'objet une fois qu'il a été supprimé et qu'il est devenu hors de portée. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} appelle {1} sur autre chose que lui -même. Changez le site d'appel pour passer 'this' ('Me' en Visual Basic) à la place. + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} appelle {1}, une méthode qui est généralement appelée uniquement dans une implémentation de 'IDisposable.Dispose'. Consultez le modèle IDisposable pour plus d'informations. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Les méthodes Dispose doivent appeler SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - L’attribut ConstantExpected n’est pas appliqué correctement au paramètre. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Utilisation incorrecte de l’attribut ConstantExpected + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - L’attribut ConstantExpected est requis pour le paramètre en raison de l’annotation de méthode parente + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - La valeur « {0} » n’est pas compatible avec le type de paramètre « {1} » + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - La valeur « {0} » ne tient pas dans les limites de valeur de paramètre de « {1} » à « {2} » + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - La constante n’est pas du même type « {0} » que le paramètre + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Les valeurs Min et Max sont inversées + The Min and Max values are inverted The argument should be a constant for optimal performance - L’argument doit être une constante pour des performances optimales + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - Le type « {0} » n’est pas pris en charge pour l’attribut ConstantExpected + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - La constante ne tient pas dans les limites de valeur de « {0} » à « {1} » + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - Le paramètre attend une constante pour des performances optimales. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Une constante est attendue pour le paramètre + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quand vous désérialisez une entrée non fiable, la désérialisation d'un objet {0} n'est pas une action sécurisée. '{1}' est égal à ou dérive de {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - Type DataSet ou DataTable non sécurisé trouvé dans le graphe d'objets désérialisable + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - Quand vous désérialisez une entrée non fiable avec un sérialiseur basé sur IFormatter, la désérialisation d'un objet {0} n'est pas une action sécurisée. '{1}' est égal à ou dérive de {0}. Vérifiez que le type généré automatiquement n'est jamais désérialisé avec des données non fiables. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Un DataSet ou DataTable non sécurisé dans un type sérialisable généré automatiquement peut être vulnérable aux attaques par exécution de code à distance + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quand vous désérialisez une entrée non fiable, la désérialisation d'un objet {0} n'est pas une action sécurisée. '{1}' est égal à ou dérive de {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Un DataSet ou DataTable non sécurisé dans un graphe d'objets désérialisé peut être vulnérable aux attaques par exécution de code à distance + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - Quand vous désérialisez une entrée non fiable avec un sérialiseur basé sur IFormatter, la désérialisation d'un objet {0} n'est pas une action sécurisée. '{1}' est égal à ou dérive de {0}. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Un DataSet ou DataTable non sécurisé dans un type sérialisable peut être vulnérable aux attaques par exécution de code à distance + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quand vous désérialisez une entrée non fiable, la désérialisation d'un objet {0} n'est pas une action sécurisée. '{1}' est égal à ou dérive de {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - DataSet ou DataTable non sécurisé dans un type sérialisable + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quand vous désérialisez une entrée non fiable, la désérialisation d'un objet {0} n'est pas une action sécurisée. '{1}' est égal à ou dérive de {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Type DataSet ou DataTable non sécurisé trouvé dans un graphe d'objets désérialisable web + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables. Vérifiez que la classe générée automatiquement contenant l'appel '{0}' n'est pas désérialisée avec des données non fiables. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Vérifier que la classe générée automatiquement contenant DataSet.ReadXml() n'est pas utilisée avec des données non fiables + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - Ne pas utiliser DataSet.ReadXml() avec des données non fiables + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - Ne pas utiliser DataTable.ReadXml() avec des données non fiables + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients doit activer les vérifications de la liste de révocation de certificats + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient est créé sans activation de CheckCertificateRevocationList + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Ne pas ajouter de certificats au magasin racine + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - L'ajout de certificats aux certificats racines approuvés du système d'exploitation augmente le risque d'authentification incorrecte d'un certificat illégitime + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - Ne pas utiliser CreateEncryptor avec une valeur IV non définie par défaut + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - Le chiffrement symétrique utilise un vecteur d'initialisation non défini par défaut potentiellement répétable + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Utiliser des cookies sécurisés en ASP.NET Core + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Définir CookieOptions.Secure = true au moment de définir un cookie + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - N'utilisez pas la fonction de dérivation de clés faibles avec un nombre insuffisant d'itérations + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Utilisez au moins {0} itérations quand vous dérivez une clé de chiffrement à partir d'un mot de passe. Par défaut, le IterationCount de Rfc2898DeriveByte est seulement égal à 1 000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Les anciennes versions du protocole TLS (Transport Layer Security) sont moins sécurisées que TLS 1.2 et TLS 1.3, et sont plus susceptibles de comporter de nouvelles vulnérabilités. Évitez les anciennes versions de protocole pour réduire les risques. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - La version '{0}' du protocole TLS (Transport Layer Security) est dépréciée. Utilisez 'None' pour laisser le système d'exploitation choisir une version. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - N'utilisez pas de valeurs dépréciées pour SslProtocols + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' dérive de la classe de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2} pour plus d'informations. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{3}' {0} dérive de la classe de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2} pour plus d'informations. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Un assembly doit choisir des fonctionnalités en préversion avant de les utiliser. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - L'utilisation de '{0}' nécessite d'opter pour les fonctions de prévisualisation. Voir {1}pour plus d'informations. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - L'utilisation de '{2}' {0} nécessite d'opter pour les fonctions de prévisualisation. Voir {1}pour plus d'informations. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Cette API requiert l’option d’évaluation des fonctionnalités en préversion. + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Un type qui implémente System.IDisposable déclare des champs dont les types implémentent également IDisposable. La méthode Dispose du champ n'est pas appelée par la méthode Dispose du type déclarant. Pour corriger toute violation de cette règle, appelez Dispose sur les champs dont les types implémentent IDisposable si vous êtes responsable de l'allocation et de la libération des ressources non managées détenues par le champ. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - '{0}' contient le champ '{1}' qui est de type IDisposable '{2}', mais il n'est jamais supprimé. Changez la méthode Dispose sur '{0}' afin d'appeler Close ou Dispose pour ce champ. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Les champs supprimables doivent l'être + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Un type qui implémente System.IDisposable et dont les champs suggèrent l'utilisation de ressources non managées n'implémente pas de finaliseur conforme à la description de Object.Finalize. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Les types supprimables doivent déclarer un finaliseur + Disposable types should declare finalizer Disposable types should declare finalizer - Les types supprimables doivent déclarer un finaliseur + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Un type qui implémente System.IDisposable hérite d'un type qui implémente également IDisposable. La méthode Dispose du type qui hérite n'appelle pas la méthode Dispose du type parent. Pour corriger toute violation de cette règle, appelez base.Dispose dans votre méthode Dispose. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Vérifiez que la méthode '{0}' appelle '{1}' dans tous les chemins de flux de contrôle possibles + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Les méthodes Dispose doivent appeler la méthode Dispose de la classe de base + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Si un objet supprimable n'est pas supprimé explicitement avant que toutes les références s'y rapportant ne soient hors de portée, cet objet sera supprimé à un moment indéterminé lorsque le Garbage Collector exécutera le finaliseur sur l'objet. Il est préférable que l'objet soit supprimé explicitement, car un événement exceptionnel peut se produire, empêchant l'exécution du finaliseur de l'objet. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Utilisez le modèle de suppression recommandé pour vérifier que l'objet créé par '{0}' est supprimé sur tous les chemins. Si possible, incluez la création dans un wrapper au sein d'une instruction 'using' ou d'une déclaration 'using'. Sinon, utilisez un modèle try-finally avec une variable locale dédiée déclarée avant la région try et un appel inconditionnel de Dispose sur une valeur non null dans la région 'finally', par exemple 'x?.Dispose()'. Si l'objet est explicitement supprimé dans la région try ou si la propriété de suppression est transférée vers un autre objet ou une autre méthode, affectez la valeur 'null' à la variable locale juste après cette opération pour éviter une double suppression dans 'finally'. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Utilisez le modèle de suppression recommandé pour vérifier que l'objet créé par '{0}' est supprimé sur tous les chemins d'exception. Si possible, incluez la création dans un wrapper au sein d'une instruction 'using' ou d'une déclaration 'using'. Sinon, utilisez un modèle try-finally avec une variable locale dédiée déclarée avant la région try et un appel inconditionnel de Dispose sur une valeur non null dans la région 'finally', par exemple 'x?.Dispose()'. Si l'objet est explicitement supprimé dans la région try ou si la propriété de suppression est transférée vers un autre objet ou une autre méthode, affectez la valeur 'null' à la variable locale juste après cette opération pour éviter une double suppression dans 'finally'. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Appelez System.IDisposable.Dispose sur l'objet créé par '{0}' avant que toutes les références s'y rapportant ne soient hors étendue + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - L'objet créé par '{0}' n'est pas supprimé dans tous les chemins d'exception. Appelez System.IDisposable.Dispose sur l'objet avant que toutes les références s'y rapportant ne soient hors étendue. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Supprimer les objets avant la mise hors de portée + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Ne pas ajouter le chemin de l'élément d'archive au chemin du système de fichiers cible + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Quand vous effectuez l'extraction de fichiers à partir d'une archive et à l'aide du chemin de l'élément d'archive, vérifiez si le chemin est sécurisé. Le chemin de l'archive peut être relatif et entraîner l'accès au système de fichiers en dehors du chemin cible attendu pour le système de fichiers. Cela peut permettre ensuite des changements de configuration malveillants et l'exécution de code à distance via une technique d'embuscade. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Quand vous créez le chemin de '{0} dans la méthode {1}' à partir du chemin d'élément d'archive relatif pour extraire un fichier, et que la source est une archive zip non approuvée, veillez à assainir le chemin d'élément d'archive relatif '{2} dans la méthode {3}' + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - Ne pas ajouter de schéma par URL + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - Cette surcharge de la méthode XmlSchemaCollection.Add active de manière interne le traitement DTD sur l'instance de lecteur XML utilisée, puis utilise UrlResolver pour résoudre les entités XML externes. Il en résulte une divulgation d'informations. Le contenu du système de fichiers ou des partages réseau de la machine qui traite le code XML peut être exposé à un attaquant. En outre, un attaquant peut l'utiliser comme vecteur d'attaque DoS. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Cette surcharge de la méthode Add est potentiellement non sécurisée, car elle peut résoudre des références externes dangereuses + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - En définissant des délégués de validation TokenValidationParameter critiques sur true, des mesures de sécurité d’authentification importantes sont désactivées, ce qui peut entraîner des jetons à partir de n’importe quel émetteur ou les jetons expirés sont mal validés. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - La {0} est définie sur une fonction qui retourne toujours true. En définissant le délégué de validation, vous annulez la validation par défaut et retournant toujours true, cette validation est complètement désactivée. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Ne pas toujours ignorer la validation des jetons dans les délégués + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - La désérialisation non sécurisée et une vulnérabilité qui se produit quand des données non approuvées sont utilisées pour exploiter la logique d'une application, infliger une attaque par déni de service (DoS) ou même exécuter du code arbitraire pendant leur désérialisation. Les utilisateurs malveillants peuvent souvent exploiter les fonctionnalités de ces désérialisations quand l'application désérialise des données non approuvées qui sont sous leur contrôle. Plus précisément, ils appellent des méthodes dangereuses dans le processus de désérialisation. Les attaques pendant une désérialisation non sécurisée peuvent permettre à un utilisateur malveillant d'effectuer des attaques de type attaques DoS, contournements d'authentification et exécution du code à distance. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - Lors de la désérialisation d’une instance de la classe '{0}', la méthode '{1}' peut appeler directement ou indirectement la méthode dangereuse '{2}' + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Ne pas appeler de méthodes dangereuses dans la désérialisation + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> et Enumerable.OfType<T> nécessitent des types compatibles pour fonctionner normalement. -Le cast générique (IL 'unbox.any') utilisé par la séquence retournée par Enumerable.Cast<T> lève InvalidCastException au moment de l’exécution sur les éléments des types spécifiés. -La vérification de type générique (opérateur C# 'is'/IL 'isinst') utilisée par Enumerable.OfType<T> ne réussira jamais avec les éléments de types spécifiés, ce qui entraîne une séquence vide. -Les conversions étendues et définies par l’utilisateur ne sont pas prises en charge avec les types génériques. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - Le type '{0}' n’est pas compatible avec le type '{1}' et les tentatives de cast lèvent InvalidCastException au moment de l’exécution + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - Cet appel entraîne toujours une séquence vide, car le type '{0}' est incompatible avec le type '{1}' + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - N’appelez pas Enumerable.Cast<T> ou Enumerable.OfType<T> avec des types incompatibles + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - Ne pas appeler {0} sur une valeur {1} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - Ne pas appeler ToImmutableCollection sur une valeur ImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource a des constructeurs qui prennent des TaskCreationOptions qui contrôlent la tâche sous-jacente, et des constructeurs qui prennent l'état d'objet stocké dans la tâche. La transmission accidentelle de TaskContinuationOptions au lieu de TaskCreationOptions entraîne dans l'appel le traitement des options comme des états. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Remplacez TaskContinuationOptions par TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - L'argument contient l'enum TaskContinuationsOptions au lieu de l'enum TaskCreationOptions + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - L'argument passé au constructeur TaskCompletionSource doit être l'enum TaskCreationOptions au lieu de l'enum TaskContinuationOptions + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Ne créez pas de tâches sauf si vous utilisez l'une des surcharges qui acceptent TaskScheduler. La valeur par défaut consiste à planifier TaskScheduler.Current, ce qui entraîne des interblocages. Utilisez TaskScheduler.Default pour planifier le pool de threads, ou passez explicitement TaskScheduler.Current pour clarifier vos intentions. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Ne pas créer de tâches sans passer TaskScheduler + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Ne pas créer de tâches sans passer TaskScheduler + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - L'ajout d'un finaliseur à un type dérivé de MemoryManager<T> peut permettre de libérer de la mémoire alors qu'elle est toujours utilisée par un Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - L'ajout d'un finaliseur à un type dérivé de MemoryManager<T> peut permettre de libérer de la mémoire alors qu'elle est toujours utilisée par un Span<T> + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - Ne définissez pas de finaliseurs pour les types dérivés de MemoryManager<T> + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Ne pas désactiver la validation de certificat + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Un certificat peut vous aider à authentifier l'identité du serveur. Les clients doivent valider le certificat de serveur pour garantir que les demandes sont envoyées au serveur souhaité. Si ServerCertificateValidationCallback retourne toujours 'true', tous les certificats sont validés. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - ServerCertificateValidationCallback est défini sur une fonction qui accepte n'importe quel certificat de serveur en retournant toujours la valeur true. Veillez à ce que ces certificats de serveur soient validés pour vérifier l'identité du serveur qui reçoit les demandes. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - L'utilisation de HttpClient sans fournir de gestionnaire spécifique à la plateforme (WinHttpHandler ou CurlHandler ou HttpClientHandler), où la propriété CheckCertificateRevocationList a la valeur true, permet aux certificats révoqués d'être acceptés par HttpClient comme valides. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - Ne pas désactiver la vérification d'en-tête HTTP + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - La vérification d'en-tête HTTP active l'encodage des caractères de type retour chariot et nouvelle ligne, \r et \n, présents dans les en-têtes de réponse. Cet encodage permet d'éviter les attaques par injection qui exploitent les failles de sécurité d'une application quand celle-ci retransmet des données non fiables contenues dans l'en-tête. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - Ne pas désactiver la vérification d'en-tête HTTP + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - Ne pas désactiver la validation de requête + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - La validation de requête est une fonctionnalité ASP.NET qui examine les requêtes HTTP pour déterminer si elles contiennent un contenu potentiellement dangereux. Cette vérification renforce la protection contre l'ajout malveillant de balises ou de code dans la chaîne de requête, les cookies ou les valeurs de formulaire posté de l'URL. Il est donc généralement souhaitable de laisser cette fonctionnalité activée pour une défense en profondeur. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - La validation de requête est désactivée pour {0} + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Ne pas désactiver l'utilisation du chiffrement fort par SChannel + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - À partir de .NET Framework 4.6, les classes System.Net.ServicePointManager et System.Net.Security.SslStream sont recommandées pour l'utilisation des nouveaux protocoles. Les anciennes classes présentent des faiblesses relatives aux protocoles et ne sont pas prises en charge. Si vous affectez la valeur true à Switch.System.Net.DontEnableSchUseStrongCrypto, vous utilisez une vérification de chiffrement faible et vieillissante, et vous n'avez plus accès à la migration de protocole. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} désactive TLS 1.2 et active SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - Les vérifications de validation de jeton garantissent que lors de la validation des jetons, tous les aspects sont analysés et vérifiés. La désactivation de la validation peut entraîner des failles de sécurité en autorisant les jetons non approuvés à le faire via la validation. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters. {0} ne doit pas avoir la valeur false, car il désactive la validation importante. + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Ne pas désactiver les vérifications de validation de jeton + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - N'affectez pas la valeur true à Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols. La définition de ce commutateur limite WCF (Windows Communication Framework) à l'utilisation du protocole TLS (Transport Layer Security) 1.0, qui est non sécurisé et obsolète. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - Ne pas désactiver ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - Ne protégez pas 'Dictionary.Remove(key)' avec 'Dictionary.ContainsKey(key)'. Le premier vérifie déjà si la clé existe et ne lèvera pas si ce n’est pas le cas. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - Ne pas protéger 'Dictionary.Remove(key)' avec 'Dictionary.ContainsKey(key)' + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Appel inutile à 'Dictionary.ContainsKey(key)' + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Ne pas coder en dur le certificat + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Les certificats codés en dur dans le code source sont vulnérables aux attaques. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - Une vulnérabilité potentielle liée à la sécurité a été détectée. '{0}' dans la méthode '{1}' peut être souillé par un certificat codé en dur en provenance de '{2}' dans la méthode '{3}' + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Ne pas coder en dur la clé de chiffrement + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - La propriété .Key de SymmetricAlgorithm ou le paramètre rgbKey d'une méthode ne doivent jamais correspondre à une valeur codée en dur. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - Une vulnérabilité potentielle liée à la sécurité a été détectée. '{0}' dans la méthode '{1}' peut être souillé par une clé codée en dur en provenance de '{2}' dans la méthode '{3}' + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - Par défaut, le magasin de certificats Autorités de certification racines de confiance est configuré avec un ensemble d'autorités de certification publiques qui répond aux exigences du programme de certificat racine Microsoft. Comme toutes les autorités de certification racines de confiance peuvent émettre des certificats pour n'importe quel domaine, un attaquant peut choisir une autorité de certification faible ou coercible que vous installez par vous-même, or une seule autorité de certification vulnérable, malveillante ou coercible compromet la sécurité de l'ensemble du système. Pour compliquer la situation, ces attaques passent facilement inaperçues. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Un objet a une identité faible quand il est accessible directement indépendamment des limites d'un domaine d'application. Un thread qui essaie d'acquérir un verrou sur un objet qui affiche une identité faible peut être bloqué par un deuxième thread dans un domaine d'application distinct qui dispose d'un verrou sur le même objet. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Ne pas définir de verrou sur les objets à identité faible + Do not lock on objects with weak identity Do not lock on objects with weak identity - Ne pas définir de verrou sur les objets à identité faible + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Une méthode passe un littéral de chaîne en tant que paramètre à un constructeur ou une méthode dans la bibliothèque de classes .NET Framework, et cette chaîne doit être localisable. Pour corriger toute violation de cette règle, remplacez le littéral de chaîne par une chaîne récupérée via une instance de la classe ResourceManager. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - La méthode '{0}' passe une chaîne littérale en tant que paramètre '{1}' d'un appel à '{2}'. À la place, récupérez les chaînes suivantes à partir d'une table de ressources : "{3}". + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Ne pas passer de littéraux en paramètres localisés + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Une exception de type qui n'est pas suffisamment spécifique ou réservée par le runtime ne doit jamais être levée par le code utilisateur. Cela rend l'erreur d'origine difficile à détecter et à corriger. Si cette instance d'exception peut être levée, utilisez un autre type d'exception. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - Le type d'exception {0} est réservé par le runtime + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - Le type d'exception {0} n'est pas suffisamment spécifique + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Ne pas lever de types d'exception réservés + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - Ne pas sérialiser les types avec des champs de pointeur + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Les pointeurs ne sont pas "de type sécurisé". En effet, vous ne pouvez pas garantir l'exactitude de la mémoire vers laquelle ils pointent. Il est donc dangereux de sérialiser des types avec des champs de pointeur, car cela peut permettre à un attaquant de contrôler le pointeur. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Champ de pointeur {0} pour le type sérialisable + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Ne pas utiliser de signature d'accès partagé au compte + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Les SAP (signatures d'accès partagé) constituent une partie essentielle du modèle de sécurité pour toutes les applications qui utilisent le Stockage Azure. Elles doivent fournir des autorisations limitées et sécurisées aux clients qui accèdent à votre compte de stockage et qui ne disposent pas de la clé de compte. Toutes les opérations disponibles via un SAP de service sont également disponibles via un SAP de compte, ce qui signifie que le SAP de compte a trop de pouvoir. Il est donc recommandé d'utiliser un SAP de service pour déléguer l'accès plus prudemment. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Utiliser un SAP de service à la place d'un SAP de compte pour appliquer un contrôle d'accès de granularité fine et une stratégie d'accès au niveau du conteneur + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Ne pas utiliser d'algorithmes de chiffrement cassés + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - Avec la puissance de calcul appropriée, il est possible de casser cet algorithme. Cela permet aux pirates de réduire à néant les garanties de chiffrement censées être offertes. En fonction du type et de l'application de cet algorithme de chiffrement, les pirates peuvent lire des messages chiffrés, falsifier des messages chiffrés, falsifier des signatures numériques, falsifier du contenu basé sur un code de hachage ou compromettre d'une façon ou d'une autre tout système de chiffrement reposant sur cet algorithme. Remplacez la clé de chiffrement de l'algorithme AES (les algorithmes AES-256, AES-192 et AES-128 sont acceptables) par une clé de longueur supérieure ou égale à 128 bits. Remplacez l'utilisation des codes de hachage par une fonction de hachage de la famille SHA-2, par exemple SHA512, SHA384 ou SHA256. Remplacez l'utilisation des signatures numériques par un chiffrement RSA dont la longueur de clé est supérieure ou égale à 2 048 bits, ou par un algorithme ECDSA dont la longueur de clé est supérieure ou égale à 256 bits. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} utilise un algorithme de chiffrement cassé {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - Pour les collections non vides, CountAsync() et LongCountAsync() énumèrent la séquence entière, alors que AnyAsync() s'arrête au premier élément ou au premier élément qui satisfait une condition. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - {0}() est utilisé alors que vous pourriez utiliser AnyAsync() à la place pour améliorer le niveau de performance + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - N'utilisez pas CountAsync() ou LongCountAsync() quand AnyAsync() peut être utilisé + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - Pour les collections non vides, Count() et LongCount() énumèrent la séquence entière, alors que Any() s'arrête au premier élément ou au premier élément qui satisfait une condition. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - {0}() est utilisé alors que Any() peut être utilisé à la place pour améliorer le niveau de performance + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - N'utilisez pas Count() ou LongCount() quand Any() peut être utilisé + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - Le chiffrement symétrique doit toujours utiliser un vecteur d'initialisation non répétable pour empêcher les attaques par dictionnaire. - - - - Do Not Use Deprecated Security Protocols - Ne pas utiliser de protocoles de sécurité dépréciés - - - - Using a deprecated security protocol rather than the system default is risky. - L'utilisation d'un protocole de sécurité déprécié à la place du protocole par défaut du système est risquée. - - - - Hard-coded use of deprecated security protocol {0} - Utilisation codée en dur du protocole de sécurité déprécié {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Ne pas utiliser DSA (Digital Signature Algorithm) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - L'algorithme DSA est trop faible pour être utilisé. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - L'algorithme de chiffrement asymétrique {0} est faible. Passez plutôt à un algorithme RSA avec une clé d'au moins 2 048 bits, à un algorithme ECDH ou à un algorithme ECDSA. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Cette collection est directement indexable. L'utilisation de LINQ ici entraîne des allocations non nécessaires et une sollicitation inutile de l'UC. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - N'utilisez pas de méthodes Enumerable sur les collections indexables. À la place, utilisez directement la collection. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - N'utilisez pas de méthodes Enumerable sur les collections indexables + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Ne pas utiliser de sélection aléatoire non sécurisée + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - L'utilisation d'un générateur de nombres pseudo-aléatoires faibles au niveau du chiffrement peut permettre à un attaquant de prédire la génération d'une valeur dont la sécurité est critique. Utilisez un générateur de nombres aléatoires forts au niveau du chiffrement si une valeur imprévisible est nécessaire, ou vérifiez qu'aucun nombre pseudo-aléatoire faible n'est utilisé dans le cadre d'opérations dont la sécurité est critique. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} est un générateur de nombres aléatoires non sécurisé. Utilisez des générateurs de nombres aléatoires sécurisés de manière chiffrée quand une sélection aléatoire est nécessaire pour la sécurité. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Ne pas utiliser de fonction de dérivation de clés obsolète + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - La dérivation de clés basée sur un mot de passe doit utiliser PBKDF2 avec SHA-2. Évitez d'utiliser PasswordDeriveBytes puisqu'il génère une clé PBKDF1. Évitez d'utiliser Rfc2898DeriveBytes.CryptDeriveKey car il n'utilise ni le nombre d'itérations ni de valeur salt. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Appel à la fonction de dérivation de clés obsolète {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - Les paramètres de chaîne passés par valeur avec 'OutAttribute' peuvent déstabiliser le runtime si la chaîne est une chaîne centralisée. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - N'utilisez pas 'OutAttribute' pour le paramètre de chaîne '{0}' qui est passé par valeur. Si le marshaling des données modifiées vers l'appelant est nécessaire, utilisez le mot clé 'out' pour passer la chaîne par référence à la place. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - N'utilisez pas 'OutAttribute' sur les paramètres de chaîne pour les P/Invoke + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - Ne passez pas d’argument avec le type valeur '{0}' à la méthode 'Equals' sur 'ReferenceEqualityComparer'. En raison du boxing de valeur, cet appel à « Equals » peut retourner un résultat inattendu. Envisagez plutôt d’utiliser « EqualityComparer » ou passez des arguments de type référence si vous envisagez d’utiliser « ReferenceEqualityComparer ». + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - Les arguments typés de type valeur sont mis en boîte de manière unique pour chaque appel à cette méthode. Par conséquent, le résultat peut être inattendu. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - Ne passez pas d’argument avec le type valeur '{0}' à 'ReferenceEquals'. En raison du boxing de valeur, cet appel à « ReferenceEquals » peut retourner un résultat inattendu. Envisagez d’utiliser 'Equals' à la place, ou passez des arguments de type référence si vous envisagez d’utiliser 'ReferenceEquals'. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - Ne pas utiliser ReferenceEquals avec des types valeur + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - L'espace de pile alloué par stackalloc est uniquement libéré à la fin de l'appel de la méthode actuelle. Si vous l'utilisez dans une boucle, cela risque d'entraîner une croissance de pile indépendante et des conditions de dépassement de la capacité de la pile. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Probable dépassement de la capacité de la pile. Sortez stackalloc de la boucle. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - N'utilisez pas stackalloc dans les boucles + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Une activité régulière à plus grande fréquence occupe le processeur et interfère avec les minuteurs d'inactivité qui déclenchent la mise en veille de l'écran et des disques durs pour économiser de l'énergie. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Ne pas utiliser de minuteurs qui empêchent les changements d'état de l'alimentation + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Ne pas utiliser de minuteurs qui empêchent les changements d'état de l'alimentation + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Ne pas utiliser de valeur non sécurisée pour DllImportSearchPath + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - Il existe peut-être une DLL malveillante dans les répertoires de recherche de DLL par défaut. De même, en fonction de l'emplacement d'exécution de votre application, il peut exister une DLL malveillante dans le répertoire de l'application. Utilisez une valeur pour DllImportSearchPath qui spécifie un chemin de recherche explicite à la place. Vous pouvez configurer les indicateurs DllImportSearchPath que cette règle recherche dans .editorconfig. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Utilisation d'une valeur de DllImportSearchPath non sécurisée {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - L’utilisation de ’WaitAll’ avec une seule tâche peut entraîner une perte de performance, attendre ou retourner la tâche à la place. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - Remplacer ’WaitAll’ par ’Wait’ unique + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - Ne pas utiliser ’WaitAll’ avec une seule tâche + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Ne pas utiliser d'algorithmes de chiffrement faibles + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Les algorithmes de chiffrement se dégradent au fil du temps, car les pirates accèdent à une puissance de calcul toujours plus importante. En fonction du type et de l'application de cet algorithme de chiffrement, plus sa force de chiffrement se dégrade, plus les pirates peuvent lire des messages chiffrés, falsifier des messages chiffrés, falsifier des signatures numériques, falsifier du contenu basé sur un code de hachage ou compromettre d'une façon ou d'une autre tout système de chiffrement reposant sur cet algorithme. Remplacez la clé de chiffrement de l'algorithme AES (les algorithmes AES-256, AES-192 et AES-128 sont acceptables) par une clé de longueur supérieure ou égale à 128 bits. Remplacez l'utilisation des codes de hachage par une fonction de hachage de la famille SHA-2, par exemple SHA-2 512, SHA-2 384 ou SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} utilise un algorithme de chiffrement faible {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Vérifier que l'algorithme de la fonction de dérivation de clés est suffisamment fort + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Certaines implémentations de la classe Rfc2898DeriveBytes permettent de spécifier un algorithme de hachage dans un paramètre de constructeur ou de le remplacer dans la propriété HashAlgorithm. Si un algorithme de hachage est spécifié, il doit correspondre à un chiffrement SHA-256 ou supérieur. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0} utilise peut-être un algorithme de hachage faible. Utilisez SHA256, SHA384 ou SHA512 pour créer une clé forte à partir d'un mot de passe. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Quand vous dérivez des clés de chiffrement à partir d'entrées fournies par l'utilisateur, par exemple un mot de passe, utilisez un nombre suffisant d'itérations (au moins 100 000). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - L’utilisation de ’WhenAll’ avec une seule tâche peut entraîner une perte de performance, attendre ou retourner la tâche à la place. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Remplacer l’appel ’WhenAll’ par l’argument + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - Ne pas utiliser ’WhenAll’ avec une seule tâche + Do not use 'WhenAll' with a single task Do Not Use XslTransform - Ne pas utiliser XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - N'utilisez pas XslTransform car il ne restreint pas les références externes potentiellement dangereuses. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - La fourniture d’une interface fonctionnelle « DynamicInterfaceCastableImplementationAttribute' » nécessite la fonctionnalité membres d’interface par défaut, qui n’est pas prise en charge dans Visual Basic. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - La fourniture d’une interface ’DynamicInterfaceCastableImplementation’ dans Visual Basic n’est pas prise en charge. + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - La fourniture d’une interface ’DynamicInterfaceCastableImplementation’ dans Visual Basic n’est pas prise en charge. + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - L’utilisation de fonctionnalités qui nécessitent le marshaling du runtime lorsque le marshaling du runtime est désactivé entraîne des exceptions d’exécution. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - Les types avec « [StructLayout(LayoutKind.Auto)] » nécessitent l’activation du marshaling d’exécution + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - Les paramètres by-ref nécessitent l’activation du marshaling d’exécution + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Les délégués dont les paramètres ou le type de retour sont des types gérés nécessitent l'activation du marshalling à l'exécution dans l'assembly où le délégué est défini + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - HResult-swapping nécessite l’activation du marshaling d’exécution + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - L’utilisation de « LCIDConversionAttribute » nécessite l’activation du marshaling d’exécution + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Les types de paramètres managés ou de retour nécessitent l’activation du marshaling au moment de l’exécution + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - La définition de SetLastError sur « true » nécessite l’activation du marshaling d’exécution + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Les signatures P/Invoke Varadic nécessitent l’activation du marshaling d’exécution + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - La propriété, le type ou l’attribut nécessite un marshaling au moment de l’exécution + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Le type de « {0} » contient le type d’aperçu « {1} » et requiert l’option préverser les fonctionnalités en préversion. Pour plus d’informations, consultez {2}. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Le type de « {3}{0} » contient le type d’aperçu « {1} » et requiert l’option préverser les fonctionnalités en préversion. Pour plus d’informations, consultez {2}. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Transférez le paramètre 'CancellationToken' aux méthodes appropriées pour avoir la garantie que les notifications d'annulation d'opération sont correctement propagées, ou passez explicitement 'CancellationToken.None' pour indiquer clairement de ne pas propager le jeton. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Transférer le paramètre '{0}' à la méthode '{1}' ou passer explicitement 'CancellationToken.None' pour indiquer clairement de ne pas propager le jeton + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Transférer le paramètre 'CancellationToken' aux méthodes appropriées + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Évitez tout codage en dur du SecurityProtocolType {0}, et utilisez plutôt SecurityProtocolType.SystemDefault pour permettre au système d'exploitation de choisir le meilleur protocole TLS à utiliser. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Éviter tout codage en dur de la valeur de SecurityProtocolType + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Les versions actuelles du protocole TLS (Transport Layer Security) peuvent être dépréciées si des vulnérabilités sont détectées. Évitez de coder en dur les valeurs de SslProtocols pour que votre application reste sécurisée. Utilisez 'None' pour laisser le système d'exploitation choisir une version. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Évitez de coder en dur les valeurs '{0}' de SslProtocols pour que votre application reste sécurisée de manière durable. Utilisez 'None' pour laisser le système d'exploitation choisir une version. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Évitez de coder en dur les valeurs de SslProtocols + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Les interfaces mathématiques génériques nécessitent que le type dérivé lui-même soit utilisé pour le paramètre de type auto-récurrent. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - Le '{0}' requiert que le paramètre de type '{1}' soit rempli avec le type dérivé '{2}'. + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Utiliser le paramètre de type correct + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Pour corriger toute violation de cette règle, rendez la méthode GetObjectData visible et substituable. De plus, vérifiez que tous les champs d'instance sont inclus dans le processus de sérialisation ou qu'ils sont marqués explicitement avec l'attribut NonSerializedAttribute. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Ajoutez une implémentation de GetObjectData au type {0} + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Définissez {0}.GetObjectData en tant que méthode virtuelle et substituable + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Augmentez l'accessibilité de {0}.GetObjectData afin qu'il soit visible par les types dérivés + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - Implémentez ISerializable comme il se doit + Implement ISerializable correctly Implement inherited interfaces - Implémenter les interfaces héritées + Implement inherited interfaces Implement Serialization constructor - Implémenter le constructeur de sérialisation + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Pour corriger toute violation de cette règle, implémentez le constructeur de sérialisation. Dans le cas d'une classe sealed, rendez le constructeur privé ; sinon, affectez-lui l'état protégé. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Ajoutez un constructeur à {0} avec la signature suivante : 'protected {0}(SerializationInfo info, StreamingContext context)'. + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Déclarez le constructeur de sérialisation du type sealed {0} comme privé. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Déclarez le constructeur de sérialisation du type unsealed {0} comme protégé. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Implémentez des constructeurs de sérialisation + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Une méthode qui gère un événement de sérialisation n'a pas la signature, le type de retour ou la visibilité appropriée. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Comme {0} est marqué avec OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, changez sa signature afin qu'il ne soit plus générique + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Comme {0} est marqué avec OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, changez sa signature afin qu'il n'accepte qu'un seul paramètre de type 'System.Runtime.Serialization.StreamingContext' + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Comme {0} est marqué avec OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, changez son type de retour de {1} en void (Sub en Visual Basic) + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Comme {0} est marqué avec OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, changez-le de static (Shared en Visual Basic) en une méthode d'instance + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Dans la mesure où {0} est marqué avec OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, changez son accessibilité en private + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Implémentez les méthodes de sérialisation comme il se doit + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' met en œuvre l’interface de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{3}'{0} met en œuvre l’interface de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' met en œuvre la méthode de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{3}' {0} met en œuvre la méthode de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Un type référence déclare un constructeur statique explicite. Pour corriger une violation de cette règle, initialisez toutes les données statiques quand elle est déclarée, et supprimez le constructeur statique. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Initialisez les champs static de type référence inline + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Initialisez tous les champs static dans '{0}' quand ces champs sont déclarés, et supprimez le constructeur statique explicite. + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Un type valeur déclare un constructeur statique explicite. Pour corriger une violation de cette règle, initialisez toutes les données statiques quand elle est déclarée, et supprimez le constructeur statique. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Initialiser les champs static de type valeur inline + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Changement permettant d'appeler le constructeur à deux arguments, passage d'une valeur null pour le message. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - Le constructeur par défaut (sans paramètre) d'un type d'exception qui correspond à ou dérive de ArgumentException est appelé. Ou bien, un argument de chaîne incorrect est passé à un constructeur paramétré d'un type d'exception qui correspond à ou dérive de ArgumentException. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Échanger l'ordre des arguments + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - La méthode {0} passe le nom de paramètre '{1}' en tant qu'argument {2} à un constructeur {3}. Remplacez cet argument par un message descriptif, et passez le nom de paramètre à l'emplacement approprié. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - La méthode {0} passe '{1}' en tant qu'argument {2} à un constructeur {3}. Remplacez cet argument par l'un des noms de paramètres de la méthode. Notez que le nom de paramètre fourni doit avoir exactement la même casse que le nom déclaré dans la méthode. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Appelez le constructeur {0} qui contient un message et/ou un paramètre paramName + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Instancier les exceptions d'argument correctement + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - Les types attribués avec’DynamicInterfaceCastableImplementationAttribute’fonctionnent comme une implémentation d’interface pour un type qui implémente le type’IDynamicInterfaceCastable'. En conséquence, il doit fournir une implémentation de tous les membres définis dans les interfaces héritées, parce que le type qui implémente’IDynamicInterfaceCastable’ne les fournira pas autrement. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - Le type' {0} 'a l’application ’DynamicInterfaceCastableImplementationAttribute’ mais ne fournit pas d’implémentation de tous les membres d’interface définis dans les interfaces héritées + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Tous les membres déclarés dans les interfaces parentes doivent avoir une implémentation dans une interface avec attributs DynamicInterfaceCastableImplementation + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables à l'aide d'un JavaScriptSerializer initialisé avec un SimpleTypeResolver. Vérifiez que JavaScriptSerializer est initialisé sans JavaScriptTypeResolver, ou qu'il est initialisé avec un JavaScriptTypeResolver qui limite les types des objets dans le graphe d'objets désérialisé. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Vérifier que JavaScriptSerializer n'est pas initialisé avec SimpleTypeResolver avant la désérialisation + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables à l'aide d'un JavaScriptSerializer initialisé avec un SimpleTypeResolver. Initialisez JavaScriptSerializer sans JavaScriptTypeResolver, ou initialisez un JavaScriptTypeResolver qui limite les types des objets dans le graphe d'objets désérialisé. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - Ne pas désérialiser à l'aide d'un JavaScriptSerializer avec un SimpleTypeResolver + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous désérialisez JsonSerializer, utilisez TypeNameHandling.None, ou pour les valeurs autres que None, restreignez les types désérialisés avec SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - N'effectuez pas de désérialisation avec JsonSerializer à l'aide d'une configuration non sécurisée + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous utilisez JsonSerializerSettings, utilisez TypeNameHandling.None, ou pour les valeurs autres que None, restreignez les types désérialisés avec SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - N'utilisez pas de JsonSerializerSettings non sécurisé + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous désérialisez JsonSerializer, utilisez TypeNameHandling.None, ou pour les valeurs autres que None, restreignez les types désérialisés avec SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Vérifiez que JsonSerializer a une configuration sécurisée au moment de la désérialisation + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Quand vous désérialisez une entrée non fiable, autoriser la désérialisation de types arbitraires n'est pas une action sécurisée. Quand vous utilisez JsonSerializerSettings, vérifiez que TypeNameHandling.None est spécifié. Pour les valeurs autres que None, vérifiez que SerializationBinder est spécifié afin de restreindre les types désérialisés. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Vérifiez la sécurisation de JsonSerializerSettings + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Si vous désérialisez JSON quand vous utilisez une autre valeur que None pour TypeNameHandling, cela peut présenter un risque de sécurité. Si vous devez plutôt détecter la désérialisation de Json.NET quand aucun SerializationBinder n'est spécifié, désactivez la règle CA2326, et activez les règles CA2327, CA2328, CA2329 et CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Si vous désérialisez JSON quand vous utilisez une autre valeur que None pour TypeNameHandling, cela peut présenter un risque de sécurité. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - N'utilisez pas d'autre valeur que None pour TypeNameHandling + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Ne pas utiliser le désérialiseur non sécurisé LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - Convertir en méthode statique + Convert to static method Converting an instance method to a static method may produce invalid code - La conversion d’une méthode d’instance en méthode statique risque de produire du code non valide + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Rendre "public" le constructeur qui ne prend pas de paramètres + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Un champ d'instance d'un type non sérialisable est déclaré dans un type sérialisable. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - Le champ {0} est membre du type {1}, qui est sérialisable, mais son type est {2}, lequel n'est pas sérialisable + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Marquez tous les champs non sérialisés + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - L'attribut NeutralResourcesLanguage apporte des informations au ResourceManager du langage utilisé pour afficher les ressources d'une culture neutre d'un assembly. Cela améliore les performances de recherche de la première ressource que vous chargez et permet de réduire votre plage de travail. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Marquer les assemblys avec NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Marquer les assemblys avec NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - Le type de données booléen a plusieurs représentations dans le code non managé. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Ajoutez MarshalAsAttribute au paramètre {0} de P/Invoke {1}. Si le paramètre non managé correspondant est un 'BOOL' Win32 de 4 octets, utilisez [MarshalAs(UnmanagedType.Bool)]. Pour un 'bool' C++ de 1 octet, utilisez MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Ajoutez MarshalAsAttribute au type de retour de P/Invoke {0}. Si le type de retour non managé correspondant est un 'BOOL' Win32 de 4 octets, utilisez MarshalAs(UnmanagedType.Bool). Pour un 'bool' C++ de 1 octet, utilisez MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Marquer les arguments PInvoke booléens avec MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Pour être reconnus par le Common Language Runtime comme sérialisables, les types doivent être marqués avec l'attribut SerializableAttribute même s'ils utilisent une routine de sérialisation personnalisée via l'implémentation de l'interface ISerializable. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Ajoutez [Serializable] à {0}, car ce type implémente ISerializable + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - Marquer les types ISerializable avec serializable + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Contrôlez si la vérification de la liste de révocation de certificats HttpClient est bien activée + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient peut être créé sans activation de CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Vérifier que les certificats ne sont pas ajoutés au magasin racine + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - L'ajout de certificats aux certificats racines approuvés du système d'exploitation n'est pas sécurisé. Vérifiez que le magasin cible n'est pas un magasin racine. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Utiliser CreateEncryptor avec la valeur par défaut IV + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - Le vecteur d'initialisation non défini par défaut, potentiellement répétable, est utilisé dans le chiffrement. Veillez à utiliser le vecteur par défaut. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Vérifier l'utilisation de cookies sécurisés en ASP.NET Core + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Vérifier que CookieOptions.Secure = true au moment de définir un cookie + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Vérifiez que le nombre d'itérations est suffisant durant l'utilisation de la fonction de dérivation de clés faibles + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Vérifiez que le nombre d'itérations est au moins égal à {0} quand vous dérivez une clé de chiffrement à partir d'un mot de passe. Par défaut, le IterationCount de Rfc2898DeriveByte est seulement égal à 1 000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Dans la mesure où un type qui implémente ’IDynamicInterfaceCastable’ ne peut pas implémenter une interface dynamique dans les métadonnées, les appels à un membre d’interface d’instance qui n’est pas une implémentation explicite définie sur ce type risquent d’échouer au moment de l’exécution. Marquez les nouveaux membres de l’interface comme étant statiques pour éviter les erreurs d’exécution. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - Le membre «{0}» sur le type «{1}» doit être marqué comme «static», car «{1}» a l’application «DynamicInterfaceImplementationAttribute». + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Les membres définis sur une interface avec ’DynamicInterfaceCastableImplementationAttribute’ doivent être ’static' + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' retourne le type de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{3}' {0} retourne le type de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' reçoit un paramètre de prévisualisation de type '{1}' et doit opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' reçoit un paramètre de prévisualisation de type '{1}' et doit opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Cette méthode utilise le marshaling d’exécution même lorsque le marshaling d’exécution est désactivé, ce qui peut entraîner des différences de comportement inattendues au moment de l’exécution en raison des attentes différentes de la disposition native d’un type. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - « {0} » utilise le marshaling d’exécution même quand « DisableRuntimeMarstribute » est appliqué. Utilisez des fonctionnalités telles que « sizeof » et des pointeurs directement pour garantir des résultats précis. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Cette méthode utilise le marshaling d’exécution même lorsque l’option « DisableRuntimeMarstribute » est appliquée + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Attribut HttpVerb manquant pour les méthodes d'action + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Toutes les méthodes permettant de créer, modifier ou supprimer des données, ou de les changer de quelque façon que ce soit, le font dans la surcharge [HttpPost] de la méthode, laquelle doit être protégée avec l'attribut antifalsification relatif à la falsification de requête. L'exécution d'une opération GET doit être une opération sécurisée qui n'a aucun effet secondaire et ne modifie pas vos données persistantes. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - La méthode d'action {0} doit spécifier explicitement le genre de requête HTTP + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Les initialiseurs de module sont destinés à être utilisés par le code d’application pour s’assurer que les composants d’une application sont initialisés avant le début de l’exécution du code d’application. Si le code de bibliothèque déclare une méthode avec « ModuleInitializerAttribute », il peut interférer avec l’initialisation de l’application et également entraîner des limitations dans les capacités de découpage de cette application. Au lieu d’utiliser des méthodes marquées avec « ModuleInitializerAttribute », la bibliothèque doit exposer des méthodes qui peuvent être utilisées pour initialiser tous les composants de la bibliothèque et permettre à l’application d’appeler la méthode pendant l’initialisation de l’application. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - L’attribut ’ModuleInitializer’ est uniquement destiné à être utilisé dans les scénarios de code d’application ou de générateur de code source avancé. + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - L’attribut ’ModuleInitializer’ ne doit pas être utilisé dans les bibliothèques + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables sans SerializationBinder pour restreindre le type des objets dans le graphe d'objets désérialisé. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Vérifiez que NetDataContractSerializer.Binder est défini avant d'effectuer la désérialisation + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables sans SerializationBinder pour restreindre le type des objets dans le graphe d'objets désérialisé. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - Ne pas effectuer de désérialisation sans avoir défini d'abord NetDataContractSerializer.Binder + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables. Si vous devez plutôt détecter la désérialisation NetDataContractSerializer sans avoir défini SerializationBinder, désactivez la règle CA2310, puis activez les règles CA2311 et CA2312. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Ne pas utiliser le désérialiseur non sécurisé NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Les chaînes doivent être normalisées en majuscules. En cas de conversion en minuscules, un petit groupe de caractères ne peut pas faire d'aller-retour. Faire un aller-retour signifie convertir les caractères d'un ensemble de paramètres régionaux vers un autre ensemble de paramètres régionaux représentant les données caractères de manière distincte, puis récupérer avec précision les caractères d'origine à partir des caractères convertis. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - Dans la méthode '{0}', remplacez l'appel à '{1}' par '{2}' + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Normaliser les chaînes en majuscules + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - La méthode '{0}' n'est pas sécurisée durant la désérialisation de données non fiables. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Ne pas utiliser le désérialiseur non sécurisé ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' contourne la méthode de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{3}'{0} contourne la méthode de prévisualisation '{1}' et doit donc opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Une méthode publique ou protégée dans un type public a l'attribut System.Runtime.InteropServices.DllImportAttribute (également implémenté par le mot clé Declare en Visual Basic). De telles méthodes ne doivent pas être exposées. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - La méthode P/Invoke '{0}' ne doit pas être visible + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - Les P/Invoke ne doivent pas être visibles + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - et toutes les autres plateformes + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - '{0}' toutes versions + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - L'utilisation d'une API dépendante de la plateforme sur un composant empêche le code de fonctionner sur l'ensemble des plateformes. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - '{0}' de la version {1} à {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Ce site d’appel est accessible sur toutes les plateformes. '{0}' est obsolète sur : {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Ce site d’appel est accessible sur : {2}. '{0}' est obsolète sur : {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Ce site d'appel est accessible sur toutes les plateformes. '{0}' est uniquement pris en charge sur {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Ce site d'appel est accessible sur {2}. '{0}' est uniquement pris en charge sur {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - Ce site d'appel est inaccessible sur {2}. '{0}' est uniquement pris en charge sur {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Ce site d'appel est accessible sur toutes les plateformes. '{0}' est pris en charge sur {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Ce site d'appel est accessible sur {2}. '{0}' est pris en charge sur {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Valider la compatibilité de la plateforme + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Ce site d'appel est accessible sur toutes les plateformes. '{0}' n'est pas pris en charge sur {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Ce site d'appel est accessible sur {2}. '{0}' n'est pas pris en charge sur {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - '{0}' {1} et les versions antérieures + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - '{0}' {1} et les versions ultérieures + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Passez en revue le code qui traite les données désérialisées non approuvées pour gérer les cycles de référence inattendus. Un cycle de référence inattendu ne doit pas entraîner l'entrée du code dans une boucle infinie. Sinon, le cycle de référence inattendu risque de permettre à une personne de lancer une attaque DoS ou de saturer la mémoire du processus pendant la désérialisation des données non approuvées. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} participe à un cycle de référence potentiel + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Cycle de référence potentiel dans un graphe d'objet désérialisé + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - Remplacer « Substring » par « AsSpan » + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - « AsSpan » est plus efficace, « SUBSTRING ». 'Substring’ effectue une copie de chaîne O (n), alors que ’AsSpan’ ne possède pas un coût constant. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Préférer ’AsSpan’ à ’Substring’ lorsque les surcharges de type span sont disponibles + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - Préférer ’AsSpan’ à ’Substring' + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - Utilisez 'Count' case activée au lieu de 'Any()' + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Préférez comparer « Count » à 0 au lieu d’utiliser « Any() », à la fois pour plus de clarté et pour des performances + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - Utiliser « ContainsKey » + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey’ est généralement O (1), tandis que ’Keys. Contains. Contains peut être O (n) dans certains cas. En outre, de nombreuses implémentations de dictionnaires initialisent tardivement la collection Keys pour réduire les allocations. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Préférez ’ContainsKey’ au-dessus de ’Keys. Contains’ pour le type de dictionnaire' {0} ' + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Préférer dictionary. Contains. Contains + Prefer Dictionary.Contains methods Use 'ContainsValue' - Utiliser ’ContainsValue' + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Plusieurs implémentations de dictionnaires initialisent tardivement la collection Values. Pour éviter les allocations inutiles, préférez ’ContainsValue’ à ’Values. Contains'. + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Préférer ’ContainsValue’ à ’Values. Contains’ pour le type de dictionnaire '{0}' + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Remplacer par la méthode "HashData" + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - Il est plus efficace d’utiliser la méthode 'HashData' statique sur la création et la gestion d’une instance HashAlgorithm pour appeler 'ComputeHash'. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Préférer les {0} statiques. Méthode HashData sur « ComputeHash » + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Préférer les statiques. Méthode HashData sur « ComputeHash » + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - Utiliser la vérification « IsEmpty » au lieu de « Any() » + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Préférer une vérification ' IsEmpty' plutôt que d’utiliser 'Any()', à la fois pour plus de clarté et pour des performances + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Préférez utiliser les propriétés 'IsEmpty', 'Count' ou 'Length' selon la disponibilité, plutôt que d’appeler 'Enumerable.Any()'. L’intention est plus claire et plus performante que l’utilisation de la méthode d’extension 'Enumerable.Any()'. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Éviter d’utiliser la méthode d’extension 'Enumerable.Any()' + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - Utiliser la vérification « Length » au lieu de « Any() » + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Préférez comparer 'Length' à 0 au lieu d’utiliser 'Any()', à la fois pour plus de clarté et pour des performances + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - 'Stream’ a une surcharge ’ReadAsync’ qui prend un ’Memory<Byte>' comme premier argument et une surcharge ’WriteAsync’ qui prend un ’ReadOnlyMemory<Byte>' comme premier argument. Préférez l'appel des surcharges basées sur la mémoire, car elles sont plus efficaces. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Pour déterminer si l'objet contient ou non des éléments, utilisez de préférence la propriété 'IsEmpty' au lieu de récupérer le nombre d'éléments à partir de la propriété 'Count' et de le comparer à 0 ou 1. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Préférer 'IsEmpty' à 'Count' pour déterminer si l'objet est vide - - - - Prefer IsEmpty over Count - Préférer IsEmpty à Count + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Changer l'appel de méthode '{0}' pour utiliser la surcharge '{1}' + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Préférer les surcharges basées sur 'Memory' pour 'ReadAsync' et 'WriteAsync' + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Remplacer par 'string.Contains' + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Les appels à 'string.IndexOf' où le résultat est utilisé pour vérifier la présence/l'absence d'une sous-chaîne peuvent être remplacés par 'string.Contains'. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Utiliser 'string.Contains' à la place de 'string.IndexOf' pour améliorer la lisibilité + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Utiliser de préférence 'string.Contains' à la place de 'string.IndexOf' + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append et StringBuilder.Insert fournissent des surcharges pour plusieurs types au-delà de System.String. Quand cela est possible, préférez les surcharges fortement typées à l'utilisation de ToString() et de la surcharge basée sur une chaîne. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Supprimez l'appel de ToString pour utiliser une surcharge StringBuilder fortement typée + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - Supprimer l'appel de ToString + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Préférez les surcharges de méthode Append et Insert fortement typées sur StringBuilder - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - 'StringBuilder.Append(char)' est plus efficace que 'StringBuilder.Append(string)' quand la chaîne correspond à un seul caractère. Quand vous appelez 'Append' avec une constante, utilisez de préférence une constante char à la place d'une constante string contenant un caractère. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Utilisez 'StringBuilder.Append(char)' à la place de 'StringBuilder.Append(string)' quand l'entrée est une chaîne d'unité de constante - - - - Consider using 'StringBuilder.Append(char)' when applicable - Utilisez 'StringBuilder.Append(char)' le cas échéant + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - À partir de .NET 7, la conversion explicite '{0}' ne sera pas rejetée en cas de dépassement dans un contexte non vérifié. Enveloppez l'expression avec une déclaration 'checked' pour rétablir le comportement de .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - À partir de .NET 7, la conversion explicite '{0}' sera rejetée en cas de dépassement dans un contexte vérifié. Enveloppez l’expression avec une déclaration 'unchecked' pour rétablir le comportement de .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Certains opérateurs intégrés ajoutés dans .NET 7 se comportent différemment lors d’un dépassement de capacité que les opérateurs définis par l’utilisateur correspondants dans .NET 6 et les versions antérieures. Certains opérateurs qui ont levé précédemment dans un contexte désactivé ne lèvent plus, sauf s’ils sont inclus dans un contexte activé. De même, certains opérateurs qui n’étaient pas lancés dans un contexte vérifié le sont désormais à moins d’être enveloppés dans un contexte non vérifié. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - À partir de .NET 7, l’opérateur '{0}' est rejeté en cas de dépassement de capacité dans un contexte vérifié. Enveloppez l’expression avec une instruction 'unchecked' pour restaurer le comportement .NET 6. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Empêcher le changement de comportement + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - La méthode 'Enum.HasFlag' s'attend à ce que l'argument 'enum' soit du même type 'enum' que l'instance sur laquelle la méthode est appelée, et que cet 'enum' soit marqué avec 'System.FlagsAttribute'. S'il s'agit de types 'enum' distincts, une exception non prise en charge est levée au moment de l'exécution. Si le type 'enum' n'est pas marqué avec 'System.FlagsAttribute', l'appel retourne toujours 'false' au moment de l'exécution. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - Le type d'argument, '{0}', doit être le même que le type enum '{1}' + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Fournir l'argument 'enum' approprié à 'Enum.HasFlag' + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - L'argument de mise en forme passé à System.String.Format ne contient aucun élément de mise en forme pour chaque argument d'objet correspondant, ou vice versa. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Indiquer le nombre correct d'arguments dans les méthodes de mise en forme + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Indiquer le nombre correct d'arguments dans les méthodes de mise en forme + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Un type a un champ marqué avec l'attribut System.Runtime.Serialization.OptionalFieldAttribute et ne fournit aucune méthode de gestion des événements de désérialisation. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Ajoutez une méthode 'private void OnDeserialized(StreamingContext)' au type {0} et affectez-lui l'attribut System.Runtime.Serialization.OnDeserializedAttribute + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Ajoutez une méthode 'private void OnDeserializing(StreamingContext)' au type {0} et affectez-lui l'attribut System.Runtime.Serialization.OnDeserializingAttribute + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Spécifiez des méthodes de désérialisation pour les champs facultatifs + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - La fourniture d’un constructeur sans paramètre qui est aussi visible que le type conteneur pour un type dérivé de ’System. Runtime. InteropServices. SafeHandle’ permet d’améliorer les performances et l’utilisation des solutions d’interopérabilité générées par le code source. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Fournir un constructeur sans paramètre qui est aussi visible que le type contenant le type '{0}' qui est dérivé de 'System.Runtime.InteropServices.SafeHandle'. + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Fournissez un constructeur sans paramètre qui est aussi visible que le type conteneur pour les types concrets dérivés de ’System. Runtime. InteropServices. SafeHandle' + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Pour améliorer les performances, remplacez les méthodes Async basées sur la mémoire lors de l’exécution du sous-classement de ’Stream'. Implémentez ensuite les méthodes basées sur un tableau en fonction des méthodes basées sur la mémoire. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - ' {0} 'se substitue à' {1} 'basé sur un tableau mais ne remplace pas' {2} 'basé sur la mémoire. Pensez à remplacer «{2}» basé sur la mémoire pour améliorer les performances. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Fournir des remplacements basés sur la mémoire des méthodes Async lors du sous-classer « Stream » + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Supprimer un appel redondant + Remove redundant call Remove unnecessary call - Supprimer les appels inutiles + Remove unnecessary call Replace string literal with char literal - Remplacer le littéral de chaîne par un littéral de caractère + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection de DLL a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection de DLL + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection de chemin de fichier a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection de chemin de fichier + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à la divulgation d'informations a été détectée. '{0}' dans la méthode '{1}' peut contenir des informations non souhaitées en provenance de '{2}' dans la méthode '{3}'. + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une divulgation d'informations + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection LDAP a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection LDAP + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une redirection ouverte a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une redirection ouverte + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection de commande de processus a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection de commande de processus + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection regex a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection regex + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection de code SQL a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection de code SQL + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection XAML a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection XAML + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection XML a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection XML - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une injection XPath a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. - - - - Review code for XPath injection vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées à une injection XPath + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Une vulnérabilité potentielle liée à une faille XSS (scripts intersites) a été détectée. '{0}' dans la méthode '{1}' peut être altéré par des données contrôlées par l'utilisateur en provenance de '{2}' dans la méthode '{3}'. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Effectuer une revue du code pour détecter les vulnérabilités liées aux failles XSS + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - Les requêtes SQL qui utilisent directement les entrées utilisateur peuvent être vulnérables aux attaques par injection de code SQL. Recherchez dans cette requête SQL d'éventuelles vulnérabilités, puis utilisez une requête SQL paramétrable. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Vérifiez si la chaîne de requête passée à '{0}' dans '{1}' accepte des entrées utilisateur + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - Vérifier si les requêtes SQL présentent des failles de sécurité + Review SQL queries for security vulnerabilities Seal class - Sceller la Classe + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Lorsqu’un type n’est pas accessible en dehors de son assembly et qu’il n’a aucun sous-type dans son assembly conteneur, il peut être scellé en toute sécurité. Les types de scellage peuvent améliorer les performances. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - Le type «{0}» peut être scellé, car il n’a aucun sous-type dans son assembly conteneur et n’est pas visible en externe + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Sceller les types internes + Seal internal types Set HttpOnly to true for HttpCookie - Affectez la valeur true à HttpOnly pour HttpCookie + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - En tant que mesure de défense renforcée, vérifiez que les cookies HTTP dont la sécurité est critique sont marqués avec HttpOnly. Cela indique aux navigateurs web qu'ils doivent interdire aux scripts d'accéder aux cookies. L'injection de scripts malveillants est un moyen courant de voler des cookies. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly a la valeur false ou n'est pas défini du tout durant l'utilisation d'un HttpCookie. Vérifiez que les cookies dont la sécurité est critique sont marqués avec HttpOnly pour empêcher les scripts malveillants de les voler + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Définir ViewStateUserKey pour les classes dérivées de Page + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - La définition de la propriété ViewStateUserKey peut vous aider à éviter des attaques sur votre application en vous permettant d'affecter un identificateur à la variable d'état d'affichage pour des utilisateurs individuels afin qu'ils ne puissent pas utiliser cette variable pour générer une attaque. Sinon, il existe des vulnérabilités liées à la falsification de requête intersites. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - La classe {0} dérivée de System.Web.UI.Page ne définit pas la propriété ViewStateUserKey dans la méthode OnInit ou la méthode Page_Init + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Spécifiez la culture pour éviter toute dépendance implicite accidentelle par rapport à la culture actuelle. L’utilisation d’une version invariante produit des résultats cohérents quelle que soit la culture d’une application. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Spécifiez une culture ou utilisez une version invariante pour éviter toute dépendance implicite par rapport à la culture actuelle + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Spécifier une culture ou utiliser une version invariante + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Une méthode ou un constructeur appelle un membre ayant une surcharge qui accepte un paramètre System.Globalization.CultureInfo. La méthode ou le constructeur n'appelle pas la surcharge qui accepte le paramètre CultureInfo. Quand un objet CultureInfo ou System.IFormatProvider n'est pas fourni, la valeur par défaut fournie par le membre surchargé n'a peut-être pas l'effet escompté pour l'ensemble des paramètres régionaux. Si le résultat doit être affiché à l'utilisateur, spécifiez 'CultureInfo.CurrentCulture' en tant que paramètre 'CultureInfo'. Dans le cas contraire, si le résultat doit être stocké et accessible via un logiciel, par exemple quand il est conservé sur disque ou dans une base de données, spécifiez 'CultureInfo.InvariantCulture'. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Le comportement de '{0}' peut varier en fonction des paramètres régionaux de l'utilisateur actuel. Remplacez cet appel dans '{1}' par un appel à '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - Spécifier CultureInfo + Specify CultureInfo Specify current culture - Spécifier la culture actuelle + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Une méthode ou un constructeur appelle un ou plusieurs membres ayant des surcharges qui acceptent un paramètre System.IFormatProvider. La méthode ou le constructeur n'appelle pas la surcharge qui accepte le paramètre IFormatProvider. Quand un objet System.Globalization.CultureInfo ou IFormatProvider n'est pas fourni, la valeur par défaut fournie par le membre surchargé n'a peut-être pas l'effet escompté pour l'ensemble des paramètres régionaux. Si le résultat est basé sur l'entrée/sortie liée à l'utilisateur, spécifiez 'CultureInfo.CurrentCulture' en tant que 'IFormatProvider'. Dans le cas contraire, si le résultat doit être stocké et accessible via un logiciel, par exemple quand il est chargé à partir d'un disque/d'une base de données et quand il est conservé sur disque ou dans une base de données, spécifiez 'CultureInfo.InvariantCulture'. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Le comportement de '{0}' peut varier en fonction des paramètres régionaux de l'utilisateur actuel. Remplacez cet appel dans '{1}' par un appel à '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Le comportement de '{0}' peut varier en fonction des paramètres régionaux de l'utilisateur actuel. Remplacez cet appel dans '{1}' par un appel à '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - Le comportement de «{0}» peut varier en fonction des paramètres régionaux de l’utilisateur actuel. Fournissez une valeur pour l’argument « IFormatProvider ». + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' passe '{1}' en tant que paramètre 'IFormatProvider' à '{2}'. Cette propriété retourne une culture qui n'est pas appropriée aux méthodes de mise en forme. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' passe '{1}' en tant que paramètre 'IFormatProvider' à '{2}'. Cette propriété retourne une culture qui n'est pas appropriée aux méthodes de mise en forme. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - Spécifier IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Un membre d'appel de code non managé autorise les appelants partiellement fiables, comporte un paramètre de chaîne et n'effectue pas de marshaling explicite de la chaîne. Cela peut entraîner une vulnérabilité de sécurité. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Spécifier le marshaling pour les arguments de chaîne P/Invoke + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Une opération de comparaison de chaîne utilise une surcharge de méthode qui ne définit pas de paramètre StringComparison. Il est recommandé d'utiliser la surcharge avec le paramètre StringComparison pour clarifier l'intention. Si le résultat est affiché à l'utilisateur, par exemple durant le tri d'une liste d'éléments à afficher dans une zone de liste, spécifiez 'StringComparison.CurrentCulture' ou 'StringComparison.CurrentCultureIgnoreCase' en tant que paramètre 'StringComparison'. Si vous comparez des identificateurs qui ne respectent pas la casse, par exemple des chemins de fichiers, des variables d'environnement, ou des clés et des valeurs de Registre, spécifiez 'StringComparison.OrdinalIgnoreCase'. Dans le cas contraire, si vous comparez des identificateurs qui respectent la casse, spécifiez 'StringComparison.Ordinal'. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - '{0}' a une surcharge de méthode qui accepte un paramètre 'StringComparison'. Remplacez cet appel dans '{1}' par un appel à '{2}' pour clarifier l'intention. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Spécifier StringComparison pour plus de clarté + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Une opération de comparaison de chaînes utilise une surcharge de méthode qui ne définit pas de paramètre StringComparison. Son comportement peut donc varier en fonction des paramètres régionaux de l'utilisateur actuel. Il est fortement recommandé d'utiliser la surcharge avec le paramètre StringComparison à des fins de précision et pour clarifier l'intention. Si le résultat est affiché à l'utilisateur, par exemple durant le tri d'une liste d'éléments à afficher dans une zone de liste, spécifiez 'StringComparison.CurrentCulture' ou 'StringComparison.CurrentCultureIgnoreCase' en tant que paramètre 'StringComparison'. Si vous comparez des identificateurs qui ne respectent pas la casse, par exemple des chemins de fichiers, des variables d'environnement, ou des clés et des valeurs de Registre, spécifiez 'StringComparison.OrdinalIgnoreCase'. Dans le cas contraire, si vous comparez des identificateurs qui respectent la casse, spécifiez 'StringComparison.Ordinal'. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Le comportement de '{0}' peut varier en fonction des paramètres régionaux de l'utilisateur actuel. Remplacez cet appel dans '{1}' par un appel à '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Spécifier StringComparison à des fins de précision + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - L'utilisation des modificateurs "statique" et "abstrait" nécessite d'opter pour les fonctionnalités de prévisualisation. Voir https://aka.ms/dotnet-warnings/preview-features pour plus d'informations. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - La comparaison de chaînes à l'aide de la propriété String.Length ou de la méthode String.IsNullOrEmpty est nettement plus rapide que l'utilisation de Equals. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Vérifiez la présence de chaînes vides à l'aide de la propriété 'string.Length' ou de la méthode 'string.IsNullOrEmpty' au lieu d'utiliser un opérateur d'égalité + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Vérifier la présence de chaînes vides par la longueur de chaîne + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Cette expression teste une valeur par rapport à Single.Nan ou Double.Nan. Utilisez Single.IsNan(Single) ou Double.IsNan(Double) pour tester la valeur. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Effectuer correctement les tests NaN + Test for NaN correctly Test for NaN correctly - Effectuer correctement les tests NaN + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - Les champs « ThreadStatic » doivent être initialisés tardivement lors de l’utilisation, pas avec l’initialisation inline ni explicitement dans un constructeur statique, ce qui initialiserait uniquement le champ sur le thread qui exécute le constructeur statique du type. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - Les champs « ThreadStatic » ne doivent pas utiliser l’initialisation inline + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Initialisation incorrecte du champ « ThreadStatic » + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - « ThreadStatic » affecte uniquement les champs statiques. Lorsqu’il est appliqué aux champs d’instance, il n’a aucun impact sur le comportement. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Vérifier que « ThreadStatic » est utilisé uniquement avec des champs statiques + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - « ThreadStatic » affecte uniquement les champs statiques + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - Utilisation de l’assistant de levée ArgumentException + Use ArgumentException throw helper Use ArgumentNullException throw helper - Utilisation de l’assistant de levée ArgumentNullException + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - Utiliser l’assistance de levée ArgumentOutOfRangeException + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Utiliser Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - L'indexeur basé sur Range pour les valeurs de tableau produit une copie de la partie demandée du tableau. Cette copie est souvent indésirable quand elle est implicitement utilisée en tant que valeur Span ou Memory. Utilisez la méthode AsSpan pour éviter la copie. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Utilisez '{0}' à la place de l'indexeur basé sur '{1}' pour '{2}' afin d'éviter la création de copies de données inutiles + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Utiliser '{0}' à la place des indexeurs basés sur une plage dans une chaîne + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Utiliser '{0}' à la place des indexeurs basés sur une plage dans un tableau + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Utiliser AsSpan ou AsMemory à la place des indexeurs basés sur Range quand cela est approprié + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - L'indexeur basé sur Range pour les valeurs de chaîne produit une copie de la partie demandée de la chaîne. Cette copie est généralement inutile quand elle est implicitement utilisée en tant que valeur ReadOnlySpan ou ReadOnlyMemory. Utilisez la méthode AsSpan pour éviter toute copie inutile. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - L'indexeur basé sur Range pour les valeurs de tableau produit une copie de la partie demandée du tableau. Cette copie est généralement inutile quand elle est implicitement utilisée en tant que valeur ReadOnlySpan ou ReadOnlyMemory. Utilisez la méthode AsSpan pour éviter toute copie inutile. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Lorsque vous êtes dans une méthode Task-returning, utilisez la version asynchrone des méthodes, si elle existe. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - {0} bloque de façon synchrone. Attendez {1} à la place. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - '{0}' bloque de façon synchrone. Utilisez await à la place + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Appeler des méthodes async dans une méthode async + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Utilisez des jetons antifalsification dans les contrôleurs ASP.NET Core MVC + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Le traitement d'une requête POST, PUT, PATCH ou DELETE sans validation d'un jeton antifalsification peut être vulnérable aux attaques par falsification de requête intersites. Une attaque par falsification de requête intersites peut envoyer des requêtes malveillantes de la part d'un utilisateur authentifié à votre contrôleur ASP.NET Core MVC. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - La méthode {0} traite une requête {1} sans validation de jeton antifalsification. Vous devez également vérifier que votre formulaire HTML envoie un jeton antifalsification. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Remplacer par « CancellationToken. ThrowIfCancellationRequested » + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - 'ThrowIfCancellationRequested’ vérifie automatiquement si le jeton a été annulé, et lève un ’OperationCanceledException’ le cas. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Utilisez ’ThrowIfCancellationRequested’ au lieu de vérifier ’IsCancellationRequested’ et de lever ’OperationCanceledException' + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - Appeler ThrowIfCancellationRequested() + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - L’utilisation de types concrets évite la surcharge des appels virtuels ou d’interface et active l’inlining. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Modifier le type de champ « {0} » de « {1} » en « {2} » pour améliorer les performances + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Modifier le type de variable « {0} » de « {1} » en « {2} » pour améliorer les performances + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Modifier le type de retour de méthode « {0} » de « {1} » en « {2} » pour améliorer les performances + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Modifier le type de paramètre « {0} » de « {1} » en « {2} » pour améliorer les performances + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Modifiez le type de propriété '{0}' de '{1}' à '{2}' pour améliorer les performances + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Utiliser des types concrets si possible pour améliorer les performances + Use concrete types when possible for improved performance Use Container Level Access Policy - Utiliser une stratégie d'accès au niveau du conteneur + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Aucun identificateur de stratégie d'accès n'est spécifié, ce qui rend les jetons non révocables. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Si possible, utilisez le contrôle d'accès en fonction du rôle d'Azure à la place d'une signature d'accès partagé. Si vous devez quand même utiliser une signature d'accès partagé, utilisez une stratégie d'accès au niveau du conteneur quand vous la créez. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - Utilisez l'attribut DefaultDllImportSearchPaths pour les P/Invoke + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - Par défaut, les P/Invoke qui utilisent DllImportAttribute sondent un certain nombre de répertoires, notamment le répertoire de travail actuel de la bibliothèque à charger. Cela peut poser un problème de sécurité pour certaines applications, et se traduire par un détournement de DLL. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - La méthode {0} n'a pas utilisé l'attribut DefaultDllImportSearchPaths pour les P/Invoke. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Utiliser un code équivalent qui fonctionne lorsque le marshaling est désactivé + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - « Environment. CurrentManagedThreadId » est plus simple et plus rapide que « thread. CurrentThread. ManagedThreadId ». + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - Utiliser 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Utilisez ’Environment. CurrentManagedThreadId ’à la place de ’thread. CurrentThread. ManagedThreadId' + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - Utiliser 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - 'Environment.ProcessId' est plus simple et plus rapide que 'Process.GetCurrentProcess().Id'. + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - Utiliser 'Environment.ProcessId' + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Utiliser 'Environment.ProcessId' à la place de 'Process.GetCurrentProcess().Id' + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - Utiliser 'Environment.ProcessId' + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - 'Environment.ProcessId' est plus simple et plus rapide que 'Process.GetCurrentProcess().Id'. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Utiliser 'Environment.ProcessId' + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Utilisez ’Environment. ProcessPath’ à la place de ’Process. GetCurrentProcess (). MainModule. FileName' + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Utiliser 'Environment.ProcessId' + Use 'Environment.ProcessPath' Use indexer - Utiliser l'indexeur + Use indexer Use an invariant version - Utiliser une version invariante + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Une méthode d'appel de système d'exploitation est définie et une méthode ayant la fonctionnalité équivalente se trouve dans la bibliothèque de classes .NET Framework. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Utiliser les équivalents managés de l'API Win32 + Use managed equivalents of win32 api Use managed equivalents of win32 api - Utiliser les équivalents managés de l'API Win32 + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - Utiliser l’assistance de levée ObjectDisposedException + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Une opération de comparaison de chaînes non linguistique n'affecte pas au paramètre StringComparison la valeur Ordinal ou OrdinalIgnoreCase. En affectant explicitement au paramètre la valeur StringComparison.Ordinal ou StringComparison.OrdinalIgnoreCase, votre code gagne souvent en rapidité, tout en devenant plus correct et plus fiable. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Utiliser la comparaison de chaînes ordinales + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() énumère potentiellement la séquence alors qu'une propriété Length/Count représente un accès direct. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Utilisez la propriété "{0}" à la place de Enumerable.Count() + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Utiliser la propriété Length/Count à la place de Count() si elle est disponible + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Utiliser l'algorithme RSA (Rivest-Shamir-Adleman) avec une taille de clé suffisante + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Les algorithmes de chiffrement sont vulnérables aux attaques par force brute quand une clé trop petite est utilisée. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - La taille de clé de l'algorithme de chiffrement asymétrique {0} est inférieure à 2 048 bits. Passez plutôt à un algorithme RSA avec une taille de clé d'au moins 2 048 bits, à un algorithme ECDH ou à un algorithme ECDSA. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Les applications disponibles via HTTPS doivent utiliser des cookies sécurisés. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - Utiliser SharedAccessProtocol HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - Le protocole HTTPS chiffre le trafic réseau. Utilisez HttpsOnly, à la place de HttpOrHttps, pour garantir le chiffrement permanent du trafic réseau et éviter la divulgation de données sensibles. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Si possible, utilisez le contrôle d'accès en fonction du rôle d'Azure à la place d'une signature d'accès partagé. Si vous devez quand même utiliser une signature d'accès partagé, spécifiez SharedAccessProtocol.HttpsOnly. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Utilisez 'Effacer()' + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - Il est plus efficace d’utiliser 'Effacer', au lieu de 'Remplissage' avec la valeur par défaut. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - Préférez 'Span<T>.Clear()' au lieu de 'Span<T>.Fill(default)' + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - Préférer 'Effacer' à 'Remplissage' + Prefer 'Clear' over 'Fill' Use 'StartsWith' - Utiliser « StartsWith » + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - Il est à la fois plus clair et plus rapide d’utiliser « StartsWith » au lieu de comparer le résultat de « IndexOf » à zéro. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Utiliser « StartsWith » au lieu de comparer le résultat de « IndexOf » à 0 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - Utiliser « StartsWith » à la place de « IndexOf » + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - Utilisez ’String. Equals + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - Il est à la fois plus clair et probablement plus rapide d’utiliser «String. Equals ’au lieu de comparer le résultat de ’String. compare ’à zéro. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Utilisez ’String. Equals’ au lieu de comparer le résultat de ’String. compare’ à 0 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - Utilisez ’String. Equals - - - - Use 'AsSpan' with 'string.Concat' - Utilisez ’AsSpan’ avec ’String. Concat - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - Il est plus efficace d’utiliser ’AsSpan’ et ’String. Concat', à la place de ’Substring’ et d’un opérateur de concaténation. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Utilisez une chaîne de type span. Concat’ et ’AsSpan’ à la place de ’Substring' - - - - Use span-based 'string.Concat' - Utilisez une chaîne de type span. Concat - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - String. Contains (Char)» est disponible en tant que surcharge d’amélioration pour une recherche de caractère unique. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Utilisez ’String. Contient (Char)' à la place de ’String. Contains (String)' lors de la recherche d’un caractère unique - - - - Use char literal for a single character lookup - Utiliser le littéral char pour une recherche à caractère unique + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Les assistants de levée sont plus simples et plus efficaces qu’un bloc if construisant une nouvelle instance d’exception. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - Utiliser « {0}.{1} » + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Utilisez « {0}.{1} » au lieu de lever explicitement une nouvelle instance d’exception + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - Platform Analyzer requiert un nom de plateforme et une version valides. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - La version «{0}» n’est pas valide pour la plateforme «{1}». Utilisez une version avec 2 parties{2} pour cette plateforme. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - La version « {0} » n’est pas valide pour la plateforme « {1} ». N’utilisez pas de versions pour cette plateforme. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Utiliser une chaîne de plateforme valide + Use valid platform string The platform '{0}' is not a known platform name - La plateforme « {0} » n’est pas un nom de plateforme connu. + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - Les ValueTasks retournés par les appels de membres sont censés être directement attendus. Les tentatives de consommation d'un ValueTask à plusieurs reprises ou d'accès direct à son résultat avant la fin de l'opération peuvent entraîner une exception ou une altération des données. Quand un ValueTask est ainsi ignoré, cela indique probablement un bogue fonctionnel et un risque de dégradation du niveau de performance. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - Les résultats des instances de ValueTask ne doivent pas être directement accessibles avant la fin de l'exécution de l'instance. Contrairement à Tasks, l'appel de Result ou de GetAwaiter().GetResult() sur un ValueTask n'est pas forcément bloqué avant la fin de l'exécution de l'opération. Si vous ne pouvez tout simplement pas attendre la fin de l'exécution de l'instance, vérifiez d'abord sa propriété IsCompleted (ou déclarez qu'elle retourne une valeur true, si vous en avez la certitude). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - Les instances de ValueTask doivent être consommées une seule fois, par exemple via un await. Si la même instance de ValueTask est consommée à plusieurs reprises, cela peut entraîner des exceptions et une altération des données. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Les instances de ValueTask retournées par des appels de méthode doivent être directement attendues, retournées ou passées en tant qu'argument à un autre appel de méthode. Les autres utilisations, par exemple le stockage d'une instance dans une variable locale ou un champ, indiquent probablement un bogue, car les instances de ValueTask doivent être consommées impérativement une seule fois. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Les instances de ValueTask retournées par les appels de méthode doivent toujours être utilisées, et généralement attendues. Sinon, vous courez le risque d'avoir un bogue fonctionnel. Et même si ce n'était pas le cas, vous risquez d'être confronté à une dégradation du niveau de performance si la méthode cible regroupe les objets à utiliser avec ValueTasks. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - Utilisez correctement ValueTasks + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Le traitement XML à partir de données non fiables peut entraîner le chargement de références externes dangereuses. Vous devez limiter ce risque en utilisant un XmlReader avec un programme de résolution sécurisé ou avec une désactivation du traitement DTD. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - Utiliser XmlReader pour 'DataSet.ReadXml()' + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - Utiliser XmlReader pour 'XmlSerializer.Deserialize()' + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - Utiliser XmlReader pour 'XmlSchema.Read()' + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - Utiliser XmlReader pour le constructeur XmlValidatingReader + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - Utiliser XmlReader pour le constructeur XPathDocument + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - Cette surcharge de la méthode '{0}.{1}' est potentiellement non sécurisée. Elle peut activer le traitement DTD (définition de type de document), qui est vulnérable aux attaques par déni de service, ou utiliser une opération XmlResolver, qui est vulnérable à la divulgation d'informations. Employez une surcharge qui accepte plutôt une instance de XmlReader, avec désactivation du traitement DTD et de XmlResolver. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' utilise le type de prévisualisation '{1}' et doit opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{3}'{0} utilise le type de prévisualisation '{1}' et doit opter pour les fonctionnalités de prévisualisation. Voir {2}pour plus d'informations. - - - - Use 'TryGetValue(TKey, out TValue)' - Utiliser « TryGetValue(TKey, out TValue) » - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Préférer la méthode 'IDictionary.TryGetValue(TKey, out TValue)' - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Préférer un appel 'TryGetValue' à un accès à l’indexeur dictionary protégé par une vérification 'ContainsKey' pour éviter la double recherche. - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Préférez un appel 'TryGetValue' à un accès à l’indexeur dictionary protégé par une vérification 'ContainsKey'. 'ContainsKey' et l’indexeur recherchent tous les deux la clé sous le capot. Par conséquent, l’utilisation de 'TryGetValue' supprime la recherche supplémentaire. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf index f8db0d0ed3..60721193ba 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - Aggiungere l'attributo 'NonSerialized' a questo campo. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Aggiungere l'attributo Serializable + Add Serializable attribute Review cipher mode usage with cryptography experts - Verificare l'utilizzo della modalità crittografia con esperti di crittografia + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Queste modalità di crittografia potrebbero essere vulnerabili ad attacchi. Provare a usare le modalità consigliate (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Verificare l'utilizzo della modalità crittografia '{0}' con esperti di crittografia. Provare a usare le modalità consigliate (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - Il parametro del valore letterale stringa di un attributo non viene analizzato correttamente per un URL, un GUID o una versione. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - Nel costruttore di '{0}' modificare il valore dell'argomento '{1}', che è attualmente "{2}", in un valore correttamente analizzabile come '{3}' + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - Nel costruttore di '{0}' modificare il valore dell'argomento '{1}', che è attualmente una stringa vuota (""), in un valore correttamente analizzabile come '{2}' + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - I valori letterali stringa dell'attributo devono essere analizzati correttamente + Attribute string literals should parse correctly Extract to static readonly field - Estrarre nel campo statico di sola lettura + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - Le matrici costanti passate come argomenti non vengono riutilizzate quando vengono chiamate ripetutamente, il che implica la creazione di una nuova matrice ogni volta. Prova a estrarli in campi 'static readonly' per migliorare le prestazioni, se la matrice passata non viene modificata all'interno del metodo chiamato. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - Preferisci i campi 'static readonly' rispetto agli argomenti di matrice costanti se il metodo chiamato viene chiamato ripetutamente e non modifica la matrice passata + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - Evitare matrici costanti come argomenti + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - Il marshalling di 'StringBuilder' crea sempre una copia del buffer nativo, di conseguenza vengono generate più allocazioni per una singola operazione di marshalling. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Evitare i parametri 'StringBuilder' per i metodi P/Invoke. In alternativa, provare a usare un buffer di caratteri. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - Evitare i parametri 'StringBuilder' per i metodi P/Invoke + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - La libreria di classi .NET Framework fornisce i metodi per recuperare gli attributi personalizzati. Per impostazione predefinita, questi metodi eseguono ricerche nella gerarchia di ereditarietà degli attributi. L'uso di attributi sealed consente di evitare ricerche nella gerarchia di ereditarietà e può migliorare le prestazioni. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Evitare attributi unsealed + Avoid unsealed attributes Avoid unsealed attributes - Evitare attributi unsealed + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Evitare allocazioni di matrice di lunghezza zero non necessarie. In alternativa, usare {0}. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Evitare allocazioni di matrice di lunghezza zero + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili senza un elemento SerializationBinder per limitare il tipo di oggetti nel grafico di oggetti deserializzato. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Assicurarsi che BinaryFormatter.Binder sia impostato prima di chiamare BinaryFormatter.Deserialize + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili senza un elemento SerializationBinder per limitare il tipo di oggetti nel grafico di oggetti deserializzato. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - Non chiamare BinaryFormatter.Deserialize senza aver prima impostato BinaryFormatter.Binder + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili. Se invece è necessario rilevare la deserializzazione di BinaryFormatter senza un elemento SerializationBinder impostato, disabilitare la regola CA2300 e abilitare le regole CA2301 e CA2302. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Non usare il deserializzatore non sicuro BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - Con 'Buffer.BlockCopy' è previsto il numero di byte da copiare per l'argomento 'count'. Se si usa 'Array.Length', il numero di byte da copiare potrebbe non corrispondere. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - Con 'Buffer.BlockCopy' è previsto il numero di byte da copiare per l'argomento 'count'. Se si usa 'Array.Length', il numero di byte da copiare potrebbe non corrispondere. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - Con 'Buffer.BlockCopy' è previsto il numero di byte da copiare per l'argomento 'count'. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Un metodo che è un'implementazione di Dispose non chiama GC.SuppressFinalize, un metodo che non è un'implementazione di Dispose chiama GC.SuppressFinalize oppure un metodo chiama GC.SuppressFinalize e passa un elemento diverso da this (Me in Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Cambiare {0} in modo da chiamare {1}. In questo modo si eviterà che i tipi derivati che introducono un finalizzatore debbano eseguire una nuova implementazione di 'IDisposable' per chiamarlo. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Cambiare {0} in modo da chiamare {1}. In questo modo si impedirà la finalizzazione non necessaria dell'oggetto dopo che è stato eliminato e risulta esterno all'ambito. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} chiama {1} su un elemento diverso da se stesso. Modificare il sito di chiamata in modo da passare 'this' ('Me' in Visual Basic). + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} chiama {1}, un metodo chiamato in genere all'interno di un'implementazione di 'IDisposable.Dispose'. Per altre informazioni, fare riferimento al criterio IDisposable. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - I metodi Dispose devono chiamare SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - Attributo ConstantExpected non applicato correttamente al parametro. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Utilizzo non corretto dell'attributo ConstantExpected + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - L'attributo ConstantExpected è obbligatorio per il parametro a causa dell'annotazione del metodo padre + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - Il valore '{0}' non è compatibile con il tipo di parametro di '{1}' + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - Il valore '{0}' non rientra nei limiti del valore del parametro di '{1}' per '{2}' + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - La costante non è dello stesso tipo '{0}' del parametro + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - I valori minimo e massimo sono invertiti + The Min and Max values are inverted The argument should be a constant for optimal performance - L'argomento deve essere una costante per prestazioni ottimali + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - Il tipo di '{0}' non è supportato per l'attributo ConstantExpected + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - La costante non rientra nei limiti dei valori di '{0}' a '{1}' + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - Il parametro prevede una costante per prestazioni ottimali. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - È prevista una costante per il parametro + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quando si deserializza input non attendibile, la deserializzazione di un oggetto {0} non è sicura. '{1}' è {0} o deriva da esso + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - Nel grafico di oggetti deserializzabile è stato trovato il tipo DataSet o DataTable non sicuro + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - Quando si deserializza input non attendibile con un serializzatore basato su IFormatter, la deserializzazione di un oggetto {0} non è sicura. '{1}' è {0} o deriva da esso. Assicurarsi che il tipo generato automaticamente non venga mai deserializzato con dati non attendibili. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - L'oggetto DataSet o DataTable non sicuro nel tipo serializzabile generato automaticamente può essere vulnerabile ad attacchi di tipo esecuzione di codice remoto + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quando si deserializza input non attendibile, la deserializzazione di un oggetto {0} non è sicura. '{1}' è {0} o deriva da esso + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - L'oggetto DataSet o DataTable non sicuro nel grafico di oggetti deserializzato può essere vulnerabile ad attacchi di tipo esecuzione di codice remoto + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - Quando si deserializza input non attendibile con un serializzatore basato su IFormatter, la deserializzazione di un oggetto {0} non è sicura. '{1}' è {0} o deriva da esso. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - L'oggetto DataSet o DataTable non sicuro nel tipo serializzabile può essere vulnerabile ad attacchi di tipo esecuzione di codice remoto + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quando si deserializza input non attendibile, la deserializzazione di un oggetto {0} non è sicura. '{1}' è {0} o deriva da esso + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - Oggetto DataSet o DataTable non sicuro nel tipo serializzabile + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Quando si deserializza input non attendibile, la deserializzazione di un oggetto {0} non è sicura. '{1}' è {0} o deriva da esso + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Tipo DataSet o DataTable non sicuro nel grafico di oggetti deserializzabile Web + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili. Assicurarsi che la classe generata automaticamente che contiene la chiamata '{0}' non venga deserializzata con dati non attendibili. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Assicurarsi che la classe generata automaticamente che contiene il metodo DataSet.ReadXml() non venga usata con dati non attendibili + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - Non usare DataSet.ReadXml() con dati non attendibili + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - Non usare DataTable.ReadXml() con dati non attendibili + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients deve abilitare i controlli dell'elenco di revoche di certificati + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient viene creato senza abilitare CheckCertificateRevocationList + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Non aggiungere certificati all'archivio radice + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - L'aggiunta di certificati a certificati radice attendibili del sistema operativo aumenta il rischio di autenticazione non corretta di un certificato illegittimo + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - Non usare CreateEncryptor con il vettore di inizializzazione non predefinito + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - La crittografia simmetrica usa un vettore di inizializzazione non predefinito, che potrebbe essere potenzialmente ripetibile + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Usa cookie protetti in ASP.NET Core + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Impostare CookieOptions.Secure = true durante l'impostazione di un cookie + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - Non usare la funzione di derivazione di chiave vulnerabile con un numero di iterazioni insufficiente + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Usare almeno {0} iterazioni durante la derivazione di una chiave crittografica da una password. Per impostazione predefinita, il valore di IterationCount per Rfc2898DeriveByte è solo 1000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Le versioni precedenti del protocollo Transport Layer Security (TLS) sono meno sicure rispetto a TLS 1.2 e TLS 1.3 e presentano maggiori probabilità di includere nuove vulnerabilità. Evitare le versioni precedenti del protocollo per ridurre al minimo i rischi. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - La versione '{0}' del protocollo Transport Layer Security è deprecata. Usare 'None' per consentire al sistema operativo di scegliere una versione. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - Non usare valori SslProtocols deprecati + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' deriva dalla classe di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' deriva dalla classe di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Un assembly deve acconsentire esplicitamente alle funzionalità di anteprima prima di usarle. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - L'uso di '{0}' richiede il consenso esplicito per le funzionalità di anteprima. Per altre informazioni, vedere {1}. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} L'uso di '{0}' richiede il consenso esplicito per le funzionalità di anteprima. Per altre informazioni, vedere {1}. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Per questa API è necessario acconsentire esplicitamente alle funzionalità di anteprima + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Un tipo che implementa System.IDisposable dichiara i campi di tipi che implementano anch'essi IDisposable. Il metodo Dispose del campo non viene chiamato dal metodo Dispose del tipo dichiarante. Per correggere una violazione di questa regola, chiamare Dispose su campi di tipi che implementano IDisposable se si è responsabile dell'allocazione e del rilascio delle risorse non gestite utilizzate dal campo. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - '{0}' contiene il campo '{1}' che è di tipo IDisposable '{2}', ma non viene mai eliminato. Modificare il metodo Dispose su '{0}' in modo che chiami Close o Dispose su questo campo. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - I campi eliminabili devono essere eliminati + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Un tipo che implementa System.IDisposable e include campi che suggeriscono l'uso di risorse non gestite non implementa un finalizzatore, come descritto da Object.Finalize. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - I tipi eliminabili devono dichiarare il finalizzatore + Disposable types should declare finalizer Disposable types should declare finalizer - I tipi eliminabili devono dichiarare il finalizzatore + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Un tipo che implementa System.IDisposable eredita da un tipo che implementa anch'esso IDisposable. Il metodo Dispose del tipo che eredita non chiama il metodo Dispose del tipo padre. Per correggere una violazione di questa regola, chiamare base.Dispose nel metodo Dispose. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Assicurarsi che il metodo '{0}' chiami '{1}' in tutti i percorsi del flusso di controllo possibili + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - I metodi Dispose devono chiamare Dispose della classe di base + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Se un oggetto eliminabile non viene eliminato in modo esplicito prima che tutti i riferimenti a esso siano esterni all'ambito, verrà eliminato in un momento indeterminato quando il relativo finalizzatore verrà eseguito dal Garbage Collector. Poiché un evento eccezionale potrebbe impedire l'esecuzione del finalizzatore dell'oggetto, è preferibile che l'oggetto venga eliminato in modo esplicito. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Usare il criterio dispose consigliato per garantire che l'oggetto creato da '{0}' venga eliminato in tutti i percorsi. Se possibile, eseguire il wrapping della creazione in un'istruzione 'using' o una dichiarazione 'using'. In caso contrario, usare un criterio try-finally, con una variabile locale dedicata dichiarata prima dell'area try e una chiamata Dispose non condizionale al valore non Null nell'area 'finally', ad esempio 'x?.Dispose()'. Se l'oggetto viene eliminato in modo esplicito nell'area try oppure la proprietà di dispose viene trasferita a un altro oggetto o metodo, assegnare 'null' alla variabile locale subito dopo una tale operazione per evitare di raddoppiare dispose in 'finally'. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Usare il criterio dispose consigliato per garantire che l'oggetto creato da '{0}' venga eliminato in tutti i percorsi delle eccezioni. Se possibile, eseguire il wrapping della creazione in un'istruzione 'using' o una dichiarazione 'using'. In caso contrario, usare un criterio try-finally, con una variabile locale dedicata dichiarata prima dell'area try e una chiamata Dispose non condizionale al valore non Null nell'area 'finally', ad esempio 'x?.Dispose()'. Se l'oggetto viene eliminato in modo esplicito nell'area try oppure la proprietà di dispose viene trasferita a un altro oggetto o metodo, assegnare 'null' alla variabile locale subito dopo una tale operazione per evitare di raddoppiare dispose in 'finally'. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Chiamare System.IDisposable.Dispose sull'oggetto creato da '{0}' prima che tutti i relativi riferimenti siano esterni all'ambito + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - L'oggetto creato da '{0}' non è stato eliminato in tutti i percorsi delle eccezioni. Chiamare System.IDisposable.Dispose sull'oggetto prima che tutti i relativi riferimenti siano esterni. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Elimina gli oggetti prima che siano esterni all'ambito + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Non aggiungere il percorso dell'elemento di archivio al percorso del file system di destinazione + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Quando si estraggono file da un archivio e si usa il percorso dell'elemento di archiviazione, verificare che il percorso sia sicuro. Il percorso di archivio può essere relativo e può comportare l'accesso al file system al di fuori del percorso di destinazione previsto del file system, determinando modifiche di configurazione dannose e l'esecuzione di codice remoto tramite la tecnica lay-and-wait. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Quando si crea il percorso per '{0} nel metodo {1}' dal percorso relativo dell'elemento di archivio per estrarre il file e l'origine è un archivio ZIP non attendibile, assicurarsi di purificare il percorso relativo dell'elemento di archivio '{2} nel metodo {3}' + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - Non aggiungere lo schema in base all'URL + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - Questo overload del metodo XmlSchemaCollection.Add abilita internamente l'elaborazione della DTD sull'istanza usata del lettore XML e usa UrlResolver per risolvere le entità XML esterne. Il risultato implica la diffusione di informazioni. Il contenuto di file system o condivisioni di rete per il computer che elabora il codice XML può essere esposto a utenti malintenzionati. Un utente malintenzionato può inoltre usarlo come vettore DoS. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Questo overload del metodo Add è potenzialmente insicuro perché può risolvere riferimenti esterni pericolosi + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Impostando i delegati di convalida critici di TokenValidationParameter su true, le protezioni di autenticazione importanti vengono disabilitate e questo può causare l'errata convalida di token ricevuti da qualsiasi autorità emittente o di token scaduti. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} è impostato su una funzione che restituisce sempre true. Se si imposta il delegato di convalida, si esegue l'override della convalida predefinita e se il valore restituito è sempre true, questa convalida viene completamente disabilitata. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Non ignorare sempre la convalida dei token nei delegati + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - La deserializzazione non sicura è una vulnerabilità che si riscontra quando vengono usati dati non attendibili per violare la logica di un'applicazione, causare un attacco Denial of Service (DoS) o persino eseguire codice arbitrario durante la deserializzazione. Gli utenti malintenzionati sfruttano spesso queste funzionalità di deserializzazione quando l'applicazione deserializza dati non attendibili controllati da loro, in particolare richiamando metodi pericolosi nel processo di deserializzazione. Attacchi riusciti di deserializzazione non sicura possono consentire a un utente malintenzionato di portare a termine attacchi di tipo DoS, bypass di autenticazione ed esecuzione di codice da remoto. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - Quando si deserializza un'istanza della classe '{0}', il metodo '{1}' può chiamare direttamente o indirettamente il metodo pericoloso '{2}' + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Non chiamare metodi pericolosi durante la deserializzazione + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> e Enumerable.OfType<T> richiedono tipi compatibili per funzionare correttamente. -Il cast generico (IL 'unbox.any') usato dalla sequenza restituita da Enumerable.Cast<T> genererà InvalidCastException in fase di esecuzione sugli elementi dei tipi specificati. -Il controllo di tipo generico (C# 'is' operator/IL 'isinst') usato da Enumerable.OfType<T> non avrà mai esito positivo con gli elementi di tipi specificati, generando una sequenza vuota. -L'ampliamento e le conversioni definite dall'utente non sono supportate con tipi generici. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - Il tipo '{0}' non è compatibile con il tipo '{1}' e i tentativi di cast genereranno InvalidCastException in fase di esecuzione + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - Questa chiamata darà sempre come risultato una sequenza vuota, perché il tipo '{0}' è incompatibile con il tipo '{1}'. + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Non chiamare Enumerable.Cast<T> o Enumerable.OfType<T> con tipi incompatibili. + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - Non chiamare {0} su un valore {1} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - Non chiamare ToImmutableCollection su un valore ImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource include costruttori che accettano enumerazioni TaskCreationOptions che controllano l'attività sottostante e costruttori che accettano lo stato dell'oggetto archiviato nell'attività. Se si passa accidentalmente un'enumerazione TaskContinuationOptions invece di TaskCreationOptions, la chiamata considererà le opzioni come stato. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Sostituire TaskContinuationOptions con TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - L'argomento contiene l'enumerazione TaskContinuationsOptions invece dell'enumerazione TaskCreationOptions + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - L'argomento passato al costruttore TaskCompletionSource deve essere l'enumerazione TaskCreationOptions invece dell'enumerazione TaskContinuationOptions + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Non creare attività a meno che non si usi uno degli overload che accetta un elemento TaskScheduler. L'impostazione predefinita prevede la pianificazione su TaskScheduler.Current, che comporta deadlock. Usare TaskScheduler.Default per eseguire la pianificazione sul pool di thread oppure passare TaskScheduler.Current in modo esplicito per chiarire le proprie intenzioni. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Non creare attività senza passare un elemento TaskScheduler + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Non creare attività senza passare un elemento TaskScheduler + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - L'aggiunta di un finalizzatore a un tipo derivato da MemoryManager<T> consente di liberare memoria mentre viene ancora usata da un elemento Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - L'aggiunta di un finalizzatore a un tipo derivato da MemoryManager<T> consente di liberare memoria mentre viene ancora usata da un elemento Span<T> + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - Non definire finalizzatori per tipi derivati da MemoryManager<T> + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Non disabilitare la convalida del certificato + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Un certificato può agevolare l'autenticazione dell'identità del server. I client dovrebbero convalidare il certificato del server per assicurarsi che le richieste vengano inviate al server previsto. Se ServerCertificateValidationCallback restituisce sempre 'true', qualsiasi certificato supererà la convalida. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - ServerCertificateValidationCallback è impostato su una funzione che accetta qualsiasi certificato del server, restituendo sempre true. Assicurarsi che i certificati del server siano convalidati per verificare l'identità del server che riceve le richieste. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - Se si usa HttpClient senza fornire un gestore specifico della piattaforma (WinHttpHandler, CurlHandler o HttpClientHandler) in cui la proprietà CheckCertificateRevocationList è impostata su true, i certificati revocati verranno accettati come validi da HttpClient. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - Non disabilitare il controllo delle intestazioni HTTP + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - Il controllo delle intestazioni HTTP consente di abilitare la codifica dei caratteri di ritorno a capo e nuova riga, \r e \n, presenti nelle intestazioni di risposta. Questa codifica consente di evitare attacchi di tipo injection che possono sfruttare un'applicazione che include nell'eco dati attendibili contenuti nell'intestazione. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - Non disabilitare il controllo delle intestazioni HTTP + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - Non disabilitare la convalida delle richieste + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - La convalida delle richieste è una funzionalità di ASP.NET che esamina le richieste HTTP e determina se includono contenuto potenzialmente pericoloso. Questo controllo costituisce un'ulteriore misura di protezione da markup o codice presente nella stringa di query dell'URL, nei cookie o nei valori del modulo pubblicato che potrebbero essere stati aggiunti per scopi dannosi. Si tratta quindi di un controllo auspicabile che deve essere lasciato abilitato per una difesa più efficace. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - La convalida delle richieste è disabilitata per {0} + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Non disabilitare l'uso della crittografia avanzata in Schannel + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - A partire da .NET Framework 4.6, è consigliabile che le classi System.Net.ServicePointManager e System.Net.Security.SslStream usino nuovi protocolli. I protocolli precedenti presentano punti debolezza e non sono supportati. Se si imposta Switch.System.Net.DontEnableSchUseStrongCrypto su true, verrà usato il precedente controllo della crittografia vulnerabile e sarà possibile rifiutare esplicitamente la migrazione dei protocolli. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} disabilita TLS 1.2 e abilita SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - I controlli di convalida dei token garantiscono che, durante la convalida dei token, tutti gli aspetti vengano analizzati e verificati. La disattivazione della convalida può causare problemi di sicurezza consentendo l'esecuzione della convalida anche per token non attendibili. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters.{0} non deve essere impostato su false perché disabilita la convalida importante + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Non disabilitare i controlli di convalida dei token + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Non impostare Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols su true. Se si imposta questa opzione, si limita Windows Communication Framework (WCF) a usare Transport Layer Security (TLS) 1.0, che è insicuro e obsoleto. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - Non disabilitare ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - Non proteggere 'Dictionary.Remove(key)' con 'Dictionary.ContainsKey(key)'. Il primo controlla già se la chiave esiste e non verrà generata in caso contrario. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - Non proteggere 'Dictionary.Remove(key)' con 'Dictionary.ContainsKey(key)' + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Chiamata non necessaria a 'Dictionary.ContainsKey(key)' + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Non impostare il certificato come hardcoded + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - I certificati hardcoded nel codice sorgente sono vulnerabili agli exploit. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - È stata trovata una potenziale vulnerabilità di sicurezza in cui '{0}' nel metodo '{1}' può essere contaminato dal certificato hardcoded di '{2}' nel metodo '{3}' + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Non impostare la chiave di crittografia come hardcoded + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - La proprietà .Key di SymmetricAlgorithm o il parametro rgbKey di un metodo non deve essere mai essere un valore hardcoded. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - È stata trovata una potenziale vulnerabilità di sicurezza in cui '{0}' nel metodo '{1}' può essere contaminato dalla chiave hardcoded di '{2}' nel metodo '{3}' + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - Per impostazione predefinita, l'archivio certificati di Autorità di certificazione radice disponibile nell'elenco locale è configurato con un set di CA pubbliche che soddisfa i requisiti del programma Microsoft Root Certificate. Dal momento che tutte le CA radice attendibili possono rilasciare certificati per qualsiasi dominio, un utente malintenzionato può selezionare come destinazione di attacco una CA debole o coercibile installata dall'utente. Una CA vulnerabile, dannosa o coercibile compromette la sicurezza dell'intero sistema, senza contare che questi attacchi possono passare inosservati abbastanza facilmente. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Un oggetto presenta un'identità debole quando è possibile accedervi direttamente attraverso i confini del dominio dell'applicazione. Un thread che prova ad acquisire un blocco su un oggetto con identità debole può essere bloccato da un secondo thread in un altro dominio dell'applicazione che include un blocco sullo stesso oggetto. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Non bloccare oggetti con identità debole + Do not lock on objects with weak identity Do not lock on objects with weak identity - Non bloccare oggetti con identità debole + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Un metodo passa un valore letterale stringa come parametro a un costruttore o a un metodo nella libreria di classi .NET Framework e questa stringa deve essere localizzabile. Per correggere una violazione di questa regola, sostituire la stringa letterale con una stringa recuperata attraverso un'istanza della classe ResourceManager. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - Il metodo '{0}' passa una stringa letterale come parametro '{1}' di una chiamata a '{2}'. Recuperare le seguenti stringhe da una tabella delle risorse: "{3}". + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Non passare valori letterali come parametri localizzati + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Il codice utente non dovrebbe mai generare un'eccezione di un tipo non sufficiente specifico o riservato dal runtime. Il rilevamento e il debug dell'errore originale diventano quindi più difficili. Se potrebbe essere generata questa istanza di eccezione, usare un tipo di eccezione diverso. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - Il tipo di eccezione {0} è riservato dal runtime + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - Il tipo di eccezione {0} non è sufficientemente specifico + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Non generare tipi di eccezione riservati + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - Non serializzare i tipi con campi puntatore + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - I puntatori non sono "indipendenti dai tipi", ovvero non è possibile garantire la correttezza della memoria a cui puntano. La serializzazione di tipi con campi puntatore è quindi pericolosa perché può consentire a un utente malintenzionato di controllare il puntatore. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Campo puntatore {0} sul tipo serializzabile + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Non usare la firma di accesso condiviso dell'account + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Le firme di accesso condiviso (SAS) sono una parte essenziale del modello di sicurezza per qualsiasi applicazione che usa Archiviazione di Azure e consentono di concedere autorizzazioni limitate e sicure all'account di archiviazione ai client che non hanno la chiave dell'account. Tutte le operazioni disponibili tramite una firma di accesso condiviso del servizio sono disponibili anche tramite una firma di accesso condiviso dell'account, che prevede molte meno limitazioni. Si consiglia quindi di prestare particolare attenzione quando si usa la firma di accesso condiviso del servizio per delegare l'accesso. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Usare la firma di accesso condiviso del service anziché quella dell'account per criteri più specifici di accesso a livello di contenitore e di controllo di accesso + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Non usare algoritmi di crittografia violati + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - È stato individuato un attacco in grado di violare questo algoritmo dal punto di vista del calcolo. Gli utenti malintenzionati potrebbero violare le garanzie crittografiche che l'algoritmo dovrebbe offrire. A seconda del tipo e dell'applicazione di questo algoritmo di crittografia, questo potrebbe consentire agli utenti malintenzionati di leggere messaggi crittografati, manomettere messaggi crittografati, falsare firme digitali, manomettere contenuto con hash o compromettere in altro modo eventuali sistemi di crittografia basati su questo algoritmo. Sostituire la crittografia usata con l'algoritmo AES (sono accettabili AES-256, AES-192 e AES-128) con una lunghezza di chiave maggiore o uguale a 128 bit. Sostituire gli hash usati con una funzione hash della famiglia SHA-2, ad esempio SHA512, SHA384 o SHA256. Sostituire le firme digitali usate con RSA con una lunghezza di chiave maggiore o uguale a 2048 bit oppure con ECDSA con una lunghezza di chiave maggiore o uguale a 256 bit. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} usa un algoritmo di crittografia violato {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - Nel caso di raccolte non vuote CountAsync() e LongCountAsync() enumerano l'intera sequenza, mentre AnyAsync() si arresta in corrispondenza del primo elemento o del primo elemento che soddisfa una condizione. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - Si usa {0}() in un punto in cui sarebbe possibile usare AnyAsync() per migliorare le prestazioni + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - Non usare CountAsync() o LongCountAsync() se è possibile usare AnyAsync() + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - Nel caso di raccolte non vuote Count() e LongCount() enumerano l'intera sequenza, mentre Any() si arresta in corrispondenza del primo elemento o del primo elemento che soddisfa una condizione. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - Si usa {0}() in un punto in cui sarebbe possibile usare Any() per migliorare le prestazioni + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Non usare Count() o LongCount() se è possibile usare Any() + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - La crittografia simmetrica deve usare sempre un vettore di inizializzazione non ripetibile per impedire attacchi con dizionario. - - - - Do Not Use Deprecated Security Protocols - Non usare protocolli di sicurezza deprecati - - - - Using a deprecated security protocol rather than the system default is risky. - L'uso di un protocollo di sicurezza deprecato rispetto a quello predefinito di sistema è rischioso. - - - - Hard-coded use of deprecated security protocol {0} - Uso hardcoded del protocollo di sicurezza deprecato {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Non usare l'algoritmo di firma digitale (DSA) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - L'algoritmo DSA è troppo debole per essere usato. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - L'algoritmo di crittografia asimmetrica {0} è debole. Passare a un algoritmo RSA con dimensione di chiave minima pari a 2048 oppure a un algoritmo ECDH o ECDSA. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Questa raccolta è direttamente indicizzabile. L'uso di LINQ in questo punto causa un carico della CPU e allocazioni non necessarie. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - Non usare metodi Enumerable su raccolte indicizzabili. In alternativa, usare direttamente la raccolta. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - Non usare metodi Enumerable su raccolte indicizzabili + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Non usare la casualità non sicura + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - L'uso di un generatore di numeri pseudo-casuali vulnerabile dal punto di vista della crittografia può consentire a un utente malintenzionato di prevedere il valore sensibile alla sicurezza che verrà generato. Se è richiesto un valore non prevedibile, usare un generatore di numeri casuali sicuro dal punto di vista della crittografia oppure assicurarsi che i numeri pseudo-casuali vulnerabili non vengano usati in modo sensibile per la sicurezza. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} è un generatore di numeri casuali non sicuro. Usare generatori di numeri casuali sicuri dal punto di vista della crittografia quando per motivi di sicurezza è richiesta la casualità. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Non usare la funzione di derivazione di chiave obsoleta + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - La derivazione di chiave basata su password deve usare PBKDF2 con SHA-2. Evitare di usare PasswordDeriveBytes perché genera una chiave PBKDF1. Evitare di usare Rfc2898DeriveBytes.CryptDeriveKey perché non usa il salting o il conteggio delle iterazioni. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Chiamata alla funzione di derivazione di chiave obsoleta {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - I parametri di stringa passati per valore con 'OutAttribute' possono destabilizzare il runtime se la stringa è centralizzata. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - Non usare 'OutAttribute' per il parametro di stringa '{0}' che viene passato per valore. Se è richiesto il marshalling dei dati modificati al chiamante, usare la parola chiave 'out' per passare la stringa per riferimento. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - Non usare 'OutAttribute' su parametri di stringa per metodi P/Invoke + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - Non passare un argomento con tipo valore '{0}' al metodo 'Equals' in 'ReferenceEqualityComparer'. A causa del boxing dei valori, questa chiamata a 'Equals' può restituire un risultato imprevisto. Provare a usare 'EqualityComparer' o passare argomenti di tipo riferimento se si intende usare 'ReferenceEqualityComparer'. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - Gli argomenti di tipo valore digitati vengono inseriti in un box univoco per ogni chiamata a questo metodo, pertanto il risultato può essere imprevisto. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - Non passare un argomento con tipo valore '{0}' a 'ReferenceEquals'. A causa del boxing dei valori, questa chiamata a 'ReferenceEquals' può restituire un risultato imprevisto. Provare a usare 'Equals' o passare argomenti di tipo riferimento se si intende usare 'ReferenceEquals'. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - Non usare ReferenceEquals con tipi valore + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - Lo spazio dello stack allocato da stackalloc viene rilasciato solo alla fine della chiamata del metodo corrente. Se viene usato in un ciclo, possono verificarsi condizioni di crescita illimitata dello stack e eventuale overflow dello stack. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Potenziale overflow dello stack. Spostare stackalloc all'esterno del ciclo. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - Non usare stackalloc nei cicli + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Un'attività periodica più frequente tiene la CPU occupata e interferisce con i timer di inattività per il risparmio di energia che disattivano lo schermo e i dischi rigidi. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Non usare timer che impediscono le modifiche allo stato di potenza + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Non usare timer che impediscono le modifiche allo stato di potenza + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Non usare il valore DllImportSearchPath non sicuro + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - Nelle directory di ricerca DLL predefinite potrebbe essere presente una DLL dannosa oppure, a seconda della posizione di esecuzione dell'applicazione, nella directory dell'applicazione potrebbe essere presente una DLL dannosa. Usare un valore DllImportSearchPath che specifica un percorso di ricerca esplicito. I flag DllImportSearchPath cercati da questa regola possono essere configurati nel file con estensione editorconfig. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Uso del valore {0} non sicuro di DllImportSearchPath + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - L'uso di 'WaitAll' con una singola attività potrebbe influire negativamente sulle prestazioni. In alternativa, attendere o restituire l'attività. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - Sostituire 'WaitAll' con 'Wait' singolo + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - Non usare 'WaitAll' con una singola attività + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Non usare algoritmi di crittografia vulnerabili + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Gli algoritmi di crittografia degradano col passare del tempo quando gli attacchi si fanno più sofisticati consentendo a utenti malintenzionati di accedere a un maggior numero di dati di calcolo. A seconda del tipo e dell'applicazione di questo algoritmo di crittografia, nonché della riduzione dell'efficacia crittografica, questo potrebbe consentire agli utenti malintenzionati di leggere messaggi crittografati, manomettere messaggi crittografati, falsare firme digitali, manomettere contenuto con hash o compromettere in altro modo eventuali sistemi di crittografia basati su questo algoritmo. Sostituire la crittografia usata con l'algoritmo AES (sono accettabili AES-256, AES-192 e AES-128) con una lunghezza di chiave maggiore o uguale a 128 bit. Sostituire gli hash usati con una funzione hash della famiglia SHA-2, ad esempio SHA-2 512, SHA-2 384, or SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} usa un algoritmo di crittografia vulnerabile {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Verifica che l'algoritmo della funzione di derivazione di chiave sia sufficientemente complesso + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Alcune implementazioni della classe Rfc2898DeriveBytes consentono di specificare un algoritmo hash in un parametro del costruttore o di sovrascriverlo nella proprietà HashAlgorithm. Se si specifica un algoritmo hash, è necessario specificare almeno quello SHA-256. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0} potrebbe usare un algoritmo hash vulnerabile. Usare SHA256, SHA384 o SHA512 per creare una chiave avanzata da una password. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Durante la derivazione di chiavi crittografiche dagli input forniti dall'utente, come la password, usare un numero di iterazioni sufficiente (almeno 100.000). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - L'uso di 'WhenAll' con una singola attività potrebbe influire negativamente sulle prestazioni. In alternativa, attendere o restituire l'attività. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Sostituire la chiamata 'WhenAll' con argomento + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - Non usare 'WhenAll' con una singola attività + Do not use 'WhenAll' with a single task Do Not Use XslTransform - Non usare XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - Non usare XslTransform. Non limita i riferimenti esterni potenzialmente pericolosi. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - Se si specifica un'interfaccia funzionale alla quale è stato applicato l'attributo 'DynamicInterfaceCastableImplementationAttribute', è richiesta la funzionalità dei membri di interfaccia predefinita che non è supportata in Visual Basic. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - In Visual Basic non è supportata la specifica di un'interfaccia 'DynamicInterfaceCastableImplementation' + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - In Visual Basic non è supportata la specifica di un'interfaccia 'DynamicInterfaceCastableImplementation' + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - L'uso di funzionalità che richiedono il marshalling di runtime quando il marshalling di runtime è disabilitato genererà eccezioni di runtime. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - I tipi con '[StructLayout(LayoutKind.Auto)]' richiedono l'abilitazione del marshalling di runtime + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - I parametri by-ref richiedono l'abilitazione del marshalling di runtime + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - I delegati con tipi gestiti come parametri o con tipo restituito richiedono l'abilitazione del marshalling di runtime nell'assembly in cui è definito il delegato. + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - Per lo scambio di HResult è necessario abilitare il marshalling di runtime + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - L'uso di 'LCIDConversionAttribute' richiede l'abilitazione del marshalling di runtime + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - I tipi restituiti o di parametro gestiti richiedono l'abilitazione del marshalling di runtime + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - L'impostazione di SetLastError su 'true' richiede l'abilitazione del marshalling di runtime + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Le firme P/Invoke varadic richiedono l'abilitazione del marshalling di runtime + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - La proprietà, il tipo o l'attributo richiede il marshalling di runtime + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Il tipo di '{0}' contiene il tipo di anteprima '{1}' e richiede il consenso esplicito per le funzionalità di anteprima. Per altre informazioni, vedere {2}. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Il tipo di '{3} '{0}' contiene il tipo di anteprima '{1}' e richiede il consenso esplicito per le funzionalità di anteprima. Per altre informazioni, vedere {2}. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Inoltrare il parametro 'CancellationToken' ai metodi per assicurare la corretta propagazione delle notifiche di annullamento dell'operazione oppure passare 'CancellationToken.None' in modo esplicito per indicare che il token non viene propagato intenzionalmente. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Inoltrare il parametro '{0}' al metodo '{1}' oppure passare 'CancellationToken.None' in modo esplicito per indicare che il token non viene propagato intenzionalmente + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Inoltrare il parametro 'CancellationToken' ai metodi + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Evitare di impostare SecurityProtocolType {0} come hardcoded e usare SecurityProtocolType.SystemDefault per consentire al sistema operativo di scegliere il migliore protocollo Transport Layer Security da usare. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Evitare di impostare il valore SecurityProtocolType come hardcoded + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Le versioni correnti del protocollo Transport Layer Security potrebbero diventare deprecate se vengono trovate vulnerabilità. Per garantire la protezione dell'applicazione, evitare di impostare i valori SslProtocols come hardcoded. Usare 'None' per consentire al sistema operativo di scegliere una versione. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Evitare di impostare i valori '{0}' di SslProtocols come hardcoded per garantire che l'applicazione rimanga protetta in futuro. Usare 'None' per consentire al sistema operativo di scegliere una versione. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Evitare di impostare i valori di SslProtocols come hardcoded + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Le interfacce matematiche generiche richiedono l'uso del tipo derivato stesso per il parametro di tipo ricorrente. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - Il '{0}' richiede che il parametro di tipo '{1}' sia compilato con il tipo derivato '{2}' + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Usare il parametro di tipo corretto + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Per correggere una violazione di questa regola, impostare il metodo GetObjectData come visibile e sottoponibile a override e assicurarsi che tutti i campi di istanza siano inclusi nel processo di serializzazione o contrassegnati in modo esplicito usando l'attributo NonSerializedAttribute. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Aggiungere un'implementazione di GetObjectData al tipo {0} + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Rendere {0}.GetObjectData virtuale e sottoponibile a override + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Aumentare l'accessibilità di {0}.GetObjectData in modo che sia visibile ai tipi derivati + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - Implementare ISerializable in modo corretto + Implement ISerializable correctly Implement inherited interfaces - Implementare interfacce ereditate + Implement inherited interfaces Implement Serialization constructor - Implementare il costruttore di serializzazione + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Per correggere una violazione di questa regola, implementare il costruttore di serializzazione. Per una classe sealed impostare il costruttore come private; in caso contrario impostarlo come protected. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Aggiungere un costruttore a {0} con la seguente firma: 'protected {0}(SerializationInfo info, StreamingContext context)'. + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Dichiarare il costruttore di serializzazione di {0}, tipo sealed, come privato. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Dichiarare come protected il costruttore di serializzazione di {0}, un tipo unsealed. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Implementare costruttori di serializzazione + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Un metodo che gestisce un evento di serializzazione non include valori corretti per visibilità, tipo restituito o firma. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Dal momento che {0} è contrassegnato con OnSerializing, OnSerialized, OnDeserializing o OnDeserialized, modificare la firma in modo che non sia più generica + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Dal momento che {0} è contrassegnato con OnSerializing, OnSerialized, OnDeserializing o OnDeserialized, modificare la firma in modo che accetti un solo parametro di tipo 'System.Runtime.Serialization.StreamingContext' + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Dal momento che {0} è contrassegnato con OnSerializing, OnSerialized, OnDeserializing o OnDeserialized, modificare il tipo restituito da {1} in void (Sub in Visual Basic) + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Dal momento che {0} è contrassegnato con OnSerializing, OnSerialized, OnDeserializing o OnDeserialized, modificarlo da statico (Shared in Visual Basic) in un metodo di istanza + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Dal momento che {0} è contrassegnato con OnSerializing, OnSerialized, OnDeserializing o OnDeserialized, modificarne l'accessibilità in private + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Implementare correttamente i metodi di serializzazione + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' implementa l’interfaccia di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' implementa l’interfaccia di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' implementa il metodo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, {2}. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' implementa il metodo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Un tipo riferimento dichiara un costruttore statico esplicito. Per correggere una violazione di questa regola, inizializzare tutti i dati static quando vengono dichiarati e rimuovere il costruttore statico. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Inizializzare inline i campi statici di tipo riferimento + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Inizializzare tutti i campi statici in '{0}' quando questi campi sono dichiarati e rimuovere il costruttore statico esplicito + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Un tipo valore dichiara un costruttore statico esplicito. Per correggere una violazione di questa regola, inizializzare tutti i dati static quando vengono dichiarati e rimuovere il costruttore statico. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Inizializzare inline i campi statici di tipo valore + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Modificare per chiamare il costruttore a due argomenti; passare Null per il messaggio. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - Viene effettuata una chiamata al costruttore predefinito (senza parametri) di un tipo di eccezione che corrisponde a o deriva da ArgumentException oppure viene passato un argomento stringa non corretto a un costruttore con parametri di un tipo di eccezione che corrisponde a o deriva da ArgumentException. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Scambiare l'ordine degli argomenti + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - Il metodo {0} passa il nome di parametro '{1}' come argomento di {2} a un costruttore {3}. Sostituire questo argomento con un messaggio descrittivo e passare il nome di parametro nella posizione corretta. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - Il metodo {0} passa '{1}' come argomento di {2} a un costruttore {3}. Sostituire l'argomento con uno dei nomi di parametro del metodo. Il nome del parametro specificato deve rispettare l'uso di maiuscole/minuscole così come dichiarato nel metodo. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Chiamare il costruttore {0} che contiene un messaggio e/o il parametro paramName + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Creare istanze di eccezioni di argomento in modo corretto + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - I tipi ai quali è stato applicato l'attributo 'DynamicInterfaceCastableImplementationAttribute' fungono da un'implementazione di interfaccia per un tipo che implementa il tipo 'IDynamicInterfaceCastable'. Di conseguenza, deve fornire un'implementazione di tutti i membri definiti nelle interfacce ereditate, perché il tipo che implementa 'IDynamicInterfaceCastable' non le fornisce diversamente. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - Al tipo '{0}' è applicato l'elemento 'DynamicInterfaceCastableImplementationAttribute', che però non fornisce un'implementazione di tutti i membri di interfaccia definiti nelle interfacce ereditate + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Per tutti i membri dichiarati nelle interfacce padre devono esistere un'implementazione in un'interfaccia alla quale è stata applicato l'attributo DynamicInterfaceCastableImplementation + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili con un elemento JavaScriptSerializer inizializzato con un elemento SimpleTypeResolver. Assicurarsi che l'elemento JavaScriptSerializer venga inizializzato senza specificare un elemento JavaScriptTypeResolver oppure che venga inizializzato con un elemento JavaScriptTypeResolver che limita i tipi di oggetti nel grafico di oggetti deserializzato. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Assicurarsi che JavaScriptSerializer non sia inizializzato con SimpleTypeResolver prima della deserializzazione + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili con un elemento JavaScriptSerializer inizializzato con un elemento SimpleTypeResolver. Inizializzare JavaScriptSerializer senza specificare un elemento JavaScriptTypeResolver oppure inizializzarlo con un elemento JavaScriptTypeResolver che limita i tipi di oggetti nel grafico di oggetti deserializzato. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - Non deserializzare con JavaScriptSerializer usando un elemento SimpleTypeResolver + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si deserializza con JsonSerializer, usare TypeNameHandling.None oppure, per valori diversi da None, limitare i tipi deserializzati con un elemento SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Non deserializzare con JsonSerializer usando una configurazione non sicura + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si usa JsonSerializerSettings, usare TypeNameHandling.None oppure, per valori diversi da None, limitare i tipi deserializzati con un elemento SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - Non usare l'elemento JsonSerializerSettings non sicuro + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si deserializza con JsonSerializer, usare TypeNameHandling.None oppure, per valori diversi da None, limitare i tipi deserializzati con un elemento SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Assicurarsi che la configurazione di JsonSerializer sia sicura durante la deserializzazione + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Quando si deserializza input non attendibile, non è sicuro consentire la deserializzazione di tipi arbitrari. Quando si usa JsonSerializerSettings, assicurarsi che TypeNameHandling.None sia specificato oppure, per valori diversi da None, assicurarsi che sia specificato un elemento SerializationBinder per limitare i tipi deserializzati. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Assicurarsi che l'elemento JsonSerializerSettings sia sicuro + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - La deserializzazione di JSON quando si usa un valore TypeNameHandling diverso da None può essere insicura. Se è necessario rilevare invece la deserializzazione di JSON.NET quando non è specificato alcun oggetto SerializationBinder, disabilitare la regola CA2326 e abilitare le regole CA2327, CA2328, CA2329 e CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - La deserializzazione di JSON quando si usa un valore TypeNameHandling diverso da None può essere insicura. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - Non usare valori di TypeNameHandling diversi da None + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Non usare il deserializzatore non sicuro LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - Converti nel metodo statico + Convert to static method Converting an instance method to a static method may produce invalid code - La conversione di un metodo di istanza in un metodo statico potrebbe produrre codice non valido + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Impostare come 'public' il costruttore che accetta zero parametri + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Un campo di istanza di un tipo non serializzabile viene dichiarato in un tipo serializzabile. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - Il campo {0} è un membro di tipo {1}, che è serializzabile, ma è di tipo {2}, che non è serializzabile + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Contrassegnare tutti i campi non serializzabili + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - L'attributo NeutralResourcesLanguage indica a ResourceManager la lingua usata per visualizzare le risorse delle impostazioni cultura per un assembly non associate ad alcun paese. Questo approccio migliora le prestazioni delle ricerche per la prima risorsa caricata e può ridurre il working set. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Contrassegnare gli assembly con NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Contrassegnare gli assembly con NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - Per il tipo di dati booleano sono disponibili più rappresentazioni nel codice non gestito. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Aggiungere MarshalAsAttribute al parametro {0} di P/Invoke {1}. Se il valore del parametro non gestito corrispondente è di tipo 'BOOL' Win32 a 4 byte, usare [MarshalAs(UnmanagedType.Bool)]. Per un valore di tipo 'bool' C++ a 1 byte, usare MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Aggiungere MarshalAsAttribute al tipo restituito di P/Invoke {0}. Se il valore del tipo restituito non gestito corrispondente è di tipo 'BOOL' Win32 a 4 byte, usare MarshalAs(UnmanagedType.Bool). Per un valore di tipo 'bool' C++ a 1 byte, usare MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Contrassegnare gli argomenti di PInvoke booleani con MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Per essere riconosciuti come serializzabili in Common Language Runtime, i tipi devono essere contrassegnati usando l'attributo SerializableAttribute anche quando usano una routine di serializzazione personalizzata tramite l'implementazione dell'interfaccia ISerializable. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Aggiungere [Serializable] a {0} perché questo tipo implementa ISerializable + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - Contrassegnare i tipi ISerializable con serializable + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Assicurarsi che il controllo dell'elenco di revoche di certificati di HttpClient non sia disabilitato + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient può essere creato senza abilitare CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Verificare che i certificati non vengano aggiunti all'archivio radice + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - L'aggiunta di certificati a certificati radice attendibili del sistema operativo non è sicura. Verificare che l'archivio di destinazione non sia un archivio radice. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Usa CreateEncryptor con il vettore di inizializzazione predefinito + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - Nella crittografia viene usato il vettore di inizializzazione non predefinito, che può essere potenzialmente ripetibile. Assicurarsi di usare quello predefinito. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Assicura l'uso di cookie protetti in ASP.NET Core + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Assicurarsi che CookieOptions.Secure = true durante l'impostazione di un cookie + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Assicurare un numero di iterazioni sufficiente quando si usa la funzione di derivazione di chiave vulnerabile + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Assicurarsi che il numero delle iterazioni sia almeno {0} durante la derivazione di una chiave crittografica da una password. Per impostazione predefinita, il valore di IterationCount per Rfc2898DeriveByte è solo 1000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Dal momento che un tipo che implementa 'IDynamicInterfaceCastable' non può implementare un'interfaccia dinamica nei metadati, le chiamate a un membro di interfaccia di istanza che non è un'implementazione esplicita definita in questo tipo potrebbero non riuscire in fase di esecuzione. Contrassegnare i membri della nuova interfaccia come 'static' per evitare errori di runtime. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - Il membro '{0}' nel tipo '{1}' deve essere contrassegnato come 'static' perché a '{1}' è stato applicato l'attributo 'DynamicInterfaceImplementationAttribute' + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - I membri definiti in un'interfaccia con 'DynamicInterfaceCastableImplementationAttribute' devono essere 'static' + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' restituisce il tipo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' restituisce il metodo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' accetta un parametro di anteprima di tipo '{1}' e deve acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{3} '{0}' accetta un parametro di anteprima di tipo '{1}' e deve acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Questo metodo usa il marshalling di runtime anche quando il marshalling di runtime è disabilitato, il che può causare differenze di comportamento impreviste in fase di esecuzione a causa di aspettative diverse del layout nativo di un tipo. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - '{0}' usa il marshalling di runtime anche quando viene applicato 'DisableRuntimeMarshallingAttribute'. Usare funzionalità come 'sizeof' e puntatori direttamente per garantire risultati accurati. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Questo metodo usa il marshalling di runtime anche quando viene applicato 'DisableRuntimeMarshallingAttribute' + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Attributo HttpVerb mancante per i metodi di azione + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Tutti i metodi che consentono di creare, modificare, eliminare o cambiare in altro modo i dati usano l'overload [HttpPost] del metodo, che deve essere protetto dalla falsificazione delle richieste con l'apposito attributo antifalsificazione. L'esecuzione di un'operazione GET deve essere un'operazione sicura che non presenta effetti collaterali e non modifica i dati persistenti. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - Il metodo di azione {0} deve specificare in modo esplicito il tipo della richiesta HTTP + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - La presenza di inizializzatori di modulo nel codice dell'applicazione assicura che i componenti di un'applicazione vengano inizializzati prima dell'inizio dell'esecuzione del codice dell'applicazione. La dichiarazione di un modulo 'ModuleInitializerAttribute' nel codice della libreria può interferire con l'inizializzazione dell'applicazione e causare limitazioni alle funzionalità di trimming di tale applicazione. Il codice della libreria non deve quindi utilizzare l'attributo 'ModuleInitializerAttribute', ma esporre metodi utilizzabili per inizializzare tutti i componenti nella libreria e consentire all'applicazione di richiamare il metodo durante l'inizializzazione dell'applicazione. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - L'attributo 'ModuleInitializer' deve essere usato solo nel codice dell'applicazione o in scenari avanzati di generatori di origine + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - L'attributo 'ModuleInitializer' non deve essere usato nelle librerie + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili senza un elemento SerializationBinder per limitare il tipo di oggetti nel grafico di oggetti deserializzato. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Assicurarsi che NetDataContractSerializer.Binder sia impostato prima della deserializzazione + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili senza un elemento SerializationBinder per limitare il tipo di oggetti nel grafico di oggetti deserializzato. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - Non deserializzare senza aver prima impostato NetDataContractSerializer.Binder + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili. Se invece è necessario rilevare la deserializzazione di NetDataContractSerializer senza un elemento SerializationBinder impostato, disabilitare la regola CA2310 e abilitare le regole CA2311 e CA2312. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Non usare il deserializzatore non sicuro NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Le stringhe devono essere normalizzate in maiuscolo. Un piccolo gruppo di caratteri non è in grado di completare un round trip in caso di conversione in minuscolo. Completare un round trip significa convertire i caratteri da determinate impostazioni locali ad altre che rappresentano i dati dei caratteri in modo diverso e quindi recuperare in modo accurato i caratteri originali da quelli convertiti. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - Nel metodo '{0}' sostituire la chiamata a '{1}' con '{2}' + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Normalizzare le stringhe in maiuscolo + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - Il metodo '{0}' non è sicuro quando si deserializzano dati non attendibili. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Non usare il deserializzatore non sicuro ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' sovrascrive il metodo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{3} '{0}' sorvrascrive il metodo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Un metodo public o protected in un tipo public contiene l'attributo System.Runtime.InteropServices.DllImportAttribute (implementato anche dalla parola chiave Declare in Visual Basic). Questi metodi non devono essere esposti. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - Il metodo P/Invoke '{0}' non deve essere visibile + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - I metodi P/Invoke non devono essere visibili + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - e tutte le altre piattaforme + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - '{0}' - tutte le versioni + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - Se si usa un'API dipendente dalla piattaforma su un componente, il codice non funziona più in tutte le piattaforme. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - '{0}' dalla versione {1} alla versione {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Questo sito di chiamata è raggiungibile su tutte le piattaforme. '{0}' è obsoleto in: {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Questo sito di chiamata è raggiungibile su: {2}. '{0}' è obsoleto su: {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Questo sito di chiamata è raggiungibile da tutte le piattaforme. '{0}' è supportato solo in {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Questo sito di chiamata è raggiungibile da {2}. '{0}' è supportato solo in {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - Questo sito di chiamata non è raggiungibile da {2}. '{0}' è supportato solo in {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Questo sito di chiamata è raggiungibile da tutte le piattaforme. '{0}' è supportato in {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Questo sito di chiamata è raggiungibile da {2}. '{0}' è supportato in {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Convalida compatibilità della piattaforma + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Questo sito di chiamata è raggiungibile da tutte le piattaforme. '{0}' non è supportato in {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Questo sito di chiamata è raggiungibile da {2}. '{0}' non è supportato in {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - '{0}' {1} e versioni precedenti + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - '{0}' {1} e versioni successive + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Rivedere il codice che elabora dati deserializzati non attendibili per la gestione di cicli di riferimento imprevisti. Un ciclo di riferimento imprevisto non deve causare un ciclo infinito del codice. Un ciclo di riferimento imprevisto può invece consentire attacchi di tipo DoS da parte di un utente malintenzionato o l'esaurimento della memoria del processo durante la deserializzazione di dati non attendibili. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} fa parte di un potenziale ciclo di riferimento + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Potenziale ciclo di riferimento nel grafico di oggetti deserializzati + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - Sostituire 'Substring' con 'AsSpan' + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - 'AsSpan' è più efficace di 'Substring'. 'Substring' esegue una copia della stringa O(n), mentre 'AsSpan' non la esegue e ha un costo costante. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Preferire 'AsSpan' a 'Substring' quando sono disponibili overload basati su span + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - Preferire 'AsSpan' a 'Substring' + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - Usare il controllo 'Count' anziché 'Any()' + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Preferire il confronto 'Count' con 0 anziché usare 'Any()', sia per chiarezza che per prestazioni. + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - Usare 'ContainsKey' + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey' è in genere O(1), mentre in alcuni casi 'Keys.Contains' può essere O(n). Inoltre, molte implementazioni del dizionario inizializzano in modo differito la raccolta Keys per ridurre le allocazioni. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Preferire 'ContainsKey' a 'Keys.Contains' per il tipo di dizionario '{0}' + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Preferire i metodi Dictionary.Contains + Prefer Dictionary.Contains methods Use 'ContainsValue' - Usare 'ContainsValue' + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Molte implementazioni del dizionario inizializzano in modo differito la raccolta Values. Per evitare allocazioni non necessarie, preferire 'ContainsValue' a 'Values.Contains'. + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Preferire 'ContainsValue' a 'Values.Contains' per il tipo di dizionario '{0}' + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Sostituire con il metodo 'HashData' + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - È più efficiente usare il metodo statico 'HashData' per creare e gestire un'istanza di HashAlgorithm per chiamare 'ComputeHash'. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Preferire '{0} statico. Metodo HashData' su 'ComputeHash' + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Preferire il metodo 'HashData' rispetto a 'ComputeHash' + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - Usare il controllo 'IsEmpty' anziché 'Any()' + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Preferire il controllo 'IsEmpty' anziché di usare 'Any()', sia per chiarezza che per prestazioni + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Preferire l’uso delle proprietà 'IsEmpty', 'Count' o 'Length' se disponibili, anziché chiamare 'Enumerable.Any()'. La finalità è più chiara ed è più efficiente rispetto all'uso del metodo di estensione 'Enumerable.Any()'. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Evitare di usare il metodo di estensione 'Enumerable.Any()' + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - Usare il controllo 'Length' anziché 'Any()' + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Preferire il confronto 'Length' con 0 anziché usare 'Any()', sia per chiarezza che per prestazioni + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - 'Stream' contiene un overload 'ReadAsync' che accetta 'Memory<Byte>' come primo argomento e un overload 'WriteAsync' che accetta 'ReadOnlyMemory<Byte>' come primo argomento. Per la chiamata preferire gli overload basati su Memory, che sono più efficaci. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Per determinare se l'oggetto contiene o meno elementi, usare la proprietà 'IsEmpty' invece di recuperare il numero di elementi con la proprietà 'Count' e confrontarlo con 0 o 1. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Preferire 'IsEmpty' a 'Count' per determinare se l'oggetto è vuoto - - - - Prefer IsEmpty over Count - Preferire IsEmpty a Count + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Modificare la chiamata al metodo '{0}' per usare l'overload '{1}' + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Preferire gli overload basati su 'Memory' per 'ReadAsync' e 'WriteAsync' + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Sostituisci con 'string.Contains' + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Le chiamate a 'string.IndexOf' in cui il risultato viene usato per verificare la presenza/assenza di una sottostringa possono essere sostituite da 'string.Contains'. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Per migliorare la leggibilità, usare 'string.Contains' invece di 'string.IndexOf' + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Provare a usare 'string.Contains' invece di 'string.IndexOf' + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append e StringBuilder.Insert forniscono overload per più tipi oltre System.String. Quando possibile, preferire gli overload fortemente tipizzati invece di usare ToString() e l'overload basato su stringhe. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Rimuovere la chiamata ToString per usare un overload di StringBuilder fortemente tipizzato + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - Rimuovere la chiamata a ToString + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Preferire gli overload di metodi Append e Insert fortemente tipizzati su StringBuilder - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - 'StringBuilder.Append(char)' è più efficace di 'StringBuilder.Append(string)' quando la stringa è un carattere singolo. Se si chiama 'Append' con una costante, è preferibile usare un tipo di dati char costante invece di uno stringa contenente un solo carattere. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Usare 'StringBuilder.Append(char)' invece di 'StringBuilder.Append(string)' quando l'input è una stringa costante composta da un solo carattere - - - - Consider using 'StringBuilder.Append(char)' when applicable - Se applicabile, provare a usare 'StringBuilder.Append(char)' + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - A partire da .NET 7, la conversione esplicita '{0}' non verrà generata in caso di overflow in un contesto controllato. Per ripristinare il comportamento di .NET 6, eseguire il wrapping dell'espressione con un’istruzione 'checked'. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - A partire da .NET 7, la conversione esplicita '{0}' non verrà generata in caso di overflow in un contesto controllato. Per ripristinare il comportamento di .NET 6, eseguire il wrapping dell'espressione con un’istruzione 'unchecked'. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Alcuni operatori predefiniti aggiunti in .NET 7 si comportano in modo diverso in caso di overflow rispetto ai corrispondenti operatori definiti dall'utente in .NET 6 e versioni precedenti. Alcuni operatori che in precedenza generavano in un contesto non controllato ora non generano a meno che non venga eseguito il wrapping all’interno di un contesto controllato. Inoltre, alcuni operatori che in precedenza non generavano in un contesto controllato ora generano a meno che non venga eseguito il wrapping in un contesto non controllato. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - A partire da .NET 7, l'operatore '{0}' verrà generato in caso di overflow in un contesto controllato. Per ripristinare il comportamento di .NET 6, eseguire il wrapping dell'espressione con un’istruzione 'unchecked'. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Prevenire la modifica funzionale + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - Con il metodo 'Enum.HasFlag' l'argomento 'enum'deve essere dello stesso tipo 'enum' dell'istanza in cui viene chiamato il metodo e questo 'enum' deve essere contrassegnato con 'System.FlagsAttribute'. Se si tratta di tipi 'enum' diversi, verrà generata un'eccezione non gestita in fase di runtime. Se il tipo 'enum' non è contrassegnato con 'System.FlagsAttribute', la chiamata restituirà sempre 'false' in fase di runtime. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - Il tipo di argomento '{0}' deve essere uguale al tipo enumerazione '{1}' + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Specificare l'argomento 'enum' corretto per 'Enum.HasFlag' + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - L'argomento format passato a System.String.Format non contiene un elemento di formato corrispondente a ogni argomento dell'oggetto o viceversa. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Fornire gli argomenti corretti ai metodi di formattazione + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Fornire gli argomenti corretti ai metodi di formattazione + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Un tipo include un campo contrassegnato usando l'attributo System.Runtime.Serialization.OptionalFieldAttribute e non fornisce metodi di gestione degli eventi di deserializzazione. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Aggiungere un metodo 'private void OnDeserialized(StreamingContext)' al tipo {0} e impostarvi l'attributo System.Runtime.Serialization.OnDeserializedAttribute + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Aggiungere un metodo 'private void OnDeserializing(StreamingContext)' al tipo {0} e impostarvi l'attributo System.Runtime.Serialization.OnDeserializingAttribute + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Fornire metodi di deserializzazione per i campi facoltativi + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - La specifica di un costruttore senza parametri visibile come tipo che lo contiene per un tipo derivato da 'System.Runtime.InteropServices.SafeHandle' offre prestazioni migliori e ne consente l'utilizzo in soluzioni di interoperabilità generate da origini. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Specificare un costruttore senza parametri visibile come il tipo che lo contiene per il tipo '{0}' derivato da 'System.Runtime.InteropServices.SafeHandle' + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Specificare un costruttore senza parametri visibile come il tipo che lo contiene per i tipi concreti derivati da 'System.Runtime.InteropServices.SafeHandle' + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Per migliorare le prestazioni, eseguire l'override dei metodi asincroni basati sulla memoria durante la creazione di una sottoclasse 'Stream'. Implementare quindi i metodi basati su matrice nei termini dei metodi basati sulla memoria. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - '{0}' esegue l'override di '{1}' basato su matrice, ma non di '{2}' basato sulla memoria. Per migliorare le prestazioni, provare a eseguire l'override di '{2}' basato sulla memoria. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Specificare override basati sulla memoria dei metodi asincroni durante la creazione di una sottoclasse 'Stream' + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Rimuovi la chiamata ridondante + Remove redundant call Remove unnecessary call - Rimuovere chiamata non necessaria + Remove unnecessary call Replace string literal with char literal - Sostituire il valore letterale stringa con il valore letterale char + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo DLL injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo DLL injection + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo file path injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo file path injection + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo diffusione di informazioni in cui '{0}' nel metodo '{1}' può contenere informazioni non intenzionali di '{2}' nel metodo '{3}'. + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo diffusione di informazioni + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo LDAP injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo LDAP injection + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo reindirizzamento aperto in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo reindirizzamento aperto + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo process command injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo process command injection + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo regex injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo regex injection + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo SQL injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo SQL injection + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo XAML injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo XAML injection + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo XML injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo XML injection - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo XPath injection in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. - - - - Review code for XPath injection vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo XPath injection + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - È stata trovata una potenziale vulnerabilità di tipo cross-site scripting (XSS) in cui '{0}' nel metodo '{1}' può essere contaminato da dati controllati dall'utente di '{2}' nel metodo '{3}'. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Esaminare il codice per verificare la presenza di vulnerabilità di tipo XSS + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - Le query SQL che usano direttamente l'input utente possono essere vulnerabili ad attacchi SQL injection. Esaminare la query SQL per individuare potenziali vulnerabilità e provare a usare una query SQL con parametri. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Verificare se la stringa di query passata a '{0}' in '{1}' accetta input utente + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - Controllare l'eventuale vulnerabilità di sicurezza delle query SQL + Review SQL queries for security vulnerabilities Seal class - Classe Seal + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Quando un tipo non è accessibile al di fuori del relativo assembly e non contiene sottotipi all'interno dell'assembly che lo contiene, può essere sealed. I tipi di sealing possono migliorare le prestazioni. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - Il tipo '{0}' può essere sealed perché non contiene sottotipi nell'assembly contenitore e non è visibile esternamente + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Seal tipi interni + Seal internal types Set HttpOnly to true for HttpCookie - Impostare HttpOnly su true per HttpCookie + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - Come ulteriore misura di difesa, assicurarsi che i cookie HTTP sensibili alla sicurezza siano contrassegnati come HttpOnly. In questo modo il Web browser non consentirà agli script di accedere ai cookie. Il modo più comune per appropriarsi dei cookie consiste nell'usare script in cui viene inserito codice dannoso. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly è impostato su false o non è impostato affatto quando si usa un elemento HttpCookie. Assicurarsi che i cookie sensibili alla sicurezza siano contrassegnati come HttpOnly per impedire a script dannosi di appropriarsi dei cookie + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Impostare ViewStateUserKey per classi derivate da Page + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - La proprietà ViewStateUserKey permette di evitare attacchi all'applicazione grazie all'assegnazione di un identificatore alla variabile dello stato di visualizzazione per singoli utenti per impedire che usino la variabile per generare un attacco. In caso contrario, potrebbero riscontrarsi vulnerabilità di tipo richiesta intersito falsa. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - La classe {0}, derivata da System.Web.UI.Page, non imposta la proprietà ViewStateUserKey nel metodo OnInit o Page_Init + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Specificare le impostazioni cultura per evitare la dipendenza implicita accidentale dalle impostazioni cultura correnti. L'uso di una versione invariante produce risultati coerenti indipendentemente dalle impostazioni cultura di un'applicazione. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Specificare le impostazioni cultura o usare una versione invariante per evitare la dipendenza implicita dalle impostazioni cultura correnti + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Specificare le impostazioni cultura o usare una versione invariante + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Un metodo o un costruttore chiama un membro con un overload che accetta un parametro System.Globalization.CultureInfo e tale metodo o costruttore non chiama l'overload che accetta il parametro CultureInfo. Quando non viene fornito un oggetto CultureInfo o System.IFormatProvider, l'effetto del valore predefinito fornito dal membro di overload potrebbe non essere quello desiderato in tutte le impostazioni locali. Se il risultato verrà visualizzato all'utente, specificare 'CultureInfo.CurrentCulture' come parametro di 'CultureInfo'. In caso contrario, se il risultato verrà archiviato e usato dal software, ad esempio quando viene salvato in modo permanente nel disco o in un database, specificare 'CultureInfo.InvariantCulture'. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Il comportamento di '{0}' potrebbe variare a seconda delle impostazioni locali dell'utente corrente. Sostituire questa chiamata in '{1}' con una chiamata a '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - Specificare CultureInfo + Specify CultureInfo Specify current culture - Specificare le impostazioni cultura correnti + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Un metodo o un costruttore chiama uno o più membri con overload che accettano un parametro System.IFormatProvider e tale metodo o costruttore non chiama l'overload che accetta il parametro IFormatProvider. Quando non viene fornito un oggetto System.Globalization.CultureInfo o IFormatProvider, l'effetto del valore predefinito fornito dal membro di overload potrebbe non essere quello desiderato in tutte le impostazioni locali. Se il risultato verrà basato sull'input fornito o sull'output visualizzato all'utente, specificare 'CultureInfo.CurrentCulture' come parametro di 'IFormatProvider'. In caso contrario, se il risultato verrà archiviato e usato dal software, ad esempio quando viene caricato dal disco/database e quando viene salvato in modo permanente nel disco/database, specificare 'CultureInfo.InvariantCulture'. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Il comportamento di '{0}' potrebbe variare a seconda delle impostazioni locali dell'utente corrente. Sostituire questa chiamata in '{1}' con una chiamata a '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Il comportamento di '{0}' potrebbe variare a seconda delle impostazioni locali dell'utente corrente. Sostituire questa chiamata in '{1}' con una chiamata a '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - Il comportamento di '{0}' può variare in base alle impostazioni locali dell'utente corrente. Specificare un valore per l'argomento 'IFormatProvider'. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' passa '{1}' come parametro di 'IFormatProvider' a '{2}'. Questa proprietà restituisce impostazioni cultura non appropriate per i metodi di formattazione. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' passa '{1}' come parametro di 'IFormatProvider' a '{2}'. Questa proprietà restituisce impostazioni cultura non appropriate per i metodi di formattazione. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - Specificare IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Un membro di platform invoke consente chiamanti parzialmente attendibili, include un parametro di tipo stringa e non esegue il marshalling della stringa. Questo può comportare una potenziale vulnerabilità di sicurezza. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Specificare il marshalling per gli argomenti stringa P/Invoke + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - In un'operazione di confronto di stringhe si usa un overload del metodo che non imposta un parametro StringComparison. Per chiarire meglio la finalità, è consigliabile usare l'overload con il parametro StringComparison. Se il risultato verrà visualizzato all'utente, ad esempio quando si ordina un elenco di elementi per la visualizzazione in una casella di riepilogo, specificare 'StringComparison.CurrentCulture' o 'StringComparison.CurrentCultureIgnoreCase' come parametro di 'StringComparison'. Se si confrontano identificatori che non fanno distinzione tra maiuscole/minuscole, ad esempio percorsi file, variabili di ambiente o chiavi e valori del Registro di sistema, specificare 'StringComparison.OrdinalIgnoreCase'. Se invece si confrontano identificatori che fanno distinzione tra maiuscole e minuscole, specificare 'StringComparison.Ordinal'. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - '{0}' contiene un overload di metodo che accetta un parametro 'StringComparison'. Per chiarire meglio la finalità, sostituire questa chiamata in '{1}' con una chiamata a '{2}'. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Specificare StringComparison per la chiarezza + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - In un'operazione di confronto di stringhe si usa un overload del metodo che non imposta un parametro StringComparison, di conseguenza il relativo comportamento potrebbe variare in base alle impostazioni locali dell'utente corrente. Per garantire la correttezza e chiarire meglio la finalità, è fortemente consigliato l'uso dell'overload con il parametro StringComparison. Se il risultato verrà visualizzato all'utente, ad esempio quando si ordina un elenco di elementi per la visualizzazione in una casella di riepilogo, specificare 'StringComparison.CurrentCulture' o 'StringComparison.CurrentCultureIgnoreCase' come parametro di 'StringComparison'. Se si confrontano identificatori che non fanno distinzione tra maiuscole/minuscole, ad esempio percorsi file, variabili di ambiente o chiavi e valori del Registro di sistema, specificare 'StringComparison.OrdinalIgnoreCase'. Se invece si confrontano identificatori che fanno distinzione tra maiuscole e minuscole, specificare 'StringComparison.Ordinal'. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Il comportamento di '{0}' potrebbe variare a seconda delle impostazioni locali dell'utente corrente. Sostituire questa chiamata in '{1}' con una chiamata a '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Specificare StringComparison per la correttezza + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - Per l'uso di entrambi i modificatori 'static' e 'abstract' è richiesto il consenso esplicito per le funzionalità di anteprima. Per altre informazioni, vedere https://aka.ms/dotnet-warnings/preview-features. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - Il confronto di stringhe è notevolmente più rapido se si usa la proprietà String.Length o il metodo String.IsNullOrEmpty invece di Equals. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Testare le stringhe vuote con la proprietà 'string.Length' o il metodo 'string.IsNullOrEmpty' invece di usare una verifica di uguaglianza + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Testare le stringhe vuote con la lunghezza di stringa + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Questa espressione consente di testare un valore rispetto a Single.Nan o Double.Nan. Per testare il valore, usare Single.IsNan(Single) o Double.IsNan(Double). + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Testare i valori NaN in modo corretto + Test for NaN correctly Test for NaN correctly - Testare i valori NaN in modo corretto + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - I campi 'ThreadStatic' devono essere inizializzati in modo differito durante l’esecuzione, non con inizializzazione inline né in modo esplicito in un costruttore statico, che inizializza il campo solo nel thread che esegue il costruttore statico del tipo. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - I campi 'ThreadStatic' non devono usare l'inizializzazione inline + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Inizializzazione del campo 'ThreadStatic' non corretta + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - 'ThreadStatic' ha effetto solo sui campi statici. Se applicato ai campi dell'istanza, non ha alcun impatto sul comportamento. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Assicurarsi che 'ThreadStatic' sia usato solo con campi statici + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - 'ThreadStatic' influisce solo sui campi statici + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - Usare l'helper throw ArgumentException + Use ArgumentException throw helper Use ArgumentNullException throw helper - Usare ArgumentNullException per generare l'helper + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - Usare ArgumentOutOfRangeException per generare l'helper + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Usare Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - Con l'indicizzatore basato su Range su valori di matrice viene prodotta una copia della porzione richiesta della matrice. Questa copia è spesso indesiderata quando viene usata in modo implicito come valore di Span o Memory. Per evitare la copia, usare il metodo AsSpan. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Usare '{0}' invece dell'indicizzatore basato su '{1}' su '{2}' per evitare la creazione di copie di dati non necessarie + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Usare `{0}` invece di indicizzatori basati su Range su una stringa + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Usare `{0}` invece di indicizzatori basati su Range su una matrice + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Se necessario, usare AsSpan o AsMemory invece di indicizzatori basati su Range + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Con l'indicizzatore basato su Range su valori di stringa viene prodotta una copia della porzione richiesta della stringa. Questa copia è in genere non necessaria quando viene usata in modo implicito come valore di ReadOnlySpan o ReadOnlyMemory. Per evitare la copia non necessaria, usare il metodo AsSpan. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Con l'indicizzatore basato su Range su valori di matrice viene prodotta una copia della porzione richiesta della matrice. Questa copia è in genere non necessaria quando viene usata in modo implicito come valore di ReadOnlySpan o ReadOnlyMemory. Per evitare la copia non necessaria, usare il metodo AsSpan. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - All'interno di un metodo che restituisce Task, utilizzare la versione asincrona dei metodi, se presenti. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - '{0}' si blocca in modalità sincrona. In alternativa, usare await '{1}'. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - '{0}' si blocca in modalità sincrona. In alternativa, usare await. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Chiamare metodi asincroni in un metodo asincrono + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Usare token antifalsificazione nei controller MVC ASP.NET Core + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - La gestione di una richiesta POST, PUT, PATCH o DELETE senza la convalida di un token antifalsificazione può essere vulnerabile ad attacchi di tipo richiesta intersito falsa. In un attacco di questo tipo vengono inviate richieste dannose da un utente autenticato al controller MVC ASP.NET Core. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Il metodo {0} gestisce una richiesta {1} senza eseguire la convalida del token antifalsificazione. È necessario assicurarsi anche che il modulo HTML invii un token antifalsificazione. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Sostituire con 'CancellationToken.ThrowIfCancellationRequested' + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - 'ThrowIfCancellationRequested' controlla automaticamente se il token è stato annullato e, in tal caso, genera un'eccezione 'OperationCanceledException'. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Usare 'ThrowIfCancellationRequested' invece di selezionare 'IsCancellationRequested' e generare 'OperationCanceledException' + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - Usare 'ThrowIfCancellationRequested' + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - L'uso di tipi concreti evita il sovraccarico delle chiamate virtuali o di interfaccia e abilita l'inlining. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Modificare il tipo di campo '{0}' da '{1}' a '{2}' per migliorare le prestazioni + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Modificare il tipo di variabile '{0}' da '{1}' a '{2}' per migliorare le prestazioni + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Modificare il tipo restituito del metodo '{0}' da '{1}' a '{2}' per migliorare le prestazioni + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Modificare il tipo di parametro '{0}' da '{1}' a '{2}' per migliorare le prestazioni + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Modificare il tipo di proprietà '{0}' da '{1}' a '{2}' per migliorare le prestazioni + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Usare tipi concreti quando possibile per migliorare le prestazioni + Use concrete types when possible for improved performance Use Container Level Access Policy - Usa criteri di accesso a livello di contenitore + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Non è specificato alcun identificatore di criterio di accesso, di conseguenza i token sono non revocabili. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Se possibile, provare a usare il controllo degli accessi in base al ruolo di Azure, invece della firma di accesso condiviso. Se è necessaria una firma di accesso condiviso, usare un criterio di accesso a livello di contenitore quando si crea la firma. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - Usare l'attributo DefaultDllImportSearchPaths per i P/Invoke + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - Per impostazione predefinita, i P/Invoke che usano DllImportAttribute esaminano un certo numero di directory, tra cui la directory di lavoro corrente per la libreria da caricare. Per alcune applicazioni questo comportamento può costituire un problema di sicurezza che permette di assumere il controllo delle DLL. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - Il metodo {0} non ha usato l'attributo DefaultDllImportSearchPaths per i P/Invoke. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Usare codice equivalente che funziona quando il marshalling è disabilitato + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - 'Environment.CurrentManagedThreadId' è più semplice e rapido di 'Thread.CurrentThread.ManagedThreadId'. + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - Usare 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Usare 'Environment.CurrentManagedThreadId' invece di 'Thread.CurrentThread.ManagedThreadId' + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - Usare 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - 'Environment.ProcessId' è più semplice e rapido rispetto a 'Process.GetCurrentProcess().Id'. + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - Usare 'Environment.ProcessId' + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Usare 'Environment.ProcessId' invece di 'Process.GetCurrentProcess().Id' + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - Usare 'Environment.ProcessId' + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - 'Environment.ProcessPath' è più semplice e rapido rispetto a 'Process.GetCurrentProcess().MainModule.FileName'. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Usare 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Usare 'Environment.ProcessPath' invece di 'Process.GetCurrentProcess().MainModule.FileName' + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Usare 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use indexer - Usare l'indicizzatore + Use indexer Use an invariant version - Usare una versione invariante + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Viene definito un metodo di chiamata del sistema operativo e nella libreria di classi .NET Framework è presente un metodo con funzionalità equivalente. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Usare equivalenti gestiti dell'API Win32 + Use managed equivalents of win32 api Use managed equivalents of win32 api - Usare equivalenti gestiti dell'API Win32 + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - Usare ObjectDisposedException per generare l'helper + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - In un'operazione di confronto tra stringhe di tipo non linguistico il parametro StringComparison non viene impostato su Ordinal o OrdinalIgnoreCase. L'impostazione esplicita del parametro su StringComparison.Ordinal o StringComparison.OrdinalIgnoreCase consente spesso di rendere il codice più veloce, corretto e affidabile. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Usa il confronto di stringhe tra ordinali + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() enumera potenzialmente la sequenza mentre una proprietà Length/Count è un accesso diretto. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Usare la proprietà "{0}" invece di Enumerable.Count() + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Usare la proprietà Length/Count invece di Count() quando disponibile + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Usa l'algoritmo RSA (Rivest-Shamir-Adleman) con dimensione di chiave sufficiente + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Gli algoritmi di crittografia sono vulnerabili agli attacchi di forza bruta quando si usa una dimensione di chiave troppo piccola. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - La dimensione di chiave dell'algoritmo di crittografia asimmetrica {0} è minore di 2048. Passare a un algoritmo RSA con dimensione di chiave minima pari a 2048 oppure a un algoritmo ECDH o ECDSA. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Le applicazioni disponibili tramite HTTPS devono usare cookie protetti. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - Usa SharedAccessProtocol.HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS crittografa il traffico di rete. Usare HttpsOnly, invece di HttpOrHttps, per garantire che il traffico di rete sia sempre crittografato ed evitare la divulgazione di dati sensibili. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Se possibile, provare a usare il controllo degli accessi in base al ruolo di Azure, invece della firma di accesso condiviso. Se è necessario usare una firma di accesso condiviso, specificare SharedAccessProtocol.HttpsOnly. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Usare 'Clear()' + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - È più efficiente usare 'Clear', invece di 'Fill' con il valore predefinito. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - Preferisci 'Span<T>. Clear()' anziché 'Span<T>. Riempimento (predefinito)' + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - Preferisci 'Cancella' a 'Riempimento' + Prefer 'Clear' over 'Fill' Use 'StartsWith' - Usare 'StartsWith' + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - È più chiaro e veloce usare 'StartsWith' anziché confrontare il risultato di 'IndexOf' con zero. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Usare 'StartsWith' anziché confrontare il risultato di 'IndexOf' con 0 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - Usare 'StartsWith' anziché 'IndexOf' + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - Usare 'string.Equals' + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - Risulta più immediato e probabilmente più rapido usare 'string.Equals' invece di confrontare il risultato di 'string.Compare' con zero. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Usare 'string.Equals' invece di confrontare il risultato di 'string.Compare' con 0 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - Usare 'string.Equals' - - - - Use 'AsSpan' with 'string.Concat' - Usare 'AsSpan' con 'string.Concat' - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - È più efficace usare 'AsSpan' e 'String.Concat' invece di 'Substring' e un operatore di concatenazione. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Usare 'string.Concat' e 'AsSpan' basati su span invece di 'Substring' - - - - Use span-based 'string.Concat' - Usare 'string.Concat' basato su span - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - Per la ricerca di caratteri singoli è possibile usare come overload 'string.Contains(char)' che offre prestazioni migliori. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Usare 'string.Contains(char)' invece di 'string.Contains(string)' durante la ricerca di un singolo carattere - - - - Use char literal for a single character lookup - Usare il valore letterale char per la ricerca di un singolo carattere + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Gli helper throw sono più semplici ed efficienti di un blocco if che costruisce una nuova istanza di eccezione. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - Usare '{0}.{1}' + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Usare '{0}.{1}' anziché generare in modo esplicito una nuova istanza di eccezione + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - Con l'analizzatore della compatibilità della piattaforma sono richiesti un nome e una versione di piattaforma validi. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - La versione '{0}' non è valida per la piattaforma '{1}'. Usare una versione con 2{2} parti per questa piattaforma. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - La versione '{0}' non è valida per la piattaforma '{1}'. Non usare versioni per questa piattaforma. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Usare una stringa di piattaforma valida + Use valid platform string The platform '{0}' is not a known platform name - La piattaforma '{0}' non corrisponde a un nome di piattaforma noto + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - Gli elementi ValueTask restituiti da chiamate ai membri devono essere usati direttamente tramite await. Se si prova a utilizzare più volte un elemento ValueTask oppure ad accedere direttamente al risultato di un oggetto prima che sia realmente completato, potrebbe verificarsi eccezioni o danneggiamenti dei dati. Un elemento ValueTask ignorato è probabilmente indicativo di un bug funzionale e potrebbe influire negativamente sulle prestazioni. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - Il risultato di istanze di ValueTask non deve essere accessibile direttamente a meno che l'istanza non sia già stata completata. Diversamente da Tasks, la chiamata di Result o GetAwaiter().GetResult() su un elemento ValueTask non ne garantisce il blocco fino al completamento dell'operazione. Se non è possibile attendere l'istanza, provare prima a controllarne la proprietà IsCompleted (o ad asserire che sia true se si è a conoscenza che lo sia). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - Le istanze di ValueTask devono essere utilizzate una sola volta, ad esempio tramite await. Se si utilizza più volte la stessa istanza di ValueTask, possono verificarsi eccezioni e danneggiamenti dei dati. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Le istanze di ValueTask restituite da chiamate a un metodo devono essere usate direttamente tramite await, restituite o passate come argomento a un'altra chiamata a un metodo. Se vengono utilizzate per altri scopi, ad esempio per l'archiviazione di un'istanza in una variabile locale o un campo, è probabile che si tratti di un bug, perché le istanze di ValueTask devono sempre essere utilizzate una sola volta. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Le istanze di ValueTask restituite da chiamate a un metodo devono essere sempre usate, in genere tramite await. Se questa operazione non viene eseguita spesso, si tratta di un bug funzionale, ma anche se non lo è, può verificarsi un peggioramento delle prestazioni se il metodo di destinazione raggruppa oggetti da usare con elementi ValueTask. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - Usare correttamente gli elementi ValueTask + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Quando si carica codice XML da dati non attendibili, potrebbero essere caricati riferimenti esterni pericolosi, che devono essere limitati usando un elemento XmlReader con un resolver sicuro oppure disabilitando l'elaborazione DTD. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - Usa XmlReader per 'DataSet.ReadXml()' + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - Usa XmlReader per 'XmlSerializer.Deserialize()' + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - Usa XmlReader per 'XmlSchema.Read()' + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - Usa XmlReader per il costruttore XmlValidatingReader + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - Usa XmlReader per il costruttore XPathDocument + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - Questo overload del metodo '{0}.{1}' è potenzialmente non sicuro. Può abilitare DTD (Document Type Definition), che può essere vulnerabile ad attacchi Denial of Service oppure usare un elemento XmlResolver che può essere vulnerabile alla diffusione di informazioni. Usare un overload che accetta un'istanza di XmlReader, con elaborazione DTD disabilitata e nessun elemento XmlResolver. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' utilizza il tipo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' utilizza il tipo di anteprima '{1}' e deve quindi acconsentire esplicitamente alle funzionalità di anteprima. Per altre informazioni, vedere {2}. - - - - Use 'TryGetValue(TKey, out TValue)' - Usa 'TryGetValue(TKey, out TValue)' - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Preferisci il metodo 'IDictionary.TryGetValue(TKey, out TValue)' - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Preferisci una chiamata 'TryGetValue' a un accesso all'indicizzatore Dictionary controllato da una verifica 'ContainsKey' per evitare una doppia ricerca - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Preferire una chiamata 'TryGetValue' a un accesso all'indicizzatore Dictionary controllato da una verifica 'ContainsKey'. 'ContainsKey' e l'indicizzatore ricercherebbero entrambi la chiave sotto il cofano, quindi l'uso di 'TryGetValue' rimuoverà la ricerca aggiuntiva. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf index d447a18ca0..fcaa2f7129 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - このフィールドに、'NonSerialized' 属性を追加します。 + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Serializable 属性を追加する + Add Serializable attribute Review cipher mode usage with cryptography experts - 暗号の専門家と暗号モードの使用を再検討する + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - これらの暗号モードは攻撃に対して脆弱である可能性があります。推奨モード (CBC、CTS) の使用をご検討ください。 + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - 暗号の専門家と暗号モード '{0}' の使用を再検討してください。推奨モード (CBC、CTS) の使用をご検討ください。 + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - 属性の文字列リテラル パラメーターが URL、GUID、またはバージョンを正しく解析しません。 + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - '{0}' のコンストラクター内にある引数 '{1}' の値 (現在は "{2}") を、'{3}' として正しく解析できる値に変更してください + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - '{0}' のコンストラクター内にある引数 '{1}' の値は現在空の文字列 ("") になっています。'{2}' として正しく解析できる値に変更してください + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - 属性文字列リテラルは、正しく解析する必要があります + Attribute string literals should parse correctly Extract to static readonly field - 静的な読み取り専用フィールドに抽出する + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - 引数として渡された定数配列は、繰り返し呼び出されても再利用されません。これは、毎回新しい配列が作成されることを意味します。渡された配列が呼び出されたメソッド内で変更されていない場合、パフォーマンスを向上させるために、それらを 'static readonly' フィールドに抽出することを検討してください。 + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - 呼び出されるメソッドが繰り返し呼び出され、渡された配列を変更しない場合は、定数配列引数よりも 'static readonly' フィールドを優先します。 + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - 引数として定数配列を使用しない + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - 'StringBuilder' をマーシャリングすると、ネイティブ バッファーのコピーが常に作成され、1 回のマーシャリング操作に対して複数の割り当てが発生します。 + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - P/Invoke に 'StringBuilder' パラメーターを使用しないでください。代わりに、文字バッファーを使用することをご検討ください。 + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - P/Invoke の 'StringBuilder' パラメーターを使用しないでください + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - .NET Framework クラス ライブラリには、カスタム属性を取得するためのメソッドが用意されています。既定では、これらのメソッドは属性継承階層を検索します。属性をシールすると、継承階層全体を検索しなくなるため、パフォーマンスが向上します。 + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - アンシールド属性を使用しません + Avoid unsealed attributes Avoid unsealed attributes - アンシールド属性を使用しません + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - 不要な長さ 0 の配列の割り当てを避けます。代わりに {0} を使用してください。 + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - 長さ 0 の配列は割り当て不可 + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - SerializationBinder なしで信頼されていないデータを逆シリアル化して、逆シリアル化されたオブジェクト グラフ内でオブジェクトの型を制限する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - BinaryFormatter.Deserialize を呼び出す前に BinaryFormatter.Binder が設定されていることを確認する + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - SerializationBinder なしで信頼されていないデータを逆シリアル化して、逆シリアル化されたオブジェクト グラフ内でオブジェクトの型を制限する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - BinaryFormatter.Binder を設定せずに BinaryFormatter.Deserialize を呼び出さない + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません。代わりに、SerializationBinder が設定されていない BinaryFormatter 逆シリアル化を検出する必要がある場合、ルール CA2300 を無効にし、ルール CA2301 と CA2302 を有効にします。 + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - 安全でないデシリアライザー BinaryFormatter を使用しない + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' では、'count' 引数にコピーされるバイト数が必要です。'Array.Length' を使用すると、コピーする必要があるバイト数と一致しない可能性があります。 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' では、'count' 引数にコピーされるバイト数が必要です。'Array.Length' を使用すると、コピーする必要があるバイト数と一致しない可能性があります。 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - 'Buffer.BlockCopy' では、'count' 引数にコピーされるバイト数が必要です + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Dispose の実装であるメソッドでは GC.SuppressFinalize を呼び出しません。または、Dispose の実装ではないメソッドでは GC.SuppressFinalize を呼び出します。または、メソッドでは GC.SuppressFinalize を呼び出し、this (Visual Basic では Me) 以外のものを渡します。 + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - {1} を呼び出すように {0} を変更します。これにより、ファイナライザーを導入する派生型で、その呼び出しのために 'IDisposable' を再実装する必要がなくなります。 + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - {1} を呼び出すように {0} を変更します。これにより、オブジェクトが破棄されてスコープ外になった場合の、不要な終了処理を回避できます。 + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} が、それ以外に対して {1} を呼び出します。呼び出しサイトを変更して、'this' (Visual Basic では 'Me') を渡します。 + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} は、通常 'IDisposable.Dispose' の実装内でのみ呼び出されるメソッド {1} を呼び出しています。詳細については、IDisposable パターンを参照してください。 + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Dispose メソッドは、SuppressFinalize を呼び出す必要があります + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - ConstantExpected 属性がパラメーターに正しく適用されていません。 + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - ConstantExpected 属性の使用法が正しくありません + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - 親メソッドの注釈により、パラメーターには ConstantExpected 属性が必要です + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - '{0}' 値は、'{1}' のパラメーターの型と互換性がありません + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - '{0}' の値が '{1}' から '{2}' までのパラメーター値の範囲内に収まりません + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - 定数の '{0}' 型がパラメーターと同じではありません + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - 最小値と最大値が反転されます + The Min and Max values are inverted The argument should be a constant for optimal performance - 最適なパフォーマンスを得るには、引数を定数にする必要があります + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - '{0}' 型は ConstantExpected 属性ではサポートされていません + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - 定数は '{0}' から '{1}' までの値の範囲内に収まりません + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - パラメーターには、最適なパフォーマンスを得るための定数が必要です。 + The parameter expects a constant for optimal performance. A constant is expected for the parameter - パラメーターには定数が必要です + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 信頼されていない入力を逆シリアル化する場合、{0} オブジェクトの逆シリアル化は安全ではありません。'{1}' は {0} であるか、それから派生しています + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - 逆シリアル化可能なオブジェクト グラフに、安全でない DataSet または DataTable 型が見つかりました + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - IFormatter ベースのシリアライザーを使用して信頼されていない入力を逆シリアル化する場合、{0} オブジェクトの逆シリアル化は安全ではありません。'{1}' は {0} であるか、それから派生しています。自動生成型が、信頼されていないデータで逆シリアル化されないようにしてください。 + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - シリアル化可能な自動生成型に含まれる安全でない DataSet または DataTable は、リモート コード実行攻撃に対して脆弱になる可能性があります + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 信頼されていない入力を逆シリアル化する場合、{0} オブジェクトの逆シリアル化は安全ではありません。'{1}' は {0} であるか、それから派生しています + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - 逆シリアル化されたオブジェクト グラフに含まれる安全でない DataSet または DataTable は、リモート コード実行攻撃に対して脆弱になる可能性があります + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - IFormatter ベースのシリアライザーを使用して信頼されていない入力を逆シリアル化する場合、{0} オブジェクトの逆シリアル化は安全ではありません。'{1}' は {0} であるか、それから派生しています。 + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - シリアル化可能な型に含まれる安全でない DataSet または DataTable は、リモート コード実行攻撃に対して脆弱になる可能性があります + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 信頼されていない入力を逆シリアル化する場合、{0} オブジェクトの逆シリアル化は安全ではありません。'{1}' は {0} であるか、それから派生しています + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - シリアル化可能な型に含まれる安全でない DataSet または DataTable + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 信頼されていない入力を逆シリアル化する場合、{0} オブジェクトの逆シリアル化は安全ではありません。'{1}' は {0} であるか、それから派生しています + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Web の逆シリアル化可能なオブジェクト グラフに含まれる安全でない DataSet または DataTable 型 + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - メソッド '{0}' は、信頼されていないデータを逆シリアル化しているときは安全ではありません。'{0}' 呼び出しを含む自動生成クラスが、信頼されていないデータで逆シリアル化されていないことを確認してください。 + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - DataSet.ReadXml() を含む自動生成クラスが信頼されていないデータで使用されていないことを確認する + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - 信頼されていないデータで DataSet.ReadXml() を使用しない + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - 信頼されていないデータで DataTable.ReadXml() を使用しない + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients では証明書失効リストの確認を有効にする必要があります + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient は、CheckCertificateRevocationList を有効にせずに作成されました + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - ルート ストアに証明書を追加しない + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - オペレーティング システムの信頼されたルート証明書に証明書を追加すると、不正な証明書を誤って認証するリスクが高くなります + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - 既定以外の IV で CreateEncryptor を使用しない + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - 対称暗号化で既定以外の初期化ベクトルが使用されています。これは反復使用できる可能性があります + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - ASP.NET Core で安全な Cookie を使用します + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Cookie を設定する場合は、CookieOptions.Secure = true と設定してください。 + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - 反復回数が十分でない弱いキー派生関数は使用しないでください + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - パスワードから暗号化キーを派生させる場合は、少なくとも {0} 回の反復を使用してください。既定では、Rfc2898DeriveByte の IterationCount は 1000 のみです + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - トランスポート層セキュリティ (TLS) の以前のプロトコル バージョンは、TLS 1.2 および TLS 1.3 よりも安全性が低く、新しい脆弱性が見つかる可能性が高くなります。リスクを最小限に抑えるため、以前のプロトコル バージョンは使用しないでください。 + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - トランスポート層セキュリティ プロトコルのバージョン '{0}' は非推奨です。オペレーティング システムがバージョンを選択できるようにするには、'None' を使用します。 + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - SslProtocols の非推奨の値を使用しない + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' はプレビュー クラス '{1}' から派生しているため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' はプレビュー クラス '{1}' から派生しているため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - アセンブリを使用する前に、プレビュー機能を選択する必要があります。 + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - '{0}' を使用するには、プレビュー機能を選択する必要があります。詳細については、「{1}」を参照してください。 + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} '{0}' を使用するには、プレビュー機能を選択する必要があります。詳細については、「{1}」を参照してください。 + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - この API では、プレビュー機能をオプトインする必要があります + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - System.IDisposable を実装する型は、IDisposable も実装する型のフィールドを宣言します。フィールドの Dispose メソッドは、宣言する型の Dispose メソッドによって呼び出されません。フィールドが保持する管理されていないリソースの割り当てと解放を自分が担当している場合、このルールの違反を修正するには、IDisposable を実装する型のフィールドに Dispose を呼び出します。 + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - '{0}' には IDisposable 型 '{2}' のフィールド '{1}' が含まれますが、破棄されることはありません。'{0}' 上の Dispose メソッドを変更して、このフィールドで Close または Dispose を呼び出します。 + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - 破棄可能なフィールドは破棄しなければなりません + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - System.IDisposable を実装し、アンマネージ リソースの使用を推奨するフィールドを持っている型は、Object.Finalize で記述されているようにファイナライザーを実装しません。 + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - 破棄可能な型はファイナライザーを宣言しなければなりません + Disposable types should declare finalizer Disposable types should declare finalizer - 破棄可能な型はファイナライザーを宣言しなければなりません + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - System.IDisposable を実装する型は、IDisposable も実装する型から継承されます。継承する型の Dispose メソッドは、親の型の Dispose メソッドを呼び出しません。このルールの違反を修正するには、Dispose メソッドで base.Dispose を呼び出します。 + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - 考えられるすべての制御フロー パスで、メソッド '{0}' が '{1}' を呼び出すようにしてください + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Dispose メソッドが基底クラスの Dispose を呼び出す必要があります + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - 破棄可能なオブジェクトは、自身へのすべての参照がスコープ外になる前に明示的に破棄されなかった場合、ガベージ コレクターがそのオブジェクトのファイナライザーを実行した際に不特定の時点で破棄されます。ただし例外的なイベントが起こってオブジェクトのファイナライザーの実行が妨げられる場合もあるため、オブジェクトの破棄は明示的に行ってください。 + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 推奨された dispose パターンを使用して、'{0}' が作成したオブジェクトがすべてのパスで破棄されるようにします。可能なら、'using' ステートメントまたは 'using' 宣言内で作成をラップします。または、try-finally パターンを、try 領域の前で宣言された専用のローカル変数と、'finally' 領域の非 null 値での条件なしの Dispose の呼び出し (例: 'x?.Dispose()') とともに使用します。オブジェクトが try 領域内で明示的に破棄されるか、dispose の所有権が他のオブジェクトまたはメソッドに移される場合、その操作のすぐ後で 'null' をローカル変数に割り当てて、'finally' 内での dispose の重複を回避します。 + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 推奨された dispose パターンを使用して、'{0}' が作成したオブジェクトがすべての例外パスで破棄されるようにします。可能なら、'using' ステートメントまたは 'using' 宣言内で作成をラップします。または、try-finally パターンを、try 領域の前で宣言された専用のローカル変数と、'finally' 領域の非 null 値での条件なしの Dispose の呼び出し (例: 'x?.Dispose()') とともに使用します。オブジェクトが try 領域内で明示的に破棄されるか、dispose の所有権が他のオブジェクトまたはメソッドに移される場合、その操作のすぐ後で 'null' をローカル変数に割り当てて、'finally' 内での dispose の重複を回避します。 + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - '{0}' が作成したオブジェクトへの参照がすべてスコープ外になる前に、そのオブジェクトの System.IDisposable.Dispose を呼び出してください + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - '{0}' に作成されたオブジェクトが破棄されない例外パスがあります。オブジェクトへの参照がすべてスコープ外になる前に、このオブジェクトの System.IDisposable.Dispose を呼び出してください。 + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - スコープを失う前にオブジェクトを破棄 + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - アーカイブ項目のパスをターゲット ファイル システム パスに追加しない + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - アーカイブからファイルを抽出し、アーカイブ アイテムのパスを使用するときは、パスが安全であるかどうかを確認します。アーカイブ パスは相対パスの場合があり、想定されるファイル システムのターゲット パス以外でファイル システムへのアクセスが可能になる可能性があります。これは、lay-and-wait の技法によって悪意のある構成変更とリモート コードの実行につながります。 + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - 'メソッド {1} の {0}' のパスを相対アーカイブ アイテムのパスから作成してファイルを抽出し、ソースが信頼されていない zip アーカイブである場合は、'メソッド {3} の相対アーカイブ アイテムのパス {2}' をサニタイズしてください + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - URL でスキーマを追加しない + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - XmlSchemaCollection.Add メソッドのこのオーバーロードは、使用される XML リーダー インスタンスでの DTD の処理を内部的に有効にし、外部の XML エンティティの解決に UrlResolver を使用します。結果として情報が漏えいします。XML を処理するマシンのファイル システムまたはネットワーク共有からのコンテンツが攻撃者に対して流出する可能性があります。また、攻撃者はこれを DoS ベクターとして使用する可能性もあります。 + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Add メソッドのこのオーバーロードは、危険な外部参照を解決することが考えられるため、安全ではない可能性があります + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - 重要な TokenValidationParameter 検証委任を TRUE に設定すると、重要な認証の保護が無効になるため、発行元のトークンや有効期限が切れたトークンが誤って検証される可能性があります。 + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} は、常に true を返す関数に設定されています。検証委任を設定することにより、既定の検証をオーバーライドし、常に TRUE が返されるため、この検証は完全に無効になります。 + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - 委任のトークンの検証を常にスキップしない + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - 安全でない逆シリアル化は、アプリケーションのロジックを悪用したり、サービス拒否 (DoS) 攻撃を仕掛けたり、逆シリアル化されたときに任意のコードを実行したりすることさえあるために、信頼できないデータが使用される場合に発生する脆弱性です。 悪意のあるユーザーが、自分の管理下にある信頼できないデータをアプリケーションで逆シリアル化しているときに、これらの逆シリアル化機能を悪用することがよくあります。 具体的には、逆シリアル化の過程で危険なメソッドを呼び出します。 安全でない逆シリアル化攻撃が成功すると、攻撃者は DoS 攻撃、認証回避、リモートでのコード実行などの攻撃を仕掛ける可能性があります。 + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - クラス '{0}' のインスタンスを逆シリアル化するときに、メソッド '{1}' が危険なメソッド '{2}' を直接的または間接的に呼び出すことができます + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - 逆シリアル化で危険なメソッドを呼び出さないでください + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T>と Enumerable.OfType<T> が正常に機能するには、互換性のある型が必要です。 -Enumerable.Cast<T> によって返されるシーケンスによって使用されるジェネリック キャスト (IL 'unbox.any') は、指定された型の要素で実行時に InvalidCastException をスローします。 -Enumerable.OfType<T> で使用されるジェネリック型チェック (C# 'is' operator/IL 'isinst') は、指定された型の要素では成功しないため、空のシーケンスになります。 -拡大およびユーザー定義の変換は、ジェネリック型ではサポートされていません。 + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - 型 '{0}' は型 '{1}' と互換性がありません。キャストの試行により、実行時に InvalidCastException がスローされます + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - 型 '{0}' が型 '{1}' と互換性がないため、この呼び出しの結果は常に空のシーケンスになります + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Enumerable.Cast<T> または Enumerable.OfType<T> を互換性のない型を使用して呼び出さないでください + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - {1} 値で {0} を呼び出さないでください + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - ImmutableCollection 値で ToImmutableCollection を呼び出さないでください + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource には、基になるタスクを制御する TaskCreationOptions を使用するコンストラクターと、そのタスクに格納されているオブジェクトの状態を使用するコンストラクターがあります。TaskCreationOptions の代わりに TaskContinuationOptions を誤って渡すと、呼び出しでオプションが状態として処理されます。 + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - TaskContinuationOptions を TaskCreationOptions に置き換えてください。 + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - 引数には、TaskCreationOptions 列挙型ではなく、TaskContinuationsOptions 列挙型が含まれています + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - TaskCompletionSource コンストラクターに渡される引数は、TaskContinuationOptions 列挙型ではなく TaskCreationOptions 列挙型であることが必要 + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - TaskScheduler を受け取るいずれかのオーバーロードを使用しない限り、タスクを作成しません。既定では、TaskScheduler.Current にスケジュールしますが、デッドロックにつながります。TaskScheduler.Default を使用してスレッド プールにスケジュールするか、明示的に TaskScheduler.Current を渡して、意図を明確にします。 + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - TaskScheduler を渡さずにタスクを作成しない + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - TaskScheduler を渡さずにタスクを作成しない + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - MemoryManager<T> から派生した型にファイナライザーを追加すると、Span<T> によってまだ使用中のメモリが解放される可能性があります。 + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - MemoryManager<T> から派生した型にファイナライザーを追加すると、Span<T> によってまだ使用中のメモリが解放される可能性があります + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - MemoryManager<T> から派生した型にはファイナライザーを定義しないでください + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - 証明書の検証を無効にしません + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - 証明書を使用すると、サーバーの ID を認証できます。クライアントは、サーバー証明書を検証し、要求が意図したとおりのサーバーに送信されるようにする必要があります。ServerCertificateValidationCallback が常時 'true' を返す場合、すべての証明書が検証に成功します。 + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - ServerCertificateValidationCallback は、常時 true を返すことによってあらゆるサーバー証明書を受け入れる関数に設定されます。要求を受信するサーバーの ID を確認するサーバー証明書が検証されるようにします。 - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - CheckCertificateRevocationList プロパティが true に設定されている場合、プラットフォーム固有のハンドラー (WinHttpHandler、CurlHandler、HttpClientHandler のいずれか) を指定せずに HttpClient を使用すると、失効した証明書が有効な証明書として HttpClient に受け入れられます。 + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - HTTP ヘッダーのチェックを無効にしない + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - HTTP ヘッダーのチェックでは、応答ヘッダーに含まれる復帰や改行文字のエンコードを有効にします。\r\nこのエンコードは、ヘッダーに含まれる信頼されていないデータをエコーするアプリケーションを悪用するインジェクション攻撃を回避するのに役立ちます。 + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - HTTP ヘッダーのチェックを無効にしない + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - 要求の検証を無効にしない + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - 要求の検証は、HTTP 要求を調べ、危険性のあるコンテンツが含まれているかどうかを判断する ASP.NET の機能です。この確認により、不正な目的のために追加された可能性がある、URL クエリ文字列内のマークアップやコード、Cookie、投稿されたフォームの値から保護することができます。そのため、この機能は一般的に望ましいものであり、多重の防御のために有効にしておくべきです。 + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - メソッド {0} の要求の検証が無効です + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - SChannel による強力な暗号の使用を無効にしません + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - .NET Framework 4.6 以降、System.Net.ServicePointManager および System.Net.Security.SslStream クラスで新しいプロトコルを使用することをお勧めします。古いものは、プロトコルの脆弱性があるため、サポートされていません。Switch.System.Net.DontEnableSchUseStrongCrypto を true に設定すると、古くて脆弱な暗号のチェックが使用され、プロトコルの移行がオプトアウトされます。 + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} は、TLS 1.2 を無効にして、SSLv3 を有効にします + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - トークンの検証チェックでは、トークンの検証中にすべての側面の分析と検証が行われます。検証をオフにすると、信頼されていないトークンが検証を通過してしまうことがあるため、セキュリティホールが発生する可能性があります。 + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters。重要な検証を無効にしてしまうため、{0} を FALSE に設定しないでください + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - トークンの検証チェックを無効にしない + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols を true に設定しないでください。このスイッチを設定すると、Windows Communication Framework (WCF) で、古く安全ではないトラスポート層セキュリティ (TLS) 1.0 しか使用できなくなります。 + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - ServicePointManagerSecurityProtocols を無効にしないでください + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - 'Dictionary.ContainsKey(key)' を使用して 'Dictionary.Remove(key)' をガードしないでください。キーが存在するかどうかは、'Dictionary.Remove(key)' で既に確認されています。存在しない場合はスローしません。 + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - 'Dictionary.ContainsKey(key)' を使用して 'Dictionary.Remove(key)' をガードしないでください + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - 'Dictionary.ContainsKey(key)' への不要な呼び出し + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - 証明書をハードコーディングしない + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - ソース コード内のハードコーディングされた証明書は、悪用される可能性があります。 + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - 潜在的なセキュリティの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのハードコーディングされた証明書によって汚染される可能性があります + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - 暗号化キーをハードコーディングしない + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - SymmetricAlgorithm の .Key プロパティまたはメソッドの rgbKey パラメーターをハードコーディングされた値にすることはできません。 + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - 潜在的なセキュリティの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのハードコーディングされたキーによって汚染される可能性があります + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - 既定では、信頼されたルート証明機関の証明書ストアは、Microsoft ルート証明書プログラムの要件を満たす一連の公的 CA で構成されています。すべての信頼されたルート CA は任意のドメインの証明書を発行できますが、攻撃者はユーザー自身がインストールする脆弱な CA または制御可能な CA を攻撃対象として選択できます。脆弱な CA、悪意のあるCA、制御可能な CA が 1 つでもあると、システム全体のセキュリティが弱体化します。さらに悪いことに、こうした攻撃はまったく気付かずに、しかも簡単に行うことができます。 + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - オブジェクトは、アプリケーション ドメイン境界を超えて直接アクセスできる場合に、弱い ID を持つと言われます。弱い ID を持つオブジェクトに対するロックを取得しようとするスレッドが、同じオブジェクトに対するロックを持っている別のアプリケーション ドメイン内の 2 番目のスレッドによってブロックされることがあります。 + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - 弱い ID を伴うオブジェクト上でロックしません + Do not lock on objects with weak identity Do not lock on objects with weak identity - 弱い ID を伴うオブジェクト上でロックしません + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - メソッドは文字列リテラルをパラメーターとして .NET Framework クラス ライブラリ内のコンストラクターまたはメソッドに渡し、その文字列はローカライズ可能である必要があります。このルールの違反を修正するには、文字列リテラルを、ResourceManager クラスのインスタンスを使用して取得した文字列で置き換えます。 + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - メソッド '{0}' は、リテラル文字列を '{2}' への呼び出しのパラメーター '{1}' として渡します。これを変更して、リソース テーブルから次の文字列を取得してください: "{3}" + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - ローカライズされるパラメーターとしてリテラルを渡さない + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - 十分に特定されていない種類の例外またはランタイムによって予約されている種類の例外は、ユーザー コードで発生することはありません。これにより、元のエラーの検出およびデバッグが困難になります。この例外インスタンスがスローされる可能性がある場合は、別の例外の種類を使用してください。 + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - 例外の種類 {0} は、ランタイムによって予約されています + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - 例外の種類 {0} は十分に特定されていません + Exception type {0} is not sufficiently specific Do not raise reserved exception types - 予約された例外の種類を発生させません + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - ポインター フィールドを持つ型をシリアル化しない + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - ポインターは、自身がポイントするメモリの正しさを保証できないという意味で「タイプ セーフ」ではありません。そのため、攻撃者によるポインターの制御が可能になる場合があるので、ポインター フィールドを持つ型をシリアル化することは危険です。 + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - シリアル化可能な型のポインター フィールド {0} です + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - アカウントの Shared Access Signature を使用しない + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Shared Access Signatures (SAS) は、Azure Storage を使用しているすべてのアプリケーションのセキュリティ モデルに不可欠な部分であり、アカウント キーを持たないクライアントにストレージ アカウントへの制限された安全なアクセス許可を提供する必要があります。サービス SAS を通じて利用可能なすべての操作は、アカウント SAS を通じて利用することもできます。つまり、アカウント SAS は強力すぎるということです。このため、サービス SAS を使用してアクセスをより慎重に委任することをお勧めします。 + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - 詳細に設定されたアクセス制御とコンテナーレベルのアクセス ポリシーには、アカウント SAS の代わりにサービス SAS を使用してください + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - 破られた暗号アルゴリズムを使用しない + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - このアルゴリズムを破ることをコンピューター的に実現する攻撃が存在します。これによって攻撃者は、提供されるはずの暗号化による保証を破ることが可能になります。この暗号アルゴリズムの種類とアプリケーションによっては、攻撃者は、暗号化されたメッセージの読み取り、暗号化されたメッセージの改ざん、デジタル署名の偽造、ハッシュされたコンテンツの改ざん、またはこのアルゴリズムに基づく暗号システムの侵害を実行できるようになる可能性があります。暗号化の使用を、キーの長さが 128 ビット以上の AES アルゴリズム (AES-256、AES-192、および AES-128 が使用可能) に置き換えます。ハッシュの使用を、SHA512、SHA384、SHA256 などの SHA-2 ファミリのハッシュ関数に置き換えます。デジタル署名の使用を、キーの長さが 2048 ビット以上の RSA か、キーの長さが 256 ビット以上の ECDSA に置き換えます。 + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} が、破られた暗号アルゴリズム {1} を使用します + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - 空ではないコレクションで、CountAsync() と LongCountAsync() ではシーケンス全体が列挙されますが、AnyAsync() では最初の項目または条件を満たす最初の項目で停止します。 + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - パフォーマンスを向上させるために AnyAsync() を代わりに使用できるところで {0}() が使用されています + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - AnyAsync() を使用できる場合は、CountAsync() または LongCountAsync() を使用しない + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - 空はでないコレクションで、Count() と LongCount() ではシーケンス全体が列挙されますが、Any() では最初の項目または条件を満たす最初の項目で停止します。 + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - パフォーマンスを向上させるために Any() を代わりに使用できるところで {0}() が使用されています + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Any() を使用できる場合は、Count() または LongCount() を使用しない + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - 対称暗号化では、辞書攻撃を防ぐために、反復不能な初期化ベクトルを常に使用する必要があります。 - - - - Do Not Use Deprecated Security Protocols - 非推奨のセキュリティ プロトコルを使用しない - - - - Using a deprecated security protocol rather than the system default is risky. - システムの既定値ではなく、非推奨のセキュリティ プロトコルを使用することは安全ではありません。 - - - - Hard-coded use of deprecated security protocol {0} - 非推奨のセキュリティ プロトコル {0} のハードコーディングされた使用 + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - デジタル署名アルゴリズム (DSA) を使用しない + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - DSA は脆弱であるため使用しません。 + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 非対称暗号化アルゴリズム {0} が脆弱です。代わりに、キー サイズが少なくとも 2048 の RSA、ECDH、または ECDSA アルゴリズムに切り替えてください。 + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - このコレクションは、直接インデックス可能です。ここで LINQ を実行すると、不要な割り当てと CPU 作業が生じます。 + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - インデックス可能なコレクションで Enumerable メソッドを使用しません。代わりに、コレクションを直接使用します。 + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - インデックス可能なコレクションで Enumerable メソッドは使用不可 + Do not use Enumerable methods on indexable collections Do not use insecure randomness - 安全でないランダム度を使用しない + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - 暗号強度の低い擬似乱数ジェネレーターを使用すると、セキュリティ上注意が必要などのような値が生成されるかを攻撃者が予測できる可能性があります。予測できない値が必要な場合は暗号強度の高い乱数ジェネレーターを使用するか、または暗号強度の低い擬似乱数がセキュリティ上注意が必要な形で使用されていないことを確認してください。 + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} は安全でない乱数ジェネレーターです。セキュリティにランダム度が必要な場合に、暗号化によってセキュリティで保護された乱数ジェネレーターを使用します。 + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - 非推奨のキー派生関数を使用しないでください + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - パスワードベースのキーの派生では、PBKDF2 を SHA-2 と一緒に使用してください。PBKDF1 キーが生成されてしまうため、PasswordDeriveBytes を使用しないでください。反復カウントまたは salt を使用していないため、Rfc2898DeriveBytes.CryptDeriveKey を使用しないでください。 + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - 非推奨のキー派生関数 {0}.{1} への呼び出し + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - 値渡しされる文字列パラメーターで 'OutAttribute' を指定すると、文字列がインターン処理された文字列である場合にランタイムが不安定になる可能性があります。 + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - 値渡しされる文字列パラメーター '{0}' には、'OutAttribute' を使用しないでください。変更されたデータを呼び出し元にマーシャリングする必要がある場合は、代わりに 'out' キーワードを使用して文字列を参照渡ししてください。 + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - P/Invoke の文字列パラメーターに 'OutAttribute' を使用しない + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - 値型 '{0}' の引数を 'ReferenceEqualityComparer' の 'Equals' メソッドに渡さないでください。値のボックス化が原因で、'Equals' へのこの呼び出しによって予期しない結果が返される可能性があります。代わりに 'EqualityComparer' を使用するか、'ReferenceEqualityComparer' を使用する場合は参照型引数を渡すことを検討してください。 + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - 値の型に型指定された引数は、このメソッドの呼び出しごとに一意にボックス化されるため、結果が予期しないものになる可能性があります。 + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - 値型 '{0}' の引数を 'ReferenceEquals' に渡さないでください。値のボックス化が原因で、'ReferenceEquals' へのこの呼び出しによって予期しない結果が返される可能性があります。代わりに 'Equals' を使用するか、'ReferenceEquals' を使用する場合は参照型引数を渡すことを検討してください。 + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - 値の型で ReferenceEquals を使用しない + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - stackalloc によって割り当てられたスタック領域は、現在のメソッドの呼び出しの終了時にのみ解放されます。これをループ内で使用すると、スタックが無限に増加し、最終的にスタック オーバーフロー状態が発生する可能性があります。 + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - スタック オーバーフローの可能性があります。stackalloc をループの外に移動してください。 + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - stackalloc はループ内で使用不可 + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - 頻度の高い定期的な動作は CPU のビジー状態を維持し、画面およびハード ディスクの電源を切る節電アイドル タイマーに影響します。 + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - 電源の状態の変更を妨げるタイマーを使用しません + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - 電源の状態の変更を妨げるタイマーを使用しません + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - 安全でない DllImportSearchPath 値を使用しない + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - 既定の DLL 検索ディレクトリ内に悪意のある DLL が存在する可能性があります。または、アプリケーションが実行されている場所に応じて、アプリケーションのディレクトリに悪意のある DLL が存在する可能性があります。代わりに、明示的な検索パスを指定する DllImportSearchPath 値を使用してください。この規則で検索される DllImportSearchPath フラグは、.editorconfig で構成できます。 + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - 安全でない DllImportSearchPath 値 {0} の使用 + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - 1 つのタスクで 'WaitAll' を使用すると、パフォーマンスが低下したり、代わりにタスクを待機したり、返したりする可能性があります。 + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - 'WaitAll' を単一の 'Wait' に置き換える + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - 1 つのタスクで 'WaitAll' を使用しない + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - 脆弱な暗号アルゴリズムを使用しない + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - 攻撃が進化し、攻撃者がアクセスできる計算が増えるにつれ、暗号アルゴリズムは徐々に弱まっていきます。この暗号アルゴリズムの種類とアプリケーションによっては、暗号の強度がさらに弱くなると、攻撃者は、暗号化されたメッセージの読み取り、暗号化されたメッセージの改ざん、デジタル署名の偽造、ハッシュされたコンテンツの改ざん、またはこのアルゴリズムに基づく暗号システムの侵害を実行できるようになる可能性があります。暗号化の使用を、キーの長さが 128 ビット以上の AES アルゴリズム (AES-256、AES-192、および AES-128 が使用可能) に置き換えます。ハッシュの使用を、SHA-2 512、SHA-2 384、SHA-2 256 などの SHA-2 ファミリのハッシュ関数に置き換えます。 + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} が、脆弱な暗号アルゴリズム {1} を使用します + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - キー派生関数アルゴリズムが十分に強力であることを確認します + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Rfc2898DeriveBytes クラスの一部の実装では、ハッシュ アルゴリズムをコンストラクターのパラメーターで指定するか、HashAlgorithm プロパティで上書きすることができます。ハッシュ アルゴリズムが指定されている場合、SHA-256 またはそれ以上でなければなりません。 + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0} に弱いハッシュ アルゴリズムが使用されている可能性があります。SHA256、SHA384、SHA512 を使用してパスワードから強力なキーを作成してください。 + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - パスワードなど、ユーザーが指定した入力から暗号化キーを派生させる場合は、十分な反復回数を使用してください (少なくとも 10 万)。 + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - 1 つのタスクで 'WhenAll' を使用すると、パフォーマンスが低下したり、代わりにタスクを待機または返したりする可能性があります。 + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - 'WhenAll' 呼び出しを引数に置き換えます + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - 1 つのタスクで 'WhenAll' を使用しない + Do not use 'WhenAll' with a single task Do Not Use XslTransform - XslTransform を使用しないでください + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - XslTransform を使用しないでください。危険性のある外部参照は制限されません。 + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - 機能的な 'DynamicInterfaceCastableImplementationAttribute' 属性インターフェイスを指定するには、既定のインターフェイス メンバー機能が必要です。これは、Visual Basic ではサポートされていません。 + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Visual Basic での 'DynamicInterfaceCastableImplementation' インターフェイスの指定はサポートされていません + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Visual Basic での 'DynamicInterfaceCastableImplementation' インターフェイスの指定はサポートされていません + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - ランタイム マーシャリングが無効な場合にランタイム マーシャリングを必要とする機能を使用すると、ランタイム例外が発生します。 + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - '[StructLayout(LayoutKind.Auto)]' を持つ型では、ランタイム マーシャリングを有効にする必要があります + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - 参照によるパラメーターでは、ランタイム マーシャリングを有効にする必要があります + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - パラメーターまたは戻り値の型としてマネージド型を持つデリゲートでは、デリゲートが定義されているアセンブリでランタイム マーシャリングを有効にする必要があります。 + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - HResult スワップでは、ランタイム マーシャリングを有効にする必要があります + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - 'LCIDConversionAttribute' を使用するには、ランタイム マーシャリングを有効にする必要があります + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - マネージド パラメーターまたは戻り値の型では、ランタイム マーシャリングを有効にする必要があります + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - SetLastError を 'true' に設定するには、ランタイム マーシャリングを有効にする必要があります + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - 一定の P/Invoke 署名を使用するには、ランタイム マーシャリングを有効にする必要があります + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - プロパティ、型、または属性にはランタイム マーシャリングが必要です + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - '{0}' の型には、プレビューの種類 '{1}' が含まれており、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3} '{0}' の型には、プレビューの種類 '{1}' が含まれており、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - 'CancellationToken' パラメーターをメソッドに転送して操作のキャンセル通知が適切に伝達されるようにするか、または 'CancellationToken.None' を明示的に渡して意図的にトークンを伝達しないことを指定します。 + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - '{0}' パラメーターを '{1}' メソッドに転送するか、または 'CancellationToken.None' を明示的に渡して、意図的にトークンを伝達しないことを明示的に指定します + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - 'CancellationToken' パラメーターをメソッドに転送する + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - SecurityProtocolType {0} をハードコードしないでください。代わりに、SecurityProtocolType.SystemDefault を使用して、オペレーティング システムが使用する最適なトランスポート層セキュリティ プロトコルを選択できるようにします。 + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - SecurityProtocolType の値をハードコードしない + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - 現在のトランスポート層セキュリティ プロトコルのバージョンに脆弱性が見つかると、非推奨になる可能性があります。アプリケーションのセキュリティを維持するために、SslProtocols の値をハードコードしないでください。オペレーティング システムがバージョンを選択できるようにするには、'None' を使用します。 + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - 今後のアプリケーションのセキュリティを確保するため、SslProtocols '{0}' をハードコードしないでください。オペレーティング システムがバージョンを選択できるようにするには、'None' を使用します。 + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - ハードコードされた SslProtocols の値を使用しない + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - 汎用的な数式インターフェイスでは、派生型自体を自己反復する種類のパラメーターに使用する必要があります。 + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - '{0}' では、'{1}' の種類のパラメーターに派生型の '{2}' を入力する必要があります + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - 正しい種類のパラメーターを使用する + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - このルールの違反を修正するには、GetObjectData メソッドを参照可能およびオーバーライド可能にして、すべてのインスタンス フィールドがシリアル化プロセスに含まれるか、NonSerializedAttribute 属性を使用して明示的にマークされるようにしてください。 + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - GetObjectData の実装を型 {0} に追加してください + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - {0}.GetObjectData を仮想およびオーバーライド可能にしてください + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - 派生型に公開するため、{0}.GetObjectData のアクセシビリティを上げてください + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - ISerializable を正しく実装します + Implement ISerializable correctly Implement inherited interfaces - 継承されたインターフェイスを実装する + Implement inherited interfaces Implement Serialization constructor - シリアル化コンストラクターを実装する + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - このルールの違反を修正するには、シリアル化コンストラクターを実装します。シール クラスの場合はコンストラクターを private にします。そうでない場合、protected にします。 + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - 次のシグネチャと共にコンストラクターを {0} に追加します: 'protected {0}(SerializationInfo 情報、StreamingContext コンテキスト)' + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - シールド型である {0} のシリアル化コンストラクターを private として宣言します。 + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - アンシールド型である {0} のシリアル化コンストラクターを protected として宣言します。 + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - シリアル化コンストラクターを実装します + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - シリアル化イベントを処理するメソッドには、正しいシグネチャ、戻り値の型、または可視性がありません。 + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - {0} は OnSerializing、OnSerialized、OnDeserializing、または OnDeserialized に設定されているため、ジェネリックにならないようにシグネチャを変更してください + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - {0} は OnSerializing、OnSerialized、OnDeserializing、または OnDeserialized に設定されているため、'System.Runtime.Serialization.StreamingContext' という型の単一のパラメーターを受け取るようにシグネチャを変更してください + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - {0} は OnSerializing、OnSerialized、OnDeserializing、または OnDeserialized に設定されているため、戻り値の型を {1} から void (Visual Basic では Sub) に変更してください + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - {0} は OnSerializing、OnSerialized、OnDeserializing、または OnDeserialized に設定されているため、静的 (Visual Basic では共有) からインスタンス メソッドに変更してください + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - {0} は OnSerializing、OnSerialized、OnDeserializing、または OnDeserialized に設定されているため、アクセシビリティをプライベートに変更してください + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - シリアル化メソッドを正しく実装します + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' はプレビュー インターフェイス '{1}' を実装しているため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' はプレビュー インターフェイス '{1}' を実装しているため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' はプレビュー メソッド '{1}' を実装しているため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' はプレビュー メソッド '{1}' を実装しているため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 参照型が明示的な静的コンストラクターを宣言します。この規則の違反を修正するには、すべての静的データを宣言時に初期化し、静的コンストラクターを削除します。 + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - 参照型の静的フィールドをインラインで初期化します + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - '{0}' のすべての静的フィールドを宣言時に初期化し、明示的な静的コンストラクターを削除します + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 値型が明示的な静的コンストラクターを宣言します。この規則の違反を修正するには、すべての静的データを宣言時に初期化し、静的コンストラクターを削除します。 + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - 値型の静的フィールドをインラインで初期化します + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - 2 つの引数を持つコンストラクターを呼び出すように変更し、メッセージ用に null を渡します。 + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - ArgumentException またはそれから派生した例外の種類の既定の (パラメーターのない) コンストラクターに対して呼び出しが行われます。または、正しくない文字列引数が、ArgumentException またはそれから派生した例外の種類のパラメーター化されたコンストラクターに渡されます。 + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - 引数の順序の入れ替え + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - メソッド {0} は、パラメーター名 '{1}' を {2} 引数として {3} コンストラクターに渡します。この引数を説明メッセージに置き換え、正しい位置にパラメーター名を渡してください。 + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - メソッド {0} は、'{1}' を {2} 引数として {3} コンストラクターに渡します。この引数をメソッドのいずれかのパラメーター名に置き換えてください。指定されたパラメーター名は、メソッドで宣言されている大文字と小文字の区別を正確に含んでいなければなりません。 + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - メッセージおよび paramName パラメーターまたはそのいずれかを含む {0} コンストラクターを呼び出してください + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - 引数の例外を正しくインスタンス化します + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - 'DynamicInterfaceCastableImplementationAttribute' の属性を持つ型は、'IDynamicInterfaceCastable' 型を実装する型のインターフェイス実装として機能します。その結果、継承されたインターフェイスで定義されているすべてのメンバーの実装を提供する必要があります。これは、'IDynamicInterfaceCastable' を実装する型では提供されないためです。 + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - 型 '{0}' には 'DynamicInterfaceCastableImplementationAttribute' が適用されていますが、継承されたインターフェイスで定義されているすべてのインターフェイス メンバーの実装を提供するわけではありません。 + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - 親インターフェイスで宣言されたすべてのメンバーは、DynamicInterfaceCastableImplementation 属性インターフェイスに実装されている必要があります + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver で初期化された JavaScriptSerializer で信頼されていないデータを逆シリアル化している場合、メソッド '{0}' は安全ではありません。JavaScriptTypeResolver が指定されずに JavaScriptSerializer が初期化されていること、または逆シリアル化されたオブジェクト グラフ内のオブジェクトの型を制限する JavaScriptTypeResolver で初期化されていることをご確認ください。 + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - 逆シリアル化する前に JavaScriptSerializer が SimpleTypeResolver で初期化されていないことを確認します + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver で初期化された JavaScriptSerializer で信頼されていないデータを逆シリアル化している場合、メソッド '{0}' は安全ではありません。JavaScriptTypeResolver を指定せずに JavaScriptSerializer を初期化するか、逆シリアル化されたオブジェクト グラフ内のオブジェクトの型を制限する JavaScriptTypeResolver で初期化します。 + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - SimpleTypeResolver を使用して JavaScriptSerializer で逆シリアル化できません + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。逆シリアル化 JsonSerializer を使用する場合は TypeNameHandling.None を使用し、None 以外の値の場合は SerializationBinder を使用して逆シリアル化の種類を制限します。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - 安全でない構成を使用している JsonSerializer で逆シリアル化をしない + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。JsonSerializerSettings を使用する場合は TypeNameHandling.None を使用し、None 以外の値の場合は SerializationBinder を使用して逆シリアル化の種類を制限します。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - 安全でない JsonSerializerSettings を使用しない + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。逆シリアル化 JsonSerializer を使用する場合は TypeNameHandling.None を使用し、None 以外の値の場合は SerializationBinder を使用して逆シリアル化の種類を制限します。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - 逆シリアル化するときに JsonSerializer に安全な構成があることを確認する + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - 信頼されていない入力を逆シリアル化するときに、任意の型の逆シリアル化を許可することは安全ではありません。JsonSerializerSettings を使用する場合は TypeNameHandling.None が指定されていること、None 以外の値の場合は SerializationBinder を指定して逆シリアル化の種類が制限されていることをご確認ください。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - JsonSerializerSettings がセキュリティで保護されていることの確認 + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - None 以外の TypeNameHandling 値を使用する場合の JSON の逆シリアル化は、安全でない可能性があります。SerializationBinder が指定されていないときに Json.NET の逆シリアル化を検出する必要がある場合は、規則 CA2326 を無効にして、規則 CA2327、CA2328、CA2329、CA2330 を有効にしてください。 + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - None 以外の TypeNameHandling 値を使用する場合の JSON の逆シリアル化は、安全でない可能性があります。 + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - None 以外の TypeNameHandling 値を使用しないでください + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - 安全でないデシリアライザー LosFormatter を使用しない + Do not use insecure deserializer LosFormatter Convert to static method - 静的メソッドに変換します + Convert to static method Converting an instance method to a static method may produce invalid code - インスタンス メソッドを静的メソッドに変換すると、無効なコードが生成される可能性があります + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - 0 個のパラメーターを受け取るコンストラクターを 'public' にします + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - シリアル化可能ではない型のインスタンス フィールドが、シリアル化可能な型で宣言されています。 + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - フィールド {0} はシリアル化可能な型 {1} のメンバーですが、そのフィールド自体はシリアル化可能ではない型 {2} です + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - すべてのシリアル化不可能なフィールドを設定します + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - NeutralResourcesLanguage 属性は、アセンブリ用のニュートラル カルチャのリソースを表示するために使用された言語を ResourceManager に通知します。これにより、最初に読み込むリソースのルックアップのパフォーマンスが向上し、ワーキング セットを減らすことができます。 + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - アセンブリに NeutralResourcesLanguageAttribute を設定します + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - アセンブリに NeutralResourcesLanguageAttribute を設定します + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - ブール型には、アンマネージ コードで複数の表現があります。 + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - P/Invoke {1} のパラメーター {0} に MarshalAsAttribute を追加します。対応するアンマネージ パラメーターが 4 バイトの Win32 'BOOL' である場合は、[MarshalAs(UnmanagedType.Bool)] を使用してください。1 バイト C++ 'bool' の場合は、MarshalAs(UnmanagedType.U1) を使用してください。 + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - P/Invoke {0} の戻り値の型に MarshalAsAttribute を追加します。対応するアンマネージ戻り値の型が 4 バイトの Win32 'BOOL' である場合は、MarshalAs(UnmanagedType.Bool) を使用してください。1 バイト C++ 'bool' の場合は、MarshalAs(UnmanagedType.U1) を使用してください。 + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - ブール型の PInvoke 引数を MarshalAs に設定します + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - 共通言語ランタイムからシリアル化可能として認識されるには、型が ISerializable インターフェイスの実装によりカスタムのシリアル化ルーチンを使用する場合でも、SerializableAttribute 属性を使用して型をマークする必要があります。 + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - この型は ISerializable を実装するため、[Serializable] を {0} に追加します + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - ISerializable 型を serializable に設定します + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - HttpClient 証明書失効リストの確認が無効になっていないことをご確認ください + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient は、CheckCertificateRevocationList を有効にせずに作成できます + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - 証明書がルート ストアに追加されていないことを確認する + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - オペレーティング システムの信頼されたルート証明書に証明書を追加することは安全ではありません。ターゲット ストアがルート ストアでないことを確認してください。 + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - 既定の IV で CreateEncryptor を使用する + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - 暗号化で既定以外の初期化ベクトルが使用されており、これは反復使用できる可能性があります。必ず既定のものをご使用ください。 + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - ASP.Net Core で安全な Cookie を使用していることを確認します + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Cookie を設定する場合は、CookieOptions.Secure = true になっていることを確認してください + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - 弱いキー派生関数を使用する場合は十分な反復回数を確保してください + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - パスワードから暗号化キーを派生させる場合は、反復回数が少なくとも {0} 回であることを確認してください。既定では、Rfc2898DeriveByte の IterationCount は 1000 のみです + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - 'IDynamicInterfaceCastable' を実装する型はメタデータに動的インターフェイスを実装できない可能性があるため、この型で定義されている明示的な実装ではないインスタンス インターフェイス メンバーの呼び出しはランタイムで失敗する可能性があります。ランタイム エラーを回避するために、新しいインターフェイス メンバーを 'static' としてマークします。 + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - '{1}' 型の '{0}' メンバーは、'{1}' が 'DynamicInterfaceImplementationAttribute' に適用されているため、'static' としてマークする必要があります + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - 'DynamicInterfaceCastableImplementationAttribute' を持つインターフェイスで定義されたメンバーは 'static' である必要があります + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' はプレビュー型 '{1}' を返すため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' はプレビュー型 '{1}' を返すため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' は、'{1}' 型のプレビュー パラメーターを受け取り、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' は、'{1}' 型のプレビュー パラメーターを受け取り、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - このメソッドは、ランタイム マーシャリングが無効になっている場合でもランタイム マーシャリングを使用します。これにより、型のネイティブ レイアウトの想定が異なるため、実行時に予期しない動作の違いが発生する可能性があります。 + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - '{0}' は、'DisableRuntimeMarsattribute' が適用されている場合でもランタイム マーシャリングを使用します。正確な結果を得るには、'sizeof' やポインターなどの機能を直接使用します。 + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - このメソッドは、'DisableRuntimeMarsattribute' が適用されている場合でもランタイム マーシャリングを使用します + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - アクション メソッドの HttpVerb 属性がない + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - データの作成、編集、削除、または変更を行うすべてのメソッドでは、メソッドの [HttpPost] オーバーロードでそれらの操作が実行されます。これは、リクエスト フォージェリからの偽造防止属性を使用して保護する必要があります。取得操作の実行は副作用がなく、持続データを変更しない安全な操作である必要があります。 + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - アクション メソッド {0} では、HTTP 要求の種類を明示的に指定する必要があります + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - モジュール初期化子は、アプリケーション コードの実行を開始する前にアプリケーションのコンポーネントが初期化されるように、アプリケーション コードによって使用されることを目的としています。ライブラリ コードで 'ModuleInitializerAttribute' を使用してメソッドを宣言する場合、アプリケーションの初期化を妨げる可能性があり、そのアプリケーションのトリミング機能の制限にもつながります。'ModuleInitializerAttribute' でマークされたメソッドを使用する代わりに、ライブラリ内のコンポーネントを初期化し、アプリケーションの初期化中にアプリケーションがメソッドを呼び出せるようにするために使用できるメソッドを公開する必要があります。 + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - 'ModuleInitializer' 属性は、アプリケーション コードまたは高度なソース ジェネレーター シナリオでのみ使用することを目的としています + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - 'ModuleInitializer' 属性はライブラリで使用しないでください + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - SerializationBinder なしで信頼されていないデータを逆シリアル化して、逆シリアル化されたオブジェクト グラフ内でオブジェクトの型を制限する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - 逆シリアル化の前に NetDataContractSerializer.Binder が設定されていることを確認する + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - SerializationBinder なしで信頼されていないデータを逆シリアル化して、逆シリアル化されたオブジェクト グラフ内でオブジェクトの型を制限する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - NetDataContractSerializer.Binder を設定せずに逆シリアル化しない + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません。代わりに、SerializationBinder が設定されていない NetDataContractSerializer 逆シリアル化を検出する必要がある場合、ルール CA2310 を無効にし、ルール CA2311 と CA2312 を有効にします。 + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - 安全でないデシリアライザー NetDataContractSerializer を使用しない + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - 文字列は、大文字に標準化する必要があります。一部の文字は、小文字に変換した場合、ラウンド トリップできなくなります。ラウンド トリップとは、文字をあるロケールから、文字データを異なる方式で表す別のロケールに変換した後、変換された文字から元の文字を正確に取得することを意味します。 + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - メソッド '{0}' で、'{1}' の呼び出しを '{2}' に置き換えてください + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - 文字列を大文字に標準化します + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - 信頼されていないデータを逆シリアル化する場合、メソッド '{0}' は安全ではありません。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - 安全でないデシリアライザー ObjectStateFormatter を使用しない + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' はプレビュー メソッド '{1}' を上書きするため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' はプレビュー メソッド '{1}' を上書きするため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - パブリック型にあるパブリック メソッドまたは保護されたメソッドには、System.Runtime.InteropServices.DllImportAttribute 属性 (Visual Basic では、Declare キーワードによっても実装されています) があります。このようなメソッドは公開しないでください。 + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - P/Invoke メソッド '{0}' は参照可能にすることはできません + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - P/Invokes は参照可能にすることはできません + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - およびその他すべてのプラットフォーム + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - すべてのバージョンの '{0}' + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - プラットフォーム依存 API をコンポーネント上で使用すると、一部のプラットフォームでコードが動作しなくなります。 + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - バージョン {1} から {2} の '{0}' + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - この呼び出しサイトはすべてのプラットフォームで到達可能です。'{0}' は {1} で廃止されました。 + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - この呼び出しサイトは {2} で到達可能です。'{0}' は {1} で廃止されました。 + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - この呼び出しサイトはすべてのプラットフォームで到達可能です。'{0}' は {1} でのみサポートされています。 + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - この呼び出しサイトは {2} で到達可能です。'{0}' は {1} でのみサポートされています。 + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - この呼び出しサイトは {2} で到達できません。'{0}' は {1} でのみサポートされています。 + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - この呼び出しサイトはすべてのプラットフォームで到達可能です。'{0}' は {1} でサポートされています。 + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - この呼び出しサイトは {2} で到達可能です。'{0}' は {1} でサポートされています。 + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - プラットフォームの互換性を検証 + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - この呼び出しサイトはすべてのプラットフォームで到達可能です。'{0}' は {1} でサポートされていません。 + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - この呼び出しサイトは {2} で到達可能です。'{0}' は {1} でサポートされていません。 + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - '{0}' {1} 以前 + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - '{0}' {1} 以降 + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - 信頼されていない逆シリアル化データを処理するコードで、予期しない参照サイクルの処理を確認してください。予期しない参照サイクルが原因でコードが無限ループに入ることのないようにしてください。そうしないと、信頼されていないデータを逆シリアル化するときに、予期しない参照サイクルのせいで攻撃者が DoS 攻撃をしたり、プロセスのメモリを使い果たしたりできるようになりかねません。 + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} で潜在的な参照サイクルが生じています + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - 逆シリアル化されたオブジェクト グラフ内の参照サイクルの可能性 + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - 'Substring' を 'AsSpan' に置き換える + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - 'AsSpan' の方が 'Substring' より効率的です。'Substring' は O(n) 文字列コピーを実行しますが、'AsSpan' はこれを実行せず、固定コストがあります。 + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - スパンベースのオーバーロードが使用可能な場合は、'Substring' よりも 'AsSpan' を優先する + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - 'Substring' よりも 'AsSpan' を優先します + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - 'Any()' の代わりに 'Count' チェックを使用してください + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - 明確性とパフォーマンスの両方のために、'Any()' を使用するのではなく、'Count' を 0 と比較することを優先してください + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - 'ContainsKey' を使用する + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey' は通常 O(1) ですが、'Keys.Contains' は場合によっては O(n) になることがあります。さらに、多くのディクショナリ実装では、割り当てを削減するために Keys コレクションが遅延初期化されます。 + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - ディクショナリ型 '{0}' の場合は、'Keys.Contains' よりも 'ContainsKey' を優先します + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Dictionary.Contains メソッドを優先する + Prefer Dictionary.Contains methods Use 'ContainsValue' - 'ContainsValue' を使用する + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - 多くのディクショナリ実装では、Values コレクションが遅延初期化されます。不要な割り当てを回避するには、'Values.Contains' よりも 'ContainsValue' を優先します。 + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - ディクショナリ型 '{0}' の 'Values.Contains' よりも 'ContainsValue' を優先します + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - 'HashData' メソッドに置き換える + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - 'ComputeHash' を呼び出すには、HashAlgorithm インスタンスを作成して管理するよりも、静的な 'HashData' メソッドを使用する方が効率的です。 + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - 静的な '{0}.HashData' メソッドは 'ComputeHash' に優先します + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - 静的な 'HashData' メソッドは 'ComputeHash' に優先します + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - 'Any()' の代わりに 'IsEmpty' チェックを使用してください + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - 明確性とパフォーマンスの両方のために、'Any()' を使用するのではなく、'IsEmpty' チェックを優先してください + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - 'Enumerable.Any()' を呼び出すのではなく、'IsEmpty'、'Count'、または 'Length' のいずれか使用可能なプロパティの使用を優先してください。この方が、'Enumerable.Any()' 拡張メソッドを使用するよりも意図が明確で、パフォーマンスが向上します。 + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - 'Enumerable.Any()' 拡張メソッドを使用しないでください + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - 'Any()' の代わりに 'Length' チェックを使用してください + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - 明確性とパフォーマンスの両方のために、'Any()' を使用するのではなく、'Length' を 0 と比較することを優先してください + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - 'Stream' には、最初の引数として 'Memory<Byte>' を取る 'ReadAsync' オーバーロードと、最初の引数として 'ReadOnlyMemory<Byte>' を取る 'WriteAsync' オーバーロードがあります。より効率的なメモリ ベースのオーバーロードを呼び出すことをお勧めします。 - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - オブジェクトにアイテムが含まれているかどうかを判断するには、'Count' プロパティからアイテム数を取得し、それを 0 または 1 と比較する代わりに、'IsEmpty' プロパティを使用することをお勧めします。 - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - オブジェクトが空かどうかを判断するには、'Count' より 'IsEmpty' を優先してください - - - - Prefer IsEmpty over Count - Count より IsEmpty を優先する + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - '{0}' メソッド呼び出しを変更し、'{1}' オーバーロードを使用します + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - 'ReadAsync' および 'WriteAsync' で 'Memory' ベースのオーバーロードを優先的に使用する + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - 'string.Contains' で置き換える + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - 部分文字列が存在するかどうかを確認するために結果を使用する 'string.IndexOf' の呼び出しは、'string.Contains' で置き換えることができます。 + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - 読みやすくするために 'string.IndexOf' の代わりに 'string.Contains' を使用します + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - 'string.IndexOf' の代わりに 'string.Contains' を使用することを検討する + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append および StringBuilder.Insert では、System.String 以外の複数の型に対してオーバーロードを提供します。可能であれば、ToString () と文字列ベースのオーバーロードを使用するよりも、厳密に型指定されたオーバーロードを優先して使用することをお勧めします。 + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - 厳密に型指定された StringBuilder のオーバーロードを使用するには、ToString 呼び出しを削除してください + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - ToString 呼び出しを削除する + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - StringBuilder での厳密に型指定された Append および Insert メソッドのオーバーロードを推奨 - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - 文字列が単一文字の場合、'StringBuilder.Append(char)' のほうが 'StringBuilder.Append(string)' よりも効率的です。定数を指定して 'Append' を呼び出す場合は、単一文字を含む定数文字列ではなく、定数 char を使用することをお勧めします。 - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - 入力が定数単位文字列である場合は、'StringBuilder.Append(string)' ではなく、'StringBuilder.Append(char)' を使用してください - - - - Consider using 'StringBuilder.Append(char)' when applicable - 該当する場合は 'StringBuilder.Append(char)' の使用を検討 + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - .NET 7 以降、未チェックのコンテキストでオーバーフローしたときに明示的な変換演算子 '{0}' がスローされません。式を 'checked' ステートメントでラップし、.NET 6 の動作を復元します。 + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - .NET 7 以降、チェック済みのコンテキストでオーバーフローしたときに明示的な変換演算子 '{0}' がスローされます。式を 'unchecked' ステートメントでラップし、.NET 6 の動作を復元します。 + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - .NET 7 に追加された組み込み演算子の一部は、オーバーフロー時に .NET 6 以前のバージョンの対応するユーザー定義演算子と異なる動作をします。以前にチェックされていないコンテキストでスローした演算子の一部は、チェックされたコンテキスト内でラップされていない限り、スローされません。また、チェックされたコンテキストで以前にスローされなかった演算子の一部は、チェックされていないコンテキストでラップされていない限り、スローされるようになりました。 + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - .NET 7 以降、チェック済みのコンテキストでオーバーフローしたときに演算子 '{0}' がスローされます。式を 'unchecked' ステートメントでラップし、.NET 6 の動作を復元します。 + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - 動作の変更を防ぐ + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - 'Enum.HasFlag' メソッドでは、'enum' 引数が、メソッドが呼び出されたインスタンスと同じ 'enum' 型である必要があり、この 'enum' は、'System.FlagsAttribute' でマークされている必要があります。これらが異なる 'enum' 型の場合は、ハンドルされない例外が実行時にスローされます。'enum' 型が 'System.FlagsAttribute' でマークされていない場合、呼び出しは実行時に常に 'false' を返します。 + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - 引数の型 '{0}' は、列挙型 '{1}' と同じでなければなりません + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - 'Enum.HasFlag' に正しい 'enum' 引数を指定する + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - System.String.Format に渡される書式引数には、各オブジェクト引数に対応する書式項目が含まれていないか、各書式項目に対応するオブジェクト引数が含まれていません。 + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - 書式設定メソッドに正しい引数を指定します + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - 書式設定メソッドに正しい引数を指定します + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - 型には System.Runtime.Serialization.OptionalFieldAttribute 属性を使用してマークされているフィールドがあり、型は逆シリアル化イベントの処理メソッドを提供しません。 + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - 'private void OnDeserialized(StreamingContext)' メソッドを型 {0} に追加し、System.Runtime.Serialization.OnDeserializedAttribute に属性指定してください + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - 'private void OnDeserializing(StreamingContext)' メソッドを型 {0} に追加し、System.Runtime.Serialization.OnDeserializingAttribute に属性指定してください + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - 省略可能なフィールドに、逆シリアル化メソッドを指定します + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - 'System.Runtime.InteropServices.SafeHandle' から派生した型の包含型と同じように見えるパラメーターなしのコンストラクターを指定すると、ソース生成相互運用ソリューションのパフォーマンスと使用方法が向上します。 + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - 'System.Runtime.InteropServices.SafeHandle' から派生した '{0}' 型の包含型と同じように表示されるパラメーターなしのコンストラクターを指定します。 + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - 'System.Runtime.InteropServices.SafeHandle' から派生した具象型の包含型と同じように表示されるパラメーターなしのコンストラクターを指定します + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - パフォーマンスを向上させるには、'Stream' をサブクラス化するときにメモリベースの非同期メソッドをオーバーライドします。次に、メモリベースのメソッドの観点から配列ベースのメソッドを実装します。 + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - '{0}' は、配列ベースの '{1}' をオーバーライドしますが、メモリベースの '{2}' はオーバーライドしません。パフォーマンスを向上させるために、メモリベースの '{2}' をオーバーライドすることを検討してください。 + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - 'Stream' をサブクラス化するときに非同期メソッドのメモリ ベースのオーバーライドを指定する + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - 冗長な呼び出しを削除する + Remove redundant call Remove unnecessary call - 不要な呼び出しの削除 + Remove unnecessary call Replace string literal with char literal - 文字列リテラルを char リテラルに置き換える + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的な DLL インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - コードをレビューし、DLL インジェクションの脆弱性を確認する + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的なファイル パス インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - コードをレビューし、ファイル パス インジェクションの脆弱性を確認する + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - 潜在的な情報漏えいの脆弱性が見つかりました。メソッド '{1}' の '{0}' に、メソッド '{3}' の '{2}' からの意図しない情報が含まれる可能性があります。 + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - コードをレビューし、情報漏えいの脆弱性を確認する + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的な LDAP インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - コードをレビューし、LDAP インジェクションの脆弱性を確認する + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的なオープン リダイレクトの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - コードをレビューし、オープン リダイレクトの脆弱性を確認する + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的なプロセス コマンド インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - コードをレビューし、プロセス コマンド インジェクションの脆弱性を確認する + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的な正規表現インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - コードをレビューし、正規表現インジェクションの脆弱性を確認する + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的な SQL インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - コードをレビューし、SQL インジェクションの脆弱性を確認する + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的な XAML インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - コードをレビューし、XAML インジェクションの脆弱性を確認する + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的な XML インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - コードをレビューし、XML インジェクションの脆弱性を確認する - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的な XPath インジェクションの脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 - - - - Review code for XPath injection vulnerabilities - コードをレビューし、XPath インジェクションの脆弱性を確認する + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 潜在的なクロスサイト スクリプト (XSS) の脆弱性が見つかりました。メソッド '{1}' の '{0}' は、メソッド '{3}' の '{2}' からのユーザーが制御するデータによって悪用される可能性があります。 + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - コードをレビューし、XSS の脆弱性を確認する + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - ユーザー入力を直接使用する SQL クエリは、SQL インジェクション攻撃に対して脆弱である可能性があります。この SQL クエリをレビューして潜在的な脆弱性を確認し、パラメーター化された SQL クエリの使用を検討してください。 + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - '{1}' の '{0}' に渡されたクエリ文字列が任意のユーザー入力を受け入れるかどうかを確認してください + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - SQL クエリのセキュリティ脆弱性を確認 + Review SQL queries for security vulnerabilities Seal class - クラスのシール + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - 型がアセンブリの外部からアクセスできず、そこに含まれるアセンブリ内にサブタイプがない場合は、安全にシールできます。型をシールするとパフォーマンスが向上します。 + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - 型'{0}' に含まれるアセンブリにはサブタイプがなく、外部から参照できないため、シールできます + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - 内部型のシール + Seal internal types Set HttpOnly to true for HttpCookie - HttpCookie で HttpOnly を true に設定する + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - 高度な防御手段として、セキュリティ上注意が必要な HTTP Cookie が、必ず HttpOnly としてマークされるようにしてください。これは、スクリプトから Cookie へのアクセスを Web ブラウザーで許可してはならないことを示しています。挿入された悪意のあるスクリプトは、Cookie を盗むための一般的な方法です。 + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie を使用している場合、HttpCookie.HttpOnly は false に設定されるか、まったく設定されません。悪意のあるスクリプトによって Cookie が盗まれないようにするために、セキュリティ上注意が必要な Cookie が、必ず HttpOnly としてマークされるようにしてください + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - ページから派生したクラスに ViewStateUserKey を設定する + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - ViewStateUserKey プロパティを設定すると、識別子を個別のユーザーの view-state 変数に割り当てて、ユーザーが変数を使用した攻撃を実行できないようにすることで、アプリケーションに対する攻撃を防ぐことができます。そうしない場合、クロスサイト リクエスト フォージェリの脆弱性の危険性があります。 + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - System.Web.UI.Page から派生したクラス {0} は、OnInit メソッドまたは Page_Init メソッドで ViewStateUserKey プロパティを設定しません + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - 現在のカルチャで偶発的に暗黙的な依存関係が発生することを回避するためにカルチャを指定します。インバリアント バージョンを使用すると、アプリケーションのカルチャに関係なく、一貫性のある結果が得られます。 + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - カルチャを指定するかインバリアント バージョンを使用して、現在のカルチャへの暗黙的な依存関係を回避します + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - カルチャの指定またはインバリアント バージョンの使用 + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - メソッドまたはコンストラクターは、System.Globalization.CultureInfo パラメーターを受け取るオーバーロードを持つメンバーを呼び出します。CultureInfo パラメーターを受け取るオーバーロードは呼び出しません。CultureInfo または System.IFormatProvider オブジェクトが指定されない場合、オーバーロードされたメンバーによって指定される既定値は、一部のロケールでは期待どおりの効果がないことがあります。結果がユーザーに表示される場合は、'CultureInfo' パラメーターとして 'CultureInfo.CurrentCulture' を指定してください。そうではなく、結果がソフトウェアによって格納およびアクセスされる場合 (結果がディスクやデータベースに永続的に保存される場合など) は、'CultureInfo.InvariantCulture' を指定します。 + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' の動作は、現在のユーザーのロケール設定によって異なる場合があります。'{1}' 内のこの呼び出しを '{2}' への呼び出しに置き換えてください。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - CultureInfo を指定します + Specify CultureInfo Specify current culture - 現在のカルチャの指定 + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - メソッドまたはコンストラクターでは、System.IFormatProvider パラメーターを受け取るオーバーロードを持つ 1 つ以上のメンバーを呼び出します。メソッドまたはコンストラクターでは、IFormatProvider パラメーターを受け取るオーバーロードは呼び出しません。System.Globalization.CultureInfo または IFormatProvider オブジェクトが指定されない場合、オーバーロードされたメンバーによって指定される既定値は、一部のロケールでは期待どおりの効果がないことがあります。結果がユーザーからの入力およびユーザーに表示される出力に基づく場合、'IFormatProvider' として 'CultureInfo.CurrentCulture' を指定します。そうではなく、結果がソフトウェアによって格納およびアクセスされる場合 (結果がディスクまたはデータベースから読み込まれる場合や、ディスクまたはデータベースに永続的に保存される場合など) は、'CultureInfo.InvariantCulture' を指定します。 + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' の動作は、現在のユーザーのロケール設定によって異なる場合があります。'{1}' 内のこの呼び出しを '{2}' への呼び出しに置き換えてください。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' の動作は、現在のユーザーのロケール設定によって異なる場合があります。'{1}' 内のこの呼び出しを '{2}' への呼び出しに置き換えてください。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - '{0}' の動作は、現在のユーザーのロケール設定によって異なる場合があります。"IFormatProvider" 引数に値を指定してください。 + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' は '{1}' を 'IFormatProvider' パラメーターとして '{2}' に渡します。このプロパティは、書式設定メソッドに不適切なカルチャを返します。 + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' は '{1}' を 'IFormatProvider' パラメーターとして '{2}' に渡します。このプロパティは、書式設定メソッドに不適切なカルチャを返します。 + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - IFormatProvider を指定します + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - プラットフォーム呼び出しメンバーは、部分的に信頼された呼び出し元を許可し、文字列パラメーターを持ち、文字列を明示的にはマーシャリングしません。このために、セキュリティの脆弱性が生じる場合があります。 + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - P/Invoke 文字列引数に対してマーシャリングを指定します + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 文字列比較操作では、StringComparison パラメーターを設定しないメソッド オーバーロードを使用します。意図を明確にするため、StringComparison パラメーターを指定してオーバーロードを使用することをお勧めします。結果がユーザーに表示される場合 (リスト ボックスに表示するために項目のリストを並べ替える場合など) は、'StringComparison' パラメーターとして 'StringComparison.CurrentCulture' または 'StringComparison.CurrentCultureIgnoreCase' を指定します。大文字と小文字が区別されない識別子 (ファイル パス、環境変数、レジストリのキーと値など) を比較する場合は、'StringComparison.OrdinalIgnoreCase' を指定します。そうではなく、大文字と小文字が区別される識別子を比較する場合は、'StringComparison.Ordinal' を指定します。 + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - '{0}' には、'StringComparison' パラメーターを受け取るメソッド オーバーロードがあります。意図を明確にするために、'{1}' のこの呼び出しを '{2}' への呼び出しで置き換えます。 + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - 明確さのために StringComparison を指定する + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 文字列比較操作では、StringComparison パラメーターを設定しないメソッド オーバーロードが使用されるため、その動作は、現在のユーザーのロケール設定によって異なる場合があります。正確さと意図の明確さのために、StringComparison パラメーターを指定してオーバーロードを使用することを強くお勧めします。結果がユーザーに表示される場合 (リスト ボックスに表示するために項目のリストを並べ替える場合など) は、'StringComparison' パラメーターとして 'StringComparison.CurrentCulture' または 'StringComparison.CurrentCultureIgnoreCase' を指定します。大文字と小文字が区別されない識別子 (ファイル パス、環境変数、レジストリのキーと値など) を比較する場合は、'StringComparison.OrdinalIgnoreCase' を指定します。そうではなく、大文字と小文字が区別される識別子を比較する場合は、'StringComparison.Ordinal' を指定します。 + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' の動作は、現在のユーザーのロケール設定によって異なる場合があります。'{1}' 内のこの呼び出しを '{2}' への呼び出しに置き換えてください。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - 正確さのために StringComparison を指定する + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - 'static' 修飾子と 'abstract' 修飾子の両方を使用するには、プレビュー機能を選択する必要があります。詳細については、「https://aka.ms/dotnet-warnings/preview-features」を参照してください。 + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - String.Length プロパティまたは String.IsNullOrEmpty メソッドを使用して文字列を比較すると、Equals を使用した場合よりも処理速度が大幅に向上します。 + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - 等値性のチェックの代わりに 'string.Length' プロパティまたは 'string.IsNullOrEmpty' メソッドを使用して空の文字列をテストしてください + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - 文字列の長さを使用して空の文字列をテストします + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - この式は、Single.Nan または Double.Nan に対して値をテストします。Single.IsNan(Single) または Double.IsNan(Double) を使用して、値をテストしてください。 + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - NaN に対して正しくテストします + Test for NaN correctly Test for NaN correctly - NaN に対して正しくテストします + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - 'ThreadStatic' フィールドは、インラインの初期化や静的コンストラクターでの明示的な初期化ではなく、使用時に遅延して初期化される必要があります。そうすることで、型の静的コンストラクターを実行するスレッド上のフィールドのみが初期化されます。 + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - 'ThreadStatic' フィールドにインライン初期化を使用しないようにしてください + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - 'ThreadStatic' フィールドの初期化が不適切です + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - 'ThreadStatic' は静的フィールドにのみ影響します。インスタンス フィールドに適用しても、動作には影響しません。 + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - 'ThreadStatic' が静的フィールドでのみ使用されていることを確認する + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - 'ThreadStatic' は静的フィールドにのみ影響します + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - ArgumentException スロー ヘルパーを使用する + Use ArgumentException throw helper Use ArgumentNullException throw helper - ArgumentNullException スロー ヘルパーを使用する + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - ArgumentOutOfRangeException スロー ヘルパーを使用する + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Array.Empty を使用します + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - 配列の値に対して範囲ベースのインデクサーを使用すると、要求された配列の部分のコピーが作成されます。Span または Memory 値として暗黙的に使用される場合、このコピーは不要であることが少なくありません。このコピーを回避するには、AsSpan メソッドをご使用ください。 + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - 不要なデータ コピーが作成されないようにするには、'{2}' で '{1}' ベースのインデクサーの代わりに '{0}' を使用してください + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - 文字列で範囲ベースのインデクサーの代わりに '{0}' を使用する + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - 配列で範囲ベースのインデクサーの代わりに '{0}' を使用する + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - 該当する場合、範囲ベースのインデクサーの代わりに AsSpan か AsMemory を使用する + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 文字列値に対して範囲ベースのインデクサーを使用すると、要求された文字列の部分のコピーが作成されます。ReadOnlySpan または ReadOnlyMemory 値として暗黙的に使用される場合、このコピーは不要であることが少なくありません。不要なコピーを回避するには、AsSpan メソッドをご使用ください。 + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 配列値に対して範囲ベースのインデクサーを使用すると、要求された配列の部分のコピーが作成されます。ReadOnlySpan または ReadOnlyMemory 値として暗黙的に使用される場合、このコピーは不要であることが少なくありません。不要なコピーを回避するには、AsSpan メソッドをご使用ください。 + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Task-returning メソッド内にメソッドが存在する場合は、メソッドの非同期バージョンを使用します。 + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - '{0}' は同期的にブロックを実行します。代わりに '{1}' を待機します。 + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - '{0}' は同期的にブロックを実行します。代わりに await を使用してください。 + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - 非同期メソッドの場合に非同期メソッドを呼び出す + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - ASP.NET Core MVC コントローラーで偽造防止トークンを使用する + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - 偽造防止トークンを検証せずに POST、PUT、PATCH、DELETE 要求を処理すると、クロスサイト リクエスト フォージェリ攻撃に対して脆弱になる可能性があります。クロスサイト リクエスト フォージェリ攻撃では、認証されたユーザーから ASP.NET Core MVC コントローラーに悪意のある要求が送信される可能性があります。 + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - メソッド {0} では、偽造防止トークンの検証を実行せずに {1} 要求が処理されます。また、HTML フォームで偽造防止トークンが送信されるようにする必要もあります。 + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - 'CancellationToken.ThrowIfCancellationRequested' で置き換えます + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - 'ThrowIfCancellationRequested' は、トークンが取り消されたかどうかを自動的にチェックし、取り消されていた場合には、'OperationCanceledException' をスローします。 + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - 'IsCancellationRequested' をチェックして 'OperationCanceledException' をスローするのではなく、'ThrowIfCancellationRequested' を使用します + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - 'ThrowIfCancellationRequested' を呼び出す + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - 具象型を使用すると、仮想呼び出しまたはインターフェイス呼び出しのオーバーヘッドが回避され、インライン化が有効になります。 + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - パフォーマンスを向上させるために、フィールド '{0}' の型を '{1}' から '{2}' に変更します + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - パフォーマンスを向上させるために、変数 '{0}' の型を '{1}' から '{2}' に変更します + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - パフォーマンスを向上させるために、メソッド '{0}' の戻り値の型を '{1}' から '{2}' に変更します + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - パフォーマンスを向上させるために、パラメーター '{0}' の型を '{1}' から '{2}' に変更します + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - パフォーマンスを向上させるために、プロパティ '{0}' の型を '{1}' から '{2}' に変更してください + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - 可能な場合は具象型を使用してパフォーマンスを向上させる + Use concrete types when possible for improved performance Use Container Level Access Policy - コンテナー レベルのアクセス ポリシーを使用する + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - アクセス ポリシー識別子が指定されていません。トークンが取消可能ではなくなります。 + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - 可能な場合は、Shared Access Signature (SAS) の代わりに、Azure のロールベースのアクセス制御を使用することを検討してください。依然として SAS を使用する必要がある場合は、SAS の作成時にコンテナーレベルのアクセス ポリシーを使用します。 + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - P/Invoke に対して DefaultDllImportSearchPaths 属性を使用する + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - 既定では、DllImportAttribute を使用している P/Invoke は、ライブラリが読み込むための現在の作業ディレクトリを含むいくつかのディレクトリを精査します。これは特定のアプリケーションでセキュリティ上の問題を引き起こし、DLL のハイジャックにつながる可能性があります。 + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - メソッド {0} で、P/Invoke に対して DefaultDllImportSearchPaths 属性が使用されませんでした。 + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - マーシャリングが無効な場合に機能する同等のコードを使用する + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - 'Environment.CurrentManagedThreadId' は、'Thread.CurrentThread.ManagedThreadId' よりもシンプルで高速です。 + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - 'Environment.CurrentManagedThreadId' を使用する + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - 'Thread.CurrentThread.ManagedThreadId' ではなく 'Environment.CurrentManagedThreadId' を使用する + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - 'Environment.CurrentManagedThreadId' を使用する + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - 'Environment.ProcessId' は、'Process.GetCurrentProcess().Id' よりも単純かつ高速です。 + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - 'Environment.ProcessId' を使用してください + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - 'Process.GetCurrentProcess().Id' の代わりに 'Environment.ProcessId' を使用してください + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - 'Environment.ProcessId' を使用する + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - 'Environment.ProcessPath' は、'Process.GetCurrentProcess().MainModule.FileName' よりも単純で高速です。 + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - 'Environment.ProcessId' を使用する + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - 'Process.GetCurrentProcess() MainModule.FileName の代わりに 'Environment.ProcessPath' を使用します + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - 'Environment.ProcessId' を使用する + Use 'Environment.ProcessPath' Use indexer - インデクサーを使用する + Use indexer Use an invariant version - インバリアント バージョンを使用する + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - オペレーティング システムの呼び出しメソッドが定義されており、同等の機能を持つメソッドが .NET Framework クラス ライブラリにあります。 + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Win32 API に相当するマネージ API を使用します + Use managed equivalents of win32 api Use managed equivalents of win32 api - Win32 API に相当するマネージ API を使用します + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - ObjectDisposedException スロー ヘルパーを使用する + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - 非言語的な文字列比較操作では、StringComparison パラメーターが Ordinal にも OrdinalIgnoreCase にも設定されません。パラメーターを StringComparison.Ordinal または StringComparison.OrdinalIgnoreCase に明示的に設定することによって、コードは多くの場合、高速で正確になり、信頼性が向上します。 + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - 序数の文字列比較を使用してください + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() は、Length または Count プロパティが直接アクセスの場合、シーケンスを列挙する可能性があります。 + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Enumerable.Count() の代わりに "{0}" プロパティを使用してください + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - 使用可能な場合は Count() の代わりに Length または Count プロパティを使用 + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - 十分なキー サイズの Rivest-Shamir-Adleman (RSA) アルゴリズムを使用します + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - 暗号化アルゴリズムは、小さすぎるキー サイズが使用されていると、ブルート フォース攻撃に対して脆弱になります。 + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 非対称暗号化アルゴリズム {0} のキー サイズが 2048 未満です。キー サイズが少なくとも 2048 の RSA、ECDH、または ECDSA アルゴリズムに切り替えてください。 + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - HTTPS 経由で使用できるアプリケーションは、セキュリティで保護された Cookie を使用する必要があります。 + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - SharedAccessProtocol HttpsOnly を使用する + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS はネットワークトラフィックを暗号化します。ネットワークトラフィックが常に暗号化されるようにするには、HttpsOnly を HttpOrHttps ではなくを使用します。 + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - 可能な場合は、Shared Access Signature (SAS) の代わりに、Azure のロールベースのアクセス制御を使用することを検討してください。依然として SAS を使用する必要がある場合は、SharedAccessProtocol.HttpsOnly を指定します。 + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - 'Clear()' を使用する + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - 既定値で 'Fill' ではなく、'Clear' を使用する方が効率的です。 + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - 'Span<T>.Fill(default)' の代わりに 'Span<T>.Clear()' を優先する + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - '塗りつぶし' よりも 'クリア' を優先する + Prefer 'Clear' over 'Fill' Use 'StartsWith' - 'StartsWith' を使用する + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - 'IndexOf' の結果を 0 と比較するのではなく、'StartsWith' を使用する方が明確で迅速です。 + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - 'IndexOf' の結果を 0 と比較するのではなく、'StartsWith' を使用します + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - 'IndexOf' の代わりに 'StartsWith' を使用する + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - 'string.Equals' を使用します。 + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - 'string.Compare' の結果を 0 と比較するよりも、'stringEquals' を使用する方が明確で、より高速である可能性があります。 + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - 'string' を使用します。'string.Compare' の結果を 0 と比較する代わりに 'string.Equals' を使用します + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - 'string.Equals' を使用します。 - - - - Use 'AsSpan' with 'string.Concat' - 'AsSpan' を 'string.Concat' と共に使用します。 - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - 'Substring' と連結演算子を使うよりも 'AsSpan' と 'string.Concat' を使用する方が効率的です。 - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - 'Substring' ではなく、スパンベースの 'string.Concat' と 'AsSpan' を使用します。 - - - - Use span-based 'string.Concat' - スパンベースの 'string.Concat' を使用します。 - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - 'string.Contains(char)' は、単一文字検索のパフォーマンスのより高いオーバーロードとして使用できます。 - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - 単一の文字を検索する場合には 'string.Contains(char)' ではなく、'string' を使用します。 - - - - Use char literal for a single character lookup - 1 つの文字参照に単一文字検索を使用する + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - スロー ヘルパーは、if ブロックが新しい例外インスタンスを構築する場合よりもシンプルで効率的です。 + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - '{0}.{1}' を使用します + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - 新しい例外インスタンスを明示的にスローするのではなく、'{0}.{1}' を使用してください + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - プラットフォーム互換性アナライザーには、有効なプラットフォーム名とバージョンが必要です。 + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - バージョン '{0}' は、プラットフォーム '{1}' では無効です。このプラットフォームでは、2{2} パーツのあるバージョンを使用します。 + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - バージョン '{0}' は、プラットフォーム '{1}' では無効です。このプラットフォームにはバージョンを使用しないでください。 + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - 有効なプラットフォーム文字列を使用する + Use valid platform string The platform '{0}' is not a known platform name - プラットフォーム '{0}' は既知のプラットフォーム名ではありません + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - メンバー呼び出しから返される ValueTask は、直接待機されるよう意図されています。1 つの ValueTask を複数回使用しようとしたり、完了が判明する前に結果に直接アクセスしようとしたりすると、例外または破損が発生する可能性があります。このような ValueTask を無視することは、機能的なバグを示していることが多く、パフォーマンスを低下させる可能性があります。 + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - ValueTask インスタンスがまだ完了していない場合は、そのインスタンスの結果に直接アクセスさせないようにしてください。Task とは異なり、ValueTask に対する Result または GetAwaiter().GetResult() の呼び出しは、操作が完了するまでブロックされることが保証されていません。単純にインスタンスを待機することができない場合は、最初にその IsCompleted プロパティを確認することをお勧めします (あるいは、該当する場合は、それが true であることをアサートします)。 + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - ValueTask インスタンスは、await を使用するなどして、1 回限り使用する必要があります。同じ ValueTask インスタンスを複数回使用すると、例外やデータの破損が発生する可能性があります。 + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - メソッド呼び出しから返される ValueTask インスタンスは、直接待機されるか、返されるか、または別のメソッド呼び出しへの引数として渡される必要があります。ValueTask インスタンスの使用は 1 回限りにする必要があるため、ローカルまたはフィールドにインスタンスを保存するなどの他の使用方法は、バグを示している可能性が高くなります。 + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - メソッド呼び出しから返される ValueTask インスタンスは常に使用する必要があり、通常は待機される必要があります。そのようにしないことは機能的なバグを表すことが多く、そうでなくても、ValueTask で使用するオブジェクトがターゲット メソッドでプールされるとパフォーマンスが低下する可能性があります。 + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - ValueTask を正しく使用する必要があります + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - 信頼されていないデータから XML を処理すると、危険な外部参照を読み込む可能性があります。XmlReader を安全なリゾルバーと共に使用するか、DTD 処理を無効にして使用することにより、この処理を制限する必要があります。 + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - 'DataSet.ReadXml()' に対して XmlReader を使用します + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - 'XmlSerializer.Deserialize()' に対して XmlReader を使用します + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - 'XmlSchema.Read()' に対して XmlReader を使用します + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - XmlValidatingReader コンストラクターに対して XmlReader を使用します + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - XPathDocument コンストラクターに対して XmlReader を使用します + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - '{0}.{1}' メソッドのこのオーバーロードは、安全でない可能性があります。これによって、サービス拒否攻撃に対して脆弱となり得るドキュメント型定義 (DTD) が有効になるおそれがあります。あるいは情報漏えいに対して脆弱となり得る XmlResolver が使用されるおそれがあります。その代わりに、XmlReader インスタンスを受け取るオーバーロードを使用して、DTD 処理を無効にし、XmlResolver を使用しないようにします。 + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' はプレビュー型 '{1}' を使用するため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' はプレビュー型 '{1}' を使用するため、プレビュー機能を選択する必要があります。詳細については、「{2}」を参照してください。 - - - - Use 'TryGetValue(TKey, out TValue)' - 'TryGetValue(TKey, out TValue)' を使用する - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - 'IDictionary.TryGetValue(TKey, out TValue)' メソッドを優先します - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - 二重参照を回避するには、'ContainsKey' チェックによって保護された Dictionary インデクサー アクセスよりも 'TryGetValue' 呼び出しを優先します - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - 'ContainsKey' チェックによって保護された Dictionary インデクサー アクセスよりも 'TryGetValue' 呼び出しを優先します。'ContainsKey' とインデクサーの両方が内部のキーを参照するため、'TryGetValue' を使用すると余分な参照が削除されます。 + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf index b74bbf2fca..c5f6128753 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - 이 필드에 'NonSerialized' 특성을 추가합니다. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Serializable 특성 추가 + Add Serializable attribute Review cipher mode usage with cryptography experts - 암호화 전문가와 암호화 모드 사용 현황 검토 + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - 이 암호화 모드는 공격에 취약할 수 있습니다. 권장 모드(CBC, CTS)를 사용하는 것이 좋습니다. + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - 암호화 전문가와 암호화 모드 '{0}'의 사용 현황을 검토합니다. 권장 모드(CBC, CTS)를 사용하는 것이 좋습니다. + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - 특성의 문자열 리터럴 매개 변수가 URL, GUID 또는 버전에 대해 올바르게 구문 분석되지 않습니다. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - '{0}'의 생성자에서 현재 "{2}"인 '{1}' 인수 값을 '{3}'(으)로 올바르게 구문 분석될 수 있는 다른 값으로 변경하세요. + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - '{0}'의 생성자에서 현재 빈 문자열("")인 '{1}' 인수 값을 '{2}'(으)로 올바르게 구문 분석될 수 있는 다른 값으로 변경하세요. + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - 특성 문자열 리터럴이 올바르게 구문 분석되어야 합니다. + Attribute string literals should parse correctly Extract to static readonly field - 정적 읽기 전용 필드로 추출 + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - 인수로 전달된 상수 배열은 반복적으로 호출될 때 다시 사용되지 않으며, 이는 매번 새 배열이 생성됨을 의미합니다. 전달된 배열이 호출된 메서드 내에서 변경되지 않은 경우 'static readonly' 필드에 추출하여 성능을 향상하는 것이 좋습니다. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - 호출된 메서드가 반복적으로 호출되고 전달된 배열을 변경하지 않는 경우 상수 배열 인수보다 'static readonly' 필드를 사용하세요. + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - 상수 배열을 인수로 사용하지 않습니다. + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - 'StringBuilder'를 마샬링하는 경우 항상 네이티브 버퍼 복사본이 만들어지므로 하나의 마샬링 작업에 대해 할당이 여러 번 이루어집니다. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - P/Invokes에는 'StringBuilder' 매개 변수를 사용하지 마세요. 대신 문자 버퍼를 사용해 보세요. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - P/Invokes에는 'StringBuilder' 매개 변수를 사용하지 마세요. + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - .NET Framework 클래스 라이브러리에서 사용자 지정 특성을 검색하기 위한 메서드를 제공합니다. 기본적으로 이 메서드는 특성 상속 계층 구조를 검색합니다. 특성을 봉인하면 상속 계층 구조를 통한 검색을 중단하여 성능을 향상시킬 수 있습니다. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - 봉인되지 않은 특성을 사용하지 마세요. + Avoid unsealed attributes Avoid unsealed attributes - 봉인되지 않은 특성을 사용하지 마세요. + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - 길이가 0인 불필요한 배열 할당을 사용하지 마세요. 대신 {0}을(를) 사용하세요. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - 길이가 0인 배열 할당을 사용하면 안 됨 + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 역직렬화된 개체 그래프에서 개체 형식을 제한하기 위해 SerializationBinder 없이 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - BinaryFormatter.Deserialize를 호출하기 전에 BinaryFormatter.Binder를 설정해야 합니다. + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 역직렬화된 개체 그래프에서 개체 형식을 제한하기 위해 SerializationBinder 없이 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - 먼저 BinaryFormatter.Binder를 설정하지 않고 BinaryFormatter.Deserialize를 호출하지 마세요. + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - 신뢰할 수 없는 데이터를 deserialize할 경우 '{0}' 메서드는 안전하지 않습니다. SerializationBinder를 설정하지 않고 BinaryFormatter deserialization을 검색해야 하는 경우에는 규칙 CA2300을 사용하지 않도록 설정하고 규칙 CA2301 및 CA2302를 사용하도록 설정합니다. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - 안전하지 않은 역직렬 변환기 BinaryFormatter를 사용하지 마세요. + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy'는 'count' 인수에 대해 복사할 바이트 수를 예상합니다. 'Array.Length'를 사용하면 복사해야 하는 바이트 수가 일치하지 않을 수 있습니다. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy'는 'count' 인수에 대해 복사할 바이트 수를 예상합니다. 'Array.Length'를 사용하면 복사해야 하는 바이트 수가 일치하지 않을 수 있습니다. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - 'Buffer.BlockCopy'는 'count' 인수에 대해 복사할 바이트 수를 예상합니다. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Dispose를 구현하는 메서드가 GC.SuppressFinalize를 호출하지 않거나, Dispose를 구현하지 않는 메서드가 GC.SuppressFinalize를 호출하거나, 메서드가 GC.SuppressFinalize를 호출하고 다른 개체(Visual Basic의 경우 Me)를 전달합니다. + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - {0}을(를) 변경하여 {1}을(를) 호출하세요. 이렇게 하면 종료자를 사용하는 파생 형식에서 'IDisposable'을 호출하기 위해 다시 구현하지 않아도 됩니다. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - {0}을(를) 변경하여 {1}을(를) 호출하세요. 이렇게 하면 개체가 삭제되어 범위 외부로 이동된 후에 불필요하게 종료되지 않습니다. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0}이(가) 자기 자신이 아닌 다른 개체에서 {1}을(를) 호출합니다. 대신 호출 사이트를 변경하여 'this'(Visual Basic의 경우 'Me')를 전달하세요. + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0}이(가) 일반적으로 'IDisposable.Dispose'의 구현 내에서만 호출되는 메서드인 {1}을(를) 호출합니다. 자세한 내용은 IDisposable 패턴을 참조하세요. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Dispose 메서드는 SuppressFinalize를 호출해야 합니다. + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - ConstantExpected 특성이 매개 변수에 올바르게 적용되지 않았습니다. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - ConstantExpected 특성의 사용이 잘못되었습니다. + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - 부모 메서드 주석으로 인해 매개 변수에 ConstantExpected 특성이 필요합니다. + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - '{0}' 값이 '{1}' 매개 변수 형식과 호환되지 않습니다. + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - '{0}' 값이 '{1}'에서 '{2}'까지 매개 변수 값 범위 내에 맞지 않습니다. + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - 상수가 매개 변수와 동일한 '{0}' 형식이 아닙니다. + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - 최소 및 최대값이 반전됩니다. + The Min and Max values are inverted The argument should be a constant for optimal performance - 최적의 성능을 위해 인수는 상수여야 합니다. + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - ConstantExpected 특성에는 '{0}' 형식이 지원되지 않습니다. + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - 상수가 '{0}'에서 '{1}'까지 값 범위 내에 맞지 않습니다. + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - 매개 변수에는 최적의 성능을 위해 상수가 필요합니다. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - 매개 변수에 상수가 필요합니다. + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 신뢰할 수 없는 입력을 역직렬화하는 경우 {0} 개체를 역직렬화하는 것은 안전하지 않습니다. '{1}'은(는) {0}이거나 이 항목에서 파생됩니다. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - 역직렬화 가능한 개체 그래프에서 안전하지 않은 DataSet 또는 DataTable 형식을 찾음 + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - IFormatter 기반 직렬 변환기를 사용하여 신뢰할 수 없는 입력을 역직렬화하는 경우 {0} 개체를 역직렬화하는 것은 안전하지 않습니다. '{1}'은(는) {0}이거나 이 항목에서 파생됩니다. 자동 생성된 형식이 신뢰할 수 없는 데이터로 역직렬화되지 않도록 하세요. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - 자동 생성된 직렬화 가능한 형식의 안전하지 않은 DataSet 또는 DataTable은 원격 코드 실행 공격에 취약할 수 있음 + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 신뢰할 수 없는 입력을 역직렬화하는 경우 {0} 개체를 역직렬화하는 것은 안전하지 않습니다. '{1}'은(는) {0}이거나 이 항목에서 파생됩니다. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - 역직렬화된 개체 그래프의 안전하지 않은 DataSet 또는 DataTable은 원격 코드 실행 공격에 취약할 수 있음 + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - IFormatter 기반 직렬 변환기를 사용하여 신뢰할 수 없는 입력을 역직렬화하는 경우 {0} 개체를 역직렬화하는 것은 안전하지 않습니다. '{1}'은(는) {0}이거나 이 항목에서 파생됩니다. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - 직렬화 가능한 형식의 안전하지 않은 DataSet 또는 DataTable은 원격 코드 실행 공격에 취약할 수 있음 + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 신뢰할 수 없는 입력을 역직렬화하는 경우 {0} 개체를 역직렬화하는 것은 안전하지 않습니다. '{1}'은(는) {0}이거나 이 항목에서 파생됩니다. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - 직렬화 가능한 형식의 안전하지 않은 DataSet 또는 DataTable + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 신뢰할 수 없는 입력을 역직렬화하는 경우 {0} 개체를 역직렬화하는 것은 안전하지 않습니다. '{1}'은(는) {0}이거나 이 항목에서 파생됩니다. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - 웹 역직렬화 가능한 개체 그래프의 안전하지 않은 DataSet 또는 DataTable 형식 + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. '{0}' 호출을 포함하는 자동 생성된 클래스가 신뢰할 수 없는 데이터로 역직렬화되지 않도록 하세요. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - DataSet.ReadXml()을 포함하는 자동 생성된 클래스가 신뢰할 수 없는 데이터와 함께 사용되지 않는지 확인 + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - DataSet.ReadXml()을 신뢰할 수 없는 데이터와 함께 사용하지 마세요. + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - DataTable.ReadXml()을 신뢰할 수 없는 데이터와 함께 사용하지 마세요. + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients에서 인증서 해지 목록 확인을 사용하도록 설정해야 함 + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - CheckCertificateRevocationList를 사용하지 않고 HttpClient가 생성됩니다. + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - 루트 저장소에 인증서 추가 안 함 + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - 운영 체제의 신뢰할 수 있는 루트 인증서에 인증서를 추가하면 불법 인증서를 잘못 인증하게 될 위험이 늘어납니다. + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - 기본이 아닌 IV와 함께 CreateEncryptor 사용 안 함 + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - 대칭형 암호화는 잠재적으로 반복할 수 있는, 기본이 아닌 초기화 벡터를 사용합니다. + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - ASP.NET Core에서 보안 쿠키 사용 + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - 쿠키를 설정할 때 CookieOptions.Secure = true를 설정합니다. + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - 부족한 반복 횟수로 취약한 키 파생 함수를 사용하면 안 됨 + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - 암호에서 암호화 키를 파생할 때 {0}회 이상의 반복을 사용하세요. 기본적으로 Rfc2898DeriveByte의 IterationCount는 1,000뿐입니다. + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - TLS(전송 계층 보안)의 이전 프로토콜 버전은 TLS 1.2 및 TLS 1.3보다 보안 수준이 낮으며 새로운 취약성이 발생할 가능성이 더 높습니다. 위험을 최소화하려면 이전 프로토콜 버전을 사용하지 마세요. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - 전송 계층 보안 프로토콜 버전 '{0}'은(는) 사용되지 않습니다. 운영 체제에서 버전을 선택하도록 하려면 '없음'을 사용하세요. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - 사용되지 않는 SslProtocols 값 사용 안 함 + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}'은(는) 미리 보기 클래스 '{1}'에서 파생되므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}'은(는) 미리 보기 클래스 '{1}'에서 파생되므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - 어셈블리는 기능을 사용하기 전에 미리 보기 기능을 선택해야 합니다. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - '{0}'을(를) 사용하려면 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {1}를 참조하세요. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} '{0}'을(를) 사용하려면 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {1}을(를) 참조하세요. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - 이 API는 미리 보기 기능을 선택해야 합니다. + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - System.IDisposable을 구현하는 형식은 IDisposable도 구현하는 형식의 필드를 선언합니다. 필드의 Dispose 메서드는 선언 형식의 Dispose 메서드에 의해 호출되지 않습니다. 이 규칙 위반 문제를 해결하려면 필드에 포함되는 비관리형 리소스를 할당 및 해제해야 하는 경우 IDisposable을 구현하는 형식의 필드에서 Dispose를 호출합니다. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - '{0}'에는 IDisposable 형식 '{2}'의 '{1}' 필드가 포함되지만, 삭제되지는 않습니다. 이 필드에서 Close 또는 Dispose를 호출하려면 '{0}'에서 Dispose 메서드를 변경합니다. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - 삭제 가능한 필드는 삭제해야 합니다. + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - System.IDisposable을 구현하며, 관리되지 않는 리소스를 사용하도록 제안하는 필드가 있는 형식은 Object.Finalize에 설명된 대로 종료자를 구현하지 않습니다. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - 삭제 가능한 형식에서 종료자를 선언해야 합니다. + Disposable types should declare finalizer Disposable types should declare finalizer - 삭제 가능한 형식에서 종료자를 선언해야 합니다. + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - System.IDisposable을 구현하는 형식은 IDisposable도 구현하는 형식에서 상속됩니다. 상속 형식의 Dispose 메서드는 부모 형식의 Dispose 메서드를 호출하지 않습니다. 이 규칙 위반 문제를 해결하려면 Dispose 메서드에서 base.Dispose를 호출합니다. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - '{0}' 메서드가 모든 가능한 제어 흐름 경로에서 '{1}'을(를) 호출하도록 합니다. + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Dispose 메서드는 기본 클래스 Dispose를 호출해야 합니다. + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - 삭제 가능한 개체에 대한 모든 참조가 범위를 벗어나기 전에 삭제 가능한 개체가 명시적으로 삭제되지 않으면 가비지 수집기가 개체의 종료자를 실행할 때 비활성화 시점에서 개체가 삭제됩니다. 개체 종료자의 실행을 방지하는 예외적인 이벤트가 발생할 수 있으므로 대신 개체를 명시적으로 삭제해야 합니다. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 권장 dispose 패턴을 사용하여 '{0}'에서 생성된 개체가 모든 경로에서 삭제되도록 합니다. 가능한 경우 'using' 문이나 'using' 선언 내에서 생성을 래핑합니다. 그렇지 않으면 try 영역 앞에 선언된 전용 지역 변수 및 'finally' 영역에 있는 null이 아닌 값의 비조건부 Dispose 호출('x?.Dispose()')과 함께 try-finally 패턴을 사용하세요. 개체가 try 영역 내에서 명시적으로 삭제되거나 삭제 소유권이 다른 개체나 메서드로 이전되면 해당 작업 바로 뒤의 지역 변수에 'null'을 할당하여 'finally'에서 이중 삭제를 방지하세요. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 권장 dispose 패턴을 사용하여 '{0}'에서 생성된 개체가 모든 예외 경로에서 삭제되도록 합니다. 가능한 경우 'using' 문이나 'using' 선언 내에서 생성을 래핑합니다. 그렇지 않으면 try 영역 앞에 선언된 전용 지역 변수 및 'finally' 영역에 있는 null이 아닌 값의 비조건부 Dispose 호출('x?.Dispose()')과 함께 try-finally 패턴을 사용하세요. 개체가 try 영역 내에서 명시적으로 삭제되거나 삭제 소유권이 다른 개체나 메서드로 이전되면 해당 작업 바로 뒤의 지역 변수에 'null'을 할당하여 'finally'에서 이중 삭제를 방지하세요. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - '{0}'에서 생성된 개체에 대한 모든 참조가 범위를 벗어나기 전에 해당 개체에서 System.IDisposable.Dispose를 호출합니다. + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - '{0}'에서 생성된 개체는 일부 예외 경로와 함께 삭제되지 않습니다. 개체에 대한 모든 참조가 범위를 벗어나기 전에 해당 개체에서 System.IDisposable.Dispose를 호출합니다. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - 범위를 벗어나기 전에 개체를 삭제하십시오. + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - 대상 파일 시스템 경로에 아카이브 항목 경로 추가 안 함 + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - 아카이브에서 파일을 추출하고 아카이브 항목 경로를 사용할 때 경로가 안전한지 확인합니다. 아카이브 경로는 상대적일 수 있고 예상 파일 시스템 대상 경로 밖의 파일 시스템 액세스를 초래하여 lay-and-wait 기법을 통해 악의적으로 구성이 변경되고 원격 코드 실행이 이루어질 수 있습니다. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - 파일을 추출하기 위해 상대 아카이브 항목 경로에서 '메서드 {1}의 {0}' 경로를 만들 때 소스가 신뢰할 수 없는 zip 아카이브인 경우 상대 아카이브 항목 경로 '메서드 {3}의 {2}'을(를) 삭제해야 합니다. + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - URL로 스키마를 추가하지 마세요. + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - XmlSchemaCollection.Add 메서드의 이 오버로드는 사용되는 XML 판독기에서 내부적으로 DTD 처리를 사용하도록 설정하고 UrlResolver를 사용하여 외부 XML 엔터티를 확인합니다. 결과는 정보 공개입니다. XML을 처리하는 머신에 대한 파일 시스템 또는 네트워크 공유의 콘텐츠가 공격자에게 공개될 수 있습니다. 또한 공격자가 이 취약성을 DoS 벡터로 사용할 수 있습니다. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Add 메서드의 이 오버로드는 위험한 외부 참조를 확인할 수 있으므로 잠재적으로 안전하지 않습니다. + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - 중요한 TokenValidationParameter 유효성 검사 대리자를 true로 설정하면 발급자의 토큰이나 만료된 토큰의 유효성이 잘못 검사될 수 있는 중요한 인증 보호 장치가 비활성화됩니다. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0}은(는) 항상 true를 반환하는 함수로 설정됩니다. 유효성 검사 대리자를 설정하면 기본 유효성 검사를 무시하고, 항상 true를 반환하면 이 유효성 검사가 완전히 비활성화됩니다. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - 대리자에서 토큰 유효성 검사를 항상 건너뛰지 마세요. + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - 안전하지 않은 deserialization은 트러스트되지 않은 데이터를 사용하여 애플리케이션 논리를 남용할 때 발생하는 취약성이고, DoS(서비스 거부) 공격을 가하거나 deserialize될 때 임의의 코드를 실행하기도 합니다. 종종 악의적인 사용자가 제어하는 트리스트되지 않은 데이터를 애플리케이션에서 deserialize할 때 이러한 deserialization 기능을 사용할 수 있습니다. 특히 deserialization 과정에 위험한 메서드를 호출합니다. 안전하지 않은 deserialization 공격이 성공하면 공격자가 DoS 공격, 인증 건너뜀 및 원격 코드 실행과 같은 공격을 수행할 수 있습니다. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - 클래스 '{0}'의 인스턴스를 역직렬화할 때 '{1}' 메서드가 위험한 메서드 '{2}'을(를) 직접 또는 간접적으로 호출할 수 있습니다. + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - 역직렬화에서 위험한 메서드를 호출하면 안 됨 + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> 및 Enumerable.OfType<T>가 제대로 작동하려면 호환되는 형식이 필요합니다. -Enumerable.Cast<T>에서 반환된 시퀀스에서 사용하는 일반 캐스트(IL 'unbox.any')는 지정된 형식의 요소에서 런타임에 InvalidCastException을 발생시킵니다. -Enumerable.OfType<T>에서 사용하는 제네릭 형식 검사(C# 'is' 연산자/IL 'isinst')는 지정된 형식의 요소로 성공하지 못하여 결과적으로 빈 시퀀스가 됩니다. -확대 및 사용자 정의 변환은 일반 형식에서 지원되지 않습니다. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - 형식 '{0}'은(는) 형식 '{1}'과(와) 호환되지 않으며 캐스트 시도에서 런타임에 InvalidCastException이 발생합니다. + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - 형식 '{0}'이(가) 형식 '{1}'과(와) 호환되지 않기 때문에 이 호출은 항상 빈 시퀀스를 생성합니다. + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - 호환되지 않는 형식으로 Enumerable.Cast<T> 또는 Enumerable.OfType<T>를 호출하지 마세요. + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - {1} 값의 {0}을(를) 호출하지 마세요. + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - ImmutableCollection 값의 ToImmutableCollection을 호출하지 마세요. + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource에는 기본 작업을 제어하는 TaskCreationOptions를 사용하는 생성자와 이 작업에 저장된 상태 개체를 사용하는 생성자가 있습니다. 실수로 TaskCreationOptions 대신 TaskContinuationOptions를 전달하면 이 옵션을 상태로 처리하는 호출이 발생합니다. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - TaskContinuationOptions를 TaskCreationOptions로 대체합니다. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - 인수에 TaskCreationOptions 열거형이 아닌 TaskContinuationsOptions 열거형이 포함되어 있습니다. + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - TaskCompletionSource 생성자로 전달된 인수는 TaskContinuationOptions 열거형이 아닌 TaskCreationOptions 열거형이어야 함 + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - TaskScheduler를 사용하는 오버로드 중 하나를 사용하지 않는 경우 작업을 만들지 마세요. 기본값은 TaskScheduler.Current에 예약하는 것이며 이는 교착 상태를 유발할 수 있습니다. 원하는 결과를 얻으려면 스레드 풀에서 TaskScheduler.Default를 사용하여 예약하거나 TaskScheduler.Current를 명시적으로 전달하세요. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - TaskScheduler를 전달하지 않은 상태에서 작업을 만들지 마세요. + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - TaskScheduler를 전달하지 않은 상태에서 작업을 만들지 마세요. + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - MemoryManager<T>에서 파생된 형식에 종료자를 추가하면 Span<T>에서 여전히 메모리를 사용하는 동안 메모리 해제가 허용될 수 있습니다. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - MemoryManager<T>에서 파생된 형식에 종료자를 추가하면 Span<T>에서 계속 메모리를 사용하는 동안 메모리 해제가 허용될 수 있습니다. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - MemoryManager<T>에서 파생된 형식에 대한 종료자 정의 금지 + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - 인증서 유효성 검사를 비활성화하지 않음 + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - 인증서는 서버의 ID를 인증하는 데 도움이 될 수 있습니다. 클라이언트가 요청을 원하는 서버에 보내려면 서버 인증서의 유효성을 검사해야 합니다. ServerCertificateValidationCallback이 항상 'true'를 반환하는 경우 모든 인증서가 유효성 검사를 통과합니다. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - ServerCertificateValidationCallback은 항상 true를 반환하여 서버 인증서를 허용하는 함수로 설정되어 있습니다. 서버 인증서의 유효성을 검사하여 요청을 받는 서버의 ID를 확인해야 합니다. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - CheckCertificateRevocationList 속성이 true로 설정된 플랫폼별 처리기(WinHttpHandler 또는 CurlHandler 또는 HttpClientHandler)를 제공하지 않고 HttpClient를 사용하면 해지된 인증서를 HttpClient에서 유효한 것으로 사용할 수 있도록 허용합니다. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - HTTP 헤더 검사를 사용하지 않도록 설정하지 마세요. + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - HTTP 헤더 검사를 사용하면 응답 헤더에 있는 캐리지 리턴 및 줄 바꿈 문자 \r 및 \n을 인코딩할 수 있습니다. 이 인코딩을 수행하면 헤더에 포함된 신뢰할 수 없는 데이터를 에코하는 애플리케이션을 악용하는 삽입 공격을 방지할 수 있습니다. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - HTTP 헤더 검사를 사용하지 않도록 설정하지 마세요. + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - 요청 유효성 검사를 사용하지 않도록 설정하지 마세요. + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - 요청 유효성 검사는 HTTP 요청을 검사하고 잠재적으로 위험한 콘텐츠가 포함되는지 확인하는 ASP.NET 기능입니다. 이 검사는 악의적인 목적으로 추가되었을 수 있는 URL 쿼리 문자열, 쿠키 또는 게시된 양식 값에 있는 태그 또는 코드에서 보호를 추가합니다. 따라서 일반적으로 이 검사를 수행하는 것이 좋고 심층 방어를 위해 사용하도록 설정해 두어야 합니다. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - {0}에서 요청 유효성 검사가 사용하지 않도록 설정되었습니다. + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - SChannel의 강력한 암호화 사용을 비활성화하지 않음 + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - .NET Framework 4.6부터 System.Net.ServicePointManager 및 System.Net.Security.SslStream 클래스는 새 프로토콜을 사용하는 것이 좋습니다. 프로토콜 약점이 있는 기존 클래스는 지원되지 않습니다. Switch.System.Net.DontEnableSchUseStrongCrypto를 true로 설정하면 이전의 취약한 암호화 검사를 사용하여 프로토콜 마이그레이션을 옵트아웃합니다. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0}이(가) TLS 1.2를 사용하지 않도록, SSLv3를 사용하도록 설정합니다. + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - 토큰 유효성 검사는 토큰 유효성을 검사하는 동안 모든 측면이 분석되고 확인되도록 합니다. 유효성 검사를 끄면 신뢰할 수 없는 토큰이 유효성 검사를 통과하도록 허용하여 보안 허점이 발생할 수 있습니다. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters.{0}은(는) 중요한 유효성 검사를 비활성화하므로 false로 설정하면 안 됩니다. + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - 토큰 유효성 검사를 비활성화하지 마세요 + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols를 true로 설정하지 마세요. 이 스위치를 설정하면 WCF(Windows Communication Framework)가 안전하지 않고 사용되지 않는 TLS(전송 계층 보안) 1.0을 사용하도록 제한됩니다. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - ServicePointManagerSecurityProtocols를 사용하지 않도록 설정 안 함 + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - 'Dictionary.ContainsKey(key)'를 사용하여 'Dictionary.Remove(key)'를 보호하지 마세요. 전자는 키가 있는지 여부를 이미 확인하고, 있지 않으면 throw하지 않습니다. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - 'Dictionary.ContainsKey(key)'를 사용하여 'Dictionary.Remove(key)'를 보호하지 마세요. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - 'Dictionary.ContainsKey(key)'에 대한 불필요한 호출 + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - 인증서 하드 코딩 안 함 + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - 소스 코드의 하드 코딩된 인증서는 악용될 수 있습니다. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 하드 코딩된 인증서에 의해 오염될 수 있는 잠재적인 보안 취약성이 발견되었습니다. + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - 암호화 키 하드 코딩 안 함 + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - SymmetricAlgorithm의 .Key 속성 또는 메서드의 rgbKey 매개 변수는 하드 코딩된 값이어서는 안 됩니다. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 하드 코딩된 키에 의해 오염될 수 있는 잠재적인 보안 취약성이 발견되었습니다. + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - 기본적으로 신뢰할 수 있는 루트 인증 기관 인증서 저장소는 Microsoft 루트 인증서 프로그램의 요구 사항을 준수하는 공용 CA 세트로 구성됩니다. 모든 신뢰할 수 있는 루트 CA는 모든 도메인에 대한 인증서를 발급할 수 있으므로 공격자는 사용자가 직접 설치한 약하거나 강제할 수 있는 CA를 선택하여 공격 대상으로 지정할 수 있으며, 취약하거나 악의적이거나 강제할 수 있는 CA 하나가 전체 시스템의 보안을 약화시킵니다. 설상가상으로 이러한 공격자는 상당히 쉽게 눈에 띄지 않고 넘어갈 수 있습니다. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - 개체가 약한 ID를 가진 경우는 애플리케이션 도메인 경계에서 해당 개체에 직접 액세스할 수 있을 때를 말합니다. 약한 ID를 가진 개체에 대한 잠금을 획득하려는 스레드는 동일한 개체에 대한 잠금을 획득한 다른 애플리케이션 도메인의 두 번째 스레드로 인해 차단될 수 있습니다. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - 약한 ID를 가진 개체를 잠그지 마세요. + Do not lock on objects with weak identity Do not lock on objects with weak identity - 약한 ID를 가진 개체를 잠그지 마세요. + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - 메서드는 .NET Framework 클래스 라이브러리의 생성자 또는 메서드에 문자열 리터럴을 매개 변수로 전달하고 해당 문자열은 지역화 가능해야 합니다. 이 규칙 위반 문제를 해결하려면 문자열 리터럴을 ResourceManager 클래스의 인스턴스를 통해 검색된 문자열로 바꿉니다. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - '{0}' 메서드가 리터럴 문자열을 '{2}' 호출의 '{1}' 매개 변수로 전달합니다. 대신 리소스 테이블에서 "{3}" 문자열을 가져오세요. + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - 리터럴을 지역화된 매개 변수로 전달하지 마십시오. + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - 충분히 구체적이지 않거나 런타임에서 예약된 형식의 예외는 사용자 지정 코드에서 발생할 수 없습니다. 이로 인해 원래 오류를 감지하거나 디버그하기 어려워집니다. 이러한 예외 인스턴스가 throw되면 다른 예외 형식을 사용하세요. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - 예외 형식 {0}이(가) 런타임에서 예약되었습니다. + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - 예외 형식 {0}이(가) 충분히 구체적이지 않습니다. + Exception type {0} is not sufficiently specific Do not raise reserved exception types - 예약된 예외 형식을 발생시키지 마세요. + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - 포인터 필드를 사용하여 형식을 직렬화하지 마세요. + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - 포인터는 가리키는 메모리의 정확성을 보장할 수 없다는 점에서 "형식이 안전"하지 않습니다. 따라서 공격자가 포인터를 제어하게 될 수 있으므로 포인터 필드를 사용하여 형식을 직렬화하는 것은 위험합니다. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - 직렬화 가능한 형식의 포인터 필드 {0}입니다. + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - 계정 공유 액세스 서명 사용 안 함 + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - SAS(공유 액세스 서명)는 Azure Storage를 사용하는 애플리케이션에 대한 보안 모델의 필수적인 부분으로, 계정 키가 없는 클라이언트에 스토리지 계정에 대한 제한되고 안전한 권한을 제공해야 합니다. 서비스 SAS를 통해 사용할 수 있는 모든 작업은 계정 SAS를 통해서도 사용할 수 있습니다. 즉, 계정 SAS는 권한이 너무 강력합니다. 따라서 서비스 SAS를 사용하여 액세스 권한을 더욱 신중하게 위임하는 것이 좋습니다. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - 세분화된 액세스 제어와 컨테이너 수준 액세스 정책을 위해 계정 SAS가 아닌 서비스 SAS 사용 + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - 손상된 암호화 알고리즘을 사용하지 마세요. + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - 계산상 이 알고리즘을 손상시킬 수 있는 공격이 있습니다. 이를 통해, 제공되어야 하는 암호화 보장이 공격자에 의해 손상될 수 있습니다. 암호화 알고리즘의 형식과 애플리케이션에 따라 공격자가 암호화된 메시지를 읽고, 암호화된 메시지를 변조하고, 디지털 서명을 위조하고, 해시된 콘텐츠를 변조하거나 이 알고리즘 기반의 암호화 시스템을 손상시킬 수 있습니다. 암호화를 키 길이가 128비트보다 크거나 같은 AES 알고리즘(AES-256, AES-192 및 AES-128 사용 가능)으로 바꾸세요. 해시를 SHA512, SHA384 또는 SHA256과 같은 SHA-2 패밀리의 해시 알고리즘으로 바꾸세요. 디지털 서명을 키 길이가 2048비트보다 크거나 같은 RSA 또는 키 길이가 256비트보다 크거나 같은 ECDSA로 바꾸세요. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0}이(가) 손상된 암호화 알고리즘 {1}을(를) 사용합니다. + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - 비어 있지 않은 컬렉션의 경우 CountAsync() 및 LongCountAsync()는 전체 시퀀스를 열거하고, AnyAsync()는 첫 번째 항목 또는 조건을 충족하는 첫 번째 항목에서 중지합니다. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - {0}()은(는) 성능 개선을 위해 AnyAsync()를 대신 사용할 수 있는 경우에 사용됩니다. + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - AnyAsync()를 사용할 수 있는 경우 CountAsync() 또는 LongCountAsync() 사용 안 함 + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - 비어 있지 않은 컬렉션의 경우 Count() 및 LongCount()는 전체 시퀀스를 열거하고, Any()는 첫 번째 항목 또는 조건을 충족하는 첫 번째 항목에서 중지합니다. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - {0}()은(는) 성능 개선을 위해 Any()를 대신 사용할 수 있는 경우에 사용됩니다. + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Any()를 사용할 수 있는 경우 Count() 또는 LongCount() 사용 안 함 + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - 대칭형 암호화는 항상 반복할 수 없는 초기화 벡터를 사용하여 사전 공격을 방지해야 합니다. - - - - Do Not Use Deprecated Security Protocols - 사용되지 않는 보안 프로토콜을 사용하지 마세요. - - - - Using a deprecated security protocol rather than the system default is risky. - 시스템 기본값이 아닌 사용되지 않는 보안 프로토콜을 사용하는 것은 위험합니다. - - - - Hard-coded use of deprecated security protocol {0} - 사용되지 않는 보안 프로토콜 {0}의 하드 코드된 사용 + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - DSA (디지털 서명 알고리즘) 사용 안 함 + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - DSA가 보호 수준이 너무 낮아 사용할 수 없습니다. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 비대칭 암호화 알고리즘 {0}은(는) 취약합니다. 대신 최소 2048 키 크기, ECDH 또는 ECDSA 알고리즘이 포함된 RSA로 전환하세요. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - 이 컬렉션을 직접 인덱싱할 수 있습니다. 여기에서 LINQ를 통과하면 불필요한 할당과 CPU 작업이 발생합니다. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - 인덱싱 가능한 컬렉션의 Enumerable 메서드를 사용하지 마세요. 대신 컬렉션을 직접 사용하세요. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - 인덱싱 가능한 컬렉션의 Enumerable 메서드를 사용하면 안 됨 + Do not use Enumerable methods on indexable collections Do not use insecure randomness - 안전하지 않은 임의성 사용 안 함 + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - 암호화가 약한 의사 난수 생성기를 사용하면 공격자가 생성되는 보안에 중요한 값을 예측할 수 있습니다. 예측 불가능한 값이 필요한 경우 암호화가 강한 난수 생성기를 사용하거나, 약한 의사 난수가 보안에 중요한 방식으로 사용되지 않도록 하세요. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0}은(는) 비보안 난수 생성기입니다. 보안을 위해 임의성이 필요한 경우 암호화된 보안 난수 생성기를 사용하세요. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - 사용되지 않는 키 파생 함수 사용 안 함 + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - 암호 기반 키 파생은 PBKDF2와 SHA-2를 사용해야 합니다. PasswordDeriveBytes는 PBKDF1 키를 생성하므로 사용하지 마세요. Rfc2898DeriveBytes.CryptDeriveKey는 반복 횟수 또는 솔트를 사용하지 않으므로 사용하지 마세요. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - 사용되지 않는 키 파생 함수 {0}.{1}에 대한 호출 + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - 'OutAttribute'를 사용하여 값으로 전달된 문자열 매개 변수는 문자열이 인턴 지정된 문자열인 경우 런타임을 불안정하게 만들 수 있습니다. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - 값으로 전달된 문자열 매개 변수 '{0}'에는 'OutAttribute'를 사용하지 마세요. 수정된 데이터를 다시 호출자에 마샬링해야 하는 경우 대신 'out' 키워드를 사용하여 참조로 문자열을 전달하세요. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - P/Invokes에 대한 문자열 매개 변수에는 'OutAttribute'를 사용하지 마세요. + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - 값 형식이 '{0}'인 인수를 'ReferenceEqualityComparer'의 'Equals' 메소드에 전달하지 마세요. 값 boxing으로 인해 'Equals'에 대한 이 호출은 예기치 않은 결과를 반환할 수 있습니다. 대신 'EqualityComparer'를 사용하거나 'ReferenceEqualityComparer'를 사용하려는 경우 참조 형식 인수를 전달하세요. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - 값 형식 형식 인수는 이 메소드에 대한 각 호출에 대해 고유하게 boxing되므로 예상하지 못한 결과가 나올 수 있습니다. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - 값 형식이 '{0}'인 인수를 'ReferenceEquals'에 전달하지 마세요. 값 boxing으로 인해 'ReferenceEquals'에 대한 이 호출은 예기치 않은 결과를 반환할 수 있습니다. 대신 'Equals'를 사용하거나 'ReferenceEquals'를 사용하려는 경우 참조 형식 인수를 전달하세요. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - 값 형식이 있는 ReferenceEquals를 사용하면 안 됨 + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - stackalloc에서 할당된 스택 공간은 현재 메서드의 호출이 끝날 때만 릴리스됩니다. 루프에서 stackalloc를 사용하면 바인딩되지 않은 스택 증가 및 최종 스택 오버플로 조건이 발생할 수 있습니다. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - 잠재적 스택 오버플로입니다. stackalloc를 루프 밖으로 이동합니다. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - 루프에서 stackalloc을 사용하면 안 됨 + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - 정기적인 작업의 실행 빈도가 높아지면 CPU 사용률도 높아져 디스플레이 및 하드 디스크를 끄는 절전 유휴 타이머에 방해가 됩니다. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - 전원 상태 변경을 방해하는 타이머를 사용하지 마세요. + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - 전원 상태 변경을 방해하는 타이머를 사용하지 마세요. + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - 안전하지 않은 DllImportSearchPath 값 사용 안 함 + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - 기본 DLL 검색 디렉터리에 악성 DLL이 있을 수 있습니다. 또는 애플리케이션이 실행되는 위치에 따라 애플리케이션의 디렉터리에 악성 DLL이 있을 수 있습니다. 대신 명시적 검색 경로를 지정하는 DllImportSearchPath 값을 사용합니다. 이 규칙이 검색하는 DllImportSearchPath 플래그는 .editorconfig에서 구성할 수 있습니다. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - 안전하지 않은 DllImportSearchPath 값 {0} 사용 + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - 단일 작업에 'WaitAll'을 사용하면 대신 성능이 저하되거나 작업을 기다리거나 반환할 수 있습니다. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - 'WaitAll'을 단일 'Wait'으로 교체 + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - 단일 작업에 'WaitAll'을 사용하지 마세요. + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - 취약한 암호화 알고리즘을 사용하지 마세요. + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - 암호화 알고리즘의 성능이 점점 저하되어 공격자가 더 많은 계산에 액세스할 수 있도록 공격이 진화합니다. 암호화 알고리즘의 형식과 애플리케이션 및 계속 저하되는 암호화 기능에 따라 공격자가 암호화된 메시지를 읽고, 암호화된 메시지를 변조하고, 디지털 서명을 위조하고, 해시된 콘텐츠를 변조하거나 이 알고리즘 기반의 암호화 시스템을 손상시킬 수 있습니다. 암호화를 키 길이가 128비트보다 크거나 같은 AES 알고리즘(AES-256, AES-192 및 AES-128 사용 가능)으로 바꾸세요. 해시를 SHA-2 512, SHA-2 384 또는 SHA-2 256과 같은 SHA-2 패밀리의 해시 알고리즘으로 바꾸세요. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0}이(가) 취약한 암호화 알고리즘 {1}을(를) 사용합니다. + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - 키 파생 함수 알고리즘이 충분히 강력한지 확인 + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Rfc2898DeriveBytes 클래스의 일부 구현에서는 해시 알고리즘을 생성자 매개 변수에 지정하거나 HashAlgorithm 속성에서 덮어쓸 수 있도록 허용합니다. 해시 알고리즘이 지정된 경우 SHA-256 이상의 해시 알고리즘이어야 합니다. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0}이(가) 취약한 해시 알고리즘을 사용하고 있을 수 있습니다. 암호에서 강력한 키를 만들려면 SHA256, SHA384 또는 SHA512를 사용하세요. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - 암호와 같은 사용자 제공 입력에서 암호화 키를 파생할 때 충분한 반복 횟수(10만 이상)를 사용하세요. + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - 단일 작업에 'WhenAll'을 사용하면 대신 성능이 저하되거나 작업을 기다리거나 반환할 수 있습니다. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - 'WhenAll' 호출을 인수로 대체 + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - 단일 작업에 'WhenAll'을 사용하지 마세요. + Do not use 'WhenAll' with a single task Do Not Use XslTransform - XslTransform 사용 안 함 + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - XslTransform을 사용하지 마세요. 잠재적으로 위험한 외부 참조를 제한하지 않습니다. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - 기능적인 'DynamicInterfaceCastableImplementationAttribute' 속성 인터페이스를 제공하려면 Visual Basic에서 지원되지 않는 기본 인터페이스 멤버 기능이 필요합니다. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Visual Basic에서 'DynamicInterfaceCastableImplementation' 인터페이스 제공은 지원되지 않습니다. + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Visual Basic에서 'DynamicInterfaceCastableImplementation' 인터페이스 제공은 지원되지 않습니다. + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - 런타임 마샬링이 비활성화된 경우 런타임 마샬링이 필요한 기능을 사용하면 런타임 예외가 발생합니다. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - '[StructLayout(LayoutKind.Auto)]' 유형은 런타임 마샬링을 활성화해야 합니다. + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - By-ref 매개 변수는 런타임 마샬링을 활성화해야 합니다. + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - 관리되는 형식을 매개 변수로 사용하거나 반환 형식을 사용하는 대리자는 대리자가 정의된 어셈블리에서 런타임 마샬링을 사용하도록 설정해야 합니다 + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - HResult-swapping은 런타임 마샬링을 활성화해야 합니다. + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - 'LCIDConversionAttribute'를 사용하려면 런타임 마샬링을 활성화해야 합니다. + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - 관리되는 매개 변수 또는 반환 유형은 런타임 마샬링을 활성화해야 합니다. + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - SetLastError를 'true'로 설정하려면 런타임 마샬링을 활성화해야 합니다. + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Varadic P/Invoke 서명은 런타임 마샬링을 활성화해야 합니다. + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - 속성, 유형 또는 특성에는 런타임 마샬링이 필요합니다. + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - '{0}'의 유형에 미리 보기 유형 '{1}'이(가) 포함되어 있으며 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3} '{0}'의 유형에 '{1}' 미리 보기 유형이 포함되어 있으며 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - 'CancellationToken' 매개 변수를 메서드로 전달하여 작업 취소 알림이 올바르게 전파되도록 하거나, 명시적으로 'CancellationToken.None'을 전달하여 의도적으로 토큰을 전파하지 않음을 나타냅니다. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - '{0}' 매개 변수를 '{1}' 메서드로 전달하거나, 명시적으로 'CancellationToken.None'을 전달하여 의도적으로 토큰을 전파하지 않음을 나타내세요. + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - 'CancellationToken' 매개 변수를 메서드로 전달 + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - 운영 체제에서 사용할 최상의 전송 계층 보안 프로토콜을 선택할 수 있게 하려면 SecurityProtocolType {0}을(를) 하드 코딩하지 말고 대신 SecurityProtocolType.SystemDefault를 사용하세요. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - SecurityProtocolType 값 하드 코딩 방지 + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - 취약성이 발견되면 현재 전송 계층 보안 프로토콜 버전이 사용되지 않을 수 있습니다. 애플리케이션을 안전하게 유지하려면 SslProtocols 값을 하드 코딩하지 않습니다. 운영 체제에서 버전을 선택하도록 하려면 '없음'을 사용합니다. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - 앞으로 애플리케이션을 안전하게 유지하려면 SslProtocols '{0}'을(를) 하드 코딩하지 마세요. 운영 체제에서 버전을 선택하도록 하려면 '없음'을 사용하세요. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - 하드 코딩된 SslProtocols 값 방지 + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - 제네릭 수학 인터페이스를 사용하려면 파생 형식 자체를 자체 되풀이 형식 매개 변수에 사용해야 합니다. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - '{0}'을(를) 사용하려면 '{1}' 형식 매개 변수를 파생 형식 '{2}'(으)로 채워야 합니다. + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - 올바른 형식 매개 변수 사용 + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - 이 규칙 위반 문제를 해결하려면 GetObjectData 메서드를 visible 및 overridable로 설정하고 모든 인스턴스 필드가 serialization 프로세스에 포함되거나 NonSerializedAttribute 특성을 사용하여 명시적으로 표시되도록 합니다. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - {0} 형식에 GetObjectData 구현을 추가하세요. + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - {0}.GetObjectData를 재정의 가능한 가상 메서드로 설정하세요. + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - 파생 형식에 표시되도록 {0}.GetObjectData의 접근성을 높이세요. + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - ISerializable을 올바르게 구현하십시오. + Implement ISerializable correctly Implement inherited interfaces - 상속된 인터페이스 구현 + Implement inherited interfaces Implement Serialization constructor - Serialization 생성자 구현 + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - 이 규칙 위반 문제를 해결하려면 serialization 생성자를 구현합니다. sealed 클래스의 경우 생성자를 private으로 설정하고, 그렇지 않으면 protected로 설정합니다. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - 다음 시그니처를 사용하여 생성자를 {0}에 추가하십시오. 'protected {0}(SerializationInfo info, StreamingContext context)' + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - sealed 형식의 {0} serialization 생성자를 private으로 선언하세요. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - unsealed 형식의 {0} serialization 생성자를 protected로 선언하세요. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - serialization 생성자를 구현하십시오. + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - serialization 이벤트를 처리하는 메서드에 올바른 시그니처, 반환 형식 또는 표시 여부가 없습니다. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - {0}이(가) OnSerializing, OnSerialized, OnDeserializing 또는 OnDeserialized로 표시되어 있으므로 제네릭이 되지 않도록 시그니처를 변경하세요. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - {0}이(가) OnSerializing, OnSerialized, OnDeserializing 또는 OnDeserialized로 표시되어 있으므로 'System.Runtime.Serialization.StreamingContext' 형식의 단일 매개 변수를 사용하도록 시그니처를 변경하세요. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - {0}이(가) OnSerializing, OnSerialized, OnDeserializing 또는 OnDeserialized로 표시되어 있으므로 반환 형식을 {1}에서 void(Visual Basic의 경우 Sub)로 변경하세요. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - {0}이(가) OnSerializing, OnSerialized, OnDeserializing 또는 OnDeserialized로 표시되어 있으므로 static(Visual Basic의 경우 Shared)에서 인스턴스 메서드로 변경하세요. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - {0}이(가) OnSerializing, OnSerialized, OnDeserializing 또는 OnDeserialized로 표시되어 있으므로 접근성을 private으로 변경하세요. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - serialization 메서드를 올바르게 구현하십시오. + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}'은(는) 미리 보기 인터페이스 '{1}'를 구현하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}'은(는) 미리 보기 인터페이스 '{1}'를 구현하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}'은(는) 미리 보기 메서드 '{1}'를 구현하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}'은(는) 미리 보기 방법 '{1}'을 구현하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 참조 형식이 명시적 정적 생성자를 선언합니다. 이 규칙 위반 문제를 해결하려면 선언될 때 모든 정적 데이터를 초기화하고 정적 생성자를 제거하세요. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - 참조 형식 정적 필드 인라인을 초기화하세요. + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - '{0}'의 필드가 선언될 때 모든 정적 필드를 초기화하고 정적 생성자를 제거하세요. + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 값 형식이 명시적 정적 생성자를 선언합니다. 이 규칙 위반 문제를 해결하려면 선언될 때 모든 정적 데이터를 초기화하고 정적 생성자를 제거하세요. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - 값 형식 정적 필드 인라인을 초기화하세요. + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - 두 인수 생성자를 호출하도록 변경하고 메시지로 null을 전달합니다. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - 예외 형식의 매개 변수가 없는 기본 생성자에 발생하는 호출은 ArgumentException이거나 ArgumentException에서 파생됩니다. 즉, 올바르지 않은 문자열 인수는 ArgumentException이거나 ArgumentException에서 파생된 예외 형식의 매개 변수가 있는 생성자로 전달됩니다. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - 인수 순서 바꾸기 + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - {0} 메서드가 매개 변수 이름 '{1}'을(를) {3} 생성자에 {2} 인수로 전달합니다. 이 인수를 자세한 설명이 있는 메시지로 바꾸고 매개 변수 이름을 올바른 위치에 전달하세요. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - {0} 메서드가 '{1}'을(를) {3} 생성자에 {2} 인수로 전달합니다. 이 인수를 메서드의 매개 변수 이름 중 하나로 바꾸세요. 제공된 매개 변수 이름의 대/소문자는 메서드에 선언된 것과 일치해야 합니다. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - 메시지 및/또는 paramName 매개 변수를 포함하는 {0} 생성자를 호출하세요. + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - 올바른 인수 예외를 인스턴스화하세요. + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - 'DynamicInterfaceCastableImplementationAttribute' 특성이 있는 형식은 'IDynamicInterfaceCastable' 형식을 구현하는 형식에 대한 인터페이스 구현으로 작동합니다. 그 결과, 다른 경우에는 'IDynamicInterfaceCastable'을 구현하는 형식이 해당 항목을 제공하지 않기 때문에 상속된 인터페이스에 정의된 모든 멤버의 구현을 제공해야 합니다. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - '{0}' 형식에 'DynamicInterfaceCastableImplementationAttribute'가 적용되었지만 상속된 인터페이스에 정의된 모든 인터페이스 멤버의 구현을 제공하지 않습니다. + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - 부모 인터페이스에 선언된 모든 멤버는 DynamicInterfaceCastableImplementation 속성 인터페이스에서 구현해야 합니다. + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver로 초기화된 JavaScriptSerializer로 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. JavaScriptSerializer가 JavaScriptTypeResolver가 지정되지 않은 상태로 초기화되었거나 역직렬화된 개체 그래프에서 해당 개체 형식을 제한하는 JavaScriptTypeResolver로 초기화되었는지 확인하세요. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - deserialize하기 전에 JavaScriptSerializer가 SimpleTypeResolver로 초기화되지 않았는지 확인 + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - SimpleTypeResolver로 초기화된 JavaScriptSerializer로 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. JavaScriptTypeResolver가 지정되지 않은 상태로 JavaScriptSerializer를 초기화하거나 역직렬화된 개체 그래프에서 해당 개체 형식을 제한하는 JavaScriptTypeResolver로 초기화하세요. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - SimpleTypeResolver를 사용하여 JavaScriptSerializer로 deserialize 안 함 + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 신뢰할 수 없는 입력을 역직렬화하는 경우 역직렬화되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializer를 역직렬화하는 경우 TypeNameHandling.None을 사용하고, 또는 None 이외의 값에 대해 SerializationBinder를 사용하여 역직렬화된 형식을 제한하세요. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - 안전하지 않은 구성을 사용하여 JsonSerializer로 역직렬화 안 함 + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 신뢰할 수 없는 입력을 deserialize하는 경우 deserialize되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializerSettings를 사용하는 경우 TypeNameHandling.None을 사용하고, 또는 None 이외의 값에 대해 SerializationBinder를 사용하여 deserialize된 형식을 제한하세요. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - 안전하지 않은 JsonSerializerSettings를 사용하지 마세요. + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 신뢰할 수 없는 입력을 역직렬화하는 경우 역직렬화되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializer를 역직렬화하는 경우 TypeNameHandling.None을 사용하고, 또는 None 이외의 값에 대해 SerializationBinder를 사용하여 역직렬화된 형식을 제한하세요. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - 역직렬화할 때 JsonSerializer에 보안 구성이 있는지 확인 + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - 신뢰할 수 없는 입력을 deserialize하는 경우 deserialize되는 임의 형식을 허용하는 것은 안전하지 않습니다. JsonSerializerSettings를 사용하는 경우 TypeNameHandling.None이 지정되었는지 확인하고, 또는 None 이외의 값에 대해 SerializationBinder가 지정되어 deserialize된 형식을 제한하는지 확인하세요. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - JsonSerializerSettings가 안전한지 확인하세요. + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - None 이외의 TypeNameHandling 값을 사용하는 경우 JSON deserialize가 안전하지 않을 수 있습니다. SerializationBinder가 지정되지 않았을 때 대신 Json.NET deserialization을 검색해야 하는 경우 CA2326 규칙을 사용하지 않도록 설정하고 CA2327, CA2328, CA2329, CA2330 규칙을 사용하도록 설정합니다. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - None 이외의 TypeNameHandling 값을 사용하는 경우 JSON deserialize가 안전하지 않을 수 있습니다. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - None 이외의 TypeNameHandling 값을 사용하지 마세요. + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - 안전하지 않은 역직렬 변환기 LosFormatter를 사용하지 마세요. + Do not use insecure deserializer LosFormatter Convert to static method - 정적 메서드로 변환 + Convert to static method Converting an instance method to a static method may produce invalid code - 인스턴스 메서드를 정적 메서드로 변환하면 잘못된 코드가 생성될 수 있습니다. + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - 매개 변수가 0인 생성자를 '공개'로 설정 + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - 직렬화할 수 없는 형식의 인스턴스 필드는 직렬화할 수 있는 형식으로 선언됩니다. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - {0} 필드는 직렬화할 수 있는 {1} 형식의 멤버이지만 직렬화할 수 없는 {2} 형식입니다. + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - 모두 serialize할 수 없는 필드로 표시하십시오. + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - NeutralResourcesLanguage 특성은 어셈블리의 중립 문화권 리소스를 표시하는 데 사용된 언어 정보를 ResourceManager에 제공합니다. 그 결과 로드되는 첫 번째 리소스에 대한 조회 성능이 향상되고 작업 집합이 줄어듭니다. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - NeutralResourcesLanguageAttribute로 어셈블리를 표시하세요. + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - NeutralResourcesLanguageAttribute로 어셈블리를 표시하세요. + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - 부울 데이터 형식은 비관리 코드에서 다양하게 표현됩니다. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - P/Invoke {1}의 {0} 매개 변수에 MarshalAsAttribute를 추가하세요. 관리되지 않는 해당 매개 변수가 4바이트 Win32 'BOOL'인 경우 [MarshalAs(UnmanagedType.Bool)]를 사용하세요. 1바이트 C++ 'bool'인 경우 MarshalAs(UnmanagedType.U1)를 사용하세요. + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - P/Invoke {0}의 반환 형식에 MarshalAsAttribute를 추가하세요. 관리되지 않는 해당 반환 형식이 4바이트 Win32 'BOOL'인 경우 MarshalAs(UnmanagedType.Bool)를 사용하세요. 1바이트 C++ 'bool'인 경우 MarshalAs(UnmanagedType.U1)를 사용하세요. + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - MarshalAs로 부울 PInvoke 인수를 표시하세요. + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - 공용 언어 런타임에서 serializable로 인식되려면 형식이 ISerializable 인터페이스 구현을 통해 사용자 지정 serialization 루틴을 사용하는 경우에도 SerializableAttribute 특성을 사용하여 형식을 표시해야 합니다. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - ISerializable을 구현하는 [Serializable]을 {0}에 추가합니다. + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - serializable로 ISerializable 형식 표시 + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - HttpClient 인증서 해지 목록 확인을 사용할 수 있는지 확인합니다. + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - CheckCertificateRevocationList를 사용하지 않고 HttpClient가 생성될 수 있습니다. + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - 루트 저장소에 인증서가 추가되지 않았는지 확인 + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - 운영 체제의 신뢰할 수 있는 루트 인증서에 인증서를 추가하는 것은 안전하지 않습니다. 대상 저장소가 루트 저장소가 아닌지 확인하세요. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - 기본 IV와 함께 CreateEncryptor 사용 + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - 잠재적으로 반복할 수 있는, 기본이 아닌 초기화 벡터가 암호화에 사용됩니다. 기본 초기화 벡터를 사용하세요. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - ASP.NET Core에서 보안 쿠키 사용 확인 + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - 쿠키를 설정할 때 CookieOptions.Secure = true인지 확인합니다. + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - 취약한 키 파생 함수를 사용할 때 충분한 반복 횟수가 필요함 + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - 암호에서 암호화 키를 파생할 때 {0} 이상의 반복 횟수를 사용하세요. 기본적으로 Rfc2898DeriveByte의 IterationCount는 1,000뿐입니다. + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - 'IDynamicInterfaceCastable'을 구현하는 형식은 메타데이터에서 동적 인터페이스를 구현하지 않을 수 있으므로 이 형식에 정의된 명시적 구현이 아닌 인스턴스 인터페이스 멤버에 대한 호출은 런타임에 실패할 가능성이 높습니다. 런타임 오류를 방지하려면 새 인터페이스 멤버를 '정적'으로 표시하세요. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - '{1}' 형식의 '{0}' 멤버는 '{1}'에 'DynamicInterfaceImplementationAttribute'가 적용되었으므로 '정적'으로 표시되어야 합니다. + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - 'DynamicInterfaceCastableImplementationAttribute'가 있는 인터페이스에 정의된 멤버는 '정적'이어야 합니다. + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}'은(는) 미리 보기 유형 '{1}'을(를) 반환하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}'은(는) 미리 보기 유형 '{1}'을 반환하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}'은(는) '{1}' 유형의 미리 보기 매개 변수를 사용하며 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}'은(는) '{1}' 유형의 미리 보기 매개 변수를 사용하며 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - 이 메서드는 런타임 마샬링이 비활성화된 경우에도 런타임 마샬링을 사용하므로 형식의 기본 레이아웃에 대한 기대치가 다르기 때문에 런타임에 예기치 않은 동작 차이가 발생할 수 있습니다. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - '{0}'은(는) 'DisableRuntimeMarshallingAttribute'가 적용된 경우에도 런타임 마샬링을 사용합니다. 정확한 결과를 보장하기 위해 'sizeof' 및 포인터와 같은 기능을 직접 사용하세요. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - 이 메서드는 'DisableRuntimeMarshallingAttribute'가 적용된 경우에도 런타임 마샬링을 사용합니다. + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - 작업 메서드의 HttpVerb 특성 누락 + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - 데이터를 생성, 편집, 삭제 또는 수정하는 모든 메서드는 위조 방지 특성을 사용하여 요청 위조로부터 보호되어야 하는 메서드의 [HttpPost] 오버로드에서 해당 작업을 수행합니다. GET 작업 수행은 부작용이 없고 영구 데이터를 수정하지 않는 안전한 작업이어야 합니다. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - 작업 메서드 {0}은(는) HTTP 요청 종류를 명시적으로 지정해야 합니다. + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - 모듈 이니셜라이저는 응용 프로그램 코드가 실행을 시작하기 전에 응용 프로그램의 구성 요소가 초기화되도록 응용 프로그램 코드에서 사용하기 위한 것입니다. 라이브러리 코드가 'ModuleInitializerAttribute'를 사용하여 메서드를 선언하면 응용 프로그램 초기화를 방해할 수 있으며 해당 응용 프로그램의 트리밍 기능에 제한이 생길 수도 있습니다. 'ModuleInitializerAttribute'로 표시된 메서드를 사용하는 대신 라이브러리는 라이브러리 내의 구성 요소를 초기화하는 데 사용할 수 있는 메서드를 노출하고 응용 프로그램 초기화 중에 응용 프로그램이 메서드를 호출할 수 있도록 해야 합니다. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - 'ModuleInitializer' 특성은 애플리케이션 코드 또는 고급 원본 생성기 시나리오에서만 사용하기 위한 것입니다. + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - 'ModuleInitializer' 특성은 라이브러리에서 사용하면 안 됩니다. + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 역직렬화된 개체 그래프에서 개체 형식을 제한하기 위해 SerializationBinder 없이 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - deserialize하기 전에 NetDataContractSerializer.Binder를 설정해야 합니다. + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 역직렬화된 개체 그래프에서 개체 형식을 제한하기 위해 SerializationBinder 없이 신뢰할 수 없는 데이터를 역직렬화하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - 먼저 NetDataContractSerializer.Binder를 설정하지 않고 deserialize하지 마세요. + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - 신뢰할 수 없는 데이터를 deserialize할 경우 '{0}' 메서드는 안전하지 않습니다. SerializationBinder를 설정하지 않고 NetDataContractSerializer deserialization을 검색해야 하는 경우에는 규칙 CA2310을 사용하지 않도록 설정하고 규칙 CA2311 및 CA2312를 사용하도록 설정합니다. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - 안전하지 않은 역직렬 변환기 NetDataContractSerializer를 사용하지 마세요. + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - 문자열이 대문자로 정규화되어야 합니다. 소규모의 문자가 소문자로 변환되면 왕복 작업을 수행할 수 없습니다. 왕복 작업은 문자를 하나의 로캘에서 문자 데이터가 다르게 표시되는 다른 로캘로 변환한 다음 변환된 문자에서 원래 문자를 정확하게 검색하는 것을 의미합니다. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - '{0}' 메서드에서 '{1}' 호출을 '{2}'(으)로 바꾸세요. + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - 대문자로 문자열 정규화 + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - 신뢰할 수 없는 데이터를 deserialize하는 경우 '{0}' 메서드는 안전하지 않습니다. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - 안전하지 않은 역직렬 변환기 ObjectStateFormatter를 사용하지 마세요. + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}'은(는) 미리 보기 방법 '{1}'을(를) 재정의하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}'은(는) 미리 보기 방법 '{1}'을(를) 재정의하므로 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - public 형식의 public 또는 protected 메서드에 System.Runtime.InteropServices.DllImportAttribute 특성(Visual Basic의 선언 키워드에서 구현함)이 있습니다. 이러한 메서드는 노출할 수 없습니다. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - P/Invoke 메서드 '{0}'을(를) 표시하지 않아야 합니다. + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - P/Invokes를 표시하지 않아야 합니다. + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - 및 다른 모든 플랫폼 + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - '{0}' 모든 버전 + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - 구성 요소에서 플랫폼 종속 API를 사용하면 모든 플랫폼에서 코드가 더 이상 작동하지 않습니다. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - '{0}' 버전 {1}~{2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - 이 통화 사이트는 모든 플랫폼에서 연결할 수 있습니다. '{0}'은(는) {1}에서 사용되지 않습니다. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - 이 통화 사이트는 {2}에서 연결할 수 있습니다. '{0}'은(는) {1}에서 사용되지 않습니다. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - 이 호출 사이트에는 모든 플랫폼에서 연결할 수 있습니다. '{0}'은(는) {1}에서만 지원됩니다. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - 이 호출 사이트에는 {2}에서 연결할 수 있습니다. '{0}'은(는) {1}에서만 지원됩니다. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - 이 호출 사이트에는 {2}에서 연결할 수 없습니다. '{0}'은(는) {1}에서만 지원됩니다. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - 이 호출 사이트에는 모든 플랫폼에서 연결할 수 있습니다. '{0}'은(는) {1}에서 지원됩니다. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - 이 호출 사이트에는 {2}에서 연결할 수 있습니다. '{0}'은(는) {1}에서 지원됩니다. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - 플랫폼 호환성 유효성 검사 + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - 이 호출 사이트에는 모든 플랫폼에서 연결할 수 있습니다. '{0}'은(는) {1}에서 지원되지 않습니다. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - 이 호출 사이트에는 {2}에서 연결할 수 있습니다. '{0}'은(는) {1}에서 지원되지 않습니다. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - '{0}' {1} 이하 + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - '{0}' {1} 이상 + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - 신뢰할 수 없는 역직렬화된 데이터를 처리하는 코드를 검토하여 예기치 않은 참조 주기를 처리합니다. 예기치 않은 참조 주기로 인해 코드의 무한 루프가 시작되어서는 안 됩니다. 참조 주기를 처리하지 않으면 공격자가 신뢰할 수 없는 데이터를 역직렬화할 때 프로세스의 메모리를 고갈시키거나 DOS를 수행할 수 있습니다. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0}이(가) 잠재적 참조 순환에 참여합니다. + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - 역직렬화된 개체 그래프의 잠재적 참조 주기 + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - 'Substring'을 'AsSpan'으로 바꿉니다. + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - 'AsSpan'은 'Substring'보다 효율적입니다. 'Substring'은 O(n) 문자열 복사를 수행하는 반면 'AsSpan'은 수행하지 않으며 일정한 비용이 듭니다. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - 범위 기반 오버로드를 사용할 수 있는 경우 'Substring'보다 'AsSpan'을 우선적으로 사용합니다. + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - ''Substring'보다 'AsSpan' 우선적으로 사용 + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - 'Any()' 대신 'Count' 확인 사용 + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - 명확성과 성능을 위해 'Any()'를 사용하는 것보다 'Count'를 0과 비교하는 것이 좋습니다. + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - 'ContainsKey' 사용 + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey'는 일반적으로 O(1)인 반면 'Keys.Contains'는 경우에 따라 O(n)일 수 있습니다. 또한 많은 사전 구현은 할당을 줄이기 위해 Keys 컬렉션을 느리게 초기화합니다. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - 사전 형식 '{0}'에 대해 'Keys.Contains'보다 'ContainsKey'를 우선적으로 사용합니다. + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Dictionary.Contains 메서드를 우선적으로 사용 + Prefer Dictionary.Contains methods Use 'ContainsValue' - 'ContainsValue' 사용 + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - 많은 사전 구현이 Values ​​컬렉션을 느리게 초기화합니다. 불필요한 할당을 피하려면 'Values.Contains'보다 'ContainsValue'를 우선적으로 사용합니다. + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - 사전 형식 '{0}'에 대해 'Values.Contains'보다 'ContainsValue'를 우선적으로 사용합니다. + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - 'HashData' 메소드로 대체 + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - 'ComputeHash'를 호출하기 위해 HashAlgorithm 인스턴스를 생성하고 관리하는 것보다 정적 'HashData' 메서드를 사용하는 것이 더 효율적입니다. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - 'ComputeHash'보다 정적 '{0}.HashData' 메서드를 선호합니다. + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - 'ComputeHash'보다 정적 'HashData' 메서드를 선호합니다. + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - 'Any()' 대신 'IsEmpty' 확인 사용 + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - 명확성과 성능을 위해 'Any()'를 사용하는 것보다 'IsEmpty' 확인 선호 + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - 'Enumerable.Any()'를 호출하는 것보다 사용 가능한 'IsEmpty', 'Count' 또는 'Length' 속성을 사용하는 것이 좋습니다. 의도가 더 명확하고 'Enumerable.Any()' 확장 방법을 사용하는 것보다 더 성능이 좋습니다. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - 'Enumerable.Any()' 확장 메서드 사용 금지 + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - 'Any()' 대신 'Length' 확인 사용 + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - 명확성과 성능을 위해 'Any()'를 사용하는 것보다 'Length'를 0과 비교하는 것이 좋습니다. + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - 'Stream'에 첫 번째 인수로 'Memory<Byte>'를 사용하는 'ReadAsync' 오버로드와 첫 번째 인수로 'ReadOnlyMemory<Byte>'를 사용하는 'WriteAsync' 오버로드가 있습니다. 더 효율적인 메모리 기반 오버로드를 호출하는 것이 좋습니다. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - 개체에 항목이 포함되어 있는지 확인하려면 'Count' 속성의 항목 수를 검색하고 0 또는 1과 비교하는 대신 'IsEmpty' 속성을 사용하는 것이 좋습니다. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - 개체가 비어 있는지 확인하려면 'Count' 대신 'IsEmpty'를 사용하세요. - - - - Prefer IsEmpty over Count - Count 대신 IsEmpty 사용 + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - '{1}' 오버로드를 사용하도록 '{0}' 메서드 호출을 변경하세요. + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - 'ReadAsync' 및 'WriteAsync'에 '메모리' 기반 오버로드 사용 + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - 'string.Contains'로 바꾸기 + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - 결과가 하위 문자열의 존재 여부를 확인하는 데 사용되는 'string.IndexOf' 호출은 'string.Contains'로 바꿀 수 있습니다. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - 가독성을 개선하기 위해 'string.IndexOf' 대신 'string.Contains'를 사용하세요. + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - 'string.IndexOf' 대신 'string.Contains' 사용 고려 + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append 및 StringBuilder.Insert는 System.String 외의 여러 형식에 대한 오버로드를 제공합니다. 가능한 경우 ToString() 및 문자열 기반 오버로드를 사용하는 대신 강력한 형식의 오버로드를 사용하세요. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - 강력한 형식의 StringBuilder 오버로드를 사용하려면 ToString 호출을 제거하세요. + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - ToString 호출 제거 + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - StringBuilder 대신 강력한 형식의 Append 및 Insert 메서드 오버로드를 사용 - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - 문자열이 단일 문자인 경우 'StringBuilder.Append(char)'가 'StringBuilder.Append(string)'보다 효율적입니다. 상수를 사용하여 'Append'를 호출하는 경우 한 문자를 포함하는 상수 문자열 대신 상수 문자를 사용하세요. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - 입력이 상수 단위 문자열인 경우 'StringBuilder.Append(string)' 대신 'StringBuilder.Append(char)'를 사용하세요. - - - - Consider using 'StringBuilder.Append(char)' when applicable - 해당하는 경우 'StringBuilder.Append(char)'를 사용하는 것이 좋음 + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - .NET 7부터는 확인되지 않은 컨텍스트에서 오버플로할 때 명시적 변환 '{0}'이(가) throw되지 않습니다. .NET 6 동작을 복원하려면 식을 'checked' 문으로 래핑합니다. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - .NET 7부터 명시적 변환 '{0}'은(는) 확인된 컨텍스트에서 오버플로할 때 throw됩니다. .NET 6 동작을 복원하려면 'unchecked' 문으로 식을 래핑합니다. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - .NET 7에 추가된 일부 기본 제공 연산자는 오버플로 시 .NET 6 및 이전 버전에서 해당 사용자 정의 연산자와 다르게 동작합니다. 이전에 선택되지 않은 컨텍스트에서 throw한 일부 연산자는 이제 선택한 컨텍스트 내에서 래핑되지 않는 한 throw되지 않습니다. 또한 이전에 선택한 컨텍스트에서 throw하지 않은 일부 연산자는 선택되지 않은 컨텍스트에서 래핑되지 않은 한 지금 throw합니다. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - .NET 7부터 연산자 '{0}'은(는) 확인된 컨텍스트에서 오버플로할 때 throw됩니다. .NET 6 동작을 복원하려면 'unchecked' 문으로 식을 래핑합니다. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - 동작 변경 방지 + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - 'Enum.HasFlag' 메서드는 'enum' 인수가 이 메서드가 호출되는 인스턴스와 같은 'enum' 형식이어야 하며 이 'enum'이 'System.FlagsAttribute'로 표시되어야 합니다. 이 형식이 서로 다른 'enum' 형식이면 런타임에 처리되지 않은 예외가 throw됩니다. 'enum' 형식이 'System.FlagsAttribute'로 표시되지 않으면 호출에서 런타임에 항상 'false'를 반환합니다. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - 인수 형식 '{0}'은(는) 열거형 형식 '{1}'과(와) 같아야 합니다. + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - 'Enum.HasFlag'에 올바른 'enum' 인수 제공 + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - System.String.Format으로 전달된 format 인수에 각 개체 인수에 해당하는 format 항목이 포함되지 않으며 그 반대의 경우도 마찬가지입니다. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - 서식 지정 메서드에 올바른 인수를 제공하세요. + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - 서식 지정 메서드에 올바른 인수를 제공하세요. + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - 형식에 System.Runtime.Serialization.OptionalFieldAttribute 특성을 사용하여 표시된 필드가 있으면 해당 형식은 deserialization 이벤트 처리 메서드를 제공하지 않습니다. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - 'private void OnDeserialized(StreamingContext)' 메서드를 {0} 형식에 추가하고 System.Runtime.Serialization.OnDeserializedAttribute 특성을 사용하세요. + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - 'private void OnDeserializing(StreamingContext)' 메서드를 {0} 형식에 추가하고 System.Runtime.Serialization.OnDeserializingAttribute 특성을 사용하세요. + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - 선택적 필드에 deserialization 메서드를 제공하십시오. + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - 'System.Runtime.InteropServices.SafeHandle'에서 파생된 형식에 대한 포함 형식만큼 표시되는 매개 변수 없는 생성자를 제공하면 원본 생성 interop 솔루션의 성능과 사용이 향상됩니다. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - 'System.Runtime.InteropServices.SafeHandle'에서 파생된 '{0}' 형식에 대한 포함 형식만큼 표시되는 매개 변수 없는 생성자를 제공합니다. + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - 'System.Runtime.InteropServices.SafeHandle'에서 파생된 구체적인 형식에 대한 포함 형식만큼 표시되는 매개 변수 없는 생성자를 제공합니다. + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - 성능을 향상시키려면 'Stream'의 서브클래스를 지정할 때 메모리 기반 비동기 메서드를 재정의하세요. 그런 다음 메모리 기반 방법의 관점에서 배열 기반 방법을 구현합니다. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - '{0}'은(는) 배열 기반 '{1}'을 재정의하지만 메모리 기반 '{2}'은(는) 재정의하지 않습니다. 성능을 향상시키려면 메모리 기반 '{2}'을(를) 재정의하는 것이 좋습니다. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - 'Stream’의 서브클래스를 지정할 때 비동기 메서드의 메모리 기반 재정의 제공 + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - 중복 호출 제거 + Remove redundant call Remove unnecessary call - 불필요한 호출 제거 + Remove unnecessary call Replace string literal with char literal - 문자열 리터럴을 char 리터럴로 바꾸기 + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 DLL 삽입 취약성이 발견되었습니다. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - 코드에서 DLL 삽입 취약성 검토 + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 파일 경로 삽입 취약성이 발견되었습니다. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - 코드에서 파일 경로 삽입 취약성 검토 + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'에 '{3}' 메서드에 있는 '{2}'의 의도하지 않은 데이터가 포함될 수 있는 잠재적인 정보 공개 취약성이 발견되었습니다. + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - 코드에서 정보 공개 취약성 검토 + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 LDAP 삽입 취약성이 발견되었습니다. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - 코드에서 LDAP 삽입 취약성 검토 + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 오픈 리디렉션 취약성이 발견되었습니다. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - 코드에서 오픈 리디렉션 취약성 검토 + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 프로세스 명령 삽입 취약성이 발견되었습니다. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - 코드에서 프로세스 명령 삽입 취약성 검토 + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 regex 삽입 취약성이 발견되었습니다. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - 코드에서 regex 삽입 취약성 검토 + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 SQL 삽입 취약성이 발견되었습니다. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - 코드에서 SQL 삽입 취약성 검토 + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 XAML 삽입 취약성이 발견되었습니다. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - 코드에서 XAML 삽입 취약성 검토 + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 XML 삽입 취약성이 발견되었습니다. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - 코드에서 XML 삽입 취약성 검토 - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 XPath 삽입 취약성이 발견되었습니다. - - - - Review code for XPath injection vulnerabilities - 코드에서 XPath 삽입 취약성 검토 + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' 메서드의 '{0}'이(가) '{3}' 메서드의 '{2}'에서 사용자 제어 데이터에 의해 감염될 수 있는 잠재적인 XSS(사이트 간 스크립팅) 취약성이 발견되었습니다. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - 코드에서 XSS 취약성 검토 + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - 사용자 입력을 직접 사용하는 SQL 쿼리는 SQL 삽입 공격에 취약할 수 있습니다. 이 SQL 쿼리에 잠재적인 취약성이 있는지 검토하고 매개 변수화된 SQL 쿼리를 사용하는 것이 좋습니다. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - '{1}'의 '{0}'에 전달되는 쿼리 문자열이 사용자 입력을 허용하는지 검토합니다. + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - 보안상 취약한 부분이 있는지 SQL 쿼리를 검토하십시오. + Review SQL queries for security vulnerabilities Seal class - 봉인 클래스 + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - 형식이 해당 어셈블리 외부에서 액세스할 수 없고 포함하는 어셈블리 내에 하위 형식이 없는 경우 안전하게 봉인할 수 있습니다. 봉인 유형은 성능을 향상시킬 수 있습니다. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - 유형 '{0}'은(는) 포함하는 어셈블리에 하위 유형이 없고 외부에서 볼 수 없기 때문에 봉인될 수 있습니다. + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - 내부 형식 봉인 + Seal internal types Set HttpOnly to true for HttpCookie - HttpCookie에 대해 HttpOnly를 true로 설정 + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - 심층 방어 수단으로 보안에 중요한 HTTP 쿠키가 HttpOnly로 표시되어 있는지 확인합니다. 이는 웹 브라우저에서 스크립트가 쿠키에 액세스하는 것을 허용하지 않아야 함을 나타냅니다. 삽입된 악성 스크립트는 쿠키를 도용하는 일반적인 방법입니다. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie를 사용할 경우 HttpCookie.HttpOnly가 false로 설정되거나, 설정되지 않습니다. 악성 스크립트가 쿠키를 도용하지 못하도록 하려면 보안에 중요한 쿠키가 HttpOnly로 표시되어 있는지 확인하세요. + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Page에서 파생된 클래스의 ViewStateUserKey 설정 + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - ViewStateUserKey 속성을 설정하면 공격을 생성하는 데 변수를 사용할 수 없도록 개별 사용자의 뷰 상태 변수에 식별자를 할당할 수 있어 애플리케이션에 대한 공격을 방지할 수 있습니다. 그렇지 않으면 교차 사이트 요청 위조 취약성이 발생합니다. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - System.Web.UI.Page에서 파생된 {0} 클래스가 OnInit 메서드 또는 Page_Init 메서드에서 ViewStateUserKey 속성을 설정하지 않습니다. + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - 현재 문화권에 대한 우발적인 암시적 종속을 방지하려면 문화권을 지정하세요. 불변 버전을 사용하면 애플리케이션의 문화권에 관계없이 일관된 결과를 얻을 수 있습니다. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - 현재 문화권에 대한 암시적 종속성을 피하기 위해 문화권을 지정하거나 고정 버전을 사용하세요. + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - 문화권 지정 또는 고정 버전 사용 + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - 메서드 또는 생성자는 System.Globalization.CultureInfo 매개 변수를 허용하는 오버로드가 있는 멤버를 호출하며 CultureInfo 매개 변수를 사용하는 오버로드를 호출하지 않습니다. CultureInfo 또는 System.IFormatProvider 개체가 제공되지 않으면 오버로드된 멤버가 제공한 기본값을 사용하여 원하는 결과를 모든 로캘에서 얻지 못할 수 있습니다. 결과가 사용자에게 표시되는 경우 'CultureInfo.CurrentCulture'를 'CultureInfo' 매개 변수로 지정하세요. 반면 디스크 또는 데이터베이스에 보관될 때와 같이 결과가 저장되고, 소프트웨어에서 결과에 액세스하는 경우 'CultureInfo.InvariantCulture'를 지정하세요. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}'의 동작은 현재 사용자의 로캘 설정에 따라 다를 수 있습니다. '{1}'에서 이 호출을 '{2}'에 대한 호출로 바꾸세요. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - CultureInfo를 지정하세요. + Specify CultureInfo Specify current culture - 현재 문화권 지정 + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - 메서드 또는 생성자는 System.IFormatProvider 매개 변수를 허용하는 오버로드가 있는 하나 이상의 멤버를 호출하며 IFormatProvider 매개 변수를 사용하는 오버로드를 호출하지 않습니다. System.Globalization.CultureInfo 또는 IFormatProvider 개체가 제공되지 않으면 오버로드된 멤버에서 제공한 기본값을 사용하여 원하는 결과를 모든 로캘에서 얻지 못할 수 있습니다. 결과가 사용자의 입력/사용자에게 표시되는 출력을 기반으로 하는 경우 'CultureInfo.CurrentCulture'를 'IFormatProvider'로 지정하세요. 그러지 않고 디스크/데이터베이스에서 로드되고 디스크/데이터베이스에 유지될 때와 같이 소프트웨어에서 결과를 저장하고 이에 액세스하는 경우 'CultureInfo.InvariantCulture'를 지정하세요. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}'의 동작은 현재 사용자의 로캘 설정에 따라 다를 수 있습니다. '{1}'에서 이 호출을 '{2}'에 대한 호출로 바꾸세요. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}'의 동작은 현재 사용자의 로캘 설정에 따라 다를 수 있습니다. '{1}'에서 이 호출을 '{2}'에 대한 호출로 바꾸세요. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - '{0}' 동작은 현재 사용자의 로캘 설정에 따라 다를 수 있습니다. 'IFormatProvider' 인수에 대한 값을 제공하세요. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}'에서는 '{1}'을(를) 'IFormatProvider' 매개 변수로 '{2}'에 전달합니다. 이 속성이 서식 지정 메서드에 적합하지 않은 문화권을 반환합니다. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}'에서는 '{1}'을(를) 'IFormatProvider' 매개 변수로 '{2}'에 전달합니다. 이 속성이 서식 지정 메서드에 적합하지 않은 문화권을 반환합니다. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - IFormatProvider를 지정하세요. + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - 플랫폼 호출 멤버는 부분적으로 신뢰하는 호출자를 허용하고, 문자열 매개 변수를 보유하며, 문자열을 명시적으로 마샬링하지 않습니다. 이로 인해 잠재적인 보안 취약성이 발생할 수 있습니다. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - P/Invoke 문자열 인수에 대해 마샬링을 지정하세요. + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 문자열 비교 작업에서는 StringComparison 매개 변수를 설정하지 않는 메서드 오버로드를 사용합니다. 의도를 명확하게 하기 위해 StringComparison 매개 변수가 있는 오버로드를 사용하는 것이 좋습니다. 목록 상자에 표시하기 위해 항목 목록을 정렬할 때와 같이 결과가 사용자에게 표시되는 경우 'StringComparison.CurrentCulture' 또는 'StringComparison.CurrentCultureIgnoreCase'를 'StringComparison' 매개 변수로 지정하세요. 파일 경로, 환경 변수 또는 레지스트리 키 및 값 등의 대/소문자를 구분하지 않는 식별자를 비교하는 경우 'StringComparison.OrdinalIgnoreCase'를 지정하세요. 반면 대/소문자를 구분하는 식별자를 비교하는 경우 'StringComparison.Ordinal'을 지정하세요. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - '{0}'에 'StringComparison' 매개 변수를 사용하는 메서드 오버로드가 있습니다. 의도를 명확하게 하기 위해 '{1}'의 이 호출을 '{2}'에 대한 호출로 바꾸세요. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - 명확성을 위해 StringComparison 지정 + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 문자열 비교 작업에서는 StringComparison 매개 변수를 설정하지 않는 메서드 오버로드를 사용하므로 해당 동작은 현재 사용자의 로캘 설정에 따라 달라질 수 있습니다. 의도를 정확하고 명확하게 하기 위해 StringComparison 매개 변수가 있는 오버로드를 사용하는 것이 좋습니다. 목록 상자에 표시하기 위해 항목 목록을 정렬할 때와 같이 결과가 사용자에게 표시되는 경우 'StringComparison.CurrentCulture' 또는 'StringComparison.CurrentCultureIgnoreCase'를 'StringComparison' 매개 변수로 지정하세요. 파일 경로, 환경 변수 또는 레지스트리 키 및 값 등의 대/소문자를 구분하지 않는 식별자를 비교하는 경우 'StringComparison.OrdinalIgnoreCase'를 지정하세요. 반면 대/소문자를 구분하는 식별자를 비교하는 경우 'StringComparison.Ordinal'을 지정하세요. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}'의 동작은 현재 사용자의 로캘 설정에 따라 다를 수 있습니다. '{1}'에서 이 호출을 '{2}'에 대한 호출로 바꾸세요. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - 정확성을 위해 StringComparison 지정 + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - '정적' 및 '추상' 한정자를 모두 사용하려면 미리 보기 기능을 선택해야 합니다. 자세한 내용은 https://aka.ms/dotnet-warnings/preview-features를 참조하세요. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - String.Length 속성 또는 String.IsNullOrEmpty 메서드를 사용하면 Equals를 사용하는 것보다 훨씬 빠르게 문자열을 비교할 수 있습니다. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - 같음 검사 대신 'string.Length' 속성 또는 'string.IsNullOrEmpty' 메서드를 사용하여 빈 문자열을 테스트하세요. + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - 문자열 길이를 사용하여 빈 문자열을 테스트하세요. + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - 이 식은 Single.Nan 또는 Double.Nan에 대한 값을 테스트합니다. Single.IsNan(단일) 또는 Double.IsNan(이중)을 사용하여 값을 테스트하세요. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - NaN에 대해 정확하게 테스트하세요. + Test for NaN correctly Test for NaN correctly - NaN에 대해 정확하게 테스트하세요. + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - 'ThreadStatic' 필드는 인라인 초기화를 사용하거나 명시적으로 유형의 정적 생성자를 실행하는 스레드의 필드만 초기화하는 정적 생성자에서가 아니라 사용 시 느리게 초기화되어야 합니다. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - 'ThreadStatic' 필드는 인라인 초기화를 사용하면 안 됩니다. + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - 잘못된 'ThreadStatic' 필드 초기화 + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - 'ThreadStatic'은(는) 정적 필드에만 영향을 줍니다. 인스턴스 필드에 적용할 때 동작에 영향을 주지 않습니다. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - 'ThreadStatic'이(가) 정적 필드에서만 사용되는지 확인 + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - 'ThreadStatic'은(는) 정적 필드에만 영향을 줍니다. + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - ArgumentException throw 도우미 사용 + Use ArgumentException throw helper Use ArgumentNullException throw helper - ArgumentNullException throw 도우미 사용 + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - ArgumentOutOfRangeException throw 도우미 사용 + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Array.Empty를 사용하세요. + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - 배열 값에 대한 범위 기반 인덱서는 배열의 요청된 부분의 복사본을 생성합니다. 이 복사본은 암시적으로 범위 또는 메모리 값으로 사용될 경우 대개 필요하지 않습니다. 복사본이 생성되지 않도록 하려면 AsSpan 메서드를 사용하세요. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - 불필요한 데이터 복사본을 만들지 않으려면 '{2}'에서 '{1}' 기반 인덱서 대신 '{0}'을(를) 사용하세요. + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - 문자열의 범위 기반 인덱서 대신 '{0}' 사용 + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - 배열의 범위 기반 인덱서 대신 '{0}' 사용 + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - 적절한 경우 범위 기반 인덱서 대신 AsSpan 또는 AsMemory를 사용합니다. + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 문자열 값에 대한 범위 기반 인덱서는 문자열의 요청된 부분의 복사본을 생성합니다. 이 복사본은 암시적으로 ReadOnlySpan 또는 ReadOnlyMemory 값으로 사용될 경우 대개 필요하지 않습니다. 불필요한 복사본이 생성되지 않도록 하려면 AsSpan 메서드를 사용하세요. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 배열 값에 대한 범위 기반 인덱서는 배열의 요청된 부분의 복사본을 생성합니다. 이 복사본은 암시적으로 ReadOnlySpan 또는 ReadOnlyMemory 값으로 사용될 경우 대개 필요하지 않습니다. 불필요한 복사본이 생성되지 않도록 하려면 AsSpan 메서드를 사용하세요. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Task 반환 메서드 내부에서 메서드의 비동기 버전이 있는 경우 이를 사용합니다. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - '{0}'은(는) 동기적으로 차단됩니다. 대신 '{1}'을(를) 기다리세요. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - '{0}'은(는) 동기적으로 차단됩니다. 대신 대기를 사용하세요. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - 비동기 메서드에 있을 때 비동기 메서드 호출 + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - ASP.NET Core MVC 컨트롤러에서 위조 방지 토큰 사용 + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - 위조 방지 토큰의 유효성을 검사하지 않고 POST, PUT, PATCH 또는 DELETE 요청을 처리하면 교차 사이트 요청 위조 공격에 취약할 수 있습니다. 교차 사이트 요청 위조 공격은 인증된 사용자의 악성 요청을 ASP.NET Core MVC 컨트롤러로 보낼 수 있습니다. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - {0} 메서드는 위조 방지 토큰 유효성 검사를 수행하지 않고 {1} 요청을 처리합니다. 또한 HTML 양식이 위조 방지 토큰을 보내는지 확인해야 합니다. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - 'CancellationToken.ThrowIfCancellationRequested'로 교체 + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - 'ThrowIfCancellationRequested'는 토큰이 취소되었는지 자동으로 확인하고 취소된 경우 'OperationCanceledException'을 발생시킵니다. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - 'IsCancellationRequested'를 확인하고 'OperationCanceledException'을 발생시키는 대신 'ThrowIfCancellationRequested'를 사용하세요. + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - 'ThrowIfCancellationRequested' 사용 + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - 구체적인 형식을 사용하면 가상 또는 인터페이스 호출 오버헤드를 방지하고 인라인을 사용할 수 있습니다. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - 성능 향상을 위해 '{0}' 필드 형식을 '{1}'에서 '{2}'(으)로 변경하세요. + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - 성능 향상을 위해 '{0}' 변수 형식을 '{1}'에서 '{2}'(으)로 변경하세요. + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - 성능 향상을 위해 '{0}' 메서드 반환 형식을 '{1}'에서 '{2}'(으)로 변경하세요. + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - 성능 향상을 위해 '{0}' 매개 변수 형식을 '{1}'에서 '{2}'(으)로 변경하세요. + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - 성능 향상을 위해 속성 형식 '{0}'을(를) '{1}'에서 '{2}'(으)로 변경 + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - 성능 향상을 위해 가능한 경우 구체적인 형식 사용하세요. + Use concrete types when possible for improved performance Use Container Level Access Policy - 컨테이너 수준 액세스 정책 사용 + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - 액세스 정책 식별자가 지정되지 않아 토큰을 해지 불가능으로 만듭니다. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - 가능한 경우 SAS(공유 액세스 서명) 대신 Azure의 역할 기반 액세스 제어를 사용하는 것이 좋습니다. 계속 SAS를 사용해야 하는 경우 SAS를 만들 때 컨테이너 수준 액세스 정책을 사용하세요. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - P/Invokes에 DefaultDllImportSearchPaths 특성 사용 + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - 기본적으로 DllImportAttribute를 사용하는 P/Invokes는 로드할 라이브러리의 현재 작업 디렉터리를 비롯한 여러 디렉터리를 프로브합니다. 이는 특정 애플리케이션에서 DLL 하이재킹으로 이어지는 보안 문제가 될 수 있습니다. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - {0} 메서드는 P/Invokes에 DefaultDllImportSearchPaths 특성을 사용하지 않았습니다. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - 마샬링이 비활성화된 경우 작동하는 동등한 코드 사용 + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - 'Environment.CurrentManagedThreadId'는 'Thread.CurrentThread.ManagedThreadId'보다 간단하고 빠릅니다. + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - 'Environment.CurrentManagedThreadId' 사용 + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - 'Thread.CurrentThread.ManagedThreadId' 대신 'Environment.CurrentManagedThreadId' 사용 + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - 'Environment.CurrentManagedThreadId' 사용 + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - 'Environment.ProcessId'가 'Process.GetCurrentProcess().Id'보다 더 빠르고 간단합니다. + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - 'Environment.ProcessId' 사용 + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - 'Process.GetCurrentProcess().Id' 대신 'Environment.ProcessId'를 사용하세요. + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - 'Environment.ProcessId' 사용 + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - 'Environment.ProcessPath'는 'Process.GetCurrentProcess().MainModule.FileName'보다 간단하고 빠릅니다. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - 'Environment.ProcessPath' 사용 + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - 'Process.GetCurrentProcess().MainModule.FileName' 대신 'Environment.ProcessPath' 사용 + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - 'Environment.ProcessPath' 사용 + Use 'Environment.ProcessPath' Use indexer - 인덱서 사용 + Use indexer Use an invariant version - 고정 버전 사용 + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - 운영 체제 호출 메서드가 정의되었으며 동일한 기능의 메서드가 .NET Framework 클래스 라이브러리에 있습니다. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Win32 API에 있는 동일한 기능의 관리되는 항목을 사용하세요. + Use managed equivalents of win32 api Use managed equivalents of win32 api - Win32 API에 있는 동일한 기능의 관리되는 항목을 사용하세요. + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - ObjectDisposedException throw 도우미 사용 + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - 비언어적 문자열 비교 작업에서는 StringComparison 매개 변수를 서수 또는 OrdinalIgnoreCase로 설정하지 않습니다. 매개 변수를 명시적으로 StringComparison.Ordinal 또는 StringComparison.OrdinalIgnoreCase로 설정하면 코드의 속도가 빨라지고, 정확도와 신뢰도가 더 높아집니다. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - 서수 문자열 비교 사용 + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Length/Count 속성이 직접 액세스인 동안 Enumerable.Count()는 잠재적으로 시퀀스를 열거합니다. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Enumerable.Count() 대신 "{0}" 속성을 사용하세요. + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - 사용 가능한 경우 Count() 대신 Length/Count 속성을 사용 + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - 충분한 키 크기로 RSA(Rivest-Shamir-Adleman) 알고리즘 사용 + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - 사용되는 키 크기가 너무 작으면 암호화 알고리즘이 무차별 암호 대입 공격에 취약할 수 있습니다. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 비대칭 암호화 알고리즘 {0}의 키 크기가 2048보다 작습니다. 최소 2048 키 크기, ECDH 또는 ECDSA 알고리즘이 포함된 RSA로 전환하세요. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - HTTPS를 통해 사용할 수 있는 애플리케이션은 보안 쿠키를 사용해야 합니다. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - SharedAccessProtocol HttpsOnly 사용 + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS는 네트워크 트래픽을 암호화합니다. 중요한 데이터가 공개되지 않도록 하려면 HttpOrHttps 대신 HttpsOnly를 사용하여 네트워크 트래픽을 상시 암호화하도록 합니다. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - 가능한 경우 SAS(공유 액세스 서명) 대신 Azure의 역할 기반 액세스 제어를 사용하는 것이 좋습니다. 계속 SAS를 사용해야 하는 경우 SharedAccessProtocol.HttpsOnly를 지정하세요. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - 'Clear()' 사용 + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - 기본값으로 'Fill' 대신 'Clear'를 사용하는 것이 더 효율적입니다. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - 'Span<T>.Fill(기본값)'보다 'Span<T>.Clear()' 선호 + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - '채우기'보다 '지우기' 선호 + Prefer 'Clear' over 'Fill' Use 'StartsWith' - 'StartsWith' 사용 + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - 'IndexOf'의 결과를 0과 비교하는 대신 'StartsWith'를 사용하는 것이 더 명확하고 빠릅니다. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - 'IndexOf'의 결과를 0과 비교하는 대신 'StartsWith' 사용 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - 'IndexOf' 대신 'StartsWith' 사용 + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - 'string.Equals' 사용 + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - 'string.Compare'의 결과를 0과 비교하는 대신 'string.Equals'를 사용하는 것이 더욱 명확하고 빠를 가능성이 높습니다. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - 'string.Compare'의 결과를 0과 비교하는 대신 'string.Equals'를 사용하세요. + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - 'string.Equals' 사용 - - - - Use 'AsSpan' with 'string.Concat' - 'string.Concat'과 함께 'AsSpan' 사용 - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - 'Substring' 및 연결 연산자 대신 'AsSpan' 및 'string.Concat'을 사용하는 것이 더 효율적입니다. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - 'Substring' 대신 스팬 기반 'string.Concat' 및 'AsSpan' 사용 - - - - Use span-based 'string.Concat' - 범위 기반 'string.Concat' 사용 - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - 'string.Contains(char)'는 단일 문자 조회를 위한 더 나은 성능의 오버로드로 사용할 수 있습니다. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - 단일 문자 검색 시 'string.Contains(string)' 대신 'string.Contains(char)' 사용 - - - - Use char literal for a single character lookup - 단일 문자 조회에 char 리터럴 사용 + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - throw 도우미는 새로운 예외 인스턴스를 구성하는 if 블록보다 간단하고 효율적입니다. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - '{0}.{1}' 사용 + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - 새 예외 인스턴스를 명시적으로 throw하는 대신 '{0}.{1}' 사용 + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - 플랫폼 호환성 분석기에는 유효한 플랫폼 이름과 버전이 필요합니다. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - 버전 '{0}'은(는) 플랫폼 '{1}'에 유효하지 않습니다. 이 플랫폼에는 2{2} 부분이 있는 버전을 사용하세요. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - 버전 '{0}'은(는) 플랫폼 '{1}'에 유효하지 않습니다. 이 플랫폼의 버전을 사용하지 마세요. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - 유효한 플랫폼 문자열 사용 + Use valid platform string The platform '{0}' is not a known platform name - 플랫폼 '{0}'은(는) 알려진 플랫폼 이름이 아닙니다. + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - 멤버 호출에서 반환되는 ValueTasks는 바로 대기되기 위한 것입니다. ValueTask를 여러 번 사용하거나, 완료가 확인되기 전에 해당 결과에 바로 액세스하면 예외나 손상이 발생할 수 있습니다. 이러한 ValueTask를 무시하면 기능 버그가 발생하거나 성능이 저하될 수 있습니다. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - ValueTask 인스턴스는 이미 완료된 경우를 제외하고는 결과에 직접 액세스할 수 없습니다. 작업과 달리 ValueTask의 Result 또는 GetAwaiter().GetResult() 호출은 작업이 완료될 때까지 차단된다고 보장되지 않습니다. 인스턴스를 대기할 수 없으면 먼저 해당 IsCompleted 속성을 확인하거나 경우에 따라 true인지 확인하는 것이 좋습니다. + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - ValueTask 인스턴스는 대기를 통하는 등 한 번만 사용할 수 있습니다. 동일한 ValueTask 인스턴스를 여러 번 사용하면 예외와 데이터 손상이 발생할 수 있습니다. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - 메서드 호출에서 반환되는 ValueTask 인스턴스는 바로 대기되거나, 반환되거나, 다른 메서드 호출의 인수로 전달되어야 합니다. ValueTask 인스턴스는 한 번만 사용되어야 하므로 인스턴스를 로컬 또는 필드에 저장하는 등의 다른 사용은 버그를 나타냅니다. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - 메서드 호출에서 반환되는 ValueTask 인스턴스는 항상 사용되어야 하며, 일반적으로 대기됩니다. 그러지 않으면 기능 버그를 나타내는 경우가 많습니다. 그러지 않더라도 대상 메서드에서 ValueTasks와 함께 사용할 개체를 풀링하는 경우 성능이 저하될 수 있습니다. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - 올바르게 ValueTasks 사용 + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - 신뢰할 수 없는 데이터의 XML을 처리하면 위험한 외부 참조가 로드될 수 있습니다. 위험한 외부 참조는 안전한 확인자와 함께 또는 DTD 처리를 사용하지 않도록 설정한 상태로 XmlReader를 사용하여 제한해야 합니다. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - 'DataSet.ReadXml()'에 XmlReader 사용 + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - 'XmlSerializer.Deserialize()'에 XmlReader 사용 + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - 'XmlSchema.Read()'에 XmlReader 사용 + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - XmlValidatingReader 생성자에 XmlReader 사용 + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - XPathDocument 생성자에 XmlReader 사용 + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - '{0}.{1}' 메서드의 이 오버로드는 잠재적으로 안전하지 않습니다. 서비스 거부 공격에 취약할 수 있는 DTD(문서 종류 정의)를 사용하도록 설정하거나 정보 공개에 취약할 수 있는 XmlResolver를 사용할 수 있습니다. 대신 DTD 처리를 사용할 수 없고 XmlResolver가 없는 XmlReader 인스턴스를 사용하는 오버로드를 사용하세요. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}'은(는) 미리 보기 유형 '{1}'을(를) 사용하고 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}을(를) 참조하세요. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}'은(는) 미리 보기 유형 '{1}'을(를) 사용하며 미리 보기 기능을 선택해야 합니다. 자세한 내용은 {2}를 참조하세요. - - - - Use 'TryGetValue(TKey, out TValue)' - 'TryGetValue(TKey, out TValue)' 사용 - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - 'IDictionary.TryGetValue(TKey, out TValue)' 메서드 선호 - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - 이중 조회 방지를 위해 'ContainsKey' 검사로 보호되는 사전 인덱서 액세스보다 'TryGetValue' 호출을 선호합니다. - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - 'ContainsKey' 검사로 보호되는 사전 인덱서 액세스보다 'TryGetValue' 호출을 선호합니다. 'ContainsKey'와 인덱서는 모두 내부 키를 조회하므로 'TryGetValue'를 사용하면 추가 조회가 제거됩니다. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf index bb0b135799..2e9b1c5d5f 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - Dodaj atrybut „NonSerialized” do tego pola. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Dodaj atrybut Serializable + Add Serializable attribute Review cipher mode usage with cryptography experts - Przejrzyj użycie trybu szyfrowania wspólnie z ekspertami od kryptografii + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Te tryby szyfrowania mogą być podatne na ataki. Rozważ użycie zalecanych trybów (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Przejrzyj użycie trybu szyfrowania „{0}” wspólnie z ekspertami od kryptografii. Rozważ użycie zalecanych trybów (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - Analiza parametru literału ciągu atrybutu pod kątem adresu URL, identyfikatora GUID lub wersji nie powiodła się. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - W konstruktorze typu „{0}” zmień wartość argumentu „{1}” (aktualnie „{2}”) na wartość, którą można poprawnie przeanalizować jako „{3}” + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - W konstruktorze typu „{0}” zmień wartość argumentu „{1}” (aktualnie pusty ciąg — "") na wartość, którą można poprawnie przeanalizować jako „{2}” + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Analiza literałów ciągu atrybutu powinna kończyć się powodzeniem + Attribute string literals should parse correctly Extract to static readonly field - Wyodrębnij do statycznego pola tylko do odczytu + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - Stałe macierze przekazywane jako argumenty nie są ponownie wykorzystywane podczas wielokrotnego wywoływania, co oznacza, że za każdym razem tworzona jest nowa macierz. Rozważ wyodrębnienie ich do pól 'static readonly', aby poprawić wydajność, jeśli przekazana macierz nie zostanie zmutowana w wywołanej metodzie. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - Preferowanie pól 'static readonly' zamiast stałych argumentów macierzy, jeśli wywoływana metoda jest wywoływana wielokrotnie i nie mutuje przekazanej macierzy . + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - Unikaj tablic stałych jako argumentów + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - Marshalling elementu „StringBuilder” zawsze tworzy natywną kopię buforu, co powoduje powstanie wielu alokacji dla jednej operacji marshallingu. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Unikaj parametrów „StringBuilder” dla elementów P/Invoke. Zamiast tego rozważ użycie bufora znaku. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - Unikaj parametrów „StringBuilder” dla elementów P/Invoke + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - Biblioteka klas programu .NET Framework udostępnia metody umożliwiające pobieranie atrybutów niestandardowych. Domyślnie te metody przeszukują hierarchię dziedziczenia atrybutów. Zapieczętowanie atrybutu eliminuje potrzebę przeszukiwania hierarchii dziedziczenia i może podwyższyć wydajność. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Unikaj niezapieczętowanych atrybutów + Avoid unsealed attributes Avoid unsealed attributes - Unikaj niezapieczętowanych atrybutów + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Unikaj niepotrzebnego alokowania tablic o długości zero. Zamiast tego użyj elementu {0}. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Unikaj alokowania tablic o długości zero + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Metoda „{0}” nie jest bezpieczna podczas deserializowania niezaufanych danych bez użycia elementu SerializationBinder w celu ograniczenia typu obiektów w zdeserializowanym grafie obiektów. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Upewnij się, że właściwość BinaryFormatter.Binder jest ustawiona przed wywołaniem metody BinaryFormatter.Deserialize + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Metoda „{0}” nie jest bezpieczna podczas deserializowania niezaufanych danych bez użycia elementu SerializationBinder w celu ograniczenia typu obiektów w zdeserializowanym grafie obiektów. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - Nie wywołuj metody BinaryFormatter.Deserialize bez uprzedniego ustawienia właściwości BinaryFormatter.Binder + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - Metoda „{0}” jest niezabezpieczona podczas deserializowania niezaufanych danych. Aby zamiast tego wykryć deserializację klasy BinaryFormatter bez ustawionego elementu SerializationBinder, wyłącz regułę CA2300 i włącz reguły CA2301 i CA2302. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Nie używaj niezabezpieczonego deserializatora BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - Element „Buffer.BlockCopy” oczekuje, że liczba bajtów zostanie skopiowana dla argumentu „count”. Użycie elementu „Array.Length” może nie odpowiadać liczbie bajtów, które należy skopiować. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - Element „Buffer.BlockCopy” oczekuje, że liczba bajtów zostanie skopiowana dla argumentu „count”. Użycie elementu „Array.Length” może nie odpowiadać liczbie bajtów, które należy skopiować. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - Element „Buffer.BlockCopy” oczekuje skopiowania liczby bajtów dla argumentu „count” + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Implementacja metody Dispose nie wywołuje metody GC.SuppressFinalize lub metoda niebędąca implementacją metody Dispose wywołuje metodę GC.SuppressFinalize lub metoda wywołuje metodę GC.SuppressFinalize i przekazuje coś innego niż obiekt this (Me w języku Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Zmień wywołanie {0} na wywołanie {1}. Zapobiega to konieczności ponownego implementowania interfejsu „IDisposable” przez typy pochodne wprowadzające finalizator. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Zmień wywołanie {0} na wywołanie {1}. Zapobiega to niepotrzebnemu finalizowaniu obiektu po jego likwidacji i wyjściu poza zakres. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - Obiekt {0} wywołuje metodę {1} dla obiektu innego niż on sam. Zmień wywołanie, tak aby zamiast tego był przekazywany obiekt „this” („Me” w języku Visual Basic). + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - Metoda {0} wywołuje metodę {1}, która zazwyczaj jest wywoływana tylko w ramach implementacji metody „IDisposable.Dispose”. Więcej informacji zawiera opis wzorca IDisposable. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Metoda Dispose powinna wywoływać metodę SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - Atrybut ConstantExpected nie jest poprawnie stosowany do parametru. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Nieprawidłowe użycie atrybutu ConstantExpected + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - Atrybut ConstantExpected jest wymagany dla parametru z powodu adnotacji metody nadrzędnej + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - Wartość „{0}” jest niezgodna z typem parametru „{1}” + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - Wartość „{0}” nie mieści się w granicach wartości parametru od „{1}” do „{2}” + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - Stała nie jest tego samego typu „{0}” co parametr + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Wartości Min i Max są odwrócone + The Min and Max values are inverted The argument should be a constant for optimal performance - Argument powinien być stałą w celu uzyskania optymalnej wydajności + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - Typ „{0}” nie jest obsługiwany dla atrybutu ConstantExpected + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - Stała nie mieści się w granicach wartości od „{0}” do „{1}” + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - Parametr oczekuje stałej w celu uzyskania optymalnej wydajności. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Oczekiwano stałej dla parametru + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Deserializowanie obiektu {0} podczas deserializacji niezaufanych danych wejściowych nie jest bezpieczne. Element „{1}” jest elementem {0} lub pochodzi od niego + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - W wykresie obiektu, który można deserializować, znaleziono niebezpieczny typ DataSet lub DataTable + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - Deserializowanie obiektu {0} podczas deserializacji niezaufanych danych wejściowych za pomocą serializatora opartego na elemencie IFormatter nie jest bezpieczne. Element „{1}” jest elementem {0} lub pochodzi od niego. Upewnij się, że automatycznie wygenerowany typ nie jest nigdy deserializowany za pomocą niezaufanych danych. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Niebezpieczny element DataSet lub DataTable w automatycznie wygenerowanym typie, który można serializować, może być podatny na zagrożenia polegające na zdalnym wykonaniu kodu + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Deserializowanie obiektu {0} podczas deserializacji niezaufanych danych wejściowych nie jest bezpieczne. Element „{1}” jest elementem {0} lub pochodzi od niego + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Niebezpieczny element DataSet lub DataTable w zdeserializowanym wykresie obiektu może być narażony na ataki polegające na zdalnym wykonaniu kodu + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - Deserializowanie obiektu {0} podczas deserializacji niezaufanych danych wejściowych przy użyciu serializatora opartego na interfejsie IFormatter nie jest bezpieczne. Element „{1}” jest elementem {0} lub pochodzi od niego. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Niebezpieczny element DataSet lub DataTable w typie, który można serializować, może być narażony na ataki polegające na zdalnym wykonaniu kodu + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Deserializowanie obiektu {0} podczas deserializacji niezaufanych danych wejściowych nie jest bezpieczne. Element „{1}” jest elementem {0} lub pochodzi od niego + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - Niebezpieczny element DataSet lub DataTable w typie, który można serializować + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Deserializowanie obiektu {0} podczas deserializacji niezaufanych danych wejściowych nie jest bezpieczne. Element „{1}” jest elementem {0} lub pochodzi od niego + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - W internetowym wykresie obiektu, który można deserializować, znaleziono niebezpieczny typ DataSet lub DataTable + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych. Upewnij się, że automatycznie wygenerowana klasa zawierająca wywołanie „{0}” nie jest deserializowana za pomocą niezaufanych danych. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Upewnij się, że automatycznie wygenerowana klasa zawierająca element DataSet.ReadXml() nie jest używana w połączeniu z niezaufanymi danymi + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - Nie używaj elementu DataSet.ReadXml() z niezaufanymi danymi + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - Nie używaj elementu DataTable.ReadXml() z niezaufanymi danymi + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - Klienci HttpClients powinni włączyć sprawdzanie listy odwołania certyfikatów + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - Program HttpClient jest tworzony bez włączania właściwości CheckCertificateRevocationList + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Nie dodawaj certyfikatów do magazynu głównego + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - Dodanie certyfikatów do zaufanych certyfikatów głównych systemu operacyjnego zwiększa ryzyko niepoprawnego uwierzytelniania nieuprawnionego certyfikatu + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - Nie używaj metody CreateEncryptor w wektorem inicjowania innym niż domyślny + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - Szyfrowanie symetryczne używa wektora inicjowania innego niż domyślny, który potencjalnie może być powtarzalny + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Użyj bezpiecznych plików cookie na platformie ASP.NET Core + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Ustaw wartość CookieOptions.Secure = true podczas ustawiania pliku cookie + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - Nie używaj funkcji wyprowadzania klucza słabego z niewystarczającą liczbą iteracji + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Użyj co najmniej {0} iteracji przy wyprowadzaniu klucza kryptograficznego z hasła. Domyślnie wartość IterationCount dla klasy Rfc2898DeriveByte to tylko 1000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Starsze wersje protokołu Transport Layer Security (TLS) są mniej bezpieczne niż TLS 1.2 i TLS 1.3 i mogą być bardziej podatne na luki w zabezpieczeniach. Aby zminimalizować ryzyko, unikaj używania starszych wersji protokołu. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Wersja protokołu Transport Layer Security „{0}” jest przestarzała. Użyj opcji „Brak”, aby umożliwić systemowi operacyjnemu wybranie wersji. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - Nie używaj przestarzałych wartości SslProtocols + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}” jest elementem pochodnym klasy w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}” jest elementem pochodnym klasy w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Zestaw musi wyrazić zgodę na korzystanie z funkcji w wersji zapoznawczej przed ich użyciem. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - Korzystanie z „{0}” wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {1}. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} Korzystanie z „{0}” wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {1}. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Ten interfejs API wymaga zgody na funkcje w wersji zapoznawczej + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Typ zawierający implementację interfejsu System.IDisposable deklaruje pola, których typy także zawierają implementację interfejsu IDisposable. Metoda Dispose pola nie jest wywoływana przez metodę Dispose typu deklarującego. Aby naprawić naruszenie tej reguły, wywołaj metodę Dispose dla pól, których typy zawierają implementację interfejsu IDisposable, jeśli odpowiadasz za przydzielanie i zwalnianie niezarządzanych zasobów wstrzymywanych przez pole. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - Element „{0}” zawiera pole „{1}” z interfejsem IDisposable typu „{2}”, ale nie jest nigdy likwidowany. Zmień metodę Dispose w elemencie „{0}”, aby wywołać metodę Close lub Dispose dla tego pola. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Pola możliwe do likwidacji powinny zostać zlikwidowane + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Typ implementujący interfejs System.IDisposable i zawierający pole sugerujące użycie zasobów niezarządzanych nie implementuje finalizatora w sposób określony przez metodę Object.Finalize. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Typy możliwe do likwidacji powinny deklarować finalizator + Disposable types should declare finalizer Disposable types should declare finalizer - Typy możliwe do likwidacji powinny deklarować finalizator + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Typ, który implementuje interfejs System.IDisposable, dziedziczy po typie, który również implementuje interfejs IDisposable. Metoda Dispose typu dziedziczącego nie wywołuje metody Dispose typu nadrzędnego. Aby naprawić naruszenie tej reguły, wywołaj element base.Dispose w swojej metodzie Dispose. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Upewnij się, że metoda „{0}” wywołuje element „{1}” we wszystkich możliwych ścieżkach przepływu sterowania + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Metody Dispose powinny wywoływać metodę Dispose klasy bazowej + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Jeśli możliwy do likwidacji obiekt nie zostanie jawnie zlikwidowany, zanim wszystkie odwołania do niego będą poza zakresem, obiekt zostanie zlikwidowany w nieokreślonym czasie, gdy moduł odzyskiwania pamięci uruchomi finalizatora obiektu. Ponieważ może wystąpić zdarzenie wyjątku, które uniemożliwi uruchomienie finalizatora obiektu, obiekt powinien zamiast tego zostać jawnie zlikwidowany. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Użyj zalecanego wzorca dispose, aby upewnić się, że obiekt utworzony przez „{0}” jest likwidowany we wszystkich ścieżkach. Jeśli to możliwe, opakuj tworzenie w instrukcji „using” lub deklaracji „using”. W przeciwnym razie użyj wzorca try-finally, z dedykowaną zmienną lokalną zadeklarowaną przed regionem try i bezwarunkowym wywołaniem metody Dispose dla wartości innej niż null w regionie „finally”, na przykład „x?.Dispose()”. Jeśli obiekt jest jawnie likwidowany w regionie try lub własność dispose jest przenoszona do innego obiektu lub metody, przypisz wartość „null” do zmiennej lokalnej zaraz po takiej operacji, aby zapobiec podwójnemu wywołaniu dispose w regionie „finally”. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Użyj zalecanego wzorca dispose, aby upewnić się, że obiekt utworzony przez „{0}” jest likwidowany we wszystkich ścieżkach wyjątków. Jeśli to możliwe, opakuj tworzenie w instrukcji „using” lub deklaracji „using”. W przeciwnym razie użyj wzorca try-finally, z dedykowaną zmienną lokalną zadeklarowaną przed regionem try i bezwarunkowym wywołaniem metody Dispose dla wartości innej niż null w regionie „finally”, na przykład „x?.Dispose()”. Jeśli obiekt jest jawnie likwidowany w regionie try lub własność dispose jest przenoszona do innego obiektu lub metody, przypisz wartość „null” do zmiennej lokalnej zaraz po takiej operacji, aby zapobiec podwójnemu wywołaniu dispose w regionie „finally”. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Wywołaj metodę System.IDisposable.Dispose dla obiektu utworzonego przez element „{0}”, zanim wszystkie odwołania do niego będą poza zakresem + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - Obiekt utworzony przez metodę „{0}” nie jest likwidowany we wszystkich ścieżkach wyjątków. Wywołaj metodę System.IDisposable.Dispose dla obiektu, zanim wszystkie odwołania do niego będą poza zakresem. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Likwiduj obiekty przed utratą zakresu + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Nie dodawaj ścieżki elementu archiwum do docelowej ścieżki systemu plików + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Podczas wyodrębniania plików z archiwum i używania ścieżki elementu archiwum sprawdź, czy ścieżka jest bezpieczna. Ścieżka archiwum może być ścieżką względną i może prowadzić do dostępu do systemu plików poza oczekiwaną ścieżką docelową systemu plików, doprowadzając do złośliwej zmiany konfiguracji i zdalnego wykonania kodu za pomocą techniki „podłóż i zaczekaj”. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Jeśli tworzona jest ścieżka dla „{0} w metodzie {1}” ze ścieżki względnej elementu archiwum w celu wyodrębnienia pliku, a źródło jest niezaufanym archiwum zip, upewnij się, że ścieżka względna elementu archiwum „{2} w metodzie {3}” jest oczyszczona. + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - Nie dodawaj schematu przez adres URL + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - To przeciążenie metody XmlSchemaCollection.Add wewnętrznie umożliwia przetwarzanie elementu DTD w używanym wystąpieniu obiektu odczytującego XML i używa elementu UrlResolver do rozpoznawania zewnętrznych jednostek XML. Wynikiem jest ujawnienie informacji. Zawartość systemu plików lub udziałów sieciowych w przypadku maszynowego przetwarzania elementu XML może być narażona na atak. Ponadto atakujący może użyć tego jako wektora ataku DoS. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - To przeciążenie metody Add jest potencjalnie niebezpieczne, ponieważ może spowodować powstanie niebezpiecznych odwołań zewnętrznych + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Poprzez ustawienie krytycznych delegowań walidacji TokenValidationParameter na wartość true nastąpi wyłączenie ważnych zabezpieczeń uwierzytelniania, co może spowodować nieprawidłową walidację tokenów od dowolnego wystawcy lub wygasłych tokenów. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} jest ustawiana na funkcję, która zawsze zwraca wartość true. Ustawienie delegowania walidacji spowoduje zastąpienie domyślnych ustawień walidacji i zwracanie wartości true, a ta walidacja zostanie całkowicie wyłączona. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Nigdy nie pomijaj walidacji tokenów w delegacjach + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - Niezabezpieczona deserializacja to luka w zabezpieczeniach, która występuje, gdy niezaufane dane są używane w przypadku nadużywania logiki aplikacji, przeprowadzania ataku typu „odmowa usługi” (DoS), a nawet wykonywania kodu umownego w trakcie deserializacji. Złośliwi użytkownicy często mogą nadużywać tych funkcji deserializacji, gdy aplikacja deserializuje niezaufane dane, które są kontrolowane przez te funkcje. W szczególności może ona wywoływać niebezpieczne metody w procesie deserializacji. Skuteczne ataki typu „niezabezpieczona deserializacja” mogą pozwolić osobie atakującej na przeprowadzanie ataków, takich jak ataki DoS, pomijanie uwierzytelniania i zdalne wykonywanie kodu. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - Podczas deserializacji wystąpienia klasy „{0}” metoda „{1}” może bezpośrednio lub pośrednio wywoływać niebezpieczną metodę „{2}” + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Nie wywołuj niebezpiecznych metod w deserializacji + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Elementy Enumerable.Cast<T> i Enumerable.OfType<T> wymagają oczekiwanych zgodnych typów. -Rzutowanie ogólne (IL „unbox.any”) używane przez sekwencję zwracaną przez metodę Enumerable.Cast<T> zgłosi wyjątek InvalidCastException w środowisku uruchomieniowym dla elementów określonych typów. -Sprawdzanie typu ogólnego (operator „is” języka C# /IL „isinst”) używane przez metodę Enumerable.OfType<T> nigdy nie powiedzie się z określonymi elementami typów, co spowoduje powstanie pustej sekwencji. -Konwersje poszerzane i zdefiniowane przez użytkownika nie są obsługiwane w przypadku typów ogólnych. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - Typ „{0}” jest niezgodny z typem „{1}”, a próby rzutowania zgłoszą wyjątek InvalidCastException w środowisku uruchomieniowym + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - To wywołanie zawsze spowoduje powstanie pustej sekwencji, ponieważ typ „{0}” jest niezgodny z typem „{1}” + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Nie wywołuj metody Enumerable.Cast<T> ani Enumerable.OfType<T> z niezgodnymi typami + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - Nie wywołuj elementu {0} dla wartości {1} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - Nie wywołuj elementu ToImmutableCollection dla wartości ImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - Element TaskCompletionSource ma konstruktory przyjmujące opcje TaskCreationOptions, które kontrolują podstawowe zadanie, oraz konstruktory, które przyjmują stan obiektu przechowywany w zadaniu. Przypadkowe przekazanie opcji TaskContinuationOptions zamiast opcji TaskCreationOptions spowoduje, że wywołanie potraktuje opcje jako stan. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Zamień opcje TaskContinuationOptions na opcje TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - Argument zawiera wyliczenie opcji TaskContinuationsOptions zamiast wyliczenia opcji TaskCreationOptions + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - Argument przekazany do konstruktora TaskCompletionSource musi być wyliczeniem opcji TaskCreationOptions, a nie wyliczeniem opcji TaskContinuationOptions + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Nie twórz zadań, o ile nie używasz jednego z przeciążeń, które akceptuje klasę TaskScheduler. Domyślne zachowanie to określanie harmonogramu przy użyciu metody TaskScheduler.Current, co może prowadzić do blokad. Użyj metody TaskScheduler.Default, aby określić harmonogram w puli wątków, lub jawnie przekaż metodę TaskScheduler.Current, aby wyraźnie wskazać zamiary. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Nie twórz zadań bez przekazania klasy TaskScheduler + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Nie twórz zadań bez przekazania klasy TaskScheduler + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - Dodanie finalizatora do typu pochodzącego od typu MemoryManager<T> może umożliwić zwalnianie pamięci, gdy jest ona nadal używana przez typ Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - Dodanie finalizatora do typu pochodzącego od typu MemoryManager<T> może umożliwić zwalnianie pamięci, gdy jest ona nadal używana przez typ Span<T> + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - Nie definiuj finalizatorów dla typów pochodzących od typu MemoryManager<T> + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Nie należy wyłączać walidacji certyfikatów + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Certyfikat może pomóc uwierzytelnić tożsamość serwera. Klienci powinni weryfikować certyfikat serwera, aby upewnić się, że żądania są wysyłane do odpowiedniego serwera. Jeśli element ServerCertificateValidationCallback zawsze zwraca wartość „true”, walidacja każdego certyfikatu zakończy się powodzeniem. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - Właściwość zestawu ServerCertificateValidationCallback została ustawiona na funkcję, która akceptuje dowolny certyfikat serwera, zawsze zwracając wartość true. Upewnij się, że certyfikaty serwera zostały walidowane, aby zweryfikować tożsamość serwera odbierającego żądania. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - Używanie programu HttpClient bez udostępnienia procedury obsługi specyficznej dla platformy (WinHttpHandler, CurlHandler lub HttpClientHandler), gdzie właściwość CheckCertificateRevocationList jest ustawiona na wartość true, zezwoli na akceptowanie odwołanych certyfikatów jako prawidłowe przez ten program. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - Nie wyłączaj sprawdzania nagłówka HTTP + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - Sprawdzanie nagłówka HTTP umożliwia kodowanie znaków powrotu karetki i nowego wiersza, \r i \n, które znajdują się w nagłówkach odpowiedzi. To kodowanie może pomóc uniknąć ataków polegających na wstrzyknięciu kodu, które wykorzystują aplikację przekazującą niezaufane dane zawarte w nagłówku. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - Nie wyłączaj sprawdzania nagłówków HTTP + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - Nie wyłączaj weryfikacji żądań + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - Weryfikacja żądań to funkcja platformy ASP.NET, która sprawdza żądania HTTP i określa, czy zawierają potencjalnie niebezpieczną zawartość. To sprawdzenie zapewnia dodatkową ochronę przed znacznikami lub kodem w ciągu zapytania adresu URL, plikach cookie lub przesłanych wartościach formularza, które mogły zostać dodane w złośliwym celu. Ogólnie jest to pożądana funkcja i powinna pozostać włączona, aby zapewnić ochronę w głębi systemu. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - Element {0} ma wyłączoną weryfikację żądań + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Nie należy wyłączać użycia silnej kryptografii w pakiecie SChannel + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - Zaczynając od programu .NET Framework 4.6, klasy System.Net.ServicePointManager i System.Net.Security.SslStream są zalecane do użycia dla nowych protokołów. W starych występują słabości protokołu i nie są one obsługiwane. Ustawienie wartości true dla parametru Switch.System.Net.DontEnableSchUseStrongCrypto spowoduje użycie starego i słabego sprawdzania kryptograficznego oraz rezygnację z migracji protokołu. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - Metoda {0} wyłącza protokół TLS 1.2 i włącza protokół SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - Sprawdzanie walidacji tokenu zagwarantuje, że podczas weryfikowania tokenów wszystkie aspekty zostaną poddane analizie i zweryfikowane. Wyłączenie walidacji może spowodować powstanie luk w zabezpieczeniach, umożliwiając niezaufanym tokenom przechodzenie przez proces walidacji. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters. {0} nie należy ustawiać na wartość false, ponieważ spowoduje to wyłączenie ważnych weryfikacji + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Nie wyłączaj sprawdzania walidacji tokenów + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Nie ustawiaj parametru Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols na wartość true. Ustawienie tego przełącznika ogranicza platformę Windows Communication Framework (WCF) do korzystania z protokołu Transport Layer Security (TLS) 1.0, który jest niezabezpieczony i przestarzały. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - Nie wyłączaj protokołów ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - Nie należy chronić elementu \"Dictionary.Remove(key)\" za pomocą elementu \"Dictionary.ContainsKey(key)\". Pierwszy element sprawdza, czy klucz istnieje i nie generuje go w przypadku jego braku. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - Nie należy chronić elementu \"Dictionary.Remove(key)\" za pomocą elementu \"Dictionary.ContainsKey(key)\" + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Niepotrzebne wywołanie metody \"Dictionary.ContainsKey(key)\" + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Nie zapisuj certyfikatu na stałe w kodzie + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Certyfikaty zapisane na stałe w kodzie źródłowym są podatne na wykorzystanie. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - Znaleziono potencjalną lukę w zabezpieczeniach. Element „{0}” w metodzie „{1}” może zostać zanieczyszczony zapisanym na stałe w kodzie certyfikatem z elementu „{2}” w metodzie „{3}” + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Nie zapisuj klucza szyfrowania na stałe w kodzie + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - Właściwość .Key elementu SymmetricAlgorithm lub parametr rgbKey metody nigdy nie powinny być wartością zapisaną na stałe w kodzie. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - Znaleziono potencjalną lukę w zabezpieczeniach. Element „{0}” w metodzie „{1}” może zostać zanieczyszczony zapisanym na stałe w kodzie kluczem z elementu „{2}” w metodzie „{3}” + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - Domyślnie magazyn certyfikatów Zaufanych głównych urzędów certyfikacji jest skonfigurowany przy użyciu zbioru publicznych urzędów certyfikacji, który spełniają wymagania programu certyfikatów głównych firmy Microsoft. Ponieważ wszystkie Zaufane główne urzędy certyfikacji mogą wystawiać certyfikaty dla dowolnej domeny, osoba atakująca może wybrać słaby lub wymuszony urząd certyfikacji zainstalowany przez Ciebie, aby zainicjować atak — a jeden narażony na ataki, złośliwy lub wymuszony urząd certyfikacji osłabia bezpieczeństwo całego systemu. Co gorsza, tego typu ataki, w łatwy sposób mogą nawet zostać niezauważone. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Obiekt ma słabą tożsamość, gdy jest bezpośrednio dostępny przez granice domeny aplikacji. Wątek próbujący założyć blokadę na obiekt o słabej tożsamości może zostać zablokowany przez drugi wątek w innej domenie aplikacji, który założył blokadę na ten sam obiekt. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Nie blokuj obiektów o słabej tożsamości + Do not lock on objects with weak identity Do not lock on objects with weak identity - Nie blokuj obiektów o słabej tożsamości + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Metoda przekazuje literał ciągu jako parametr do konstruktora lub metody w bibliotece klas programu .NET Framework i ten ciąg powinien być możliwy do zlokalizowania. Aby naprawić naruszenie tej reguły, zastąp literał ciągu ciągiem pobranym za pomocą wystąpienia klasy ResourceManager. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - Metoda {0} przekazuje ciąg literału jako parametr „{1}” wywołania elementu {2}. Zamiast tego pobierz następujące ciągi z tabeli zasobów: „{3}”. + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Nie przekazuj literałów jako zlokalizowanych parametrów + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Wyjątek typu, który nie jest wystarczająco specyficzny lub został zastrzeżony przez środowisko uruchomieniowe, nie powinien być nigdy zgłaszany przez kod użytkownika. Utrudnia to wykrycie i zdebugowanie pierwotnego błędu. Jeśli to wystąpienie wyjątku może zostać zgłoszone, użyj innego typu wyjątku. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - Typ wyjątku {0} został zastrzeżony przez środowisko uruchomieniowe + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - Typ wyjątku {0} nie jest wystarczająco specyficzny + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Nie zgłaszaj wyjątków zastrzeżonych typów + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - Nie serializuj typów z polami wskaźników + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Wskaźniki nie są „bezpieczne pod względem typu” w tym sensie, że nie można zagwarantować poprawności pamięci, którą wskazują. W związu z tym serializowanie typów z polami wskaźnika jest niebezpieczne, ponieważ może umożliwić atakującemu kontrolowanie wskaźnika. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Pole wskaźnika {0} w typie przeznaczonym do serializacji + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Nie korzystaj z sygnatury dostępu współdzielonego konta + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Sygnatury dostępu współdzielonego (SAS) są istotną częścią modelu zabezpieczeń każdej aplikacji korzystającej z usługi Azure Storage. Powinny one zapewniać ograniczone i bezpieczne uprawnienia do konta magazynu klientom, którzy nie mają klucza konta. Wszystkie operacje dostępne za pośrednictwem sygnatury dostępu współdzielonego usługi są także dostępne za pośrednictwem sygnatury dostępu współdzielonego konta, co oznacza, że sygnatura dostępu współdzielonego konta daje zbyt szerokie uprawnienia. Dlatego zaleca się, aby korzystać z sygnatury dostępu współdzielonego usługi do ostrożniejszego delegowania dostępu. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Użyj sygnatury dostępu współdzielonego usługi zamiast sygnatury dostępu współdzielonego konta w celu uzyskania szczegółowej kontroli dostępu i zasad dostępu na poziomie kontenera + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Nie używaj złamanych algorytmów kryptograficznych + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - Możliwe jest przeprowadzenie ataku umożliwiającego obliczeniowe złamanie tego algorytmu. Pozwala to atakującym na złamanie kryptograficznych gwarancji, jakie powinien zapewniać. W zależności od typu i zastosowania tego algorytmu kryptograficznego może to umożliwić atakującemu odczytanie zaszyfrowanych wiadomości, ingerowanie w zaszyfrowane wiadomości, fałszowanie podpisów cyfrowych, ingerowanie w mieszaną zawartość lub inne naruszenie systemu kryptograficznego opartego na tym algorytmie. Zastąp użycia szyfrowane algorytmem AES (akceptowane są algorytmy AES-256, AES-192 i AES-128) z kluczem o długości równej lub większej niż 128 bitów. Zastąp użycia mieszane funkcją skrótu z rodziny SHA-2, taką jak SHA512, SHA384 lub SHA256. Zastąp użycia podpisu cyfrowego certyfikatem RSA z kluczem o długości równej lub większej niż 2048 bitów lub certyfikatem ECDSA z kluczem o długości równej lub większej niż 256 bitów. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - Element {0} używa złamanych algorytmów kryptograficznych {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - W przypadku niepustych kolekcji funkcje CountAsync() i LongCountAsync() wyliczają całą sekwencję, podczas gdy funkcja AnyAsync() zatrzymuje się na pierwszym elemencie lub pierwszym elemencie, który spełnia warunek. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - Funkcja {0}() jest używana w miejscach, w których można użyć funkcji AnyAsync() w celu zwiększenia wydajności + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - Nie używaj funkcji CountAsync() ani LongCountAsync(), gdy można użyć funkcji AnyAsync() + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - W przypadku niepustych kolekcji funkcje Count() i LongCount() wyliczają całą sekwencję, podczas gdy funkcja Any() zatrzymuje się na pierwszym elemencie lub pierwszym elemencie, który spełnia warunek. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - Funkcja {0}() jest używana w miejscach, w których można użyć funkcji Any() w celu zwiększenia wydajności + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Nie używaj funkcji Count() ani LongCount(), gdy można użyć funkcji Any() + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - Szyfrowanie symetryczne powinno zawsze używać wektora inicjowania, który nie jest powtarzalny, aby zapobiec atakom słownikowym. - - - - Do Not Use Deprecated Security Protocols - Nie używaj przestarzałych protokołów zabezpieczeń - - - - Using a deprecated security protocol rather than the system default is risky. - Używanie przestarzałego protokołu zabezpieczeń zamiast domyślnego ustawienia systemowego jest ryzykowne. - - - - Hard-coded use of deprecated security protocol {0} - Zakodowane korzystanie z przestarzałego protokołu zabezpieczeń {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Nie używaj algorytmu Digital Signature Algorithm (DSA) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - Algorytm DSA jest zbyt słaby, aby go użyć. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Algorytm szyfrowania asymetrycznego {0} jest słaby. Przełącz się na algorytm RSA z kluczem o rozmiarze co najmniej 2048, algorytm ECDH lub algorytm ECDSA. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Tę kolekcję można zaindeksować bezpośrednio. Użycie w tym miejscu kodu LINQ powoduje niepotrzebne alokacje i obciążenie procesora CPU. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - Nie używaj metod typu Enumerable dla kolekcji indeksowalnych. Zamiast tego użyj kolekcji bezpośrednio. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - Nie używaj metod typu Enumerable dla kolekcji indeksowalnych + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Nie używaj niezabezpieczonej losowości + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - Użycie kryptograficznie słabego generatora liczb pseudolosowych może umożliwić osobie atakującej przewidzenie, jaka wartość wpływająca na zabezpieczenia zostanie wygenerowana. Użyj kryptograficznie silnego generatora liczb losowych, jeśli jest wymagana wartość niemożliwa do przewidzenia, lub upewnij się, że liczby pseudolosowe nie są używane w przypadku wartości wpływających na zabezpieczenia. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} to niezabezpieczony generator liczb losowych. Użyj kryptograficznie zabezpieczonego generatora liczb losowych, gdy losowość jest wymagana ze względów bezpieczeństwa. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Nie używaj przestarzałej funkcji wyprowadzenia klucza + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - Wyprowadzenie klucza oparte na haśle powinno używać funkcji PBKDF2 z algorytmem SHA-2. Unikaj używania klasy PasswordDeriveBytes, ponieważ generuje ona klucz PBKDF1. Unikaj używania klasy Rfc2898DeriveBytes.CryptDeriveKey, ponieważ nie używa ona liczby iteracji ani wartości zaburzającej. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Wywołanie przestarzałej funkcji wyprowadzania klucza {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - Parametry ciągu przekazywane przez wartość przy użyciu elementu „OutAttribute” mogą destabilizować środowisko uruchomieniowe, jeśli ciąg jest ciągiem internalizowanym. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - Nie używaj elementu „OutAttribute” dla parametru ciągu „{0}”, który jest przekazywany przez wartość. Jeśli jest wymagane kierowanie zmodyfikowanych danych z powrotem do obiektu wywołującego, użyj słowa kluczowego „out”, aby zamiast tego przekazać ciąg przez odwołanie. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - Nie używaj elementu „OutAttribute” w przypadku parametrów ciągu dla elementów P/Invoke + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - Nie przekazuj argumentu o typie wartości „{0}” do metody „Equals” w elemencie „ReferenceEqualityComparer”. Ze względu na boxing wartości to wywołanie „Equals” może zwrócić nieoczekiwany wynik. Zamiast tego rozważ użycie elementu „EqualityComparer” lub przekaż argumenty typu odwołania, jeśli zamierzasz użyć elementu „ReferenceEqualityComparer”. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - Argumenty wpisane w typie wartości są unikatowo blokowane dla każdego wywołania tej metody, dlatego wynik może być nieoczekiwany. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - Nie przekazuj argumentu o typie wartości „{0}” do elementu „ReferenceEquals”. Ze względu na boxing wartości to wywołanie elementu „ReferenceEquals” może zwrócić nieoczekiwany wynik. Zamiast tego rozważ użycie elementu „Equals” lub przekaż argumenty typu odwołania, jeśli zamierzasz użyć elementu „ReferenceEquals”. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - Nie używaj metody ReferenceEquals z typami wartości + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - Miejsce na stosie przydzielone przy użyciu słowa kluczowego stackalloc jest zwalniane jedynie na końcu wywołania bieżącej metody. Użycie go w pętli może spowodować nieograniczone powiększanie stosu i, ostatecznie, warunki przepełnienia stosu. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Potencjalne przepełnienie stosu. Przenieś słowo kluczowe stackalloc z pętli. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - Nie używaj słowa kluczowego stackalloc w pętlach + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Działania okresowe wykonywane z dużą częstotliwością utrzymują zajętość procesora CPU i wpływają na czasomierze bezczynności funkcji oszczędzania energii, które powodują wyłączanie ekranu i dysków twardych. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Nie używaj czasomierzy, które uniemożliwiają zmiany stanu zasilania + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Nie używaj czasomierzy, które uniemożliwiają zmiany stanu zasilania + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Nie używaj niebezpiecznej wartości DllImportSearchPath + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - W domyślnych katalogach wyszukiwania bibliotek DLL może znajdować się złośliwa biblioteka DLL albo, w zależności od tego, z jakiej lokalizacji jest uruchamiana aplikacja, złośliwa biblioteka DLL może znajdować się w katalogu aplikacji. W zastępstwie użyj wartości DllImportSearchPath, która określa jawną ścieżkę wyszukiwania. Flagi DllImportSearchPath, które wyszukuje ta reguła, można skonfigurować w pliku .editorconfig. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Użycie niebezpiecznej wartości DllImportSearchPath {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - Użycie wywołania „WaitAll” z pojedynczym zadaniem może spowodować utratę wydajności, pojawienie się parametru await lub zwrócenie zadania. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - Zastąp wywołanie „WaitAll” pojedynczym wywołaniem „Wait” + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - Nie używaj wywołania „WaitAll” z pojedynczym zadaniem + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Nie używaj słabych algorytmów kryptograficznych + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Algorytmy kryptograficzne pogarszają się z upływem czasu, ponieważ ataki stają się coraz bardziej zaawansowane, a atakujący zyskują dostęp do większej ilości zasobów obliczeniowych. W zależności od typu i zastosowania tego algorytmu kryptograficznego dalsze osłabianie siły kryptograficznej algorytmu może umożliwić atakującemu odczytanie zaszyfrowanych wiadomości, ingerowanie w zaszyfrowane wiadomości, fałszowanie podpisów cyfrowych, ingerowanie w mieszaną zawartość lub inne naruszenie systemu kryptograficznego opartego na tym algorytmie. Zastąp użycia szyfrowane algorytmem AES (akceptowane są algorytmy AES-256, AES-192 i AES-128) z kluczem o długości równej lub większej niż 128 bitów. Zastąp użycia mieszane funkcją skrótu z rodziny SHA-2, taką jak SHA-2 512, SHA-2 384 lub SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - Element {0} używa słabych algorytmów kryptograficznych {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Upewnij się, że algorytm funkcji wyprowadzania klucza jest dostatecznie silny + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Niektóre implementacje klasy Rfc2898DeriveBytes umożliwiają określenie algorytmu wyznaczania wartości skrótu w parametrze konstruktora lub jego zastąpienie we właściwości HashAlgorithm. Jeśli algorytm wyznaczania wartości skrótu istnieje, powinien być to SHA-256 lub wyższy. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - Element {0} prawdopodobnie używa słabego algorytmu wyznaczania wartości skrótu. Aby utworzyć silny klucz na podstawie hasła, użyj algorytmu SHA256, SHA384 lub SHA512. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Wyprowadzając klucze kryptograficzne z danych wejściowych wprowadzonych przez użytkownika, takich jak hasło, użyj wystarczającej liczby iteracji (co najmniej 100 tys.). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - Użycie wywołania „WhenAll” z pojedynczym zadaniem może spowodować utratę wydajności, pojawienie się parametru await lub zwrócenie zadania. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Zastąp wywołanie „WhenAll” argumentem + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - Nie używaj wywołania „WhenAll” z pojedynczym zadaniem + Do not use 'WhenAll' with a single task Do Not Use XslTransform - Nie używaj klasy XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - Nie używaj klasy XslTransform. Nie ogranicza to potencjalnie niebezpiecznych odwołań zewnętrznych. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - Udostępnienie funkcjonalnego atrybutu „DynamicInterfaceCastableImplementationAttribute” wymaga funkcji Domyślne składowe interfejsu, która nie jest obsługiwana w języku Visual Basic. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Udostępnianie interfejsu „DynamicInterfaceCastableImplementation” w języku Visual Basic nie jest obsługiwane + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Udostępnianie interfejsu „DynamicInterfaceCastableImplementation” w języku Visual Basic nie jest obsługiwane + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - Użycie funkcji, które wymagają kierowania środowiska uruchomieniowego, gdy kierowanie środowiska uruchomieniowego jest wyłączone, spowoduje wyjątki środowiska uruchomieniowego. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - Typy z elementem „[StructLayout(LayoutKind.Auto)]“ wymagają włączenia kierowania środowiska uruchomieniowego + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - Parametry by-ref wymagają włączenia kierowania środowiska uruchomieniowego + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Pełnomocnicy z typami zarządzanymi jako parametrami lub zwracanym typem wymagają włączenia kierowania środowiska uruchomieniowego w zestawie, w którym zdefiniowano pełnomocnika. + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - Zamiana HResult wymaga włączenia kierowania środowiska uruchomieniowego + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - Użycie atrybutu „LCIDConversionAttribute“ wymaga włączenia kierowania środowiska uruchomieniowego + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Typy parametrów zarządzanych lub zwracanych wymagają włączenia kierowania środowiska uruchomieniowego + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - Ustawienie wartości SetLastError na wartość „True“ wymaga włączenia kierowania środowiska uruchomieniowego + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Sygnatury Varadic P/Invoke wymagają włączenia kierowania środowiska uruchomieniowego + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - Właściwość, typ lub atrybut wymaga kierowania środowiska uruchomieniowego + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Typ elementu „{0}” zawiera typ w wersji zapoznawczej „{1}” i wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3} „{0}” — typ tego elementu zawiera typ w wersji zapoznawczej „{1}” i wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Prześlij dalej parametr „CancellationToken” do metod, aby upewnić się, że powiadomienia o anulowaniu operacji zostaną prawidłowo rozpropagowane, lub przekaż element „CancellationToken.None” jawnie, aby wskazać celowe niepropagowanie tokenu. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Prześlij dalej parametr „{0}” do metody „{1}” lub przekaż element „CancellationToken.None” jawnie, aby wskazać celowe niepropagowanie tokenu + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Prześlij dalej parametr „CancellationToken” do metod + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Unikaj kodowania na stałe wartości SecurityProtocolType {0} i zamiast tego użyj wartości SecurityProtocolType.SystemDefault, aby umożliwić systemowi operacyjnemu wybranie najlepszego protokołu Transport Layer Security do użycia. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Unikaj kodowania na stałe wartości SecurityProtocolType + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Bieżące wersje protokołu Transport Layer Security mogą zostać uznane za przestarzałe w przypadku znalezienia luk w zabezpieczeniach. Unikaj kodowania na stałe wartości SslProtocols, aby zachować bezpieczeństwo aplikacji. Użyj opcji „Brak”, aby umożliwić systemowi operacyjnemu wybranie wersji. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Unikaj kodowania na stałe wartości SslProtocols „{0}”, aby zapewnić bezpieczeństwo aplikacji w przyszłości. Użyj opcji „Brak”, aby umożliwić systemowi operacyjnemu wybranie wersji. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Unikaj kodowania na stałe wartości SslProtocols + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Ogólne interfejsy matematyczne wymagają, aby sam typ pochodny był używany dla parametru typu cyklicznego. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - Element „{0}” wymaga wypełnienia parametru typu „{1}” typem pochodnym „{2}” + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Użyj poprawnego parametru typu + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Aby naprawić naruszenie tej reguły, ustaw metodę GetObjectData jako widoczną i możliwą do przesłonięcia oraz upewnij się, że wszystkie pola wystąpienia są uwzględnione w procesie serializacji lub jawnie oznaczone atrybutem NonSerializedAttribute. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Dodaj implementację metody GetObjectData do typu {0} + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Przekształć metodę {0}.GetObjectData w wirtualną i możliwą do przesłonięcia + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Zwiększ dostępność metody {0}.GetObjectData, aby była widoczna dla typów pochodnych + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - Poprawnie zaimplementuj interfejs ISerializable + Implement ISerializable correctly Implement inherited interfaces - Implementuj interfejsy dziedziczone + Implement inherited interfaces Implement Serialization constructor - Zaimplementuj konstruktor serializacji + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Aby naprawić naruszenie tej reguły, zaimplementuj konstruktor serializacji. W przypadku klasy zapieczętowanej ustaw konstruktor jako prywatny. W przeciwnym razie ustaw go jako chroniony. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Dodaj konstruktor do elementu {0} z następującą sygnaturą: protected {0}(SerializationInfo info, StreamingContext context). + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Zadeklaruj konstruktor serializacji zapieczętowanego typu {0} jako prywatny. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Zadeklaruj konstruktor serializacji niezapieczętowanego typu {0} jako chroniony. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Zaimplementuj konstruktory serializacji + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Metoda, która obsługuje zdarzenie serializacji, nie ma poprawnej sygnatury, zwracanego typu lub widoczności. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Ponieważ metoda {0} jest oznaczona atrybutem OnSerializing, OnSerialized, OnDeserializing lub OnDeserialized, zmień jej sygnaturę tak, aby już nie była ogólna + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Ponieważ metoda {0} jest oznaczona atrybutem OnSerializing, OnSerialized, OnDeserializing lub OnDeserialized, zmień jej sygnaturę tak, aby przyjmowała jeden parametr typu „System.Runtime.Serialization.StreamingContext” + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Ponieważ metoda {0} jest oznaczona atrybutem OnSerializing, OnSerialized, OnDeserializing lub OnDeserialized, zmień jej typ zwracany z {1} na void (Sub w języku Visual Basic) + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Ponieważ metoda {0} jest oznaczona atrybutem OnSerializing, OnSerialized, OnDeserializing lub OnDeserialized, zmień ją ze statycznej (Shared w języku Visual Basic) na metodę wystąpienia + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Ponieważ metoda {0} jest oznaczona atrybutem OnSerializing, OnSerialized, OnDeserializing lub OnDeserialized, zmień jej dostępność na prywatną + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Poprawnie implementuj metody serializacji + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}” ma zaimplementowany interfejs w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}” ma zaimplementowany interfejs w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}” ma zaimplementowaną metodę w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}” ma zaimplementowaną metodę w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Typ referencyjny deklaruje jawny konstruktor statyczny. Aby naprawić naruszenie tej reguły, zainicjuj wszystkie dane statyczne podczas ich deklarowania i usuń konstruktor statyczny. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Zainicjuj pola statyczne typu referencyjnego w deklaracji pól + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Zainicjuj wszystkie pola statyczne typu „{0}” w ramach ich deklaracji i usuń jawny konstruktor statyczny + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Typ wartości deklaruje jawny konstruktor statyczny. Aby naprawić naruszenie tej reguły, zainicjuj wszystkie dane statyczne podczas ich deklarowania i usuń konstruktor statyczny. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Zainicjuj pola statyczne typu wartości w deklaracji pól + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Zmień, aby wywołać konstruktora z dwoma argumentami i przekazać wartość null dla komunikatu. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - Wywołano domyślny (bezparametrowy) konstruktor typu wyjątku ArgumentException lub typu pochodzącego od niego albo przekazano niepoprawny argument ciągu do konstruktora parametryzowanego typu wyjątku ArgumentException lub typu pochodzącego od niego. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Zamień kolejność argumentów + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - Metoda {0} przekazuje nazwę parametru „{1}” jako argument {2} do konstruktora {3}. Zastąp ten argument opisowym komunikatem i przekaż nazwę parametru na poprawnej pozycji. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - Metoda {0} przekazuje element „{1}” jako argument {2} do konstruktora {3}. Zastąp ten argument jedną z nazw parametrów metody. Zwróć uwagę na to, że podana nazwa parametru powinna mieć dokładnie taką samą pisownię jak deklaracja w metodzie. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Wywołaj konstruktor {0}, który zawiera komunikat i/lub parametr paramName + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Utwórz poprawnie wystąpienia wyjątków argumentu + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - Typy z atrybutem „DynamicInterfaceCastableImplementationAttribute” działają jako implementacja interfejsu dla typu, który implementuje typ „IDynamicInterfaceCastable”. W związku z tym musi dostarczać implementację wszystkich składowych zdefiniowanych w dziedziczonych interfejsach, ponieważ typ implementujący interfejs „IDynamicInterfaceCastable” nie udostępni ich w inny sposób. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - Typ „{0}” ma zastosowany atrybut „DynamicInterfaceCastableImplementationAttribute”, ale nie udostępnia implementacji wszystkich składowych interfejsu zdefiniowanych w dziedziczonych interfejsach + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Wszystkie składowe zadeklarowane w interfejsach nadrzędnych muszą mieć implementację w interfejsie DynamicInterfaceCastableImplementation-attributed + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda „{0}” nie jest bezpieczna podczas deserializacji niezaufanych danych za pomocą klasy JavaScriptSerializer zainicjowanej z klasą SimpleTypeResolver. Upewnij się, że klasa JavaScriptSerializer jest inicjowana bez określonej klasy JavaScriptTypeResolver lub inicjowana z klasą JavaScriptTypeResolver, która ogranicza typy obiektów w zdeserializowanym grafie obiektów. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Upewnij się, że klasa JavaScriptSerializer nie jest zainicjowana za pomocą klasy z SimpleTypeResolver przed wykonaniem deserializacji + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Metoda „{0}” nie jest bezpieczna podczas deserializacji niezaufanych danych za pomocą klasy JavaScriptSerializer zainicjowanej z klasą SimpleTypeResolver. Zainicjuj klasę JavaScriptSerializer bez określonej klasy JavaScriptTypeResolver lub zainicjuj ją z klasą JavaScriptTypeResolver, która ogranicza typy obiektów w zzdeserializowanym grafie obiektów. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - Nie wykonuj deserializacji za pomocą klasy JavaScriptSerializer używającej klasy SimpleTypeResolver + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest mało bezpieczne. W przypadku deserializacji typu JsonSerializer użyj wartości TypeNameHandling.None lub, w przypadku wartości innych niż None, użyj elementu SerializationBinder w celu ograniczenia typów deserializowanych. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Nie wykonuj deserializacji typu JsonSerializer przy użyciu niezabezpieczonej konfiguracji + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest mało bezpieczne. W przypadku korzystania z klasy JsonSerializerSettings użyj wartości TypeNameHandling.None lub, w przypadku wartości innych niż None, użyj elementu SerializationBinder w celu ograniczenia typów deserializowanych. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - Nie używaj niezabezpieczonej klasy JsonSerializerSettings + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest mało bezpieczne. W przypadku deserializacji typu JsonSerializer użyj wartości TypeNameHandling.None lub, w przypadku wartości innych niż None, użyj elementu SerializationBinder w celu ograniczenia typów deserializowanych. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Upewnij się, że element JsonSerializer ma bezpieczną konfigurację podczas deserializacji + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Podczas deserializacji niezaufanych danych wejściowych zezwolenie na deserializację dowolnych typów jest niezabezpieczone. W przypadku korzystania z klasy JsonSerializerSettings upewnij się, że określono wartość TypeNameHandling.None lub, w przypadku wartości innych niż None, upewnij się, że określono element SerializationBinder, aby ograniczyć typy deserializowane. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Upewnij się, że klasa JsonSerializerSettings jest zabezpieczona + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Deserializacja danych JSON, gdy używana jest wartość TypeNameHandling inna niż None, może być niebezpieczna. Jeśli zamiast tego potrzebujesz wykrywać deserializację Json.NET, gdy nie jest określona wartość SerializationBinder, wyłącz regułę CA2326 i włącz reguły CA2327, CA2328, CA2329 i CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Deserializacja danych JSON, gdy używana jest wartość TypeNameHandling inna niż None, może być niebezpieczna. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - Nie używaj wartości TypeNameHandling innych niż None + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Nie używaj niezabezpieczonego deserializatora LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - Konwertuj na metodę statyczną + Convert to static method Converting an instance method to a static method may produce invalid code - Konwertowanie metody wystąpienia na metodę statyczną może spowodować wygenerowanie nieprawidłowego kodu + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Ustaw konstruktora publicznego, który przyjmuje zero parametrów jako „publiczny” + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Wystąpienie pola typu, którego nie można serializować, jest zadeklarowane w typie, który można serializować. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - Pole {0} jest składową typu {1}, który można serializować, ale jest typu {2}, którego nie można serializować + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Oznacz wszystkie pola nieprzeznaczone do serializacji + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - Atrybut NeutralResourcesLanguage informuje obiekt ResourceManager o języku, którego użyto do wyświetlenia zasobów kultury neutralnej dla zestawu. Podwyższa to wydajność wyszukiwania pierwszego ładowanego zasobu i umożliwia zmniejszenie zestawu roboczego. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Oznacz zestawy atrybutem NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Oznacz zestawy atrybutem NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - Typ danych boolean ma wiele reprezentacji w kodzie niezarządzanym. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Dodaj atrybut MarshalAsAttribute do parametru {0} elementu P/Invoke {1}. Jeśli odpowiadającym parametrem niezarządzanym jest 4-bajtowy typ BOOL środowiska Win32, użyj wartości [MarshalAs(UnmanagedType.Bool)]. W przypadku 1-bajtowego typu bool języka C++ użyj wartości MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Dodaj atrybut MarshalAsAttribute do typu zwracanego elementu P/Invoke {0}. Jeśli odpowiadającym niezarządzanym typem zwracanym jest 4-bajtowy typ BOOL środowiska Win32, użyj wartości [MarshalAs(UnmanagedType.Bool)]. W przypadku 1-bajtowego typu bool języka C++ użyj wartości MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Oznacz argumenty typu boolean elementu PInvoke argumentem MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Aby typy mogły zostać rozpoznane przez środowiska uruchomieniowe w trakcie wykonania jako możliwe do serializacji, muszą być oznaczone atrybutem SerializableAttribute, nawet gdy typ używa niestandardowej procedury serializacji przez implementację interfejsu ISerializable. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Dodaj atrybut [Serializable] do typu {0}, ponieważ ten typ implementuje interfejs ISerializable + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - Oznacz typy ISerializable atrybutem serializable + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Upewnij się, że sprawdzenie listy odwołań certyfikatów programu HttpClient nie jest wyłączone + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - Program HttpClient może zostać utworzony bez włączania właściwości CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Upewnij się, że certyfikaty nie są dodawane do magazynu głównego + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - Dodawanie certyfikatów do zaufanych certyfikatów głównych systemu operacyjnego nie jest bezpieczne. Upewnij się, że magazyn docelowy nie jest magazynem głównym. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Użyj metody CreateEncryptor z domyślnym wektorem inicjowania + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - W szyfrowaniu jest używany wektor inicjowania inny niż domyślny, który może być powtarzalny. Upewnij się, że używasz domyślnego wektora inicjowania. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Upewnij się, że używasz bezpiecznych plików cookie na platformie ASP.NET Core + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Upewnij się, że podczas ustawiania pliku cookie wartość CookieOptions.Secure = true + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Używając funkcji wyprowadzania klucza słabego, upewnij się, że istnieje wystarczająca liczba iteracji + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Wyprowadzając klucz kryptograficzny z hasła, upewnij się, że liczba iteracji to co najmniej {0}. Domyślnie wartość IterationCount dla klasy Rfc2898DeriveByte to tylko 1000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Ponieważ typ implementujący interfejs „IDynamicInterfaceCastable” może nie implementować interfejsu dynamicznego w metadanych, wywołania do składowej interfejsu wystąpienia, który nie jest jawną implementacją zdefiniowaną w tym typie, mogą zakończyć się niepowodzeniem w czasie wykonywania. Oznacz nowe składowe interfejsu jako „statyczne”, aby uniknąć błędów środowiska uruchomieniowego. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - Składowa „{0}” w typie „{1}” powinna być oznaczony jako „statyczny”, ponieważ element „{1}” ma zastosowany atrybut „DynamicInterfaceImplementationAttribute” + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Składowe zdefiniowane w interfejsie z atrybutem „DynamicInterfaceCastableImplementationAttribute” powinny mieć wartość „statyczne” + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}” zwraca typ w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}” zwraca typ w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - „{0}” przyjmuje parametr w wersji zapoznawczej typu „{1}” i wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} „{0}” przyjmuje parametr w wersji zapoznawczej typu „{1}” i wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Ta metoda używa kierowania środowiska uruchomieniowego nawet wtedy, gdy kierowanie środowiska uruchomieniowego jest wyłączone, co może powodować nieoczekiwane różnice w zachowaniu środowiska uruchomieniowego ze względu na różne oczekiwania dotyczące układu natywnego typu. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - Element „{0}“ używa kierowania środowiska uruchomieniowego nawet wtedy, gdy jest zastosowany atrybut „DisableRuntimeMarsbezpieczeńingAttribute“. Użyj bezpośrednio funkcji, takich jak „sizeof“ i wskaźników, aby zapewnić dokładne wyniki. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Ta metoda używa kierowania środowiska uruchomieniowego nawet wtedy, gdy jest stosowany atrybut „DisableRuntimeMarsbezpieczeńingAttribute“ + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Pomiń atrybut HttpVerb dla metod akcji + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Wszystkie metody, które tworzą, edytują, usuwają lub w inny sposób modyfikują dane, dokonują tego w przeciążeniu [HttpPost] metody, która musi być chroniona przy użyciu atrybutu zabezpieczającego przed fałszerstwem przez sfałszowanie żądania. Wykonanie operacji GET powinno być bezpieczną operacją, która nie ma żadnych efektów ubocznych i nie powoduje modyfikacji utrwalonych danych. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - Metoda akcji {0} musi jawnie określać rodzaj żądania HTTP + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Inicjatory modułów są przeznaczone do użycia przez kod aplikacji w celu zapewnienia, że składniki aplikacji zostaną zainicjowane przed rozpoczęciem wykonywania kodu aplikacji. Jeśli kod biblioteki deklaruje metodę za pomocą atrybutu „ModuleInitializer”, może zakłócać inicjowanie aplikacji, a także prowadzić do ograniczeń w możliwościach przycinania tej aplikacji. Zamiast używać metod oznaczonych atrybutem „ModuleInitializer”, biblioteka powinna uwidaczniać metody, których można użyć do zainicjowania składników w bibliotece i umożliwienia aplikacji wywołania metody podczas inicjowania aplikacji. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - Atrybut „ModuleInitializer” jest przeznaczony tylko do użycia w kodzie aplikacji lub w zaawansowanych scenariuszach generatora źródła + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - Atrybut „ModuleInitializer” nie powinien być używany w bibliotekach + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Metoda „{0}” nie jest bezpieczna podczas deserializowania niezaufanych danych bez użycia elementu SerializationBinder w celu ograniczenia typu obiektów w zdeserializowanym grafie obiektów. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Upewnij się, że właściwość NetDataContractSerializer.Binder jest ustawiona przed deserializacją + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Metoda „{0}” nie jest bezpieczna podczas deserializowania niezaufanych danych bez użycia elementu SerializationBinder w celu ograniczenia typu obiektów w zdeserializowanym grafie obiektów. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - Nie wykonuj deserializacji bez uprzedniego ustawienia właściwości NetDataContractSerializer.Binder + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - Metoda „{0}” jest niezabezpieczona podczas deserializowania niezaufanych danych. Aby zamiast tego wykryć deserializację klasy NetDataContractSerializer bez ustawionego elementu SerializationBinder, wyłącz regułę CA2310 i włącz reguły CA2311 i CA2312. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Nie używaj niezabezpieczonego deserializatora NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Ciągi powinny być znormalizowane do wielkich liter. Nie można wykonać dwustronnej konwersji dla małej grupy znaków podczas konwertowania na małe litery. Wykonanie dwustronnej konwersji oznacza tutaj przekonwertowanie znaków z jednych ustawień regionalnych na inne, które reprezentują dane w inny sposób, a następnie dokładne pobranie oryginalnych znaków z przekonwertowanych znaków. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - W metodzie „{0}” zastąp wywołanie metody „{1}” wywołaniem „{2}” + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Znormalizuj ciągi do wielkich liter + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - Metoda „{0}” jest niezabezpieczona podczas deserializacji niezaufanych danych. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Nie używaj niezabezpieczonego deserializatora ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - „{0}” przesłania metodę w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} „{0}” przesłania metodę w wersji zapoznawczej „{1}” i dlatego wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Metoda publiczna lub chroniona w typie publicznym ma atrybut System.Runtime.InteropServices.DllImportAttribute (implementowany również przez słowo kluczowe Declare w języku Visual Basic). Takie metody nie powinny być ujawniane. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - Metoda P/Invoke {0} nie powinna być widoczna. + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - Elementy P/Invoke nie powinny być widoczne + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - i wszystkie inne platformy + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - wszystkie wersje systemu „{0}” + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - Użycie w składniku interfejsu API zależnego od platformy powoduje, że kod nie działa na różnych platformach. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - system „{0}” w wersji od {1} do {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - To miejsce wywołania jest osiągalne na wszystkich platformach. „{0}” jest przestarzałe na: {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - To miejsce wywołania jest osiągalne na platformie: {2}. „{0}” jest przestarzałe na następujących platformach: {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - To miejsce wywołania jest osiągalne na wszystkich platformach. Metoda „{0}” jest obsługiwana tylko na następujących platformach: {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - To miejsce wywołania jest osiągalne na platformie: {2}. Metoda „{0}” jest obsługiwana tylko na następujących platformach: {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - To miejsce wywołania jest nieosiągalne na platformie: {2}. Metoda „{0}” jest obsługiwana tylko na następujących platformach: {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - To miejsce wywołania jest osiągalne na wszystkich platformach. Metoda „{0}” jest obsługiwana na następujących platformach: {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - To miejsce wywołania jest osiągalne na platformie: {2}. Metoda „{0}” jest obsługiwana na następujących platformach: {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Walidacja zgodności z platformą + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - To miejsce wywołania jest osiągalne na wszystkich platformach. Metoda „{0}” nie jest obsługiwana na następujących platformach: {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - To miejsce wywołania jest osiągalne na platformie: {2}. Metoda „{0}” nie jest obsługiwana na następujących platformach: {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - system „{0}” w wersji {1} lub wcześniejszej + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - system „{0}” w wersji {1} lub nowszej + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Przejrzyj kod, który przetwarza zdeserializowane niezaufane dane, pod kątem obsługi nieoczekiwanych cykli odwołań. Nieoczekiwany cykl odwołań nie powinien powodować wejścia kodu w nieskończoną pętlę. W przeciwnym razie nieoczekiwany cykl odwołań może pozwolić osobie atakującej na przeprowadzenie ataku DoS lub wyczerpanie pamięci procesu podczas deserializacji niezaufanych danych. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - Element {0} należy do potencjalnego cyklu odwołań + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Potencjalny cykl odwołań w deserializowanym grafie obiektów + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - Zamień ciąg „Substring” na „AsSpan” + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - Ciąg „AsSpan” jest bardziej wydajny niż ciąg „Substring”. Ciąg „Substring” wykonuje kopię ciągu O(n), natomiast ciąg „AsSpan” nie wykonuje i ponadto ma stały koszt. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Preferuj ciąg „AsSpan” niż „Substring”, gdy są dostępne przeciążenia oparte na zakresie + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - Preferuj ciąg „AsSpan” niż „Substring” + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - Użyj sprawdzania „Count” zamiast „Any()” + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Preferuj porównywanie wartości „Count” z wartością 0 zamiast użycia elementu „Any()”, zarówno w celu zapewnienia jednoznaczności, jak i wydajności + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - Użyj elementu „ContainsKey” + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - Element „ContainsKey” ma zazwyczaj wartość O(1), a element „Keys.Contains” może w niektórych przypadkach mieć wartość O(n). Ponadto wiele implementacji słownika bardzo wolno inicjuje kolekcję kluczy, aby ograniczyć alokacje. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Preferuj element „ContainsKey” niż „Keys.Contains” dla typu słownika „{0}” + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Preferuj metody Dictionary.Contains + Prefer Dictionary.Contains methods Use 'ContainsValue' - Użyj wartości „ContainsValue” + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Wiele implementacji słowników bardzo wolno inicjalizuje kolekcję Values. Aby uniknąć niepotrzebnych alokacji, preferuj wartość „ContainsValue” zamiast wartości „Values.Contains”. + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Preferuj wartość „ContainsValue” niż wartość „Values.Contains” dla typu słownika „{0}” + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Zamień na metodę „HashData” + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - Korzystanie z metody statycznej „HashData” jest wydajniejsze niż tworzenie wystąpienia HashAlgorithm i zarządzanie nim w celu wywołania „ComputeHash”. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Preferuj metodę statyczną „{0}.HashData”, nie „ComputeHash” + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Preferuj metodę statyczną „HashData”, nie „ComputeHash” + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - Użyj sprawdzania „IsEmpty” zamiast „Any()” + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Preferuj kontrolę „IsEmpty”, a nie „Any()”, zarówno w celu zapewnienia przejrzystości, jak i wydajności + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Preferuj używanie właściwości „IsEmpty”, „Count” lub „Length” w zależności od dostępności, zamiast wywoływać metodę „Enumerable.Any()”. Intencja jest bardziej przejrzysta i wydajniejsza niż użycie metody rozszerzenia „Enumerable.Any()”. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Unikaj używania metody rozszerzenia „Enumerable.Any()” + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - Użyj sprawdzania „Length” zamiast „Any()” + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Preferuj porównywanie wartości „Length” z wartością 0 zamiast używania elementu „Any()”, zarówno w celu zapewnienia przejrzystości, jak i wydajności + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - Element „Stream” ma przeciążenie „ReadAsync”, które przyjmuje „Memory<Byte>” jako pierwszy argument i przeciążenie „WriteAsync”, które przyjmuje „ReadOnlyMemory<Byte>” jako pierwszy argument. Preferuj wywoływanie przeciążeń opartych na pamięci, co jest bardziej wydajne. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Aby określić, czy obiekt zawiera jakiekolwiek elementy, stosuj właściwość „IsEmpty” zamiast pobierać liczbę elementów z właściwości „Count” i porównywać ją z wartością 0 lub 1. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Preferuj właściwość „IsEmpty” przed właściwością „Count” do określania, czy obiekt jest pusty - - - - Prefer IsEmpty over Count - Preferuj właściwość IsEmpty przed Count + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Zmień wywołanie metody „{0}” tak, aby używało przeciążenia „{1}” + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Preferuj „przeciążanie oparte na elemencie „Memory” dla elementów „ReadAsync” i „WriteAsync” + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Zamień na „string.Contains” + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Wywołania elementu „string.IndexOf”, w przypadku których wynik jest używany do sprawdzania obecności/nieobecności podciągu, mogą zostać zastąpione przez wyrażenie „string.Contains”. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Używaj metody „string.Contains” zamiast metody „string.IndexOf”, aby zwiększyć czytelność + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Rozważ użycie metody „string.Contains” zamiast „string.IndexOf” + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - Metody StringBuilder.Append i StringBuilder.Insert zapewniają przeciążenia dla wielu typów oprócz typu System.String. Jeśli to możliwe, preferuj silnie typizowane przeciążenia zamiast używania metody ToString() i przeciążenia opartego na ciągu. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Usuń wywołanie metody ToString, aby użyć silnie typizowanego przeciążenia elementu StringBuilder + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - Usuń wywołanie metody ToString + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Preferuj silnie typizowane metody Append i Insert w elemencie StringBuilder - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - Element „StringBuilder.Append(char)” jest bardziej wydajny niż element „StringBuilder.Append(string)”, gdy ciąg jest pojedynczym znakiem. W przypadku wywołania elementu „Append” ze stałą, preferuj użycie stałego znaku, a nie ciągu stałego zawierającego jeden znak. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Użyj metody „StringBuilder.Append(char)” zamiast metody „StringBuilder.Append(string)”, gdy dane wejściowe są stałym ciągiem jednostki - - - - Consider using 'StringBuilder.Append(char)' when applicable - Rozważ użycie elementu „StringBuilder.Append(char)”, jeśli ma to zastosowanie + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - Począwszy od platformy .NET 7 jawna konwersja „{0}” nie będzie zgłaszać przepełnienia w niezaznaczonym kontekście. Opatrz wyrażenie za pomocą instrukcji „checked”, aby przywrócić zachowanie platformy .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Począwszy od platformy .NET 7 jawna konwersja „{0}” będzie zgłaszać przepełnienie w zaznaczonym kontekście. Opatrz wyrażenie za pomocą instrukcji „unchecked”, aby przywrócić zachowanie platformy .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Niektóre wbudowane operatory dodane w programie .NET 7 działają inaczej w przypadku przepełnienia niż odpowiednie operatory zdefiniowane przez użytkownika w programie .NET 6 i we wcześniejszych wersjach. Niektóre operatory, które wcześniej zgłosiły niezaznaczony kontekst, teraz ich nie zgłaszają, chyba że zostaną opakowane w zaznaczony kontekst. Ponadto niektóre operatory, które nie zgłosiły wcześniej zaznaczonego kontekstu, teraz zgłaszają wyjątek, chyba że jest zawinięty w niezaznaczony kontekst. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Począwszy od platformy .NET 7, operator „{0}” będzie zgłaszać przepełnienie w zaznaczonym kontekście. Opatrz wyrażenie za pomocą instrukcji „unchecked”, aby przywrócić zachowanie platformy .NET 6. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Zapobiegaj zmianie zachowania + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - Metoda „Enum.HasFlag” oczekuje, że argument „enum” ma ten sam typ „enum” co wystąpienie, na którym wywołano metodę, i że ten element „enum” jest oznaczony elementem „System.FlagsAttribute”. Jeśli są to różne typy „enum”, w czasie wykonywania zostanie zgłoszony nieobsługiwany wyjątek. Jeśli typ „enum” nie jest oznaczony elementem „System.FlagsAttribute”, wywołanie będzie zawsze zwracać wartość „false” w czasie wykonywania. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - Typ argumentu „{0}” musi być taki sam jak typ wyliczenia „{1}”. + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Podaj poprawny argument „enum” dla elementu „Enum.HasFlag” + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - Argument formatu przekazywany do metody System.String.Format nie zawiera elementu formatu odpowiadającego każdemu argumentowi obiektu lub odwrotnie. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Określ poprawne argumenty dla metod formatujących + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Określ poprawne argumenty dla metod formatujących + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Typ ma pole, które jest oznaczone za pomocą atrybutu System.Runtime.Serialization.OptionalFieldAttribute, a typ nie zapewnia metod obsługi zdarzeń deserializacji. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Dodaj metodę private void OnDeserialized(StreamingContext) do typu {0} i oznacz ją atrybutem System.Runtime.Serialization.OnDeserializedAttribute + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Dodaj metodę private void OnDeserializing(StreamingContext) do typu {0} i oznacz ją atrybutem System.Runtime.Serialization.OnDeserializingAttribute + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Udostępnij metody deserializacji dla pól opcjonalnych + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - Udostępnienie konstruktora bez parametrów, który jest tak widoczny jak typ zawierający dla typu pochodzącego z elementu „System.Runtime.InteropServices.SafeHandle”, zapewnia lepszą wydajność i użycie dzięki wygenerowanym przez źródło rozwiązaniom międzyoperacyjnym. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Podaj konstruktora bez parametrów, który jest tak widoczny jak typ zawierający dla typu „{0}” pochodzącego z elementu „System.Runtime.InteropServices.SafeHandle” + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Podaj konstruktora bez parametrów, który jest tak widoczny jak typ zawierający dla konkretnych typów pochodzących z elementu „System.Runtime.InteropServices.SafeHandle” + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Aby zwiększyć wydajność, zastąp metody asynchroniczne oparte na pamięci podczas tworzenia podklasy „Stream”. Następnie zaimplementuj metody oparte na tablicy w zakresie metod opartych na pamięci. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - Metoda „{0}” przesłania metodę „{1}” opartą na tablicy, ale nie przesłania metody opartej na pamięci „{2}”. Rozważ zastąpienie metody opartej na pamięci „{2}”, aby zwiększyć wydajność. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Podaj oparte na pamięci przesłonięcia metod asynchronicznych podczas tworzenia podklasy „Stream” + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Usuń nadmiarowe wywołanie + Remove redundant call Remove unnecessary call - Usuń niepotrzebne wywołanie + Remove unnecessary call Replace string literal with char literal - Zamień literał ciągu na literał char + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie biblioteki DLL, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie biblioteki DLL + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie ścieżki pliku, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie ścieżki pliku + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą ujawnienie informacji, gdzie element „{0}” w metodzie „{1}” może zawierać niezamierzone informacje z elementu „{2}” w metodzie „{3}”. + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Przegląd kodu pod kątem luk umożliwiających ujawnienie informacji + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie protokołu LDAP, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie protokołu LDAP + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą istnienie otwartego przekierowania, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Przegląd kodu pod kątem luk umożliwiających otwarcie przekierowania + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie polecenia procesu, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie polecenia procesu + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie wyrażenia regularnego, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie wyrażenia regularnego + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie kodu SQL, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie kodu SQL + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie kodu XAML, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie kodu XAML + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie kodu XML, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie kodu XML - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Znaleziono potencjalną lukę umożliwiającą wstrzyknięcie wyrażenia XPath, gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. - - - - Review code for XPath injection vulnerabilities - Przegląd kodu pod kątem luk umożliwiających wstrzyknięcie wyrażenia XPath + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Wykryto potencjalną lukę umożliwiającą działanie skryptów międzywitrynowych (XSS), gdzie element „{0}” w metodzie „{1}” może zostać zanieczyszczony danymi kontrolowanymi przez użytkownika z elementu „{2}” w metodzie „{3}”. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Przegląd kodu pod kątem luk umożliwiających działanie skryptów między witrynami + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - Zapytania SQL korzystające bezpośrednio z danych wejściowych użytkownika mogą być podatne na ataki polegające na wstrzyknięciu kodu SQL. Sprawdź to zapytanie SQL pod kątem potencjalnych luk i rozważ użycie sparametryzowanego zapytania SQL. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Sprawdź, czy ciąg zapytania przekazany do elementu „{0}” w elemencie „{1}” akceptuje dowolne dane wejściowe użytkownika + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - Sprawdź zapytania SQL pod kątem luk w zabezpieczeniach + Review SQL queries for security vulnerabilities Seal class - Klasa pieczęci + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Jeśli typ jest niedostępny poza swoim zestawem i nie ma żadnych podtypów w obrębie swojego zawierającego zestawu, to można go bezpiecznie zapieczętować. Zapieczętowanie typów może zwiększyć wydajność. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - Typ „{0}” może być zapieczętowany, ponieważ nie ma żadnych podtypów w swoim zawierającym zestawie i nie jest widoczny zewnętrznie + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Zapieczętuj typy wewnętrzne + Seal internal types Set HttpOnly to true for HttpCookie - Ustaw element HttpOnly na wartość true dla elementu HttpCookie + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - W celu zapewnienia kompleksowej ochrony upewnij się, że wpływające na zabezpieczenia pliki cookie protokołu HTTP są oznaczone jako HttpOnly. Oznacza to, że przeglądarki internetowe powinny uniemożliwić skryptom uzyskiwanie dostępu do tych plików cookie. Wstrzykiwanie złośliwych skryptów to typowy sposób kradzieży plików cookie. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - Właściwość HttpCookie.HttpOnly jest ustawiana na wartość false lub nie jest konfigurowana wcale w przypadku używania elementu HttpCookie. Upewnij się, że wpływające na zabezpieczenia pliki cookie są oznaczone jako HttpOnly, aby uniemożliwić złośliwym skryptom kradzież plików cookie + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Ustaw właściwość ViewStateUserKey dla klas pochodzących od klasy Page + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - Ustawienie właściwości ViewStateUserKey może pomóc zapobiec atakom na aplikację, umożliwiając przypisanie identyfikatora do zmiennej view-state dla poszczególnych użytkowników, aby nie mogli użyć zmiennej do wygenerowania ataku. W przeciwnym razie będą istniały luki w zabezpieczeniach przed fałszowaniem żądań międzywitrynowych. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - Klasa {0} pochodząca z biblioteki System.Web.UI.Page nie ustawia właściwości ViewStateUserKey w metodzie OnInit lub metodzie Page_Init + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Określ kulturę, aby uniknąć przypadkowej, niejawnej zależności od bieżącej kultury. Użycie niezmiennej wersji daje spójne wyniki niezależnie od kultury aplikacji. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Określ kulturę lub użyj niezmiennej wersji, aby uniknąć niejawnej zależności od bieżącej kultury + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Określ kulturę lub użyj niezmiennej wersji + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Metoda lub konstruktor wywołuje element członkowski z przeciążeniem akceptującym parametr System.Globalization.CultureInfo, a nie wywołuje przeciążenia pobierającego parametr CultureInfo. Jeśli parametr CultureInfo lub obiekt System.IFormatProvider nie zostanie określony, wartość domyślna podana przez przeciążony element członkowski może nie dawać pożądanego efektu w przypadku wszystkich ustawień regionalnych. Jeśli wynik będzie wyświetlany dla użytkownika, określ dla parametru „CultureInfo” wartość „CultureInfo.CurrentCulture”. W przeciwnym przypadku, jeśli wynik będzie przechowywany i używany przez oprogramowanie — tak jak przy utrwalaniu na dysku lub w bazie danych, określ wartość „CultureInfo.InvariantCulture”. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Zachowanie elementu „{0}” może być różne w zależności od bieżących ustawień regionalnych użytkownika. Zastąp to wywołanie w metodzie „{1}” wywołaniem metody „{2}”. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - Określ parametr CultureInfo + Specify CultureInfo Specify current culture - Określ bieżącą kulturę + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Metoda lub konstruktor wywołuje co najmniej jedną składową z przeciążeniem akceptującym parametr System.IFormatProvider, a nie wywołuje przeciążenia pobierającego parametr IFormatProvider. Jeśli parametr System.Globalization.CultureInfo lub obiekt IFormatProvider nie zostanie określony, wartość domyślna podana przez przeciążoną składową może nie dawać pożądanego efektu w przypadku wszystkich ustawień regionalnych. Jeśli wynik będzie oparty na danych wprowadzanych przez użytkownika lub wyświetlanych dla użytkownika, określ dla parametru „IFormatProvider” wartość „CultureInfo.CurrentCulture”. W przeciwnym przypadku, jeśli wynik będzie przechowywany i używany przez oprogramowanie — tak jak przy ładowaniu z dysku lub bazy danych i utrwalaniu na dysku lub w bazie danych, określ wartość „CultureInfo.InvariantCulture”. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Zachowanie elementu „{0}” może być różne w zależności od bieżących ustawień regionalnych użytkownika. Zastąp to wywołanie w metodzie „{1}” wywołaniem metody „{2}”. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Zachowanie elementu „{0}” może być różne w zależności od bieżących ustawień regionalnych użytkownika. Zastąp to wywołanie w metodzie „{1}” wywołaniem metody „{2}”. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - Zachowanie elementu „{0}” może się różnić w zależności od ustawień regionalnych bieżącego użytkownika. Podaj wartość argumentu „IFormatProvider”. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - Metoda „{0}” przekazuje wartość „{1}” jako parametr „IFormatProvider” do metody „{2}”. Ta właściwość zwraca kulturę nieodpowiednią dla metod formatujących. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - Metoda „{0}” przekazuje wartość „{1}” jako parametr „IFormatProvider” do metody „{2}”. Ta właściwość zwraca kulturę nieodpowiednią dla metod formatujących. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - Określ interfejs IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Element członkowski wywołania platformy zezwala na częściowo zaufany kod wywołujący, ma parametr ciągu i nie kieruje jawnie łańcuchem. Może to być przyczyną potencjalnej luki w zabezpieczeniach. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Określ kierowanie dla argumentów ciągu P/Invoke + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Operacja porównywania ciągów używa przeciążenia metody bez ustawionego parametru StringComparison. Zalecamy użycie przeciążenia z parametrem StringComparison, aby wyjaśnić intencję. Jeśli wynik będzie wyświetlany dla użytkownika, tak jak w przypadku sortowania listy elementów do wyświetlenia w polu listy, określ wartość „StringComparison.CurrentCulture” lub „StringComparison.CurrentCultureIgnoreCase” dla parametru „StringComparison”. W przypadku porównywania identyfikatorów nieuwzględniających wielkości liter, takich jak ścieżki do plików, zmienne środowiskowe czy klucze i wartości rejestru, określ wartość „StringComparison.OrdinalIgnoreCase”. W przeciwnym przypadku, jeśli porównywane są identyfikatory uwzględniające wielkość liter, określ wartość „StringComparison.Ordinal”. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - Element „{0}” ma przeciążenie metody, które przyjmuje parametr „StringComparison”. Zamień to wywołanie w elemencie „{1}” na wywołanie elementu „{2}”, aby wyjaśnić intencję. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Określ parametr StringComparison w celu wyjaśnienia + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Operacja porównywania ciągów używa przeciążenia metody bez ustawionego parametru StringComparison, dlatego jej działanie może różnić się w zależności od bieżących ustawień regionalnych użytkownika. Stanowczo zalecamy użycie przeciążenia z parametrem StringComparison w celu osiągnięcia poprawności i wyjaśnienia intencji. Jeśli wynik będzie wyświetlany dla użytkownika, tak jak w przypadku sortowania listy elementów do wyświetlenia w polu listy, określ wartość „StringComparison.CurrentCulture” lub „StringComparison.CurrentCultureIgnoreCase” dla parametru „StringComparison”. W przypadku porównywania identyfikatorów nieuwzględniających wielkości liter, takich jak ścieżki do plików, zmienne środowiskowe czy klucze i wartości rejestru, określ wartość „StringComparison.OrdinalIgnoreCase”. W przeciwnym przypadku, jeśli porównywane są identyfikatory uwzględniające wielkość liter, określ wartość „StringComparison.Ordinal”. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Zachowanie elementu „{0}” może być różne w zależności od bieżących ustawień regionalnych użytkownika. Zastąp to wywołanie w metodzie „{1}” wywołaniem metody „{2}”. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Określ parametr StringComparison w celu osiągnięcia poprawności + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - Używanie modyfikatorów „statycznych” i „abstrakcyjnych” wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz https://aka.ms/dotnet-warnings/preview-features. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - Porównywanie ciągów za pomocą właściwości String.Length lub metody String.IsNullOrEmpty jest znacznie szybsze niż za pomocą metody Equals. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Testowanie pod kątem pustego ciągu wykonuj za pomocą właściwości „string.Length” lub metody „string.IsNullOrEmpty” zamiast sprawdzania pod kątem równości + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Sprawdzaj występowanie ciągów pustych za pomocą funkcji mierzenia długości ciągu + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - To wyrażenie sprawdza, czy wartość to Single.Nan lub Double.Nan. Użyj metody Single.IsNan(Single) lub Double.IsNan(Double), aby to sprawdzić. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Sprawdzaj poprawnie pod kątem wartości NaN + Test for NaN correctly Test for NaN correctly - Sprawdzaj poprawnie pod kątem wartości NaN + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - Pola „ThreadStatic“ powinny być inicjowane z opóźnieniem w użyciu, a nie z inicjacją śródwierszową ani jawnie w konstruktorze statycznym, co spowodowałoby zainicjowanie pola tylko w wątku, w którym działa konstruktor statyczny typu. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - Pola „ThreadStatic“ nie powinny używać inicjowania wbudowanego + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Nieprawidłowe inicjowanie pola „ThreadStatic“ + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - Element „ThreadStatic“ ma wpływ tylko na pola statyczne. Po zastosowaniu do pól wystąpienia, nie ma on wpływu na zachowanie. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Upewnij się, że element „ThreadStatic“ jest używany tylko z polami statycznymi + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - Element „ThreadStatic“ ma wpływ tylko na pola statyczne + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - Użyj pomocnika zgłaszania ArgumentException + Use ArgumentException throw helper Use ArgumentNullException throw helper - Użyj pomocnika zgłaszania ArgumentNullException + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - Użyj pomocnika zgłaszania ArgumentOutOfRangeException + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Użyj metody Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - Użycie indeksatora opartego na zakresie w przypadku wartości tablicy powoduje utworzenie kopii żądanej części tablicy. Ta kopia jest często niechciana, gdy jest niejawnie używana jako wartość Span lub Memory. Użyj metody AsSpan, aby uniknąć kopiowania. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Użyj metody „{0}” zamiast indeksatora opartego na elementu „{1}” w przypadku wartości „{2}”, aby uniknąć tworzenia niepotrzebnych kopii danych + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Użyj elementu „{0}” zamiast indeksatorów opartych na zakresie względem ciągu + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Użyj elementu „{0}” zamiast indeksatorów opartych na zakresie względem tablicy + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Użyj metody AsSpan lub AsMemory zamiast indeksatorów opartych na zakresie, gdy ma to zastosowanie + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Użycie indeksatora opartego na zakresie w przypadku wartości ciągu powoduje utworzenie kopii żądanej części ciągu. Ta kopia jest zwykle niepotrzebna, gdy jest niejawnie używana jako wartość ReadOnlySpan lub ReadOnlyMemory. Użyj metody AsSpan, aby uniknąć zbędnego kopiowania. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Użycie indeksatora opartego na zakresie w przypadku wartości tablicy powoduje utworzenie kopii żądanej części tablicy. Ta kopia jest zwykle niepotrzebna, gdy jest niejawnie używana jako wartość ReadOnlySpan lub ReadOnlyMemory. Użyj metody AsSpan, aby uniknąć zbędnego kopiowania. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - W metodzie zwracającej Task użyj asynchronicznej wersji metod, jeśli istnieją. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - Metoda „{0}” powoduje blokowanie synchroniczne. Zamiast tego używaj operatora await „{1}”. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - Metoda „{0}” powoduje blokowanie synchroniczne. Zamiast tego używaj operatora await. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Wywoływanie metod asynchronicznych w metodzie asynchronicznej + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Użyj tokenów zabezpieczających przed fałszerstwem w kontrolerach MVC ASP.NET Core + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Obsługa żądania POST, PUT, PATCH lub DELETE bez weryfikacji tokenu zabezpieczającego przed fałszerstwem może prowadzić do podatności na ataki z wykorzystaniem fałszerstwa żądania międzywitrynowego. Atak z wykorzystaniem fałszerstwa żądania międzywitrynowego może wysyłać złośliwe żądania od uwierzytelnionego użytkownika do kontrolera MVC ASP.NET Core. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Metoda {0} obsługuje żądanie {1} bez przeprowadzania weryfikacji tokenu zabezpieczającego przed fałszerstwem. Należy również upewnić się, że formularz HTML wysyła token zabezpieczający przed fałszerstwem. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Zamień na element „CancellationToken.ThrowIfCancellationRequested” + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - Polecenie „ThrowIfCancellationRequested” automatycznie sprawdza, czy token został anulowany, i zgłasza wyjątek „OperationCanceledException”, jeśli go ma. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Użyj polecenia „ThrowIfCancellationRequested” zamiast sprawdzania elementu „IsCancellationRequested” i zgłaszania wyjątku „OperationCanceledException” + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - Użyj polecenia „ThrowIfCancellationRequested” + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - Użycie konkretnych typów pozwala uniknąć narzutu wywołań wirtualnych lub interfejsu i umożliwia podkreślenie. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Zmień typ pola „{0}” z „{1}” na „{2}”, aby zwiększyć wydajność + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Zmień typ zmiennej „{0}” z „{1}” na „{2}”, aby zwiększyć wydajność + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Zmień zwracany typ metody „{0}” z „{1}” na „{2}”, aby zwiększyć wydajność + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Zmień typ parametru „{0}” z „{1}” na „{2}”, aby zwiększyć wydajność + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Zmień typ właściwości „{0}” z „{1}” na „{2}”, aby zwiększyć wydajność + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Używaj konkretnych typów, aby zwiększyć wydajność – gdy jest to możliwe + Use concrete types when possible for improved performance Use Container Level Access Policy - Użyj zasad dostępu na poziomie kontenera + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Nie określono identyfikatora zasad dostępu, co powoduje, że tokeny są nieodwoływalne. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Jeśli to możliwe, rozważ użycie kontroli dostępu opartej na rolach platformy Azure zamiast sygnatury dostępu współdzielonego (SAS). Jeśli nadal chcesz używać sygnatury SAS, podczas jej tworzenia użyj zasad dostępu na poziomie kontenera. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - Użyj atrybutu DefaultDllImportSearchPaths dla elementów P/Invoke + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - Domyślnie elementy P/Invoke korzystające z atrybutu DllImportAttribute sondują określoną liczbę katalogów, w tym bieżący katalog roboczy biblioteki do załadowania. Może to stanowić problem z zabezpieczeniami dla pewnych aplikacji i prowadzić do przejęcia biblioteki DLL. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - Metoda {0} nie korzystała z atrybutu DefaultDllImportSearchPaths dla elementów P/Invoke. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Użyj równoważnego kodu, który działa, gdy kierowanie jest wyłączone + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - Element „Environment. CurrentManagedThreadId” jest prostszy i szybszy niż element „Thread.CurrentThread. ManagedThreadId”. + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - Użyj elementu „Environment.CurrentManagedThreadId” + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Użyj elementu „Environment. CurrentManagedThreadId” zamiast elementu „Thread.CurrentThread.ManagedThreadId” + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - Użyj elementu „Environment.CurrentManagedThreadId” + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - Element „Environment.ProcessId” jest prostszy i szybszy niż element „Process.GetCurrentProcess().Id”. + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - Użyj elementu „Environment.ProcessId” + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Użyj elementu „Environment.ProcessId” zamiast elementu „Process.GetCurrentProcess().Id” + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - Użyj elementu „Environment.ProcessId” + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - Element „Environment.ProcessPath” jest prostszy i szybszy niż element „Process.GetCurrentProcess(). MainModule.FileName”. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Użyj ścieżki „Environment.ProcessPath” + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Użyj elementu „Environment.ProcessPath” zamiast elementu „Process.GetCurrentProcess ().MainModule.FileName” + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Użyj ścieżki „Environment.ProcessPath” + Use 'Environment.ProcessPath' Use indexer - Użyj indeksatora + Use indexer Use an invariant version - Użyj niezmiennej wersji + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Metoda wywoływania systemu operacyjnego jest zdefiniowana, a metoda mająca odpowiadającą jej funkcję znajduje się w bibliotece klas platformy .NET Framework. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Używaj zarządzanych odpowiedników funkcji win32 api + Use managed equivalents of win32 api Use managed equivalents of win32 api - Używaj zarządzanych odpowiedników funkcji win32 api + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - Użyj pomocnika zgłaszania ObjectDisposedException + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Operacja porównywania ciągów nieuwzględniająca zasad języka nie ustawia parametru StringComparison na wartość Ordinal ani OrdinalIgnoreCase. Jawne ustawienie parametru na wartość StringComparison.Ordinal lub StringComparison.OrdinalIgnoreCase umożliwia często przyspieszenie kodu oraz zwiększenie jego poprawności i niezawodności. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Użyj porównywania ciągów porządkowych + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Metoda Enumerable.Count() może potencjalnie wyliczyć sekwencję, podczas gdy właściwość Length/Count stanowi dostęp bezpośredni. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Użyj właściwości „{0}” zamiast metody Enumerable.Count() + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Użyj właściwości Length/Count zamiast metody Count(), gdy jest to możliwe + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Użyj algorytmu Rivest-Shamir-Adleman (RSA) z wystarczającym rozmiarem klucza + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Algorytmy szyfrowania z kluczem o zbyt małym rozmiarze są podatne na ataki siłowe. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Rozmiar klucza algorytmu szyfrowania asymetrycznego {0} jest mniejszy niż 2048. Przełącz się na algorytm RSA z kluczem o rozmiarze co najmniej 2048, algorytm ECDH lub algorytm ECDSA. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Aplikacje dostępne za pośrednictwem protokołu HTTPS muszą korzystać z bezpiecznych plików cookie. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - Użyj właściwości SharedAccessProtocol HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - Protokół HTTPS szyfruje ruch sieciowy. Użyj właściwości HttpsOnly, a nie HttpOrHttps, aby ruch sieciowy był zawsze szyfrowany i aby zapobiec ujawnieniu poufnych danych. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Jeśli to możliwe, rozważ użycie kontroli dostępu opartej na rolach platformy Azure zamiast sygnatury dostępu współdzielonego (SAS). Jeśli nadal chcesz używać sygnatury SAS, określ właściwość SharedAccessProtocol.HttpsOnly. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Użyj polecenia „Clear()” + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - Użycie opcji „Wyczyść” zamiast opcji „Wypełnij” z wartością domyślną jest efektywniejsze. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - Preferuj polecenie „Span<T>. Clear()” zamiast „Span<T>. Fill(domyślnie)” + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - Preferuj opcję „Wyczyść” niż „Wypełnij” + Prefer 'Clear' over 'Fill' Use 'StartsWith' - Użyj instrukcji „StartsWith” + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - Użycie instrukcji „StartsWith” jest wyraźniejsze i szybsze niż porównywanie wyniku „IndexOf” z wartością zero. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Użyj instrukcji „StartsWith” zamiast porównywania wyniku „IndexOf” z wartością 0 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - Użyj instrukcji „StartsWith” zamiast „IndexOf” + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - Użyj ciągu „string. Equals” + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - Użycie ciągu „string.Equals” jest wyraźniejsze i prawdopodobnie szybsze zamiast porównywania wyniku „string.Compare” z zerem. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Użyj ciągu „string.Equals” zamiast porównywania wyniku ciągu „string.Compare” z wartością 0 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - Użyj ciągu „string. Equals” - - - - Use 'AsSpan' with 'string.Concat' - Użyj ciągu „AsSpan” z ciągiem „String.Concat” - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - Bardziej wydajne jest użycie ciągów „AsSpan” i "string.Concat", zamiast ciągu „Substring” i operatora złączenia. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Użyj ciągu „string.Concat” opartego na zakresie i ciągu „AsSpan” zamiast ciągu „Substring” - - - - Use span-based 'string.Concat' - Użyj ciągu „string.Concat” opartego na zakresie. - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - Ciąg „string.Contains(char)” jest dostępny jako przeciążenie o lepszej wydajności dla wyszukiwania pojedynczego znaku. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Użyj ciągu „string.Contains(char)”, zamiast ciągu „string.Contains(string)” podczas wyszukiwania pojedynczego znaku - - - - Use char literal for a single character lookup - Użyj literału char do wyszukiwania pojedynczego znaku + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Pomocnicy zgłaszania są prostsi i wydajniejsi niż blok if konstruujący nowe wystąpienie wyjątku. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - Użyj „{0}.{1}” + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Użyj „{0}.{1}” zamiast jawnego zgłaszania nowego wystąpienia wyjątku + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - Analizator zgodności platformy wymaga prawidłowej nazwy i wersji platformy. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - Wersja „{0}” jest nieprawidłowa dla platformy „{1}”. Użyj wersji z 2{2} częściami dla tej platformy. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - Wersja „{0}” nie jest prawidłowa dla platformy „{1}”. Nie używaj wersji dla tej platformy. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Użyj prawidłowego ciągu platformy + Use valid platform string The platform '{0}' is not a known platform name - Platforma „{0}” nie jest znaną nazwą platformy + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - Elementy ValueTask zwracane przez wywołania elementów członkowskich są przeznaczone do bezpośredniego oczekiwania. Próby wielokrotnego użycia elementu ValueTask lub uzyskania bezpośredniego dostępu do wyniku elementu zanim jest wiadomo, że został on zakończony, mogą spowodować wystąpienie wyjątku lub uszkodzenia. Zignorowanie takiego elementu ValueTask prawdopodobnie wskazuje na usterkę funkcjonalną i może obniżyć wydajność. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - Nie należy bezpośrednio uzyskiwać dostępu do wystąpień elementu ValueTask, chyba że wystąpienie jest już zakończone. W przeciwieństwie do zadań, wywołanie elementu Result lub GetAwaiter().GetResult() nie gwarantuje blokowania do momentu zakończenia operacji. Jeśli nie można po prostu oczekiwać na wystąpienie, zastanów się nad sprawdzeniem w pierwszej kolejności jego właściwości IsCompleted (lub założeniem, że ma wartość true, jeśli wiesz, że tak jest). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - Wystąpienia elementu ValueTask powinny być używane tylko raz, na przykład za pośrednictwem operatora await. Wielokrotne użycie tego samego wystąpienia elementu ValueTask może spowodować zgłaszanie wyjątków i uszkodzenie danych. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Wystąpienia elementu ValueTask zwracane przez wywołania metod powinny być w sposób bezpośredni oczekiwane, zwracane lub przekazywane jako argumenty do wywołania innych metod. Inne użycie, takie jak zapisanie wystąpienia w elemencie lokalnym lub w polu, prawdopodobnie wskazuje na usterkę, ponieważ wystąpienia elementu ValueTask mogą być zawsze używane tylko raz. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Wystąpienia elementów ValueTask zwracane przez wywołania metod powinny zawsze zostać użyte, zazwyczaj przez oczekiwanie. Jeśli tak się nie dzieje, często oznacza to usterkę funkcjonalną, ale nawet jeśli usterka nie występuje, może to spowodować obniżenie wydajności, jeśli metoda docelowa grupuje obiekty w pule do użycia za pomocą elementów ValueTask. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - Użyj elementów ValueTask poprawnie + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Przetwarzanie pliku XML na podstawie niezaufanych danych może spowodować załadowanie niebezpiecznych odwołań zewnętrznych, które powinny zostać ograniczone za pomocą czytnika XmlReader z bezpiecznym programem rozpoznawania nazw lub wyłączonym przetwarzaniem elementów DTD. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - Użyj elementu XmlReader dla metody „DataSet.ReadXml()” + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - Użyj elementu XmlReader dla metody „XmlSerializer.Deserialize()” + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - Użyj elementu XmlReader dla metody „XmlSchema.Read()” + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - Użyj elementu XmlReader dla konstruktora XmlValidatingReader + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - Użyj elementu XmlReader dla konstruktora XPathDocument + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - To przeciążenie metody „{0}.{1}” jest potencjalnie niebezpieczne. Być może włącza definicję typu dokumentu podatną na ataki typu „odmowa usługi” lub używa elementu XmlResolver podatnego na ujawnienie informacji. Użyj zamiast tego przeciążenia, które przyjmuje wystąpienie elementu XmlReader, ma wyłączone przetwarzanie definicji typu dokumentu i nie używa elementu XmlResolver. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - „{0}” używa typu w wersji zapoznawczej „{1}” i wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} „{0}” używa typu w wersji zapoznawczej „{1}” i wymaga wyrażenia zgody na korzystanie z funkcji w wersji zapoznawczej. Aby uzyskać więcej informacji, zobacz {2}. - - - - Use 'TryGetValue(TKey, out TValue)' - Użyj polecenia „TryGetValue(TKey, out TValue)” - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Preferuj metodę „IDictionary.TryGetValue(TKey, out TValue)” - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Preferuj wywołanie „TryGetValue” względem dostępu indeksatora słownika chronionego przez kontrolę „ContainsKey”, aby uniknąć podwójnego wyszukiwania - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Preferuj wywołanie „TryGetValue” względem dostępu indeksatora słownika chronionego przez kontrolę „ContainsKey”. Element „ContainsKey” i indeksator wyszukają klucz pod maską, więc użycie polecenia „TryGetValue” spowoduje usunięcie dodatkowego wyszukiwania. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf index 55b8d790a3..78f0af077f 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf @@ -4,52 +4,52 @@ Add the 'NonSerialized' attribute to this field. - Adicione o atributo 'NonSerialized' a esse campo. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Adicionar o atributo Serializable + Add Serializable attribute Review cipher mode usage with cryptography experts - Examine o uso do modo de criptografia com especialistas em criptografia + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Esses modos de criptografia podem ser vulneráveis a ataques. Considere o uso dos modos recomendados (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Examine o uso do modo de criptografia '{0}' com especialistas em criptografia. Considere o uso dos modos recomendados (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - O parâmetro literal de cadeia de caracteres de um atributo não é analisado corretamente para uma URL, um GUID ou uma versão. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - No construtor de '{0}', altere o valor do argumento '{1}', o qual atualmente é "{2}", para algo que possa ser analisado corretamente como '{3}' + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - No construtor de '{0}', altere o valor do argumento '{1}', o qual é uma cadeia de caracteres vazia (""), para algo que possa ser analisado corretamente como '{2}' + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Literais de cadeias de caracteres de atributos devem ser analisados corretamente + Attribute string literals should parse correctly Extract to static readonly field - Extrair para o campo somente leitura estático + Extract to static readonly field @@ -64,512 +64,512 @@ Avoid constant arrays as arguments - Evite matrizes constantes como argumentos + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - O marshaling de 'StringBuilder' sempre cria uma cópia de buffer nativo, resultando em várias alocações para uma operação de marshalling. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Evite os parâmetros 'StringBuilder' para P/Invokes. Nesse caso, considere usar um buffer de caractere. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - Evite os parâmetros 'StringBuilder' para P/Invokes + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - A biblioteca de classes .NET Framework oferece métodos para recuperar atributos personalizados. Por padrão, esses métodos pesquisam a hierarquia de herança de atributos. Selar o atributo elimina a pesquisa por meio da hierarquia de herança e pode melhorar o desempenho. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Evitar atributos não selados + Avoid unsealed attributes Avoid unsealed attributes - Evitar atributos não selados + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Evite alocações de matriz de comprimento zero desnecessárias. Use {0} em vez disso. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Evite alocações de matriz de comprimento zero + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis sem um SerializationBinder para restringir o tipo de objetos no grafo de objetos desserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Verifique se o BinaryFormatter.Binder está definido antes de chamar o BinaryFormatter.Deserialize + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis sem um SerializationBinder para restringir o tipo de objetos no grafo de objetos desserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - Não chame BinaryFormatter.Deserialize sem primeiro definir BinaryFormatter.Binder + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis. Se, nesse caso, você precisar detectar a desserialização de BinaryFormatter sem um conjunto de SerializationBinder, desabilite a regra CA2300 e habilite as regras CA2301 e CA2302. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Não use o desserializador BinaryFormatter não seguro + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' espera o número de bytes a serem copiados para o argumento 'count'. O uso de 'Array.Length' pode não corresponder ao número de bytes que precisam ser copiados. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' espera o número de bytes a serem copiados para o argumento 'count'. O uso de 'Array.Length' pode não corresponder ao número de bytes que precisam ser copiados. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - 'Buffer.BlockCopy' espera o número de bytes a serem copiados para o argumento 'count' + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Um método que é uma implementação de Descarte não chama GC.SuppressFinalize; um método que não é uma implementação de Descarte chama GC.SuppressFinalize ou um método chama GC.SuppressFinalize e passa algo diferente disso (Me no Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Altere {0} para chamar {1}. Isso impedirá que tipos derivados que introduzem um finalizador precisem reimplementar 'IDisposable' para chamá-lo. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Altere {0} para chamar {1}. Isso impedirá a finalização desnecessária do objeto assim que ele for descartado e sair do escopo. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} chama {1} em algo diferente dele mesmo. Altere o local da chamada para passar 'this' em vez disso ('Me' no Visual Basic). + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} chama {1}, um método que geralmente só é chamado de dentro de uma implementação de 'IDisposable.Dispose'. Consulte o padrão IDisposable para obter mais informações. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Os métodos Dispose devem chamar SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - O atributo ConstantExpected não está aplicado corretamente no parâmetro. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Uso incorreto do atributo ConstantExpected + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - O atributo ConstantExpected é necessário para o parâmetro devido à anotação do método pai + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - O valor '{0}' não é compatível com o tipo de parâmetro de '{1}' + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - O valor '{0}' não cabe dentro dos limites do valor do parâmetro de '{1}' para '{2}' + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - A constante não é do mesmo tipo '{0}' do parâmetro + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Os valores Min e Max são invertidos + The Min and Max values are inverted The argument should be a constant for optimal performance - O argumento deve ser uma constante para desempenho ideal + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - O tipo '{0}' não é suportado para o atributo ConstantExpected + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - A constante não cabe dentro dos limites de valor de '{0}' para '{1}' + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - O parâmetro espera uma constante para desempenho ideal. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Espera-se uma constante para o parâmetro + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Ao desserializar uma entrada não confiável, a desserialização de um objeto {0} não é segura. '{1}' é {0} ou deriva-se dele + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - O tipo DataSet ou DataTable não seguro foi encontrado em um grafo de objetos desserializável + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - Durante a desserialização de uma entrada não confiável com um serializador baseado em IFormatter, não é seguro desseriliarizar um objeto {0}. '{1}' é um objeto {0} ou deriva-se dele. Garanta que o tipo gerado automaticamente nunca seja desserializado usando dados não confiáveis. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Um DataSet ou uma DataTable não segura em um tipo serializável gerado automaticamente pode ser vulnerável a ataques de execução remota de código + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Ao desserializar uma entrada não confiável, a desserialização de um objeto {0} não é segura. '{1}' é {0} ou deriva-se dele + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Um DataSet ou uma DataTable não segura em um grafo de objetos desserilizado pode ser vulnerável a ataques de execução de código remota + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - Ao desserializar uma entrada não confiável com um serializador baseado no IFormatter, a desserialização de um objeto {0} não é segura. '{1}' é {0} ou deriva-se dele. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Um DataSet ou uma DataTable não segura em um tipo serializável pode ser vulnerável a ataques de execução de código remota + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Ao desserializar uma entrada não confiável, a desserialização de um objeto {0} não é segura. '{1}' é {0} ou deriva-se dele + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - DataSet ou DataTable não segura em um tipo serializável + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Ao desserializar uma entrada não confiável, a desserialização de um objeto {0} não é segura. '{1}' é {0} ou deriva-se dele + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Tipo DataSet ou DataTable não seguro no grafo de objetos desserializável da Web + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis. Verifique se a classe gerada automaticamente que contém a chamada '{0}' não foi desserializada usando dados não confiáveis. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Verifique se a classe gerada automaticamente que contém DataSet.ReadXml() não é usada com algum dado não confiável + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - O método '{0}' não é seguro durante a desserialização de dados não confiáveis + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - Não use DataSet.ReadXml() quando os dados não são confiáveis + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - O método '{0}' não é seguro durante a desserialização de dados não confiáveis + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - Não use DataTable.ReadXml() quando os dados não são confiáveis + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - Os HttpClients devem habilitar as verificações da lista de certificados revogados + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient é criado sem habilitar CheckCertificateRevocationList + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Não Adicione Certificados Ao Armazenamento Raiz + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - A adição de certificados aos certificados raiz confiáveis do sistema operacional aumenta o risco de autenticar incorretamente um certificado ilegítimo + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - Não usar CreateEncryptor com IV não padrão + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - A criptografia simétrica usa um vetor de inicialização não padrão, que pode ser repetido + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Usar Cookies Seguros no ASP.Net Core + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Defina CookieOptions.Secure = true ao configurar um cookie + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - Não Use a Função de Derivação de Chaves Fraca com uma Contagem de Iteração Insuficiente + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Use pelo menos {0} iterações ao derivar uma chave de criptografia de uma senha. Por padrão, a IterationCount de Rfc2898DeriveByte é de apenas 1000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Versões de protocolo mais antigas do TLS (protocolo TLS) são menos seguras do que TLS 1.2 e TLS 1.3, e a probabilidade de que tenham novas vulnerabilidades é maior. Evite versões de protocolo mais antigas para minimizar o risco. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - A versão do protocolo TLS '{0}' foi preterida. Use 'None' para permitir que o Sistema Operacional escolha uma versão. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - Não usar valores de SslProtocols preteridos + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}” deriva da classe de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2}para obter mais informações. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}“{0}” deriva da classe de visualização“{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2}para obter mais informações. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Um assembly precisa optar por visualizar recursos antes de usá-los. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - Usar “{0}” requer a aceitação dos recursos de visualização. Consulte {1} para obter mais informações. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2}Usar “{0}” requer a aceitação dos recursos de visualização. Consulte {1} para obter mais informações. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Esta API requer a aceitação de recursos de visualização + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Um tipo que implementa System.IDisposable declara campos dos tipos que também implementam IDisposable. O método Dispose do campo não é chamado pelo método Dispose do tipo declarativo. Se você for responsável por alocar e liberar os recursos não gerenciados mantidos pelo campo, chame Dispose nos campos de tipos que implementam IDisposable para corrigir uma violação dessa regra. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - '{0}' contém o campo '{1}' que é do tipo IDisposable '{2}', mas nunca é descartado. Altere o método Dispose em '{0}' para chamar Close ou Dispose neste campo. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Campos descartáveis devem ser descartados + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Um tipo que implementa System.IDisposable e tem campos que sugerem o uso de recursos não gerenciados não implementa um finalizador, conforme descrito por Object.Finalize. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Tipos descartáveis devem declarar finalizador + Disposable types should declare finalizer Disposable types should declare finalizer - Tipos descartáveis devem declarar finalizador + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Um tipo que implementa System.IDisposable é herdado de um tipo que também implementa IDisposable. O método Dispose do tipo herdado não chama o método Dispose do tipo pai. Para corrigir uma violação dessa regra, chame base.Dispose no método Dispose. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Verifique se o método '{0}' chama '{1}' em todos os caminhos de fluxo de controle possíveis + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Métodos Dispose devem chamar o descarte da classe base + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Se um objeto descartável não for explicitamente descartado antes de todas as referências a ele ficarem fora do escopo, o objeto será descartado em um momento indeterminado quando o coletor de lixo executar o finalizador do objeto. Como pode ocorrer um evento excepcional que impedirá a execução do finalizador do objeto, o objeto deverá ser explicitamente descartado. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Use o padrão de descarte recomendado para garantir que o objeto criado por '{0}' seja descartado em todos os caminhos. Se possível, encapsule a criação em uma instrução 'using' ou em uma declaração 'using'. Caso contrário, use um padrão try-finally, com uma variável local dedicada declarada antes da região try e uma invocação de Dispose incondicional em um valor que não seja nulo na região 'finally', como 'x?.Dispose()'. Se o objeto for descartado explicitamente dentro da região try ou se a propriedade do descarte for transferida para outro objeto ou método, atribua 'null' à variável local logo após essa operação para evitar um descarte duplo em 'finally'. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Use o padrão de descarte recomendado para garantir que o objeto criado por '{0}' seja descartado em todos os caminhos de exceção. Se possível, encapsule a criação em uma instrução 'using' ou em uma declaração 'using'. Caso contrário, use um padrão try-finally, com uma variável local dedicada declarada antes da região try e uma invocação de Dispose incondicional em um valor que não seja nulo na região 'finally', como 'x?.Dispose()'. Se o objeto for descartado explicitamente dentro da região try ou se a propriedade do descarte for transferida para outro objeto ou método, atribua 'null' à variável local logo após essa operação para evitar um descarte duplo em 'finally'. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Chame System.IDisposable.Dispose no objeto criado por '{0}' antes que todas as referências a ele fiquem fora do escopo + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - O objeto criado por '{0}' não foi descartado juntamente com todos os caminhos de exceção. Chame System.IDisposable.Dispose no objeto antes que todas as referências a ele fiquem fora do escopo. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Descartar objetos antes de perder o escopo + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Não Adicionar o Caminho do Item de Arquivo Morto ao Caminho do Sistema de Arquivos de Destino + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Ao extrair arquivos de um arquivo morto e usar o caminho do item do arquivo morto, verifique se o caminho é seguro. O caminho do arquivo morto pode ser relativo e levar ao acesso ao sistema de arquivos fora do caminho de destino do sistema de arquivos esperado, causando alterações mal-intencionadas de configuração e execução remota de código por meio da técnica de espera passiva. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Quando você criar o caminho para '{0} no método {1}' por meio do caminho do item de arquivo morto relativo para extrair o arquivo e a fonte for um arquivo zip não confiável, limpe o '{2} no método {3}' do caminho do item de arquivo morto relativo + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - Não Adicione O Esquema Por URL + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - Esta sobrecarga do método XmlSchemaCollection.Add habilita internamente o processamento de DTD na instância do leitor de XML usada e usa UrlResolver para resolver entidades externas do XML. O resultado é a divulgação não autorizada de informação. O conteúdo do sistema de arquivos ou dos compartilhamentos de rede do computador que processa o XML pode ser exposto a um invasor. Além disso, um invasor pode usar isso como um vetor de DoS. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Esta sobrecarga do método Add possivelmente não é segura porque pode resolver referências externas perigosas + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Ao definir os representantes de validação de TokenValidationParameter críticos como verdadeiros, as proteções de autenticação importantes serão desabilitadas, o que pode fazer com que os tokens de qualquer emissor ou tokens expirados sejam erroneamente validados. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - O {0} é definido como uma função que sempre retorna verdadeiro. Ao definir o representante de validação, você está substituindo a validação padrão e, ao retornar sempre verdadeiro, esta validação ficará completamente desabilitada. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Nem sempre a validação no token de omissão em representantes + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - A Desserialização Não Segura é uma vulnerabilidade que ocorre quando dados não confiáveis são usados para explorar a lógica de um aplicativo, causar um ataque de negação de serviço (DoS) ou até mesmo executar código arbitrário durante a desserialização. É frequentemente possível que usuários mal-intencionados explorem essas funcionalidades da desserialização quando o aplicativo desserializa dados não confiáveis sob seu controle. Especificamente, eles invocam métodos perigosos no processo de desserialização. Ataques de desserialização não segura bem sucedidos podem permitir que um invasor realize ataques como ataques de Negação de Serviço, bypass de autenticação e execução remota de código. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - Ao desserializar uma instância da classe '{0}', o método '{1}' pode chamar direta ou indiretamente um método perigoso '{2}' + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Não Chame Métodos Perigosos Durante a Desserialização + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> e Enumerable.OfType<T> requerem tipos compatíveis para funcionar corretamente. -A conversão genérica (IL 'unbox.any') usada pela sequência retornada por Enumerable.Cast<T> lançará InvalidCastException em tempo de execução em elementos dos tipos especificados. -A verificação de tipo genérico (C# 'is' operator/IL 'isinst') usada por Enumerable.OfType<T> nunca terá êxito com elementos de tipos especificados, resultando em uma sequência vazia. -Ampliação e conversões definidas pelo usuário não são compatíveis com tipos genéricos. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - O tipo '{0}' é incompatível com o tipo '{1}' e as tentativas de conversão lançarão InvalidCastException em tempo de execução + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - Essa chamada sempre resultará em uma sequência vazia porque o tipo '{0}' é incompatível com o tipo '{1}' + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Não chame Enumerable.Cast<T> ou Enumerable.OfType<T> com tipos incompatíveis + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - Não chamar {0} em um valor {1} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - Não chamar ToImmutableCollection em um valor ImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource tem construtores que assumem o TaskCreationOptions que controla a Tarefa subjacente e construtores que assumem o estado do objeto armazenado na tarefa. Passar acidentalmente um TaskContinuationOptions em vez de um TaskCreationOptions fará com que a chamada trate as opções como estado. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Substitua TaskContinuationOptions por TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - O argumento contém a enumeração TaskContinuationsOptions em vez da enumeração TaskCreationOptions + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - O argumento passado para o construtor TaskCompletionSource deve ser a enumeração TaskCreationOptions em vez da enumeração TaskContinuationOptions + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Não crie tarefas, a menos que você esteja usando uma das sobrecargas que aceita um TaskScheduler. O padrão é agendar no TaskScheduler.Current, que levaria a deadlocks. Use TaskScheduler.Default para agendar no pool de threads ou passar explicitamente o TaskScheduler.Current para tornar suas intenções claras. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Não crie tarefas sem passar um TaskScheduler + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Não crie tarefas sem passar um TaskScheduler + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - Adicionar um finalizador a um tipo derivado de MemoryManager<T> pode permitir que a memória seja liberada enquanto ela ainda está em uso por um Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - Adicionar um finalizador a um tipo derivado de MemoryManager<T> pode permitir que a memória seja liberada enquanto ela ainda está em uso por um Span<T> + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - Não definir finalizadores para tipos derivados do MemoryManager<T> + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Não Desabilitar Validação do Certificado + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Um certificado pode ajudar a autenticar a identidade do servidor. Os clientes devem validar o certificado do servidor para garantir que as solicitações são enviadas para o servidor pretendido. Se o ServerCertificateValidationCallback sempre retorna 'true', qualquer certificado irá passar a validação. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - O ServerCertificateValidationCallback é definido como uma função que aceita qualquer certificado de servidor, retornando sempre true. Certifique-se de que os certificados de servidor são validados para verificar a identidade do servidor de recebimento de pedidos. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - Usar HttpClient sem fornecer um manipulador específico de plataforma (WinHttpHandler ou CurlHandler ou HttpClientHandler) em que a propriedade CheckCertificateRevocationList está definida como true permitirá que os certificados revogados sejam aceitos pelo HttpClient como válidos. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - Não Desabilite a Verificação de Cabeçalho HTTP + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - A verificando de cabeçalho HTTP habilita a codificação dos caracteres de nova linha e de retorno de carro, \r e \n, que se encontram em cabeçalhos de resposta. Essa codificação pode ajudar a evitar ataques de injeção que exploram um aplicativo que ecoa dados não confiáveis contidos no cabeçalho. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - Não desabilite a verificação de cabeçalho HTTP + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - Não Desabilite a Validação de Solicitação + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - A validação de solicitação é um recurso do ASP.NET que examina as solicitações HTTP e determina se elas contêm conteúdo possivelmente perigoso. Essa verificação adiciona proteção de marcação ou de código na cadeia de consulta da URL, nos cookies ou nos valores de formulário postados que possam ter sido adicionados com intenção maliciosa. Portanto, ela geralmente é desejável e deve permanecer habilitada para aumentar a proteção. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - {0} tem uma validação de solicitação desabilitada + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Não Desabilitar Uso de Criptografia Forte SChannel + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - Iniciando com o .NET Framework 4.6, é recomendado que as classes System.Net.ServicePointManager e System.Net.Security.SslStream usem os novos protocolos. Os antigos têm vulnerabilidades de protocolo e não contam com suporte. A configuração de Switch.System.Net.DontEnableSchUseStrongCrypto como true fará com que a verificação de criptografia fraca antiga seja usada e que a migração de protocolo seja recusada. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - O {0} desabilita o TLS 1.2 e habilita o SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - As verificações de validação dos tokens garantem que, ao validar os tokens, todos os aspectos sejam analisados e verificados. A desativação da validação pode resultar em falhas na segurança, permitindo que tokens não confiáveis sejam validados. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters.{0} não deve ser definido como falso, pois desativa validações importantes + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Não desative as verificações de validação de token + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Não defina Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols como true. Definir essa opção limita o WCF (Windows Communication Framework) a usar o protocolo TLS 1.0, que não é seguro e está obsoleto. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - Não desabilitar ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - Não proteger 'Dictionary.Remove(key)' com 'Dictionary.ContainsKey(key)'. O primeiro já verifica se a chave existe e não lançará se não existir. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - Não proteger 'Dictionary.Remove(key)' com 'Dictionary.ContainsKey(key)' + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Chamada desnecessária para 'Dictionary.ContainsKey(key)' + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Não embutir o certificado em código + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Os certificados embutidos em código no código-fonte são suscetíveis à exploração. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - Foi localizada uma possível vulnerabilidade de segurança na qual '{0}' no método '{1}' pode ter sido afetado pelo certificado embutido em código de '{2}' no método '{3}' + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Não embutir a chave de criptografia em código + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - A propriedade .Key de SymmetricAlgorithm ou o parâmetro rgbKey de um método nunca devem ser um valor embutido em código. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - Foi localizada uma possível vulnerabilidade de segurança na qual '{0}' no método '{1}' pode ter sido afetado pela chave embutida em código de '{2}' no método '{3}' + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - Por padrão, o repositório de certificados de Autoridades de Certificação Raiz Confiáveis é configurado com um conjunto de CAs públicas que atendem aos requisitos do Programa de Certificação Raiz da Microsoft. Como todas as CAs raiz confiáveis podem emitir certificados para qualquer domínio, um invasor pode escolher uma CA fraca ou coercível que você mesmo instala para atacar - e uma única CA vulnerável, maliciosa ou coercível prejudica a segurança de todo o sistema. Para piorar a situação, esses ataques podem passar despercebidos com bastante facilidade. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Diz-se que um objeto tem uma identidade fraca quando ele pode ser acessado diretamente entre os limites de domínio de aplicativo. Um thread que tenta adquirir um bloqueio em um objeto que tem uma identidade fraca pode ser bloqueado por um segundo thread em um domínio de aplicativo diferente que tenha um bloqueio no mesmo objeto. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Não bloquear objetos com identidade fraca + Do not lock on objects with weak identity Do not lock on objects with weak identity - Não bloquear objetos com identidade fraca + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Um método passa um literal de cadeia de caracteres como um parâmetro para um construtor ou um método na biblioteca de classes do .NET Framework e essa cadeia de caracteres deve ser traduzível. Para corrigir uma violação dessa regra, substitua o literal de cadeia de caracteres por uma cadeia de caracteres recuperada por meio de uma instância da classe ResourceManager. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - O método '{0}' passa uma cadeia de caracteres literal como o parâmetro '{1}' de uma chamada para '{2}'. Nesse caso, recupere as seguintes cadeias de caracteres de uma tabela de recursos: "{3}". + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Não passar literais como parâmetros localizados + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Uma exceção de tipo que não é suficientemente especificada nem reservada pelo tempo de execução nunca deve ser gerada pelo código do usuário. Isso torna o erro original difícil de ser detectado e depurado. Se esta instância de exceção puder ser gerada, use um tipo de exceção diferente. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - O tipo de exceção {0} está reservado pelo runtime + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - O tipo de exceção {0} não é específico o suficiente + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Não gerar tipos de exceção reservados + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - Não Serialize Tipos com Campos de Ponteiro + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Os ponteiros não são "type safe" no sentido de que você não pode garantir a exatidão da memória para a qual eles apontam. Portanto, a serialização de tipos com campos de ponteiro é perigosa, pois ela pode permitir que um invasor controle o ponteiro. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - O campo de ponteiro {0} em um tipo serializável + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Não Usar a Assinatura de Acesso Compartilhado da Conta + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - As SASs (Assinaturas de Acesso Compartilhado) são uma parte vital do modelo de segurança de qualquer aplicativo que use Armazenamento do Azure. Elas fornecem permissões limitadas e seguras à sua conta de armazenamento a clientes que não tenham a chave de conta. Todas as operações disponíveis por meio de uma SAS de serviço também estão disponíveis por meio de uma conta de SAS, ou seja, a SAS da conta é extremamente eficiente. Portanto, é recomendado usar as SAS de Serviço para delegar o acesso com mais cuidado. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Usar o Serviço SAS em vez da SAS de Conta para o controle de acesso refinado e política de acesso de nível de contêiner + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Não usar algoritmos de criptografia desfeitos + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - Existe um ataque que torna computacionalmente viável desfazer este algoritmo. Isso permite que os invasores desfaçam as garantias criptográficas que ele foi criado para fornecer. Dependendo do tipo e da aplicação desse algoritmo de criptografia, isso pode permitir que os invasores leiam e adulterem mensagens cifradas, forjem assinaturas digitais, adulterem conteúdo com hash ou, de outra forma, comprometam qualquer sistema de criptografia baseado nesse algoritmo. Substitua os usos de criptografia com o algoritmo AES (AES-256, AES-192 e AES-128 são aceitáveis) por um comprimento de chave maior ou igual a 128 bits. Substitua os usos de hash por uma função de hash na família SHA-2, tal como SHA512, SHA384 ou SHA256. A assinatura digital de substituição usa o RSA com um comprimento de chave maior ou igual a 2.048 bits ou o ECDSA com um comprimento de chave maior ou igual a 256 bits. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} usa um algoritmo de criptografia desfeito {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - Para coleções não vazias, CountAsync() e LongCountAsync() enumeram toda a sequência, enquanto AnyAsync() é interrompido no primeiro item ou no primeiro item que satisfaz uma condição. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - {0}() é usado onde AnyAsync() poderia ser usado para melhorar o desempenho + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - Não usar CountAsync() ou LongCountAsync() quando AnyAsync() puder ser usado + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - Para coleções não vazias, Count() e LongCount() enumeram toda a sequência, enquanto Any() é interrompido no primeiro item ou no primeiro item que satisfaz uma condição. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - {0}() é usado onde Any() poderia ser usado para melhorar o desempenho + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Não usar Count() ou LongCount() quando Any() puder ser usado + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - A criptografia simétrica sempre deve usar um vetor de inicialização que não possa ser repetido para evitar ataques de dicionário. - - - - Do Not Use Deprecated Security Protocols - Não Use Protocolos de Segurança Preteridos - - - - Using a deprecated security protocol rather than the system default is risky. - É arriscado usar um protocolo de segurança preterido em vez do padrão do sistema. - - - - Hard-coded use of deprecated security protocol {0} - Uso do protocolo de segurança preterido {0} embutido em código + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Não Usar o DSA (Algoritmo de Assinatura Digital) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - O DSA é muito fraco para ser usado. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - O algoritmo de criptografia assimétrica {0} é fraco. Mude para um RSA com um tamanho de chave de pelo menos 2048 ou para um algoritmo ECDH ou ECDSA. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Esta coleção é diretamente indexável. Passar pelo LINQ aqui gera alocações e trabalho de CPU desnecessários. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - Não use métodos Enumerable em coleções indexáveis. Em vez disso, use a coleção. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - Não use métodos Enumerable em coleções indexáveis + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Não usar aleatoriedade não segura + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - O uso de um gerador de números pseudoaleatórios criptograficamente fracos pode permitir que um invasor preveja qual valor sensível à segurança será gerado. Use um gerador de números aleatórios criptograficamente fortes se for necessário um valor imprevisível ou garanta que os números pseudoaleatórios fracos não sejam usados de uma maneira sensível à segurança. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} é um gerador de números aleatórios não seguro. Use geradores de números aleatórios criptograficamente seguros quando a aleatoriedade for necessária para segurança. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Não use a função de derivação de chave obsoleta + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - A derivação de chave com base em senha deve usar PBKDF2 com SHA-2. Evite usar PasswordDeriveBytes, pois ele gera uma chave PBKDF1. Evite usar Rfc2898DeriveBytes.CryptDeriveKey, pois ele não usa contagem de iteração nem salt. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Chamar a função de derivação de chave obsoleta {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - Os parâmetros de cadeia de caracteres passados por valor com 'OutAttribute' podem desestabilizar o runtime quando a cadeia de caracteres é interna. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - Não use 'OutAttribute' para o parâmetro de cadeia de caracteres '{0}' que é passado por valor. Caso seja necessário retornar o marshaling de dados modificados ao chamador, use a palavra-chave 'out' para passar a cadeia de caracteres por referência. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - Não use 'OutAttribute' em parâmetros de cadeia de caracteres para P/Invocações + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - Não passe um argumento com tipo de valor '{0}' para o método 'Equals' em 'ReferenceEqualityComparer'. Devido ao boxing de valor, esta chamada para 'Equals' pode retornar um resultado inesperado. Considere usar 'EqualityComparer' em vez disso, ou passar argumentos de tipo de referência se você pretende usar 'ReferenceEqualityComparer'. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - Os argumentos digitados por tipo de valor são colocados exclusivamente em caixas para cada chamada para esse método, portanto, o resultado pode ser inesperado. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - Não passe um argumento com tipo de valor '{0}' para 'ReferenceEquals'. Devido ao boxing de valor, esta chamada para 'ReferenceEquals' pode retornar um resultado inesperado. Considere usar 'Equals' em vez disso, ou passar argumentos de tipo de referência se você pretende usar 'ReferenceEquals'. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - Não use ReferenceEquals com tipos de valor + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - O espaço de pilha alocado por um stackalloc é liberado somente no final da invocação do método atual. O uso de um stackalloc em um loop pode resultar em um aumento ilimitado da pilha e em condições eventuais de excedente de pilha. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Possível excedente de pilha. Remova o stackalloc do loop. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - Não use stackalloc em loops + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Atividade periódica de alta frequência manterá a CPU ocupada e interferirá nos medidores de tempo ocioso para economia de energia que desligam o visor e os discos rígidos. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Não usar temporizadores que evitam alterações no estado de energia + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Não usar temporizadores que evitam alterações no estado de energia + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Não usar valor DllImportSearchPath não seguro + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - Pode haver uma DLL mal-intencionada nos diretórios de pesquisa de DLL padrão. Ou, dependendo do local de onde o seu aplicativo é executado, pode haver uma DLL mal-intencionada no diretório do aplicativo. Em vez disso, use um valor de DllImportSearchPath que especifique um caminho de pesquisa explícito. Os sinalizadores DllImportSearchPath pelos quais esta regra procura podem ser configurados em .editorconfig. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Uso de valor DllImportSearchPath não seguro {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - Usar 'WaitAll' com uma única tarefa pode resultar em perda de desempenho, aguardar ou retornar a tarefa. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - Substituir 'WaitAll' por um único 'Wait' + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - Não use 'WaitAll' com uma única tarefa + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Não usar algoritmos de criptografia fracos + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Os algoritmos de criptografia são afetados com o tempo à medida que os ataques avançam para que o invasor obtenha acesso a mais computação. Dependendo do tipo e da aplicação desse algoritmo de criptografia, uma degradação maior da força criptográfica dele pode permitir que os invasores leiam e adulterem mensagens cifradas, forjem assinaturas digitais, adulterem conteúdo com hash ou, de outra forma, comprometam qualquer sistema de criptografia baseado nesse algoritmo. Substitua os usos de criptografia com o algoritmo AES (AES-256, AES-192 e AES-128 são aceitáveis) por um comprimento de chave maior ou igual a 128 bits. Substitua os usos de hash por uma função de hash na família SHA-2, como SHA-2 512, SHA-2 384 ou SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} usa um algoritmo de criptografia fraco {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Garanta que o algoritmo da Função de Derivação de Chaves seja suficientemente forte + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Algumas implementações da classe Rfc2898DeriveBytes permitem que um algoritmo de hash seja especificado no parâmetro do construtor ou substituído na propriedade HashAlgorithm. Se um algoritmo de hash for especificado, ele deverá ser um SHA-256 ou superior. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - É possível que {0} esteja usando um algoritmo de hash fraco. Use o SHA256, o SHA384 ou o SHA512 para criar uma chave forte por meio de uma senha. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Ao derivar chaves de criptografia de entradas fornecidas pelo usuário, como uma senha, use a contagem de iteração suficiente (de pelo menos 100 mil). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - Usar 'WhenAll' com uma única tarefa pode resultar em perda de desempenho, aguardar ou retornar a tarefa. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Substituir chamada 'WhenAll' por argumento + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - Não use 'WhenAll' com uma única tarefa + Do not use 'WhenAll' with a single task Do Not Use XslTransform - Não Use XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - Não use XslTransform. Ele não restringe referências externas potencialmente perigosas. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - Fornecer uma interface funcional atribuída a 'DynamicInterfaceCastableImplementationAttribute' requer o recurso Membros da Interface Padrão, que não tem suporte no Visual Basic. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Não há suporte para o fornecimento de uma interface 'DynamicInterfaceCastableImplementation' Visual Basic suporte + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Não há suporte para o fornecimento de uma interface 'DynamicInterfaceCastableImplementation' Visual Basic suporte + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - O uso de recursos que exigem marshalling em tempo de execução quando o marshalling de tempo de execução está desabilitado resultará em exceções de tempo de execução. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - Tipos com '[StructLayout(LayoutKind.Auto)]' exigem que o marshalling em tempo de execução esteja habilitado + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - Os parâmetros por referência exigem que o marshalling em tempo de execução esteja habilitado + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Os delegados com tipos gerenciados como parâmetros ou o tipo de retorno exigem que o empacotamento de tempo de execução seja habilitado no assembly em que o delegado está definido + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - A troca de HResult requer que o marshalling em tempo de execução esteja habilitado + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - O uso de 'LCIDConversionAttribute' requer que o marshalling em tempo de execução esteja habilitado + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Os tipos de parâmetro gerenciado ou retorno exigem que o marshalling em tempo de execução esteja habilitado + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - Definir SetLastError como 'true' requer que o marshalling em tempo de execução esteja habilitado + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - As assinaturas varadic P/Invoke exigem que o marshalling em tempo de execução esteja habilitado + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - Propriedade, tipo ou atributo requer marshalling de tempo de execução + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - O tipo de “{0}” contém o tipo de visualização “{1}” ' e requer a aceitação dos recursos de visualização. Consulte {2} para obter mais informações. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3}O tipo de “{0}” contém o tipo de visualização “{1}” e requer a aceitação dos recursos de visualização. Consulte {2} para obter mais informações. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Encaminhe o parâmetro 'CancellationToken' para os métodos para garantir que as notificações de cancelamento da operação sejam propagadas corretamente ou passe o 'CancellationToken.None' explicitamente para indicar que ele está intencionalmente não propagando o token. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Encaminhe o parâmetro '{0}' para o método '{1}' ou passe o 'CancellationToken.None' explicitamente para indicar que ele está intencionalmente não propagando o token + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Encaminhe o parâmetro 'CancellationToken' para os métodos + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Evite codificar SecurityProtocolType {0}. Em vez disso, use SecurityProtocolType.SystemDefault para permitir que o sistema operacional escolha o melhor protocolo TLS a ser usado. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Evite codificar o valor SecurityProtocolType + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - As versões atuais do protocolo TLS poderão ser preteridas se forem localizadas vulnerabilidades. Evite codificar valores de SslProtocols para manter o seu aplicativo seguro. Use 'None' para permitir que o Sistema Operacional escolha uma versão. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Evite codificar SslProtocols '{0}' para garantir que o seu aplicativo permaneça seguro no futuro. Use 'None' para permitir que o Sistema Operacional escolha uma versão. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Evitar valores SslProtocols codificados + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - As interfaces matemáticas genéricas exigem que o próprio tipo derivado seja usado no parâmetro de tipo recorrente. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - O '{0}' requer que o parâmetro de tipo '{1}' seja preenchido com o tipo derivado '{2}' + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Usar o parâmetro de tipo correto + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Para corrigir uma violação desta regra, faça com que o método GetObjectData seja visível e substituível e verifique se todos os campos da instância estão incluídos no processo de serialização ou marcados explicitamente usando o atributo NonSerializedAttribute. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Adicione uma implementação de GetObjectData ao tipo {0} + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Torne o {0}.GetObjectData virtual e substituível + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Aumente a acessibilidade de {0}.GetObjectData para que ele seja visível para tipos derivados + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - Implementar ISerializable corretamente + Implement ISerializable correctly Implement inherited interfaces - Implementar interfaces herdadas + Implement inherited interfaces Implement Serialization constructor - Implementar um construtor de Serialização + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Para corrigir uma violação desta regra, implemente o construtor de serialização. Para uma classe selada, faça com que o Construtor seja privado, para outros casos, faça com que ele seja protegido. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Adicione um construtor a {0} com a seguinte assinatura: 'protected {0}(SerializationInfo info, StreamingContext context)'. + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Declare o construtor de serialização de {0}, um tipo selado, como privado. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Declare o construtor de serialização de {0}, um tipo não selado, como protegido. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Implementar construtores de serialização + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Um método que manipula um evento de serialização não tem a assinatura, o tipo de retorno ou a visibilidade correta. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Como {0} está marcado com OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, altere a assinatura para que ele não seja mais genérico + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Como {0} está marcado com OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, altere a assinatura para que ele receba um parâmetro do tipo 'System.Runtime.Serialization.StreamingContext' + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Como {0} está marcado com OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, altere o tipo de retorno de {1} para void (Sub no Visual Basic) + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Como {0} está marcado com OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, altere-o de static (Shared no Visual Basic) para um método de instância + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Como {0} está marcado com OnSerializing, OnSerialized, OnDeserializing ou OnDeserialized, altere a acessibilidade para particular + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Implementar métodos de serialização corretamente + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}” implementa a interface de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2} para obter mais informações. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}“{0}” implementa a interface de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2} para obter mais informações. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}” implementa o método de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2} para obter mais informações. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}“{0}” implementa o método de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2} para obter mais informações. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Um tipo de referência declara um construtor estático explícito. Para corrigir uma violação dessa regra, inicialize todos os dados estáticos quando estiverem declarados e remova o construtor estático. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Inicializar campos estáticos de tipo de referência embutida + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Inicializar todos os campos estáticos em '{0}' quando esses campos forem declarados e remover o construtor estático explícito + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Um tipo de valor declara um construtor estático explícito. Para corrigir uma violação dessa regra, inicialize todos os dados estáticos quando estiverem declarados e remova o construtor estático. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Inicializar campos estáticos de tipo de valor embutido + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Altere para chamar o construtor de dois argumentos, passe nulo para a mensagem. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - É feita uma chamada para o construtor padrão (sem parâmetro) de um tipo de exceção que é ArgumentException ou derivado dele, ou então um argumento de cadeia de caracteres incorreto é passado para um construtor parametrizado de um tipo de exceção que é ArgumentException ou derivado dele. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Trocar a ordem dos argumentos + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - O método {0} passa o nome de parâmetro '{1}' como o argumento {2} para um construtor {3}. Substitua este argumento por uma mensagem descritiva e passe o nome do parâmetro na posição correta. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - O método {0} passa '{1}' como o argumento {2} para um construtor {3}. Substitua este argumento por um dos nomes de parâmetro do método. Observe que o nome do parâmetro fornecido deve ter o uso exato de maiúsculas e minúsculas conforme declarado no método. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Chame o construtor {0} que contém uma mensagem e/ou um parâmetro paramName + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Instanciar exceções de argumentos corretamente + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - Os tipos atribuídos com 'DynamicInterfaceCastableImplementationAttribute' atuam como uma implementação de interface para um tipo que implementa o tipo 'IDynamicInterfaceCastable'. Como resultado, ele deve fornecer uma implementação de todos os membros definidos nas interfaces herdadas, porque o tipo que implementa 'IDynamicInterfaceCastable' não os fornecerá de outra forma. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - O tipo '{0}' tem o 'DynamicInterfaceCastableImplementationAttribute' aplicado a ele, mas não fornece uma implementação de todos os membros da interface definidos em interfaces herdadas + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Todos os membros declarados nas interfaces pai devem ter uma implementação em uma interface atributo DynamicInterfaceCastableImplementation + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis com um JavaScriptSerializer inicializado com um SimpleTypeResolver. Verifique se o JavaScriptSerializer é inicializado sem um JavaScriptTypeResolver especificado ou inicializado com um JavaScriptTypeResolver que limita os tipos de objetos no grafo de objetos desserializado. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Verifique se JavaScriptSerializer não foi inicializado com SimpleTypeResolver antes de desserializar + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis com um JavaScriptSerializer inicializado com um SimpleTypeResolver. Inicialize o JavaScriptSerializer sem um JavaScriptTypeResolver especificado ou inicialize com um JavaScriptTypeResolver que limita os tipos de objetos no grafo de objetos desserializado. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - Não desserialize com JavaScriptSerializer usando um SimpleTypeResolver + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar a desserialização por JsonSerializer, use TypeNameHandling.None ou, para valores diferentes de None, restrinja os tipos desserializados com um SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Não desserializar com JsonSerializer usando uma configuração insegura + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar JsonSerializerSettings, use TypeNameHandling.None ou, para valores diferentes de None, restrinja os tipos desserializados com um SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - Não use JsonSerializerSettings não seguro + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar a desserialização por JsonSerializer, use TypeNameHandling.None ou, para valores diferentes de None, restrinja os tipos desserializados com um SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Verificar se JsonSerializer tem uma configuração segura durante a desserialização + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Ao desserializar uma entrada não confiável, não é seguro permitir que tipos arbitrários sejam desserializados. Ao usar JsonSerializerSettings, verifique se TypeNameHandling.None está especificado ou, para valores diferentes de None, verifique se um SerializationBinder está especificado para restringir tipos desserializados. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Verifique se os JsonSerializerSettings são seguros + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - A desserialização do JSON ao usar um valor TypeNameHandling diferente de None pode não ser segura. Se você precisar detectar a desserialização do Json.NET quando um SerializationBinder não for especificado, desabilite a regra CA2326 e habilite as regras CA2327, CA2328, CA2329 e CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - A desserialização do JSON ao usar um valor TypeNameHandling diferente de None pode não ser segura. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - Não use valores TypeNameHandling diferentes de None + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Não use o desserializador LosFormatter não seguro + Do not use insecure deserializer LosFormatter Convert to static method - Converter para o método estático + Convert to static method Converting an instance method to a static method may produce invalid code - Converter um método de instância em um método estático pode produzir código inválido + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Tornar o construtor que usa zero parâmetros 'public' + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Um campo de instância de um tipo que não é serializável é declarado em um tipo que é serializável. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - O campo {0} é membro do tipo {1}, que é serializável, mas é do tipo {2}, que não é serializável + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Marcar todos os campos não serializáveis + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - O atributo NeutralResourcesLanguage informa o ResourceManager do idioma usado para renderizar os recursos de uma cultura neutra para um assembly. Isso melhorará o desempenho da pesquisa para o primeiro recurso carregado e poderá reduzir o conjunto de trabalho. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Marcar assemblies com NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Marcar assemblies com NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - O tipo de dados Boolean tem várias representações no código não gerenciado. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Adicione o MarshalAsAttribute ao parâmetro {0} de P/Invoke {1}. Se o parâmetro não gerenciado correspondente for 'BOOL' do Win32 de 4 bytes, use [MarshalAs(UnmanagedType.Bool)]. Para 'bool' do C++ de 1 byte, use MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Adicione o MarshalAsAttribute ao tipo de retorno de P/Invoke {0}. Se o tipo de retorno não gerenciado correspondente for 'BOOL' do Win32 de 4 bytes, use MarshalAs(UnmanagedType.Bool). Para 'bool' do C++ de 1 byte, use MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Marcar argumentos PInvoke boolianos com MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Para que sejam reconhecidos pelo Common Language Runtime como serializáveis, os tipos precisam ser marcados usando o atributo SerializableAttribute, mesmo quando o tipo usa uma rotina de serialização personalizada por meio da implementação da interface ISerializable. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Adicione [Serializable] a {0}, pois este tipo implementa ISerializable + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - Marque os tipos ISerializable com serializable + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Certifique-se de que a verificação da lista de certificados revogados do HttpClient não está desabilitada + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient pode ser criado sem habilitar CheckCertificateRevocationList + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Verifique Se Não Foram Adicionados Certificados ao Repositório Raiz + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - A adição de certificados aos certificados raiz confiáveis do sistema operacional não é segura. Verifique se o repositório de destino não é um repositório raiz. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Usar CreateEncryptor com o IV padrão + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - O vetor de inicialização não padrão, que pode ser repetível, é usado na criptografia. Garanta o uso do padrão. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Garantir o Uso de Cookies Seguros no ASP.Net Core + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Verifique se CookieOptions.Secure = true ao configurar um cookie + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Assegure uma Contagem de Iteração Suficiente ao Usar a Função de Derivação de Chaves Fraca + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Verifique se a contagem de iteração é de pelo menos {0} ao derivar uma chave de criptografia de uma senha. Por padrão, a IterationCount de Rfc2898DeriveByte é de apenas 1000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Como um tipo que implementa 'IDynamicInterfaceCastable' pode não implementar uma interface dinâmica em metadados, as chamadas para um membro da interface de instância que não é uma implementação explícita definida nesse tipo provavelmente falharão em runtime. Marque os novos membros da interface como "estáticos" para evitar erros de runtime. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - O membro '{0}' no tipo '{1}' deve ser marcado como 'static' como '{1}' tem o 'DynamicInterfaceImplementationAttribute' aplicado + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Os membros definidos em uma interface com 'DynamicInterfaceCastableImplementationAttribute' devem ser 'static' + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}” retorna o tipo de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2} para obter mais informações. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}“{0}” retorna o tipo de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2}para obter mais informações. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - “{0}” usa um parâmetro de visualização do tipo “{1}” e precisa aceitar os recursos de visualização. Consulte {2}para obter mais informações. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3}“{0}” usa um parâmetro de visualização do tipo “{1}” e precisa aceitar os recursos de visualização. Consulte {2}para obter mais informações. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Este método usa marshalling em tempo de execução mesmo quando o marshalling de tempo de execução está desabilitado, o que pode causar diferenças de comportamento inesperadas em tempo de execução devido a diferentes expectativas do layout nativo de um tipo. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - '{0}' usa marshalling de tempo de execução mesmo quando 'DisableRuntimeMarshallingAttribute' é aplicado. Use recursos como 'sizeof' e ponteiros diretamente para garantir resultados precisos. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Este método usa marshalling em tempo de execução mesmo quando o 'DisableRuntimeMarshallingAttribute' é aplicado + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Atributo HttpVerb ignorado para métodos de ação + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Todos os métodos que criam, editam, excluem ou modificam de qualquer forma os dados fazem isso na sobrecarga [HttpPost] do método, que precisa ser protegida com o atributo antifalsificação contra a falsificação de solicitações. A execução de uma operação GET deve ser uma operação segura que não tenha efeitos colaterais e não modifique os seus dados persistentes. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - O método de ação {0} precisa especificar explicitamente o tipo de solicitação HTTP + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Os inicializadores de módulo devem ser usados pelo código do aplicativo para garantir que os componentes de um aplicativo sejam inicializados antes que o código do aplicativo comece a ser executado. Se o código da biblioteca declara um método com o 'ModuleInitializerAttribute', ele pode interferir na inicialização do aplicativo e também levar a limitações nas habilidades de corte do aplicativo. Ao invés de usar métodos marcados com 'ModuleInitializerAttribute', a biblioteca deve expor os métodos que podem ser usados para inicializar quaisquer componentes dentro da biblioteca e permitir que o aplicativo invoque o método durante a inicialização do aplicativo. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - O atributo 'ModuleInitializer' destina-se apenas a ser usado no código do aplicativo ou em cenários avançados de gerador de origem + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - O atributo 'ModuleInitializer' não deve ser usado em bibliotecas + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis sem um SerializationBinder para restringir o tipo de objetos no grafo de objetos desserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Verifique se o NetDataContractSerializer.Binder está definido antes de desserializar + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis sem um SerializationBinder para restringir o tipo de objetos no grafo de objetos desserializado. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - Não desserialize sem primeiro definir NetDataContractSerializer.Binder + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis. Se, nesse caso, você precisar detectar a desserialização de NetDataContractSerializer sem um conjunto de SerializationBinder, desabilite a regra CA2310 e habilite as regras CA2311 and CA2312. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Não use o desserializador NetDataContractSerializer não seguro + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - As cadeias de caracteres devem ser normalizadas em maiúsculas. Um pequeno grupo de caracteres não podem fazer uma viagem de ida e volta quando são convertidos em minúsculas. Fazer uma viagem de ida e volta significa converter os caracteres de uma localidade em outra localidade que representa os dados de caractere de maneira diferente e, em seguida, recuperar de forma precisa os caracteres originais dos caracteres convertidos. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - No método '{0}', substitua a chamada para '{1}' por '{2}' + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Normalizar cadeias de caracteres em maiúsculas + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - O método '{0}' não é seguro durante a desserialização de dados não confiáveis. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Não use o desserializador ObjectStateFormatter não seguro + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}” substitui o método de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2}para obter mais informações. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}“{0}” substitui o método de visualização “{1}” e, portanto, precisa aceitar os recursos de visualização. Consulte {2}para obter mais informações. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Um método público ou protegido em um tipo público tem o atributo System.Runtime.InteropServices.DllImportAttribute (implementado também pela palavra-chave Declare no Visual Basic). Esses métodos não devem ser expostos. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - O método P/Invoke '{0}' não deve ser visível + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - P/Invokes não deve ser visível + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - e todas as outras plataformas + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - '{0}' todas as versões + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - O uso de uma API dependente da plataforma em um componente faz com que o código não funcione mais em todas as plataformas. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - '{0}' da versão {1} à {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Este site de chamadas pode ser acessado em todas as plataformas. "{0}" está obsoleto em: {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Este site de chamadas é acessível em: {2}. "{0}" está obsoleto em: {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Este site de chamada pode ser acessado em todas as plataformas. Só há suporte para '{0}' em: {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Este site de chamada pode ser acessado em: {2}. Só há suporte para '{0}' em: {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - Este site de chamada está inacessível em: {2}. Só há suporte para '{0}' em: {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Este site de chamada pode ser acessado em todas as plataformas. Há suporte para '{0}' em: {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Este site de chamada pode ser acessado em: {2}. Há suporte para '{0}' em: {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Validar a compatibilidade da plataforma + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Este site de chamada pode ser acessado em todas as plataformas. Não há suporte para '{0}' em: {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Este site de chamada pode ser acessado em: {2}. Não há suporte para '{0}' em: {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - '{0}' {1} e anteriores + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - '{0}' {1} e posteriores + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Examine o código que processa dados desserializados não confiáveis para o tratamento de ciclos de referência inesperados. Um ciclo de referência inesperado não deve fazer com que o código entre em um loop infinito. Caso contrário, um ciclo de referência inesperado pode permitir um invasor do DOS ou esgotar a memória do processo ao desserializar dados não confiáveis. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} participa de um ciclo de referência potencial + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Ciclo de referência potencial em grafo de objeto desserializado + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - Substituir 'Subcadeia de caracteres' por 'AsSpan' + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - 'AsSpan' é mais eficiente do que 'Substring'. 'Substring' executa uma cópia de cadeia de caracteres O(n), enquanto 'AsSpan' não tem e tem um custo constante. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Preferir 'AsSpan' em vez de 'Substring' quando sobrecargas baseadas em intervalo estão disponíveis + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - Preferir 'AsSpan' em vez de 'Subcadeia de caracteres' + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - Usar a verificação 'Count' em vez de 'Any()' + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Prefira comparar 'Count' com 0 em vez de usar 'Any()', tanto para clareza quanto para desempenho + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - Usar 'ContainsKey' + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey' geralmente é O(1), enquanto 'Keys.Contains' pode ser O(n) em alguns casos. Além disso, muitas implementações de dicionário inicializam lentamente a coleção keys para recortar as alocações. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Prefira 'ContainsKey' em vez de 'Keys.Contains' para o tipo de dicionário '{0}' + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Preferir métodos Dictionary.Contains + Prefer Dictionary.Contains methods Use 'ContainsValue' - Usar 'ContainsValue' + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Muitas implementações de dicionário inicializam lentamente a coleção Values. Para evitar alocações desnecessárias, prefira 'ContainsValue' em vez de 'Values.Contains'. + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Prefira 'ContainsValue' em vez de 'Values.Contains' para o tipo de dicionário '{0}' + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Substituir pelo método “HashData” + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - É mais eficiente usar o método estático “HashData” do que criar e gerenciar uma instância HashAlgorithm para chamar “ComputeHash”. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Prefira o método estático “{0}.HashData” ao invés de “ComputeHash' + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Preferir o método estático “HashData” em vez de “ComputeHash” + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - Usar a verificação 'IsEmpty' em vez de 'Any()' + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Prefira uma verificação 'IsEmpty' em vez de usar 'Any()', tanto para clareza quanto para desempenho + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Prefira usar as propriedades 'IsEmpty', 'Count' ou 'Length', conforme disponível, em vez de chamar 'Enumerable.Any()'. A intenção é mais clara e tem mais desempenho do que usar o método de extensão 'Enumerable.Any()'. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Evite usar o método de extensão 'Enumerable.Any()' + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - Usar a verificação 'Length' em vez de 'Any()' + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Prefira comparar 'Length' com 0 em vez de usar 'Any()', tanto para clareza quanto para desempenho + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - 'Stream' tem uma sobrecarga 'ReadAsync' que recebe um 'Memory<Byte>' como o primeiro argumento e uma sobrecarga 'WriteAsync' que recebe um 'ReadOnlyMemory<Byte>' como o primeiro argumento. Prefira chamar as sobrecargas com base na memória, que são mais eficientes. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Para determinar se o objeto contém ou não contém itens, prefira usar a propriedade 'IsEmpty' em vez de recuperar o número de itens da propriedade 'Count' e compará-lo com 0 ou 1. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Preferir 'IsEmpty' em vez de 'Count' para determinar se o objeto está vazio - - - - Prefer IsEmpty over Count - Preferir IsEmpty em vez de Count + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Altere a chamada de método '{0}' para usar a sobrecarga '{1}' + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Prefira as sobrecargas baseadas em 'Memória' para 'ReadAsync' e 'WriteAsync' + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Substituir por 'string.Contains' + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - As chamadas para 'string.IndexOf' nas quais o resultado é usado para verificar a presença ou a ausência de uma substring podem ser substituídas por 'string.Contains'. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Use 'string.Contains' em vez de 'string.IndexOf' para aprimorar a legibilidade + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Considere o uso de 'string.Contains' em vez de 'string.IndexOf' + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append e StringBuilder.Insert fornecem sobrecargas para vários tipos além de System.String. Quando possível, prefira as sobrecargas fortemente tipadas usando ToString() e a sobrecarga baseada em cadeia de caracteres. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Remova a chamada ToString para usar uma sobrecarga de StringBuilder fortemente tipada + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - Remover a chamada ToString + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Prefira sobrecargas de método Append e Insert fortemente tipadas no StringBuilder - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - 'StringBuilder.Append(char)' é mais eficiente do que 'StringBuilder.Append(string)' quando a cadeia de caracteres é um único caractere. Ao chamar 'Append' com uma constante, prefira usar um caractere constante em vez de uma cadeia de caracteres constante contendo um caractere. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Use 'StringBuilder.Append(char)' em vez de 'StringBuilder.Append(string)' quando a entrada for uma cadeia de caracteres de unidade constante - - - - Consider using 'StringBuilder.Append(char)' when applicable - Considere o uso de 'StringBuilder.Append(char)' quando aplicável + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - A partir do .NET 7, a conversão explícita '{0}' não será lançada ao estourar em um contexto não verificado. Envolva a expressão com uma instrução 'checked' para restaurar o comportamento do .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - A partir do .NET 7, a conversão explícita '{0}' será lançada ao transbordar em um contexto verificado. Envolva a expressão com uma instrução 'desmarcada' para restaurar o comportamento do .NET 6. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Alguns operadores integrados adicionados no .NET 7 se comportam de maneira diferente durante o estouro do que os operadores correspondentes definidos pelo usuário no .NET 6 e versões anteriores. Alguns operadores que anteriormente lançavam um contexto não verificado agora não lançam, a menos que estejam agrupados em um contexto verificado. Além disso, alguns operadores que não lançaram anteriormente em um contexto verificado agora lançam, a menos que estejam agrupados em um contexto não verificado. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - A partir do .NET 7, o operador '{0}' será lançado ao estourar em um contexto verificado. Envolva a expressão com uma instrução 'desmarcada' para restaurar o comportamento do .NET 6. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Impedir alterações de comportamento + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - O método 'Enum.HasFlag' espera que o argumento 'enum' seja do mesmo tipo 'enum' que a instância na qual o método é invocado e que esse 'enum' seja marcado com 'System.FlagsAttribute'. Se eles forem de tipos 'enum' diferentes, uma exceção sem tratamento será gerada no tempo de execução. Se o tipo 'enum' não estiver marcado com 'System.FlagsAttribute', a chamada sempre retornará 'false' no tempo de execução. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - O tipo de argumento '{0}' precisa ser do mesmo tipo enumerado '{1}' + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Forneça o argumento 'enum' correto para 'Enum.HasFlag' + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - O argumento de formato passado para System.String.Format não contém um item de formato correspondente a cada argumento de objeto ou vice-versa. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Fornecer os argumentos corretos para métodos de formatação + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Fornecer os argumentos corretos para métodos de formatação + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Um tipo tem um campo que está marcado usando o atributo System.Runtime.Serialization.OptionalFieldAttribute, mas o tipo não fornece os métodos de manipulação de eventos de desserialização. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Adicionar um método 'private void OnDeserialized(StreamingContext)' ao tipo {0} e atribuí-lo com System.Runtime.Serialization.OnDeserializedAttribute + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Adicionar um método 'private void OnDeserializing(StreamingContext)' ao tipo {0} e atribuí-lo com System.Runtime.Serialization.OnDeserializingAttribute + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Fornecer métodos de desserialização para campos opcionais + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - Fornecer um construtor sem parâmetros que é tão visível quanto o tipo que contém um tipo derivado de 'System.Runtime.InteropServices.SafeHandle' permite um melhor desempenho e uso com soluções de interoperabilidade geradas pela origem. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Forneça um construtor sem parâmetros que seja tão visível quanto o tipo que contém o tipo '{0}' derivado de 'System.Runtime.InteropServices.SafeHandle' + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Forneça um construtor sem parâmetros que seja tão visível quanto o tipo que contém tipos concretos derivados de 'System.Runtime.InteropServices.SafeHandle' + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Para melhorar o desempenho, substitua os métodos assíncronos baseados em memória ao fazer a subclasse 'Stream'. Em seguida, implemente os métodos baseados em matriz em termos dos métodos baseados em memória. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - '{0}' substitui '{1}', mas não substitui '{2}' baseado em memória. Considere substituir baseado em memória '{2}' para melhorar o desempenho. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Fornecer substituições baseadas em memória de métodos assíncronos ao subclasse 'Stream' + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Remova a chamada redundante + Remove redundant call Remove unnecessary call - Remover chamada desnecessária + Remove unnecessary call Replace string literal with char literal - Substituir literal de cadeia de caracteres por literal char + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de DLL, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de DLL + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de caminho, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de caminho + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de divulgação não autorizada de informação, em que o '{0}' no método '{1}' pode conter informações não intencionais de '{2}' no método '{3}'. + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Revisão de código quanto a vulnerabilidades de divulgação não autorizada de informação + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de LDAP, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de LDAP + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de redirecionamento aberto, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Revisão de código quanto a vulnerabilidades de redirecionamento aberto + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de comando de processo, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de comando de processo + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de regex, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de regex + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de SQL, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de SQL + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de XAML, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de XAML + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de XML, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de XML - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de injeção de XPath, em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. - - - - Review code for XPath injection vulnerabilities - Revisão de código quanto a vulnerabilidades de injeção de XPath + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Foi encontrada uma possível vulnerabilidade de XSS (cross-site scripting), em que o '{0}' no método '{1}' pode ter sido afetado pelos dados controlados pelo usuário de '{2}' no método '{3}'. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Revisão de código quanto a vulnerabilidades de XSS + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - As consultas SQL que usam a entrada do usuário diretamente podem ser vulneráveis a ataques de injeção de SQL. Examine esta consulta SQL quanto a possíveis vulnerabilidades e considere o uso de uma consulta SQL parametrizada. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Examine se a cadeia de caracteres de consulta passada para '{0}' em '{1}' aceita qualquer entrada do usuário + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - Revisar as consultas SQL em busca de vulnerabilidades de segurança + Review SQL queries for security vulnerabilities Seal class - Classe do selo + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Quando um tipo não está acessível fora da sua assembly e não tem subtipos dentro da sua assemlby que o contém, ele pode ser selado com segurança. Tipos de selagem podem melhorar o desempenho. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - O tipo '{0}' pode ser selado porque não possui subtipos em sua assembly que o contém e não está visível externamente + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Tipos internos de selo + Seal internal types Set HttpOnly to true for HttpCookie - Definir HttpOnly como true para HttpCookie + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - Como medida de defesa completa, verifique se os cookies HTTP confidenciais de segurança estão marcados como HttpOnly. Isso indica que os navegadores da Web devem impedir que os scripts acessem os cookies. Scripts mal-intencionados injetados são uma maneira comum de roubar cookies. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly está definido como false ou não foi definido durante o uso de um HttpCookie. Verifique se os cookies confidenciais de segurança estão marcados como HttpOnly para impedir que scripts mal-intencionados roubem os cookies + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Defina ViewStateUserKey Para As Classes Derivadas De Página + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - A definição da propriedade ViewStateUserKey pode ajudar a impedir ataques ao aplicativo permitindo que você atribua um identificador à variável view-state de usuários individuais, impedindo-os de usar a variável para gerar um ataque. Caso contrário, haverá vulnerabilidades de falsificação de solicitação entre sites. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - A classe {0} derivada de System.Web.UI.Page não define a propriedade ViewStateUserKey no método OnInit ou Page_Init + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Especifique a cultura para ajudar a evitar a dependência acidental implícita da cultura atual. O uso de uma versão invariante produz resultados consistentes, independentemente da cultura de um aplicativo. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Especifique uma cultura ou use uma versão invariável para evitar a dependência implícita da cultura atual + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Especifique uma cultura ou use uma versão invariável + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Um método ou construtor chama um membro que tem uma sobrecarga que aceita um parâmetro System.Globalization.CultureInfo e o método ou o construtor não chama a sobrecarga que usa o parâmetro CultureInfo. Quando um objeto CultureInfo ou System.IFormatProvider não é fornecido, o valor padrão fornecido pelo membro sobrecarregado pode não ter o efeito que você deseja em todas as localidades. Se o resultado for exibido para o usuário, especifique 'CultureInfo.CurrentCulture' como o parâmetro 'CultureInfo'. Caso contrário, se o resultado for armazenado e acessado pelo software, assim como quando é persistido em disco ou em um banco de dados, especifique 'CultureInfo.InvariantCulture'. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - O comportamento de '{0}' pode variar dependendo das configurações de localidade do usuário atual. Substitua esta chamada em '{1}' por uma chamada para '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - Especificar CultureInfo + Specify CultureInfo Specify current culture - Especifique a cultura atual + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Um método ou construtor chama um ou mais membros que têm sobrecargas que aceitam um parâmetro System.IFormatProvider e o método ou o construtor não chama a sobrecarga que aceita o parâmetro IFormatProvider. Quando um objeto System.Globalization.CultureInfo ou IFormatProvider não é fornecido, o valor padrão fornecido pelo membro sobrecarregado pode não ter o efeito que você deseja em todas as localidades. Se o resultado for exibido com base na entrada proveniente do usuário ou na saída exibida para ele, especifique 'CultureInfo.CurrentCulture' como o 'IFormatProvider'. Caso contrário, se o resultado for armazenado e acessado pelo software, assim como ocorre quando ele é carregado do disco/banco de dados e quando é persistido no disco/banco de dados, especifique 'CultureInfo.InvariantCulture'. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - O comportamento de '{0}' pode variar dependendo das configurações de localidade do usuário atual. Substitua esta chamada em '{1}' por uma chamada para '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - O comportamento de '{0}' pode variar dependendo das configurações de localidade do usuário atual. Substitua esta chamada em '{1}' por uma chamada para '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - O comportamento de '{0}' pode variar com base nas configurações de localidade do usuário atual. Forneça um valor para o argumento 'IFormatProvider'. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' passa '{1}' como o parâmetro 'IFormatProvider' para '{2}'. Essa propriedade retorna uma cultura inadequada para os métodos de formatação. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' passa '{1}' como o parâmetro 'IFormatProvider' para '{2}'. Essa propriedade retorna uma cultura inadequada para os métodos de formatação. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - Especificar IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Um membro de invocação de plataforma permite chamadores parcialmente confiáveis, tem um parâmetro de cadeia de caracteres e não realiza marshaling da cadeia de caracteres explicitamente. Isso pode causar uma potencial vulnerabilidade de segurança. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Especificar marshaling para argumentos de cadeias de caracteres P/Invoke + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Uma operação de comparação de cadeia de caracteres usa uma sobrecarga de método que não define um parâmetro StringComparison. É altamente recomendado usar a sobrecarga com o parâmetro StringComparison para esclarecer a intenção. Se o resultado for exibido para o usuário, como ocorre ao classificar uma lista de itens a serem exibidos em uma caixa de listagem, especifique 'StringComparison.CurrentCulture' ou 'StringComparison.CurrentCultureIgnoreCase' como o parâmetro 'StringComparison'. Para comparar identificadores que não diferenciam maiúsculas de minúsculas, como caminhos de arquivos, variáveis de ambiente ou chaves e valores do Registro, especifique 'StringComparison.OrdinalIgnoreCase'. Mas, para comparar identificadores que diferenciam maiúsculas de minúsculas, especifique 'StringComparison.Ordinal'. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - '{0}' tem uma sobrecarga de método que usa um parâmetro 'StringComparison'. Substitua essa chamada em '{1}' por uma chamada para '{2}' para esclarecer a intenção. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Especificar StringComparison para garantir o esclarecimento + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Uma operação de comparação de cadeia de caracteres usa uma sobrecarga de método que não define um parâmetro StringComparison, portanto, seu comportamento pode variar com base nas configurações atuais de localidade do usuário. É altamente recomendado usar a sobrecarga com o parâmetro StringComparison para garantir a precisão e esclarecer a intenção. Se o resultado for exibido para o usuário, como ocorre ao classificar uma lista de itens a serem exibidos em uma caixa de listagem, especifique 'StringComparison.CurrentCulture' ou 'StringComparison.CurrentCultureIgnoreCase' como o parâmetro 'StringComparison'. Para comparar identificadores que não diferenciam maiúsculas de minúsculas, como caminhos de arquivos, variáveis de ambiente ou chaves e valores do Registro, especifique 'StringComparison.OrdinalIgnoreCase'. Mas, para comparar identificadores que diferenciam maiúsculas de minúsculas, especifique 'StringComparison.Ordinal'. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - O comportamento de '{0}' pode variar dependendo das configurações de localidade do usuário atual. Substitua esta chamada em '{1}' por uma chamada para '{2}'. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Especificar StringComparison para garantir a exatidão + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - Usar modificadores 'static' e 'abstract' requer a aceitação de recursos de visualização. Consulte https://aka.ms/dotnet-warnings/preview-features para obter mais informações. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - Comparar cadeias de caracteres usando a propriedade String.Length ou o método String.IsNullOrEmpty é significativamente mais rápido do que usar Equals. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Teste se há cadeias de caracteres vazias usando a propriedade 'string.Length' ou o método 'string.IsNullOrEmpty' em vez de uma verificação de igualdade + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Testar se há cadeias de caracteres vazias usando tamanho da cadeia + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Esta expressão testa um valor em Single.Nan ou Double.Nan. Use Single.IsNan(Single) ou Double.IsNan(Double) para testar o valor. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Testar para NaN corretamente + Test for NaN correctly Test for NaN correctly - Testar para NaN corretamente + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - Os campos “ThreadStatic” devem ser inicializado de forma lenta durante o uso, não com inicialização embutida nem explicitamente em um construtor estático, o que inicializaria somente o campo no thread que executa o construtor estático do tipo. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - Os campos “ThreadStatic” não devem usar inicialização embutida + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Inicialização do campo “ThreadStatic” inadequada + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - “ThreadStatic” afeta somente campos estáticos. Quando aplicado aos campos de instância, ele não afeta o comportamento. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Verificar se “ThreadStatic” só é usado com campos estáticos + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - “ThreadStatic” afeta somente campos estáticos + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - Usar o auxiliar de lançamento ArgumentException + Use ArgumentException throw helper Use ArgumentNullException throw helper - Usar o auxiliar de lançamento de ArgumentNullException + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - Usar o auxiliar de lançamento ArgumentOutOfRangeException + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Usar Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - O Indexador baseado em intervalo em valores de matriz produz uma cópia da porção solicitada da matriz. Essa cópia costuma ser indesejada quando é usada implicitamente como um valor de Span ou de Memory. Use o método AsSpan para evitar a cópia. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Use '{0}' em vez do indexador baseado em '{1}' em '{2}' para evitar a criação de cópias de dados desnecessárias + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Use `{0}` em vez de indexadores baseados em Intervalo em uma cadeia de caracteres + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Use `{0}` em vez de indexadores baseados em Intervalo em uma matriz + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Use AsSpan ou AsMemory em vez de Indexadores baseados em intervalo quando apropriado + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - O Indexador com base em intervalo em valores de cadeia de caracteres produz uma cópia da porção solicitada da cadeia de caracteres. Essa cópia normalmente é desnecessária quando é usada implicitamente como um valor de ReadOnlySpan ou de ReadOnlyMemory. Use o método AsSpan para evitar a cópia desnecessária. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - O Indexador baseado em intervalo em valores de matriz produz uma cópia da porção solicitada da matriz. Essa cópia normalmente é desnecessária quando é usada implicitamente como um valor de ReadOnlySpan ou de ReadOnlyMemory. Use o método AsSpan para evitar a cópia desnecessária. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Quando estiver dentro de um método de retorno Task, use a versão assíncrona dos métodos, se eles existirem. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - '{0}' blocos de forma síncrona. Em vez disso, aguarde '{1}'. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - '{0}' blocos de forma síncrona. Em vez disso, use await. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Chame métodos assíncronos quando estiver em um método assíncrono + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Usar tokens antifalsificação em controladores MVC do ASP.NET Core + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - A manipulação de uma solicitação de POST, PUT, PATCH ou DELETE sem a validação de um token antifalsificação pode ser vulnerável a ataques de falsificação de solicitações intersite. Um ataque de falsificação de solicitações intersite pode enviar solicitações mal-intencionadas de um usuário autenticado para o seu controlador MVC ASP.NET Core. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - O método {0} lida com uma solicitação de {1} sem executar a validação de token antifalsificação. Também é necessário garantir que o seu formulário em HTML envie um token antifalsificação. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Substituir por 'CancellationToken.ThrowIfCancellationRequested' + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - 'ThrowIfCancellationRequested' verifica automaticamente se o token foi cancelado e gera uma 'OperationCanceledException' se tiver. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Use 'ThrowIfCancellationRequested' em vez de verificar 'IsCancellationRequested' e lançar 'OperationCanceledException' + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - Use 'ThrowIfCancellationRequested' + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - O uso de tipos concretos evita sobrecarga de chamada virtual ou de interface e permite inlining. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Altere o tipo de campo '{0}' de '{1}' para '{2}' para melhorar o desempenho + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Altere o tipo de variável '{0}' de '{1}' para '{2}' para melhorar o desempenho + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Altere o tipo de retorno do método '{0}' de '{1}' para '{2}' para melhorar o desempenho + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Altere o tipo de parâmetro '{0}' de '{1}' para '{2}' para melhorar o desempenho + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Altere o tipo de propriedade '{0}' de '{1}' para '{2}' para melhorar o desempenho + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Usar tipos concretos quando possível para melhorar o desempenho + Use concrete types when possible for improved performance Use Container Level Access Policy - Usar Política de Acesso no Nível de Contêiner + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Não foi especificado um identificador de política de acesso, o que torna os tokens não revogáveis. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Se possível, considere usar o controle de acesso baseado em função do Azure em vez de uma SAS (Assinatura de Acesso Compartilhado). Se você ainda precisar usar uma SAS, use uma política de acesso de nível de contêiner ao criar uma SAS. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - Use o atributo DefaultDllImportSearchPaths para P/Invokes + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - Por padrão, P/Invokes que usam DllImportAttribute investigam diversos diretórios, incluindo o diretório de trabalho atual, para a biblioteca carregar. Isso pode ser um problema de segurança para determinados aplicativos, levando ao sequestro de DLL. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - O método {0} não usou o atributo DefaultDllImportSearchPaths para P/Invokes. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Usar código equivalente que funciona quando o marshalling está desabilitado + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - 'Environment.CurrentManagedThreadId' é mais simples e mais rápido do que 'Thread.CurrentThread.ManagedThreadId'. + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - Use 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Use 'Environment.CurrentManagedThreadId' em vez de 'Thread.CurrentThread.ManagedThreadId' + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - Use 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - 'Environment.ProcessId' é mais simples e rápido do que 'Process.GetCurrentProcess().Id'. + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - Use 'Environment.ProcessId' + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Use 'Environment.ProcessId' em vez de 'Process.GetCurrentProcess().Id' + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - Use 'Environment.ProcessId' + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - 'Environment.ProcessPath' é mais simples e mais rápido do que 'Process.GetCurrentProcess(). MainModule.FileName'. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Use 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Use 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use indexer - Usar o indexador + Use indexer Use an invariant version - Usar uma versão invariável + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Um método de invocação de sistema operacional é definido e um método que tem a funcionalidade equivalente está localizado na biblioteca de classes .NET Framework. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Usar equivalentes gerenciados da API win32 + Use managed equivalents of win32 api Use managed equivalents of win32 api - Usar equivalentes gerenciados da API win32 + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - Usar o auxiliar de lançamento ObjectDisposedException + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Uma comparação de cadeia de caracteres não linguística não define o parâmetro StringComparison como Ordinal ou OrdinalIgnoreCase. Ao definir explicitamente o parâmetro como StringComparison.Ordinal ou StringComparison.OrdinalIgnoreCase, seu código geralmente ganha velocidade, torna-se mais correto e mais confiável. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Usar a comparação de cadeia de caracteres ordinal + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() potencialmente enumera a sequência enquanto uma propriedade Length/Count é um acesso direto. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Use a propriedade "{0}" em vez de Enumerable.Count() + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Usar a propriedade Length/Count em vez de Count() quando disponível + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Use o algoritmo Rivest-Shamir-Adleman (RSA) com tamanho de chave suficiente + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Os algoritmos de criptografia são vulneráveis a ataques de força bruta quando um tamanho de chave muito pequeno é usado. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - O tamanho de chave do algoritmo de criptografia assimétrica {0} é menor que 2048. Alterne para um RSA com um tamanho de chave de pelo menos 2048 ou para um algoritmo ECDH ou ECDSA. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Os aplicativos disponíveis via HTTPS devem usar cookies seguros. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - Usar SharedAccessProtocol HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - O HTTPS criptografa o tráfego de rede. Use HttpsOnly, em vez de HttpOrHttps, para garantir que o tráfego de rede sempre seja criptografado para ajudar a impedir a divulgação de dados confidenciais. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Se possível, considere usar o controle de acesso baseado em função do Azure em vez de uma SAS (Assinatura de Acesso Compartilhado). Se você ainda precisar usar uma SAS, especifique SharedAccessProtocol.HttpsOnly. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Usar 'Clear()' + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - É mais eficiente usar 'Clear', em vez de 'Fill' com valor padrão. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - Preferir 'Span<T>.Clear()' em vez de 'Span<T>.Fill(default)' + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - Preferir 'Clear' ao invés de 'Fill' + Prefer 'Clear' over 'Fill' Use 'StartsWith' - Usar "StartsWith" + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - É mais claro e mais rápido usar "StartsWith" em vez de comparar o resultado de "IndexOf" com zero. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Usar "StartsWith" em vez de comparar o resultado de "IndexOf" com 0 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - Usar "StartsWith" em vez de "IndexOf" + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - Use 'string. Igual a' + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - É mais claro e provavelmente mais rápido usar 'string. É igual a em vez de comparar o resultado de 'string.Compare' com zero. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Use 'string. Igual a' em vez de comparar o resultado de 'string.Compare' com 0 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - Use 'string. Igual a' - - - - Use 'AsSpan' with 'string.Concat' - Use 'AsSpan' com 'string. Concat' - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - É mais eficiente usar 'AsSpan' e 'string'. Concat', em vez de 'Substring' e um operador de concatenação. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Use a 'cadeia de caracteres' baseada em intervalo. Concat' e 'AsSpan' em vez de 'Substring' - - - - Use span-based 'string.Concat' - Use a 'cadeia de caracteres' baseada em intervalo. Concat' - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - 'cadeia de caracteres. Contains(char)' está disponível como uma sobrecarga de melhor desempenho para pesquisa de caractere único. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Use 'string. Contains(char)' em vez de 'string. Contains(string)' ao procurar um único caractere - - - - Use char literal for a single character lookup - Usar o literal char para uma pesquisa de caractere único + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Auxiliares de lançamento são mais simples e eficientes do que um bloco if que constrói uma nova instância de exceção. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - Usar '{0}.{1}' + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Use '{0}.{1}' em vez de lançar explicitamente uma nova instância de exceção + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - O analisador de compatibilidade de plataforma requer um nome de plataforma e uma versão válidos. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - A versão '{0}' não é válida para a plataforma '{1}'. Use uma versão com 2{2} partes para esta plataforma. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - A versão '{0}' não é válida para a plataforma '{1}'. Não use versões para esta plataforma. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Usar cadeia de caracteres de plataforma válida + Use valid platform string The platform '{0}' is not a known platform name - A plataforma '{0}' não é um nome de plataforma conhecido + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - ValueTasks retornados de invocações de membro devem ser aguardados diretamente. Tentativas de consumir um ValueTask várias vezes ou de acessar diretamente um resultado antes que esteja sabidamente concluído podem resultar em exceção ou dano. Ignorar um ValueTask é provavelmente uma indicação de um bug funcional e pode degradar o desempenho. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - Instâncias de ValueTask não devem ter o resultado diretamente acessado, a menos que a instância já tenha sido concluída. Ao contrário de Tarefas, chamar um Resultado ou GetAwaiter().GetResult() em um ValueTask não garante um bloqueio até que a operação seja concluída. Se você não pode simplesmente aguardar a instância, considere primeiro verificar a propriedade IsCompleted (ou afirmar que é true se você sabe que esse é o caso). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - Instâncias de ValueTask devem ser consumidas apenas uma vez, como por meio de uma espera. Consumir a mesma instância de ValueTask várias vezes pode resultar em exceções e dados corrompidos. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Instâncias de ValueTask retornadas das chamadas de método devem ser diretamente aguardadas, retornadas ou passadas como um argumento para outra chamada de método. Outro uso, como armazenar uma instância em um local ou em um campo, é provavelmente uma indicação de um bug, pois instâncias de ValueTask precisam ser consumidas apenas uma vez. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Instâncias de ValueTask retornadas das chamadas de método sempre devem ser usadas, normalmente aguardadas. Não fazer isso geralmente representa um bug funcional, mas mesmo se esse não for o caso, isso poderá resultar na degradação do desempenho se o método de destino incluir em pool os objetos para uso com ValueTasks. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - Usar ValueTasks corretamente + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - O processamento de XML de dados não confiáveis pode carregar referências externas perigosas, que devem ser restritas usando um XmlReader com um resolvedor seguro ou com o processamento de DTD desabilitado. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - Use o XmlReader para 'DataSet.ReadXml()' + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - Use o XmlReader para 'XmlSerializer.Deserialize()' + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - Use o XmlReader para 'XmlSchema.Read()' + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - Usar o XmlReader para o construtor XmlValidatingReader + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - Usar o XmlReader para o construtor XPathDocument + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - Esta sobrecarga do método '{0}.{1}' é potencialmente não segura. Ela pode habilitar a DTD (Definição do Tipo de Documento), que pode ser vulnerável a ataques de negação de serviço ou pode usar um XmlResolver que pode ser vulnerável à divulgação de informações. Use uma sobrecarga que usa uma instância XmlReader em vez disso, com o processamento de DTD desabilitado e sem o XmlResolver. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - “{0}” usa o tipo de visualização “{1}” e precisa aceitar os recursos de visualização. Consulte {2} para obter mais informações. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3}“{0}” usa o tipo de visualização “{1}” e precisa aceitar os recursos de visualização. Consulte {2} para obter mais informações. - - - - Use 'TryGetValue(TKey, out TValue)' - Usar 'TryGetValue(TKey, out TValue)' - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Prefira o método 'IDictionary.TryGetValue(TKey, out TValue)' - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Prefira uma chamada 'TryGetValue' em vez de um acesso ao indexador de dicionário protegido por uma verificação 'ContainsKey' para evitar pesquisa dupla - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Prefira uma chamada 'TryGetValue' em vez de um acesso ao indexador de dicionário protegido por uma verificação 'ContainsKey'. 'ContainsKey' e o indexador pesquisariam a chave sob o capô, portanto, usar 'TryGetValue' remove a pesquisa extra. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf index a814efe640..ff02e2ea34 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - Добавьте атрибут "NonSerialized" в это поле. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Добавить атрибут Serializable + Add Serializable attribute Review cipher mode usage with cryptography experts - Проверьте используемый режим шифрования с экспертами по криптографии + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Эти режимы шифрования могут быть уязвимы для атак. Используйте рекомендуемые режимы (CBC, CTS). + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Проверьте используемый режим шифрования "{0}" с экспертами по криптографии. Используйте рекомендуемые режимы (CBC, CTS). + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - Параметр строкового литерала атрибута анализируется неправильно для URL-адреса, GUID или версии. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - В конструкторе "{0}" измените аргумент "{1}", который сейчас равен "{2}", на значение, обеспечивающее правильный анализ в качестве "{3}". + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - В конструкторе "{0}" измените аргумент "{1}", который сейчас равен пустой строке (""), на значение, обеспечивающее правильный анализ в качестве "{2}". + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Синтаксический анализ строковых литералов атрибута должен осуществляться правильно + Attribute string literals should parse correctly Extract to static readonly field - Извлечь в поле "static readonly" + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - Постоянные массивы, передаваемые в качестве аргументов, не будут использоваться при повторном вызове, что подразумевает создание нового массива каждый раз. Попробуйте извлечь их в статичные поля, доступные только для чтения ("static readonly"), чтобы повысить производительность, если переданный массив не был изменен в вызываемом методе. + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - Выбирать статичные поля, доступные только для чтения ("static readonly"), вместо аргументов постоянного массива, если вызываемый метод вызывается повторно и не изменяет переданный массив + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - Избегайте использования константных массивов в качестве аргументов + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - При маршалировании "StringBuilder" всегда создается собственная копия буфера, что приводит к множественным выделениям для одной операции маршалирования. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - Старайтесь не использовать параметры StringBuilder для P/Invokes. Вместо этого используйте символьный буфер. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - Избегайте использования параметров "StringBuilder" для P/Invokes + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - Эта библиотека классов платформы .NET Framework предоставляет методы для извлечения настраиваемых атрибутов. По умолчанию эти методы выполняют поиск по иерархии наследования атрибутов. Запечатывание атрибута устраняет поиск по иерархии наследования и позволяет повысить производительность. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Избегайте незапечатанных атрибутов + Avoid unsealed attributes Avoid unsealed attributes - Избегайте незапечатанных атрибутов + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Старайтесь не выделять массивы нулевой длины без необходимости. Вместо этого используйте {0}. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Нежелательность выделения массивов нулевой длины + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных без использования SerializationBinder для ограничения типа объектов в графе десериализованных объектов. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - Убедитесь, что BinaryFormatter.Binder задан перед вызовом BinaryFormatter.Deserialize + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных без использования SerializationBinder для ограничения типа объектов в графе десериализованных объектов. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - Не вызывайте BinaryFormatter.Deserialize, не задав предварительно BinaryFormatter.Binder + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - Метод "{0}" небезопасен при десериализации ненадежных данных. Если вместо этого нужно обнаружить десериализацию BinaryFormatter без задания SerializationBinder, отключите правило CA2300 и включите правила CA2301 и CA2302. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - Метод "{0}" небезопасен при десериализации ненадежных данных. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Не используйте небезопасный десериализатор BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - "Buffer.BlockCopy" ожидает копирования количества байт для аргумента "count". При использовании "Array.Length" может не обеспечиваться соответствие количеству байт, которое требуется скопировать. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - "Buffer.BlockCopy" ожидает копирования количества байт для аргумента "count". При использовании "Array.Length" может не обеспечиваться соответствие количеству байт, которое требуется скопировать. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - "Buffer.BlockCopy" ожидает копирования количества байт для аргумента "count" + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Метод, являющийся реализацией Dispose, не вызывает GC.SuppressFinalize, метод, не являющийся реализацией Dispose, вызывает GC.SuppressFinalize, либо метод вызывает GC.SuppressFinalize и передает нечто иное (Me в Visual Basic). + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - Замените {0} вызовом {1}. В результате для производных типов, использующих метод завершения, отпадет необходимость в повторной реализации "IDisposable" для вызова этого метода. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - Замените {0} вызовом {1}. Это предотвратит ненужное завершение объекта после его высвобождения и выхода из области видимости. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} вызывает {1} для другого объекта, а не для себя. Измените место вызова, чтобы передать вместо него "this" ("Me" в Visual Basic). + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} вызывает {1}, метод, который обычно вызывается только внутри реализации "IDisposable.Dispose". Дополнительные сведения см. в шаблоне IDisposable. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Методы Dispose должны вызывать SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - Атрибут ConstantExpected неправильно применен к параметру. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - Неправильное использование атрибута ConstantExpected + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - Атрибут ConstantExpected является обязательным для параметра из-за заметки родительского метода + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - Значение "{0}" несовместимо с типом параметра "{1}" + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - Значение "{0}" не соответствует границам значения параметра от "{1}" до "{2}" + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - Константа отличается от типа "{0}" параметра + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Минимальное и максимальное значения инвертированы + The Min and Max values are inverted The argument should be a constant for optimal performance - Аргумент должен быть константой для оптимальной производительности + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - Тип "{0}" не поддерживается для атрибута ConstantExpected + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - Константа не соответствует границам значений от "{0}" до "{1}" + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - Параметр ожидает константу для оптимальной производительности. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Для параметра ожидается константа + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - При десериализации недоверенных входных данных десериализация объекта {0} является небезопасной. Объект "{1}" является объектом {0} или производным от него объектом. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - На графе десериализуемого объекта обнаружен небезопасный тип набора данных или таблицы данных + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - При десериализации недоверенных входных данных с помощью сериализатора на основе IFormatter десериализация объекта {0} является небезопасной. Объект "{1}" является объектом {0} или производным от него объектом. Убедитесь, что автоматически создаваемые типы не десериализуются с недоверенными данными. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Небезопасный набор данных или небезопасная таблица данных в автоматически создаваемом сериализуемом типе могут быть подвержены атакам методом удаленного выполнения кода + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - При десериализации недоверенных входных данных десериализация объекта {0} является небезопасной. Объект "{1}" является объектом {0} или производным от него объектом. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Небезопасный набор данных или небезопасная таблица данных на графе десериализуемого объекта могут быть подвержены атакам методом удаленного выполнения кода + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - При десериализации недоверенных входных данных с сериализатором на основе IFormatter десериализация объекта {0} является небезопасной. "{1}" является {0} или производным от него. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Небезопасный набор данных или небезопасная таблица данных в сериализуемом типе могут быть подвержены атакам методом удаленного выполнения кода + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - При десериализации недоверенных входных данных десериализация объекта {0} является небезопасной. Объект "{1}" является объектом {0} или производным от него объектом. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - Небезопасный набор данных или небезопасная таблица данных в сериализуемом типе + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - При десериализации недоверенных входных данных десериализация объекта {0} является небезопасной. Объект "{1}" является объектом {0} или производным от него объектом. + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Небезопасный набор данных или небезопасная таблица данных на графе десериализуемого объекта + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - Метод "{0}" является небезопасным при десериализации недоверенных данных. Убедитесь, что автоматически создаваемый класс, содержащий вызов "{0}", не десериализуется с недоверенными данными. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - Убедитесь, что автоматически создаваемый класс, содержащий метод DataSet.ReadXml(), не используется с недоверенными данными + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - Метод "{0}" является небезопасным при десериализации недоверенных данных. + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - Не используйте метод DataSet.ReadXml() с недоверенными данными + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - Метод "{0}" является небезопасным при десериализации недоверенных данных. + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - Не используйте метод DataTable.ReadXml() с недоверенными данными + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - Для клиентов HTTP (HttpClients) следует включить проверки списка отзыва сертификатов. + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient создается без включения CheckCertificateRevocationList. + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Не добавлять сертификаты в корневое хранилище + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - Добавление сертификатов в доверенные корневые сертификаты операционной системы увеличивает риск неправильной проверки подлинности сертификатов + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - Не используйте CreateEncryptor с вектором инициализации, отличным от значения по умолчанию. + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - Для симметричного шифрования используется вектор инициализации, отличный от значения по умолчанию, что может привести к воспроизводимости. + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - Использовать защищенные файлы cookie в ASP.NET Core + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Установить значение true для параметра CookieOptions.Secure при настройке файла cookie + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - Не использовать ненадежную функцию формирования ключа с недостаточным числом итераций + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Используйте число итераций не меньше {0} при формировании криптографического ключа из пароля. По умолчанию значение IterationCount для Rfc2898DeriveByte равно всего 1000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Более старые версии протокола TLS менее безопасны, чем TLS 1.2 и TLS 1.3 и скорее всего имеют новые уязвимости. Избегайте использования ранних версий протокола, чтобы минимизировать риски. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Версия протокола TLS "{0}" является устаревшей. Используйте "None", чтобы операционная система самостоятельно выбрала версию протокола. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - Не используйте устаревшие значения параметра SslProtocols + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" является производным от предварительной версии класса "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" {3} является производным от предварительной версии класса "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - В сборке должно быть предоставлено согласие на использование предварительных функций, прежде чем применять их. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - Для использования "{0}" требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {1}. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} Для использования "{0}" требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {1}. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Этот API требует согласия на использование предварительных функций + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - Тип, который реализует System.IDisposable, объявляет поля, относящиеся к типам, которые также реализуют IDisposable. Метод Dispose поля не вызывается методом Dispose объявляющего типа. Чтобы устранить нарушение этого правила, вызовите Dispose для полей, относящихся к типам, которые реализуют IDisposable, если вы отвечаете за выделение и освобождение неуправляемых ресурсов, хранящихся в поле. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - "{0}" содержит поле "{1}", которое имеет тип IDisposable "{2}", но никогда не удаляется. Измените метод Dispose для "{0}" на вызов Close или Dispose для этого поля. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Следует высвобождать высвобождаемые поля + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - Тип, который реализует System.IDisposable и имеет поля, предполагающие использование неуправляемых ресурсов, не реализует метод завершения, как описано Object.Finalize. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Высвобождаемые типы должны объявлять методы завершения + Disposable types should declare finalizer Disposable types should declare finalizer - Высвобождаемые типы должны объявлять методы завершения + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - Тип, который реализует System.IDisposable, наследует от типа, который также реализует IDisposable. Метод Dispose наследующего типа не вызывает метод Dispose родительского типа. Чтобы устранить нарушение этого правила, вызовите base.Dispose в методе Dispose. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - Убедитесь, что метод "{0}" вызывает "{1}" во всех возможных путях потока управления. + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Метод Dispose должен вызывать базовый класс Dispose + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Если освобождаемый объект не высвобождается явно до того, как все ссылки на него оказываются вне области имен, объект будет высвобожден в некоторый заранее не определенный момент, когда сборщик мусора запустит завершающий метод объекта. Так как может возникнуть событие исключения, препятствующее выполнению метода завершения объекта, объект будет ликвидирован в явной форме. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Используйте рекомендуемый шаблон удаления, чтобы убедиться, что объект, созданный "{0}", удален по всем путям. Если это возможно, заключите создание в оператор "using" или объявление "using". В противном случае используйте шаблон try-finally с выделенной локальной переменной, объявляемой до области try, и безусловным вызовом Dispose для отличного от NULL значения в области "finally", например "x?.Dispose()". Если объект явно удаляется в области try или владение удаления передается другому объекту или методу, назначьте "null" локальной переменной сразу после подобной операции, чтобы предотвратить двойное удаление в "finally". + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - Используйте рекомендуемый шаблон удаления, чтобы убедиться, что объект, созданный "{0}", удален по всем путям исключений. Если это возможно, заключите создание в оператор "using" или объявление "using". В противном случае используйте шаблон try-finally с выделенной локальной переменной, объявляемой до области try, и безусловным вызовом Dispose для отличного от NULL значения в области "finally", например "x?.Dispose()". Если объект явно удаляется в области try или владение удаления передается другому объекту или методу, назначьте "null" локальной переменной сразу после подобной операции, чтобы предотвратить двойное удаление в "finally". + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - Вызовите System.IDisposable.Dispose для объекта, созданного "{0}", прежде чем все ссылки на него будут вне области действия. + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - Объект, созданный "{0}", не уничтожается во всех путях исключений. Следует вызвать метод System.IDisposable.Dispose для этого объекта до того, как все ссылки на него будут находиться вне области действия. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Ликвидировать объекты перед потерей области + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Не добавлять путь к элементу архива в целевой путь к файловой системе. + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - При извлечении файлов из архива и при использовании пути к элементу архива проверьте, является ли путь безопасным. Путь к архиву может быть относительным, а также может вести к объекту файловой системы, находящемуся за пределами ожидаемого целевого пути файловой системы, и использоваться злоумышленниками для вредоносного изменения конфигурации и для удаленного выполнения кода с использованием метода "затаиться и ждать". + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Если создается путь для "{0}" в методе "{1}" из относительного пути к элементу архива для извлечения файла и если источник представляет собой недоверенный ZIP-архив, обязательно очистите относительный путь к элементу архива "{2}" в методе "{3}" + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - Не добавляйте схему по URL-адресу + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - Эта внутренняя перегрузка метода XmlSchemaCollection.Add включает обработку DTD в используемом экземпляре модуля чтения XML, а также использует UrlResolver для разрешения внешних сущностей XML. Результатом является раскрытие информации. Содержимое из файловой системы или общих папок на компьютере, обрабатывающем XML-код, может быть раскрыто для злоумышленника. Кроме того, злоумышленник может использовать этот вектор для проведения атак типа "отказ в обслуживании". + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Эта перегрузка метода Add потенциально небезопасна, так как может разрешать опасные внешние ссылки + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Задав для делегатов критической проверки TokenValidationParameter значение true, вы отключите важные меры безопасности при проверке подлинности, что может привести к неправильной проверке токенов от любого издателя или токенов с истекшим сроком действия. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - Для {0} задана функция, которая всегда возвращает значение true. Настроив делегат проверки, вы переопределяете проверку по умолчанию. Эта проверка будет полностью отключена, так как она всегда возвращает значение true. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Не пропускать всегда проверку токенов в делегатах + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - Небезопасная десериализация — это уязвимость, которая возникает, когда недоверенные данные используются для нарушения логики работы приложения, проведения атак типа "отказ в обслуживании" или даже для выполнения произвольного кода при его десериализации. Злоумышленники часто используют эти возможности десериализации, контролируя недоверенные данные, которые десериализуются приложением, в частности, путем вызова опасных методов в ходе десериализации. При успешном проведении атак с небезопасной десериализацией злоумышленник может провести атаки типа "отказ в обслуживании", обойти проверку подлинности и выполнить код удаленно. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - При десериализации экземпляра класса '{0}' метод '{1}' может прямо или косвенно вызывать опасный метод '{2}' + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Не вызывать опасные методы десериализации + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Для нормальной работы Enumerable.Cast<T> и Enumerable.OfType<T> требуются совместимые типы. -Универсальное приведение (выражение промежуточного языка 'unbox.any'), используемое последовательностью, возвращенной enumerable.Cast<T>, вызовет исключение InvalidCastException во время выполнения для элементов указанных типов. -Проверка универсального типа (оператор C# 'is'/выражение промежуточного языка 'isinst'), используемая Enumerable.OfType<T>, никогда не будет выполнена успешно с элементами указанных типов, что приведет к получению пустой последовательности. -Расширяемые и определяемые пользователем преобразования не поддерживаются для универсальных типов. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - Тип '{0}' несовместим с типом '{1}', и приведение типов вызовет исключение InvalidCastException во время выполнения + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - Этот вызов всегда приведет к пустой последовательности, так как тип '{0}' несовместим с типом '{1}' + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Не вызывайте Enumerable.Cast<T> или Enumerable.OfType<T> с несовместимыми типами + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - Не вызывайте {0} для значения {1} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - Не вызывайте ToImmutableCollection для значения ImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource содержит конструкторы, которые принимают TaskCreationOptions, управляющие базовой задачей, и конструкторы, принимающие состояние объекта, которое хранится в задаче. Случайная передача TaskContinuationOptions вместо TaskCreationOptions приведет к вызову, обрабатывающему параметры как состояние. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - Замените TaskContinuationOptions на TaskCreationOptions. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - Аргумент содержит перечисление TaskContinuationsOptions вместо TaskCreationOptions. + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - Аргумент, переданный в конструктор TaskCompletionSource, должен быть перечислением TaskCreationOptions вместо TaskContinuationOptions + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Не создавайте задачи, если не используете одну из перегрузок, принимающих TaskScheduler. По умолчанию расписание составляется с использованием TaskScheduler.Current, что приведет к взаимоблокировкам. Используйте TaskScheduler.Default при составлении расписания для пула потоков либо явно передайте TaskScheduler.Current, чтобы прояснить свои намерения. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Не создавайте задачи без передачи TaskScheduler + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Не создавайте задачи без передачи TaskScheduler + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - Добавление метода завершения в тип, производный от MemoryManager<T>, может привести к тому, что будет разрешено освобождение памяти, пока эта память еще используется Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - Добавление метода завершения в тип, производный от MemoryManager<T>, может привести к тому, что будет разрешено освобождение памяти, пока эта память еще используется Span<T>. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - Не определяйте методы завершения для типов, производных от MemoryManager<T> + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Не отключайте проверку сертификатов + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Сертификат может помочь подлинность сервера. Клиенты должны проверять сертификаты серверов, чтобы убедиться, что запросы отправляются нужному серверу. Если функция ServerCertificateValidationCallback всегда возвращает значение true, сертификат всегда успешно проходит проверку. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - В качестве значения параметра ServerCertificateValidationCallback задается функция, которая принимает любой сертификат сервера, всегда возвращая значение true. Убедитесь, что сертификаты серверов проверяются, чтобы подтвердить подлинность сервера, принимающего запросы. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - Если при использовании HttpClient не указан обработчик для конкретной платформы (WinHttpHandler, CurlHandler или HttpClientHandler) и свойство CheckCertificateRevocationList имеет значение true (истина), то отозванные сертификаты будут приниматься клиентом HttpClient как действительные. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - Не отключайте проверку заголовков HTTP + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - Проверка заголовков HTTP позволяет кодировать символы возврата каретки и новой строки \r и \n, находящиеся в заголовках ответов. Такая кодировка позволяет избежать атак путем внедрения, использующих приложение, которое возвращает ненадежные данные из заголовка. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - Не отключайте проверку заголовков HTTP + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - Не отключайте проверку запросов + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - Проверка запросов — это функция ASP.NET, которая анализирует HTTP-запросы и определяет, содержат ли они потенциально опасное содержимое. Эта проверка улучшает защиту от разметки или кода в строке запроса URL-адреса, файлах cookie или значениях опубликованной формы, которые могли быть добавлены злоумышленником. Таким образом, в общем случае эта проверка желательна, и ее следует оставить включенной, чтобы обеспечить полноценную защиту. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - Для метода {0} проверка запросов отключена. + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Не отключайте стойкое шифрование в защищенном канале + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - Начиная с .NET Framework 4.6 в классах System.Net.ServicePointManager и System.Net.Security.SslStream рекомендуется использовать новые протоколы. В старых протоколах обнаружены уязвимости, и они не поддерживаются. При установке значения true для параметра Switch.System.Net.DontEnableSchUseStrongCrypto будет включена проверка использования устаревшего протокола с наличием уязвимостей и не будет выполнен переход на новый протокол. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} отключает TLS 1.2 и включает SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - При проверке токенов все аспекты анализируются и проверяются. Отключение проверки может привести к возникновению бреши в системе безопасности, так как ненадежные токены смогут обойти ее. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters. Для {0} не следует задавать значение false, так как при этом будет отключена важная проверка + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Не отключать проверки токенов + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Не задавайте для Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols значение TRUE. Если задать этот параметр, Windows Communication Framework (WCF) сможет использовать только протокол TLS 1.0, что является небезопасным и устаревшим. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - Не отключайте ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - Защищать \"Dictionary.Remove(key)\" с помощью \"Dictionary.ContainsKey(key)\" не требуется. Первый элемент уже проверяет существование ключа и не выдаст исключения при его отсутствии. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - Не защищайте \"Dictionary.Remove(key)\" с помощью \"Dictionary.ContainsKey(key)\". + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Ненужный вызов \"Dictionary.ContainsKey(key)\" + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Не используйте жестко заданный сертификат. + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Жестко задаваемые сертификаты в исходном коде представляют собой уязвимость, которой может воспользоваться злоумышленник. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - Обнаружена потенциальная уязвимость безопасности, заключающаяся в том, что "{0}" в методе "{1}" может быть испорчен с использованием жестко заданного сертификата из "{2}" в методе "{3}" + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Не используйте жестко заданный ключ шифрования. + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - Свойство .Key симметричного алгоритма и параметр rgbKey метода не могут быть жестко заданными значениями. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - Обнаружена потенциальная уязвимость безопасности, заключающаяся в том, что "{0}" в методе "{1}" может быть испорчен с использованием жестко заданного ключа из "{2}" в методе "{3}" + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - По умолчанию в хранилище сертификатов Доверенных корневых центров сертификации настроен набор общедоступных центров сертификации, удовлетворяющих требованиям программы корневых сертификатов Майкрософт. Поскольку все доверенные корневые ЦС могут создавать сертификаты для любого домена, злоумышленник может выбрать слабозащищенный или обязательный центр сертификации, который вы устанавливали для отражения атаки. Всего один слабозащищенный, вредоносный или обязательный ЦС может скомпрометировать всю систему. Что еще хуже, эти атаки могут пройти незамеченными. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Слабо идентифицируемым называется объект, к которому можно обратиться напрямую через границы домена приложения. Поток, пытающийся получить блокировку для слабо идентифицируемого объекта, может быть заблокирован вторым потоком в другом домене приложения, получившим блокировку того же объекта. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Не блокируйте слабо идентифицируемые объекты + Do not lock on objects with weak identity Do not lock on objects with weak identity - Не блокируйте слабо идентифицируемые объекты + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Метод передает строковый литерал в качестве параметра конструктору или методу в библиотеке классов .NET Framework, и эта строка должна быть локализуемой. Чтобы устранить нарушение этого правила, замените строковый литерал строкой, полученной через экземпляр класса ResourceManager. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - Метод "{0}" передает строку-литерал, как параметр "{1}" при вызове "{2}". Вместо этого выполните поиск следующих строк в таблице ресурсов: "{3}". + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Не передавать литералы в качестве локализованных параметров + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Пользовательский код никогда не должен порождать исключение типа, который является недостаточно определенным либо зарезервирован средой выполнения. Это затрудняет обнаружение и отладку исходной ошибки. Если экземпляр этого исключения может быть порожден, используйте другой тип исключения. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - Тип исключения {0} зарезервирован средой выполнения. + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - Тип исключения {0} является недостаточно определенным. + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Не порождайте исключения зарезервированных типов + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - Не сериализуйте типы с полями указателей + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Указатели не являются "типобезопасными" в том смысле, что невозможно гарантировать правильность памяти, на которую они указывают. Таким образом, сериализация типов с полями указателей опасна, так как она может позволить злоумышленнику контролировать указатель. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Поле указателя {0} для сериализуемого типа. + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Не использовать подписанный URL-адрес учетной записи + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Подписанные URL-адреса (SAS) являются критически важной частью модели безопасности для любого приложения, использующего службу хранилища Azure, они должны предоставлять ограниченные и безопасные разрешения для вашей учетной записи хранения для клиентов, не имеющих ключа учетной записи. Все операции, доступные через SAS службы, также доступны через SAS учетной записи, то есть учетная запись SAS обладает слишком широкими полномочиями. Поэтому рекомендуется использовать SAS службы для более аккуратного делегирования доступа. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Используйте SAS службы вместо SAS учетной записи для детализированного контроля доступа и политики доступа на уровне контейнеров. + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Не используйте взломанные алгоритмы шифрования + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - С точки зрения вычислений существует атака, позволяющая взломать данный алгоритм. Это позволяет злоумышленникам нарушить предоставляемые им гарантии шифрования. В зависимости от типа и способа применения алгоритма шифрования злоумышленники могут считать или незаконно изменить зашифрованные сообщения, подделать цифровые подписи, незаконно изменить хэшированное содержимое, а также скомпрометировать любую систему шифрования, основанную на этом алгоритме. Замените средства шифрования на алгоритм AES (допустимы AES-256, AES-192 и AES-128) с длиной ключа не меньше 128 бит. Замените средства хэширования на хэш-функцию из семейства SHA-2, например SHA512, SHA384 или SHA256. Замените средства цифровой подписи на RSA с длиной ключа не меньше 2048 бит или ECDSA с длиной ключа не меньше 256 бит. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} использует взломанный алгоритм шифрования {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - Для непустых коллекций методы CountAsync() и LongCountAsync() перечисляют всю последовательность, а метод AnyAsync() останавливается на первом элементе или на первом элементе, который соответствует условию. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - {0}() используется там, где можно было бы использовать AnyAsync() для повышения производительности. + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - Не используйте методы CountAsync() и LongCountAsync(), если можно использовать метод AnyAsync() + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - Для непустых коллекций методы Count() и LongCount() перечисляют всю последовательность, а метод Any() останавливается на первом элементе или на первом элементе, который соответствует условию. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - {0}() используется там, где можно было бы использовать Any() для повышения производительности. + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Не используйте методы Count() и LongCount(), если можно использовать метод Any() + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - Для предотвращения атак перебором по словарю в симметричном шифровании всегда нужно использовать невоспроизводимый вектор инициализации. - - - - Do Not Use Deprecated Security Protocols - Не используйте нерекомендуемые протоколы безопасности - - - - Using a deprecated security protocol rather than the system default is risky. - Использование нерекомендуемого протокола безопасности вместо заданного по умолчанию в системе является рискованным. - - - - Hard-coded use of deprecated security protocol {0} - Жестко заданное использование нерекомендуемого протокола безопасности {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Не использовать алгоритм DSA + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - Алгоритм DSA является слишком ненадежным для использования. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Алгоритм асимметричного шифрования {0} является ненадежным. Перейдите на алгоритм RSA с размером ключа не менее 2048 бит либо на алгоритм ECDH или ECDSA. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Эта коллекция индексируется напрямую. В этом случае применение LINQ приводит к ненужным выделениям и нагрузке на ЦП. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - Не используйте метод Enumerable для индексируемых коллекций. Вместо этого используйте непосредственно коллекцию. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - Запрет использования метода Enumerable для индексируемых коллекций + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Не используйте небезопасные генераторы случайных чисел. + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - Использование криптографически слабого генератора псевдослучайных чисел может позволить злоумышленнику предсказать, какое значение, важное для обеспечения безопасности, будет сформировано. Используйте криптографически надежный генератор случайных чисел, если требуется непрогнозируемое значение, или убедитесь, что слабые псевдослучайные числа не используются для обеспечения безопасности. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} является небезопасным генератором случайных чисел. Если случайные числа требуются для обеспечения безопасности, используйте криптографически безопасные генераторы случайных чисел. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Не используйте устаревшую функцию формирования ключа. + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - При формировании ключа на основе пароля должен использоваться стандарт PBKDF2 с SHA-2. Не используйте метод PasswordDeriveBytes, так как он формирует ключ PBKDF1. Также не используйте метод Rfc2898DeriveBytes.CryptDeriveKey, так как он не использует счетчик итераций и соль. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Вызов устаревшей функции формирования ключа {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - Строковые параметры, передаваемые по значению с "OutAttribute", могут дестабилизировать среду выполнения, если эта строка является интернированной. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - Не используйте "OutAttribute" для строкового параметра "{0}", который передается по значению. Если требуется маршалинг измененных данных обратно в вызывающий объект, используйте вместо этого ключевое слово "out" для передачи строки по ссылке. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - Запрет на использование "OutAttribute" в строковых параметрах для вызовов P/Invoke + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - Не передавайте аргумент с типом значения '{0}' в метод 'Equals' в 'ReferenceEqualityComparer'. Из-за упаковки-преобразования значения этот вызов 'Equals' может вернуть непредвиденный результат. Рассмотрите возможность использования 'EqualityComparer' или передавайте аргументы ссылочного типа, если предполагается использовать 'ReferenceEqualityComparer'. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - При каждом вызове этого метода отдельно выполняется упаковка-преобразование типизированных аргументов типа значения. Поэтому результат может быть непредвиденным. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - Не передавайте аргумент с типом значения '{0}' в 'ReferenceEquals'. Из-за упаковки-преобразования значения этот вызов 'ReferenceEquals' может вернуть непредвиденный результат. Рассмотрите возможность использования 'Equals' или передавайте аргументы ссылочного типа, если предполагается использовать 'ReferenceEquals'. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - Не используйте ReferenceEquals с типами значений + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - Место в стеке, выделенное stackalloc, освобождается только в конце вызова текущего метода. Использование его в цикле может привести к неограниченному увеличению стека и в конечном итоге к переполнению стека. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Потенциальное переполнение стека. Переместите stackalloc за пределы цикла. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - Запрет использования stackalloc в циклах + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Периодическая активность с более высокой частотой заставит ЦП переключаться в активный режим и помешает работе энергосберегающих таймеров простоя, которые отключают дисплей и жесткие диски. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Не используйте таймеры, препятствующие изменению состояния электропитания + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Не используйте таймеры, препятствующие изменению состояния электропитания + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Не используйте небезопасное значение DllImportSearchPath. + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - В каталогах поиска DLL по умолчанию может присутствовать вредоносная библиотека DLL. Или в зависимости от места запуска приложения вредоносная библиотека DLL может присутствовать в каталоге приложения. Вместо этого используйте значение DllImportSearchPath, определяющее путь поиска явным образом. Флаги DllImportSearchPath, поиск которых осуществляет это правило, могут быть настроены в файле EDITORCONFIG. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Использование небезопасного значения DllImportSearchPath {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - Использование "WaitAll" с одной задачей может привести к снижению производительности. Вместо этого ожидайте или возвратите задачу. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - Заменить "WaitAll" на одиночный "Wait" + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - Не использовать "WaitAll" с одной задачей + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Не используйте слабые алгоритмы шифрования + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Алгоритмы шифрования постепенно устаревают, так как злоумышленники получают в свое распоряжение все большие вычислительные мощности, а их атаки становятся все изощреннее. В зависимости от типа и способа применения алгоритма шифрования снижение его криптографической стойкости может позволить злоумышленникам считать или незаконно изменить зашифрованные сообщения, подделать цифровые подписи, незаконно изменить хэшированное содержимое, а также скомпрометировать любую систему шифрования, основанную на этом алгоритме. Замените средства шифрования на алгоритм AES (допустимы AES-256, AES-192 и AES-128) с длиной ключа не меньше 128 бит. Замените средства хэширования на хэш-функцию из семейства SHA-2, например SHA-2 512, SHA-2 384 или SHA-2 256. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} использует слабый алгоритм шифрования {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Убедитесь, что алгоритм функции формирования ключа достаточно надежен. + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Некоторые реализации класса Rfc2898DeriveBytes позволяют указать алгоритм хэша в параметре конструктора или перезаписать его в свойстве HashAlgorithm. Если алгоритм хэша указан, это должен быть алгоритм SHA-256 или выше. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0} создан с использованием слабого хэш-алгоритма. Для создания надежного ключа на основе пароля используйте алгоритм SHA256, SHA384 или SHA512. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - При формировании криптографических ключей из предоставленных пользователем входных данных, таких как пароль, используйте достаточное число итераций (не менее 100 тыс.). + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - Использование "WhenAll" с одной задачей может привести к снижению производительности. Вместо этого ожидайте или возвратите задачу. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - Заменить вызов "WhenAll" аргументом + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - Не использовать "WhenAll" с одной задачей + Do not use 'WhenAll' with a single task Do Not Use XslTransform - Не используйте XslTransform. + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - Не используйте XslTransform. Он не ограничивает потенциально опасные внешние ссылки. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - Для обеспечения функционального интерфейса с атрибутом "DynamicInterfaceCastableImplementationAttribute" требуется функция стандартных элементов интерфейса, которая не поддерживается в Visual Basic. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Предоставление интерфейса "DynamicInterfaceCastableImplementation" не поддерживается в Visual Basic + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Предоставление интерфейса "DynamicInterfaceCastableImplementation" не поддерживается в Visual Basic + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - Использование функций, для которых требуется маршалирование среды выполнения, когда оно отключено, приведет к исключениям среды выполнения. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - Для типов с \"[StructLayout(LayoutKind.Auto)]\" требуется включить маршалирование среды выполнения + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - Для параметров by-ref требуется включение маршалирования среды выполнения + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Для делегатов с управляемыми типами в качестве параметров и с возвращаемыми типами требуется, чтобы в сборке, где определен делегат, был включен маршалинг среды выполнения. + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - Для переключения HResult требуется включить маршалирование среды выполнения + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - Для использования LCIDConversionAttribute требуется включить маршалирование среды выполнения + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Для управляемых параметров или типов возвращаемых значений требуется включить маршалирование среды выполнения + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - Чтобы задать значение true для SetLastError, необходимо включить маршалирование среды выполнения + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Для подписей Varadic P/Invoke требуется включить маршалирование среды выполнения + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - Для свойства, типа или атрибута требуется маршалирование среды выполнения + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Тип "{0}" содержит предварительную версию типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - Тип "{0}" {3} содержит предварительную версию типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - Перенаправьте параметр "CancellationToken" в методы, чтобы обеспечить правильное распространение уведомлений об отмене операции, или передайте "CancellationToken.None" явным образом, чтобы намеренно указать запрет на распространение маркера. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - Перенаправьте параметр "{0}" в метод "{1}" или передайте "CancellationToken.None" явным образом, чтобы намеренно указать запрет на распространение токена. + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - Перенаправьте параметр "CancellationToken" в методы + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - Не встраивайте SecurityProtocolType {0}. Используйте SecurityProtocolType.SystemDefault, чтобы операционная система выбрала оптимальный протокол TSL. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - Не встраивайте значение SecurityProtocolType. + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Текущие версии протокола TLS могут стать нерекомендуемыми при обнаружении уязвимостей. Не следует жестко задавать значения параметра SslProtocols, чтобы в будущем приложение также оставалось безопасным. Используйте значение "None", чтобы операционная система самостоятельно выбрала версию протокола. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Не следует жестко задавать значение параметра SslProtocols "{0}", чтобы в будущем приложение также оставалось безопасным. Используйте значение "None", чтобы операционная система самостоятельно выбрала версию протокола. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Не следует жестко задавать значение параметра SslProtocols + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Универсальные математические интерфейсы требуют, чтобы сам производный тип использовался для параметра самоповторяющегося типа. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - Для "{0}" требуется, чтобы параметр типа "{1}" был заполнен производным типом "{2}" + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Используйте правильный параметр типа + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Чтобы устранить нарушение этого правила, сделайте метод GetObjectData видимым и переопределяемым и убедитесь, что все поля экземпляра включены в процесс сериализации или явно помечены атрибутом NonSerializedAttribute. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - Добавьте реализацию GetObjectData к типу {0}. + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - Сделайте {0}.GetObjectData виртуальным и переопределяемым. + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - Увеличьте уровень доступности {0}.GetObjectData, чтобы он был видим для производных типов. + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - Правильно реализуйте ISerializable + Implement ISerializable correctly Implement inherited interfaces - Реализация унаследованных интерфейсов + Implement inherited interfaces Implement Serialization constructor - Реализовать конструктор сериализации + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Чтобы устранить нарушение этого правила, реализуйте конструктор сериализации. Для запечатанного класса сделайте конструктор закрытым; в противном случае сделайте его защищенным. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - Добавьте конструктор к {0} со следующей сигнатурой: "protected {0}(SerializationInfo info, StreamingContext context)". + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Объявите конструктор сериализации {0} запечатанного типа как частный. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Объявите конструктор сериализации {0} незапечатанного типа как защищенный. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Реализуйте конструкторы сериализации + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - У метода, обрабатывающего событие сериализации, нет правильной сигнатуры, типа возвращаемого значения или видимости. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - Так как {0} помечен как OnSerializing, OnSerialized, OnDeserializing или OnDeserialized, измените его сигнатуру так, чтобы он более не был универсальным. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - Так как {0} помечен как OnSerializing, OnSerialized, OnDeserializing или OnDeserialized, измените его сигнатуру так, чтобы он принимал единственный параметр типа "System.Runtime.Serialization.StreamingContext". + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - Так как {0} помечен как OnSerializing, OnSerialized, OnDeserializing или OnDeserialized, замените тип его возвращаемого значения с {1} на void (Sub в Visual Basic). + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - Так как {0} помечен как OnSerializing, OnSerialized, OnDeserializing или OnDeserialized, сделайте его не статическим методом (Shared в Visual Basic), а методом экземпляра. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - Так как {0} помечен как OnSerializing, OnSerialized, OnDeserializing или OnDeserialized, замените его доступность частной. + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Правильно реализуйте методы сериализации + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" реализует предварительную версию интерфейса "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" {3} реализует предварительную версию интерфейса "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" реализует предварительную версию метода "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" {3} реализует предварительную версию метода "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Ссылочный тип объявляет явный статический конструктор. Чтобы устранить нарушение этого правила, инициализируйте все статические данные при объявлении конструктора и удалите его. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Используйте встроенную инициализацию статических полей ссылочных типов + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - Инициализируйте все статические поля в "{0}" при их объявлении и удалите явный статический конструктор. + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Тип значения объявляет явный статический конструктор. Чтобы устранить нарушение этого правила, инициализируйте все статические данные при объявлении конструктора и удалите его. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Используйте встроенную инициализацию статических полей типов значений + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - Измените код так, чтобы вызывался конструктор с двумя аргументами, и передайте null в аргументе сообщения. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - Выполняется вызов конструктора по умолчанию (без параметров) для типа исключения, который является ArgumentException или производным от него, либо в параметризованный конструктор для типа исключения, который является ArgumentException или производным от него, передается неправильный строковый аргумент. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Измените порядок аргументов + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - Метод {0} передает имя параметра "{1}" в качестве аргумента {2} в конструктор {3}. Замените этот аргумент описательным сообщением и передайте имя этого параметра в правильном положении. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - Метод {0} передает "{1}" в качестве аргумента {2} в конструктор {3}. Замените этот аргумент одним из имен параметров метода. Заметьте, что предоставленное имя параметра должно использовать те же прописные и строчные буквы, как объявлено в методе. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Вызывайте конструктор {0}, который содержит сообщение и (или) параметр paramName. + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Правильно создавайте экземпляры исключений аргументов + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - Типы с атрибутом "DynamicInterfaceCastableImplementationAttribute" действуют как реализация интерфейса для типа, который реализует тип "IDynamicInterfaceCastable". В результате они должны обеспечить реализацию всех элементов, определенных в унаследованных интерфейсах, так как тип, реализующий "IDynamicInterfaceCastable", не будет предоставлять их в противном случае. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - К типу "{0}" применен "DynamicInterfaceCastableImplementationAttribute", но он не обеспечивает реализацию всех элементов интерфейса, определенных в унаследованных интерфейсах + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - У всех элементов, объявленных в родительских интерфейсах, должна быть реализация в интерфейсе с атрибутом DynamicInterfaceCastableImplementation + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных с помощью JavaScriptSerializer, который был инициализирован с указанием SimpleTypeResolver. Убедитесь, что JavaScriptSerializer был инициализирован без указания JavaScriptTypeResolver или с указанием JavaScriptTypeResolver, который ограничивает типы объектов в десериализованном графе объектов. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Убедитесь, что JavaScriptSerializer не был инициализирован с SimpleTypeResolver до десериализации + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных с помощью JavaScriptSerializer, который был инициализирован с указанием SimpleTypeResolver. Инициализируйте JavaScriptSerializer без указания JavaScriptTypeResolver или с указанием JavaScriptTypeResolver, который ограничивает типы объектов в десериализованном графе объектов. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - Не выполняйте десериализацию в JavaScriptSerializer с помощью SimpleTypeResolver + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - При десериализации ненадежных входных данных разрешать десериализацию произвольных типов небезопасно. При использовании десериализации JsonSerializer укажите TypeNameHandling.None, а для значений, отличных от None, ограничьте десериализованные типы с помощью SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Не выполняйте десериализацию с JsonSerializer при использовании небезопасной конфигурации + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - При десериализации ненадежных входных данных разрешение десериализации произвольных типов является небезопасным. При использовании JsonSerializerSettings укажите TypeNameHandling.None, а для значений, отличных от None, ограничьте десериализованные типы с помощью SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - Не используйте небезопасный JsonSerializerSettings + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - При десериализации ненадежных входных данных разрешать десериализацию произвольных типов небезопасно. При использовании десериализации JsonSerializer укажите TypeNameHandling.None, а для значений, отличных от None, ограничьте десериализованные типы с помощью SerializationBinder. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Убедитесь, что конфигурация JsonSerializer является безопасной при десериализации. + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - При десериализации ненадежных входных данных разрешение десериализации произвольных типов является небезопасным. При использовании JsonSerializerSettings убедитесь, что указан TypeNameHandling.None, а для значений, отличных от None, убедитесь, что указан SerializationBinder для ограничения десериализованных типов. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - Убедитесь, что JsonSerializerSettings безопасны. + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - Десериализация JSON при использовании значения TypeNameHandling, отличного от "None", может быть небезопасной. Если необходимо обнаружить десериализацию Json.NET в том случае, если SerializationBinder не указан, отключите правило CA2326 и включите правила CA2327, CA2328, CA2329 и CA2330. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - Десериализация JSON при использовании значения TypeNameHandling, отличного от "None", может быть небезопасной. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - Не используйте значения TypeNameHandling, отличные от "None" + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - Метод "{0}" небезопасен при десериализации ненадежных данных. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Не используйте небезопасный десериализатор LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - Преобразовать в статический метод + Convert to static method Converting an instance method to a static method may produce invalid code - Преобразование метода экземпляра в статический метод может привести к недопустимому коду + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Создать конструктор, принимающий нулевые параметры "public" + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Поле экземпляра типа, который не может быть сериализован, объявлено в типе, который может быть сериализован. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - Поле {0} является членом сериализуемого типа {1}, но имеет несериализуемый тип {2}. + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Пометьте все несериализуемые поля + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - Атрибут NeutralResourcesLanguage сообщает ResourceManager о языке, использованном при отображении ресурсов нейтральной культуры для сборки. Это ускоряет поиск для первого загружаемого вами ресурса и может уменьшить рабочий набор. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Пометьте сборки с помощью NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Пометьте сборки с помощью NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - Логический тип данных имеет несколько представлений в неуправляемом коде. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Добавьте MarshalAsAttribute к параметру {0} P/Invoke {1}. Если соответствующий неуправляемый параметр является 4-байтным Win32 "BOOL", используйте [MarshalAs(UnmanagedType.Bool)]. Для 1-байтного "bool" C++ используйте MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - Добавьте MarshalAsAttribute к типу возвращаемого значения P/Invoke {0}. Если соответствующий неуправляемый тип возвращаемого значения является 4-байтным Win32 "BOOL", используйте MarshalAs(UnmanagedType.Bool). Для 1-байтного "bool" C++ используйте MarshalAs(UnmanagedType.U1). + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Пометьте логические аргументы PInvoke с помощью MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Чтобы среда CLR распознавала типы как сериализуемые, они должны быть помечены с помощью атрибута SerializableAttribute, даже если тип использует настраиваемую процедуру сериализации посредством реализации интерфейса ISerializable. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - Добавьте [Serializable] к {0}, так как этот тип реализует ISerializable + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - Пометить типы ISerializable атрибутом serializable + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - Проверка списка отзыва сертификатов HttpClient не должна быть отключена. + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient может создаваться без включения CheckCertificateRevocationList. + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Убедитесь, что сертификаты не добавлены в корневое хранилище + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - Добавление сертификатов в доверенные корневые сертификаты операционной системы небезопасно. Убедитесь, что целевое хранилище не находится в корневом хранилище. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Используйте CreateEncryptor с вектором инициализации по умолчанию. + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - Для шифрования используется вектор инициализации, не являющийся вектором инициализации по умолчанию. Этот вектор потенциально может быть воспроизводимым. Используйте вектор инициализации по умолчанию. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - Убедитесь в использовании защищенных файлов cookie в ASP.NET Core. + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Убедитесь, что для параметра CookieOptions.Secure установлено значение true при настройке файла cookie. + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Обеспечение достаточного числа итераций при использовании ненадежной функции формирования ключа + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Убедитесь, что число итераций составляет не меньше {0} при формировании криптографического ключа из пароля. По умолчанию значение IterationCount для Rfc2898DeriveByte равно всего 1000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - Так как тип, реализующий "IDynamicInterfaceCastable", не может реализовать динамический интерфейс в метаданных, вызовы для элемента интерфейса экземпляра, которые не являются явной реализацией, определенной для этого типа, вероятно, завершатся сбоем во время выполнения. Помечайте новые элементы интерфейса как "static", чтобы избежать ошибок времени выполнения. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - Элемент "{0}" в типе "{1}" должен быть помечен как "static", так как для "{1}" применен атрибут "DynamicInterfaceImplementationAttribute" + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Элементы, определенные в интерфейсе с помощью "DynamicInterfaceCastableImplementationAttribute", должны быть "static" + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" возвращает предварительную версию типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" {3} возвращает предварительную версию типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - "{0}" принимает предварительную версию параметра типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - "{0}" {3} принимает предварительную версию параметра типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Этот метод использует маршалирование среды выполнения, даже если оно отключено, что может привести к непредвиденным различиям в работе во время выполнения из-за разных ожиданий собственного макета типа. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - \"{0}\" использует маршалирование среды выполнения даже при применении параметра DisableRuntimeMarshallingAttribute. Используйте такие функции, как sizeof и указатели, непосредственно для получения точных результатов. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Этот метод использует маршалирование среды выполнения даже при применении атрибута DisableRuntimeMarshallingAttribute + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Отсутствует атрибут HttpVerb для методов действия. + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Все методы, которые создают, изменяют, удаляют или иным образом модифицируют данные, делают это в перегрузке [HttpPost] метода, которую необходимо защитить от подделки запроса с помощью атрибута для защиты от подделки. Выполнение операции GET должно быть безопасным, не должно иметь побочных эффектов и не должно изменять сохраненные данные. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - В методе действия {0} необходимо явным образом указать тип HTTP-запроса/ + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Инициализаторы модулей предназначены для использования кодом приложения, чтобы обеспечить инициализацию компонентов приложения до того, как код приложения начнет выполняться. Если код библиотеки объявляет метод с ''ModuleInitializerAttribute'', это может помешать инициализации приложения, а также привести к ограничениям возможностей обрезки этого приложения. Вместо использования методов, помеченных ''ModuleInitializerAttribute'', библиотека должна предоставлять методы, которые можно использовать для инициализации любых компонентов в библиотеке, и позволять приложению вызывать метод во время инициализации приложения. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - Атрибут "ModuleInitializer" предназначен только для использования в коде приложения или в дополнительных сценариях исходного генератора + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - Атрибут "ModuleInitializer" не должен использоваться в библиотеках + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных без использования SerializationBinder для ограничения типа объектов в графе десериализованных объектов. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Убедитесь, что NetDataContractSerializer.Binder задан перед десериализацией + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Метод "{0}" является небезопасным при десериализации ненадежных данных без использования SerializationBinder для ограничения типа объектов в графе десериализованных объектов. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - Не десериализируйте, не задав предварительно NetDataContractSerializer.Binder + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - Метод "{0}" небезопасен при десериализации ненадежных данных. Если вместо этого нужно обнаружить десериализацию NetDataContractSerializer без задания SerializationBinder, отключите правило CA2310 и включите правила CA2311 и CA2312. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - Метод "{0}" небезопасен при десериализации ненадежных данных. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Не используйте небезопасный десериализатор NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Строки следует нормализовать до прописных букв. Небольшая группа символов не может выполнить круговой путь, если они преобразованы в нижний регистр. Круговой путь заключается в преобразовании символов из одного языкового стандарта в другой, где символьные данные представлены иначе, и последующем точном извлечении исходных символов из преобразованных. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - В методе "{0}" замените вызов "{1}" на "{2}". + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Нормализуйте строки до прописных букв + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - Метод "{0}" небезопасен при десериализации ненадежных данных. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Не используйте небезопасный десериализатор ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" переопределяет предварительную версию метода "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - "{0}" {3} переопределяет предварительную версию метода "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Общий или защищенный метод в общем типе имеет атрибут System.Runtime.InteropServices.DllImportAttribute (также реализуемый ключевым словом Declare в Visual Basic). Предоставлять такие методы не следует. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - Метод P/Invoke "{0}" не должен быть видимым + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - Методы P/Invoke не должны быть видимыми + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - и на всех остальных платформах + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - все версии "{0}" + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - При использовании в компоненте API, зависящего от платформы, код больше не будет работать на всех платформах. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - "{0}" с версии {1} до {2} + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Этот сайт вызова доступен на всех платформах. Параметр "{0}" устарел в {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Этот сайт вызова доступен в {2}. Параметр "{0}" устарел в {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Этот сайт вызова доступен на всех платформах. "{0}" поддерживается только в {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Этот сайт вызова доступен в {2}. "{0}" поддерживается только в {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - Этот сайт вызова недоступен в {2}. "{0}" поддерживается только в {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Этот сайт вызова доступен на всех платформах. "{0}" поддерживается в {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Этот сайт вызова доступен в {2}. "{0}" поддерживается в {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Проверка совместимости платформы + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Этот сайт вызова доступен на всех платформах. "{0}" не поддерживается в {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Этот сайт вызова доступен в {2}. "{0}" не поддерживается в {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - "{0}" {1} и более ранних версий + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - "{0}" {1} и более поздних версий + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Проверьте код, который обрабатывает недоверенные десериализованные данные, на наличие обработки непредвиденного зацикливания ссылок. Непредвиденное зацикливание ссылок не должно приводить к переводу кода в бесконечный цикл. В противном случае непредвиденное зацикливание ссылок может позволить злоумышленнику провести атаку типа "отказ в обслуживании" или исчерпать память процесса при десериализации недоверенных данных. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} участвует в потенциальном ссылочном цикле + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Потенциальное зацикливание ссылок в графе десериализованного объекта + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - Заменить "Substring" на "AsSpan" + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - "AsSpan" более эффективен, чем "Substring". "Substring" выполняет копирование строки O(n), тогда как "AsSpan" не имеет постоянных затрат. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Предпочтительное использование "AsSpan" вместо "Substring", если доступны перегрузки на основе интервалов + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - Предпочтительное использование "AsSpan" вместо "Substring" + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - Используйте проверку 'Count' вместо 'Any()' + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Для ясности и для обеспечения производительности старайтесь сравнивать 'Count' с 0 вместо того, чтобы использовать 'Any()' + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - Использовать "ContainsKey" + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - "ContainsKey" обычно относится к O(1), а "Keys.Contains" может в некоторых случаях относиться к O(n). Кроме того, многие реализации словаря не очень хорошо инициализируют коллекцию Keys, чтобы сократить затраты на выделения. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Предпочтительное использование "ContainsKey" вместо "Keys.Contains" для типа словаря "{0}" + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Предпочтительное использование методов Dictionary.Contains + Prefer Dictionary.Contains methods Use 'ContainsValue' - Использовать "ContainsValue" + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Многие реализации словаря не очень хорошо инициализируют коллекцию Values. Чтобы избежать ненужных выделений, используйте "ContainsValue" вместо "Values.Contains". + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Предпочтительное использование "ContainsValue" вместо "Vаlues.Contains" для словаря типа "{0}" + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - Заменить методом HashData + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - Вместо создания экземпляра HashAlgorithm и управления этим экземпляром для вызова метода "ComputeHash" более эффективно использовать статический метод "HashData". + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - Предпочитать статический метод "{0}.HashData" методу "ComputeHash" + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - Предпочитать статический метод "HashData" методу "ComputeHash" + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - Используйте проверку 'IsEmpty' вместо 'Any()' + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Для ясности и для обеспечения производительности старайтесь использовать проверку 'IsEmpty' вместо 'Any()' + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - Старайтесь использовать свойства 'IsEmpty', 'Count' или 'Length' в зависимости от доступности вместо вызова 'Enumerable.Any()'. Намерение является более четким и более эффективным по сравнению с использованием метода расширения 'Enumerable.Any()'. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - Не используйте метод расширения 'Enumerable.Any()' + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - Используйте проверку 'Length' вместо 'Any()' + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Для ясности и для обеспечения производительности старайтесь сравнивать 'Length' с 0 вместо того, чтобы использовать 'Any()' + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - "Stream" содержит перегрузку "ReadAsync", которая принимает в качестве первого аргумента "Memory<Byte>", и перегрузку "WriteAsync", которая принимает в качестве первого аргумента "ReadOnlyMemory<Byte>". Старайтесь использовать перегрузки на основе памяти, которые являются более эффективными. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Чтобы определить, содержит ли объект другие элементы, старайтесь использовать свойство "IsEmpty" вместо того, чтобы определять число элементов с помощью свойства "Count" и сравнивать его с 0 или 1. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Старайтесь использовать "IsEmpty" вместо "Count", чтобы определить, пуст ли объект. - - - - Prefer IsEmpty over Count - Старайтесь использовать "IsEmpty" вместо "Count" + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - Измените вызов метода "{0}", так чтобы он использовал перегрузку "{1}". + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - Старайтесь использовать перегрузки на основе памяти для "ReadAsync" и "WriteAsync" + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - Заменить на "string.Contains" + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Вызовы "string.IndexOf", в которых результат используется для проверки наличия или отсутствия подстроки, можно заменить на "string.Contains" + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Используйте "string.Contains" вместо "string.IndexOf" для улучшения читаемости. + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - Попробуйте использовать "string.Contains" вместо "string.IndexOf" + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append и StringBuilder.Insert предоставляют перегрузки для нескольких типов наряду с System.String. Если это возможно, рекомендуется использовать строго типизированные перегрузки и перегрузки на основе строк вместо метода ToString(). + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Удалите вызов ToString и используйте строго типизированную перегрузку StringBuilder. + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - Удалите вызов ToString + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - Рекомендация использовать строго типизированные перегрузки методов Append и Insert в StringBuilder - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - Если строка представляет собой одиночный символ, то метод "StringBuilder.Append(char)" более эффективен по сравнению с методом "StringBuilder.Append(string)". При вызове метода "Append" с константой рекомендуется использовать символьную константу, а не строковую константу, содержащую один символ. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Если строка представляет собой константу, используйте метод "StringBuilder.Append(char)" вместо "StringBuilder.Append(string)". - - - - Consider using 'StringBuilder.Append(char)' when applicable - Рекомендация использовать метод "StringBuilder.Append(char)" по мере возможности + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - Начиная с .NET 7 явное преобразование "{0}" не будет вызываться при переполнении в непроверенном контексте. Чтобы восстановить поведение .NET 6, оберните выражение оператором "checked". + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Начиная с .NET 7 явное преобразование "{0}" будет вызываться при переполнении в проверенном контексте. Чтобы восстановить поведение .NET 6, оберните выражение оператором "unchecked". + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - Некоторые встроенные операторы, добавленные в .NET 7, при переполнении выполняют действия, которые отличаются от пользовательских операторов в .NET 6 и более ранних версиях. Некоторые операторы, которые ранее обеспечивали вызов в непроверенном контексте, теперь не делают этого, если они не упакованы в проверенный контекст. Кроме того, некоторые операторы, которые ранее не обеспечивали вызов в проверенном контексте, теперь делают это, если они не упакованы в непроверенный контекст. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - Начиная с .NET 7 оператор "{0}" будет вызывать исключение при переполнении в проверенном контексте. Чтобы восстановить поведение .NET 6, оберните выражение оператором "unchecked". + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Запретить изменение в поведении + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - Метод "Enum.HasFlag" предполагает, что аргумент "enum" имеет тот же тип "enum", что и экземпляр, на котором вызывается метод, и что этот тип "enum" помечен как "System.FlagsAttribute". Если типы "enum" отличаются, будет выдано необработанное исключение во время выполнения. Если тип "enum" не помечен как "System.FlagsAttribute", вызов будет всегда возвращать "false" во время выполнения. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - Тип аргумента "{0}" не совпадает с типом перечисления "{1}". + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - Укажите правильный аргумент "enum" для "Enum.HasFlag" + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - Передаваемый в System.String.Format аргумент формата не содержит элемент формата, соответствующий каждому из аргументов объекта, или наоборот. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Задайте правильные аргументы для методов форматирования + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Задайте правильные аргументы для методов форматирования + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Тип имеет поле, помеченное атрибутом System.Runtime.Serialization.OptionalFieldAttribute, и не предоставляет методы для обработки событий десериализации. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - Добавьте метод "private void OnDeserialized(StreamingContext)" к типу {0} и присвойте ему атрибут System.Runtime.Serialization.OnDeserializedAttribute. + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - Добавьте метод "private void OnDeserializing(StreamingContext)" к типу {0} и присвойте ему атрибут System.Runtime.Serialization.OnDeserializingAttribute. + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - Обеспечьте наличие методов десериализации в необязательных полях + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - Предоставление конструктора без параметров, который отображается как содержащий тип для типа, производного от "System.Runtime.InteropServices.SafeHandle", обеспечивает улучшенную производительность и использование в решениях взаимодействия, созданных источником. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - Предоставить конструктор без параметров, который отображается как содержащий тип для типа "{0}", производного от "System.Runtime.InteropServices.SafeHandle" + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - Предоставить конструктор без параметров, который отображается как содержащий тип для конкретных типов, производных от "System.Runtime.InteropServices.SafeHandle" + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Чтобы повысить производительность, переопределите асинхронные методы на основе памяти при создании подкласса "Stream". Затем реализуйте методы на основе массивов в условиях методов на основе памяти. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - "{0}" переопределяет "{1}" на основе массивов, но не переопределяет "{2}" на основе памяти. Для повышения производительности рассмотрите возможность переопределения "{2}" на основе памяти. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - Указать переопределения асинхронных методов на основе памяти при создании подкласса "Stream" + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Удалить избыточный вызов + Remove redundant call Remove unnecessary call - Удалите ненужный вызов + Remove unnecessary call Replace string literal with char literal - Заменить строковый литерал на знаковый литерал + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению DLL, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению DLL + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению пути к файлу, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению пути к файлу + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к раскрытию информации, где "{0}" в методе "{1}" может содержать нежелательные сведения из "{2}" в методе "{3}". + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Проверьте код на наличие уязвимостей к раскрытию информации + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению LDAP, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению LDAP + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к открытому перенаправлению, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Проверьте код на наличие уязвимостей к открытому перенаправлению + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению команд процесса, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению команд процесса + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению регулярных выражений, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению регулярных выражений + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению кода SQL, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению кода SQL + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению кода XAML, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению кода XAML + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению кода XML, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению кода XML - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к внедрению кода XPath, где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". - - - - Review code for XPath injection vulnerabilities - Проверьте код на наличие уязвимостей к внедрению кода XPath + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - Обнаружена потенциальная уязвимость к межсайтовым сценариям (XSS), где "{0}" в методе "{1}" может быть испорчен пользовательскими данными из "{2}" в методе "{3}". + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Проверьте код на наличие уязвимостей к межсайтовым сценариям (XSS) + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - SQL-запросы, напрямую использующие введенные пользователем сведения, могут быть подвержены атакам путем внедрения кода SQL. Проверьте этот SQL-запрос на наличие уязвимостей и рассмотрите возможность использования параметризованного SQL-запроса. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - Проверьте, принимает ли строка запроса, переданная в "{0}" в "{1}", вводимые пользователем сведения. + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - Проверка запросов SQL на уязвимости безопасности + Review SQL queries for security vulnerabilities Seal class - Класс запечатывания + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Если тип недоступен вне сборки и не имеет подтипов в содержащей его сборке, его можно безопасно запечатать. Запечатывание типов может повысить производительность. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - Тип \"{0}\" может быть запечатанным, так как у него нет подтипов в содержащей его сборке и он невидим извне + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - Запечатать внутренние типы + Seal internal types Set HttpOnly to true for HttpCookie - Установите для параметра HttpOnly объекта HttpCookie значение true + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - В качестве меры углубленной защиты убедитесь, что файлы cookie HTTP с конфиденциальной информацией о безопасности помечены как HttpOnly. Это означает, что веб-браузеры должны запретить сценариям доступ к файлам cookie. Внедрение вредоносных сценариев является распространенным способом кражи файлов cookie. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie.HttpOnly имеет значение false или значение не задано при использовании HttpCookie. Убедитесь, что файлы cookie с конфиденциальными сведениями безопасности помечены как HttpOnly, чтобы избежать кражи файлов cookie вредоносными сценариями. + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Задайте ViewStateUserKey для классов, производных от Page + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - Задание свойства ViewStateUserKey может помочь предотвратить атаки на приложение, позволяя назначить идентификатор переменной состояния просмотра для отдельных пользователей, чтобы они не могли использовать переменную для атаки. В противном случае будут иметь место уязвимости к подделке межсайтовых запросов. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - В классе {0}, производном от System.Web.UI.Page, не установлено свойство ViewStateUserKey в методах OnInit и Page_Init. + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Укажите язык и региональные параметры, чтобы избежать случайной неявной зависимости от текущего языка и региональных параметров. Использование инвариантной версии обеспечивает согласованные результаты независимо от языка и региональных параметров приложения. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Укажите язык и региональные параметры или используйте инвариантную версию, чтобы избежать неявной зависимости от текущего языка и региональных параметров + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Укажите язык и региональные параметры или используйте инвариантную версию + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Метод или конструктор вызывает элемент, который имеет перегрузку, принимающую параметр System.Globalization.CultureInfo, при этом данный метод или конструктор не вызывает перегрузку, принимающую параметр CultureInfo. Если объект CultureInfo или System.IFormatProvider не задан, значение по умолчанию, предоставленное перегруженным элементом, может не оказывать требуемое вам воздействие для всех языковых стандартов. Если результат выводится пользователю, укажите "CultureInfo.CurrentCulture" в качестве параметра "CultureInfo". В противном случае, если результат сохраняется и используется программным обеспечением, например при сохранении его на диск или в базу данных, укажите "CultureInfo.InvariantCulture". + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Поведение "{0}" может изменяться в зависимости от параметров языкового стандарта текущего пользователя. Замените этот вызов в "{1}" на вызов "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - Укажите CultureInfo + Specify CultureInfo Specify current culture - Укажите текущий язык и региональные параметры + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Метод или конструктор вызывает один или несколько элементов, которые имеют перегрузки, принимающие параметр System.IFormatProvider, при этом данный метод или конструктор не вызывает перегрузку, принимающую параметр IFormatProvider. Если объект System.Globalization.CultureInfo или IFormatProvider не задан, значение по умолчанию, предоставленное перегруженным элементом, может не оказывать требуемое вам воздействие для всех языковых стандартов. Если результат зависит от вводимых пользователем данных или предоставляемых ему выходных данных, укажите "CultureInfo.CurrentCulture" в качестве параметра "IFormatProvider". В противном случае, если результат сохраняется и используется программным обеспечением, например при загрузке его с диска или из базы данных и при сохранении в этих расположениях, укажите "CultureInfo.InvariantCulture". + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Поведение "{0}" может изменяться в зависимости от параметров языкового стандарта текущего пользователя. Замените этот вызов в "{1}" на вызов "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Поведение "{0}" может изменяться в зависимости от параметров языкового стандарта текущего пользователя. Замените этот вызов в "{1}" на вызов "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - Поведение "{0}" может отличаться в зависимости от параметров языкового стандарта текущего пользователя. Укажите значение аргумента "IFormatProvider". + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - "{0}" передает "{1}" в "{2}" в качестве параметра "IFormatProvider". Это свойство возвращает язык и региональные параметры, не подходящие для методов форматирования. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - "{0}" передает "{1}" в "{2}" в качестве параметра "IFormatProvider". Это свойство возвращает язык и региональные параметры, не подходящие для методов форматирования. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - Укажите IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Член вызова неуправляемого кода разрешает вызовы с неполным доверием, имеет строковый параметр и не маршалирует строку явным образом. Это может привести к уязвимости системы безопасности. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - Укажите маршалинг для строковых аргументов P/Invoke + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Операция сравнения строк использует перегрузку метода, не задающую параметр StringComparison. Рекомендуется использовать перегрузку с параметром StringComparison, чтобы ясно указать намерение. Если результат будет отображаться для пользователя, например, при сортировке элементов в списке, задайте для параметра "StringComparison" значение "StringComparison.CurrentCulture" или "StringComparison.CurrentCultureIgnoreCase". При сравнении идентификаторов, не чувствительных к регистру, таких как пути к файлам, переменные среды или разделы и значения реестра, используйте "StringComparison.OrdinalIgnoreCase". В противном случае укажите "StringComparison.Ordinal" при сравнении чувствительных к регистру идентификаторов. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - "{0}" содержит перегрузку метода, принимающую параметр "StringComparison". Замените этот вызов в "{1}" на вызов "{2}", чтобы увеличить ясность намерения. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Используйте StringComparison, чтобы ясно указать намерение. + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Операция сравнения строк использует перегрузку метода, не задающую параметр StringComparison, так как поведение этого параметра может изменяться в зависимости от параметров языкового стандарта текущего пользователя. Настоятельно рекомендуется использовать перегрузку с параметром StringComparison, чтобы правильно и ясно указать намерение. Если результат будет отображаться для пользователя, например, при сортировке элементов в списке, задайте для параметра "StringComparison" значение "StringComparison.CurrentCulture" или "StringComparison.CurrentCultureIgnoreCase". При сравнении идентификаторов, не чувствительных к регистру, таких как пути к файлам, переменные среды или разделы и значения реестра, используйте "StringComparison.OrdinalIgnoreCase". В противном случае укажите "StringComparison.Ordinal" при сравнении чувствительных к регистру идентификаторов. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - Поведение "{0}" может изменяться в зависимости от параметров языкового стандарта текущего пользователя. Замените этот вызов в "{1}" на вызов "{2}". + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Используйте StringComparison, чтобы правильно указать намерение. + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - Использование модификаторов "static" и "abstract" требует согласия на применение предварительных функций. Дополнительные сведения: https://aka.ms/dotnet-warnings/preview-features. + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - Сравнение строк с помощью свойства String.Length или метода String.IsNullOrEmpty выполняется значительно быстрее, чем при использовании Equals. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Проверяйте наличие пустых строк, используя свойство "string.Length" или метод "string.IsNullOrEmpty" вместо проверки равенства. + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Проверяйте наличие пустых строк, используя длину строки + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Это выражение проверяет значение на соответствие Single.Nan или Double.Nan. Используйте Single.IsNan(Single) или Double.IsNan(Double) для проверки значения. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - Правильно выполняйте проверку NaN + Test for NaN correctly Test for NaN correctly - Правильно выполняйте проверку NaN + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - Поля ThreadStatic должны инициализироваться отложенно при использовании, а не с помощью встроенной инициализации или явным образом в статическом конструкторе, который инициализирует поле только в потоке, где выполняется статический конструктор типа. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - Поля ThreadStatic не должны использовать встроенную инициализацию + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - Неправильная инициализация поля ThreadStatic + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - ThreadStatic влияет только на статические поля. При применении к полям экземпляра это не влияет на поведение. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - Используйте ThreadStatic только со статическими полями + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - ThreadStatic влияет только на статические поля + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - Использовать вспомогательное приложение по вызову ArgumentException + Use ArgumentException throw helper Use ArgumentNullException throw helper - Использовать вспомогательное приложение по вызову ArgumentNullException + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - Использовать вспомогательное приложение по вызову ArgumentOutOfRangeException + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Используйте Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - Основанный на диапазонах индексатор для значений массива создает копию запрошенной части массива. Эта копия часто нежелательна, если она неявно используется в качестве значения Span или Memory. Используйте метод AsSpan, чтобы избежать копирования. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Используйте "{0}" вместо индексатора на основе "{1}" в "{2}", чтобы избежать создания ненужных копий данных. + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Используйте "{0}" вместо индексаторов на основе диапазона в строке + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Используйте "{0}" вместо индексаторов на основе диапазона в массиве + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - При необходимости используйте AsSpan или AsMemory вместо индексаторов на основе диапазонов + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Основанный на диапазонах индексатор для строковых значений создает копию запрошенной части строки. Эта копия обычно не требуется, если она неявно используется в качестве значения ReadOnlySpan или ReadOnlyMemory. Используйте метод AsSpan, чтобы избежать ненужного копирования. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Основанный на диапазонах индексатор для значений массива создает копию запрошенной части массива. Эта копия обычно не требуется, если она неявно используется в качестве значения ReadOnlySpan или ReadOnlyMemory. Используйте метод AsSpan, чтобы избежать ненужного копирования. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Внутри метода, возвращающего Task, используйте асинхронные версии методов, если они существуют. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - "{0}" осуществляет синхронную блокировку. Вместо этого ожидайте "{1}". + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - "{0}" осуществляет синхронную блокировку. Вместо этого используйте await. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Вызов асинхронных методов в методе async + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - Используйте маркеры для защиты от подделки в контроллерах MVC ASP.NET Core. + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - Обработка запроса POST, PUT, PATCH или DELETE без проверки маркера для защиты от подделки может стать уязвимой для атак с использованием подделки межсайтовых запросов. Атаки с использованием подделки межсайтовых запросов позволяют отправлять вредоносные запросы от пользователя, прошедшего проверку подлинности, в контроллер MVC ASP.NET Core. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - Метод {0} обрабатывает запрос {1} без проверки маркера для защиты от подделки. Также убедитесь в том, что HTML-форма отправляет маркер для защиты от подделки. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - Заменить на "CancellationToken.ThrowIfCancellationRequested" + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - "ThrowIfCancellationRequested" автоматически проверяет, был ли маркер отменен, и создает "OperationCanceledException", если это так. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - Использовать "ThrowIfCancellationRequested" вместо проверки "IsCancellationRequested" и вызова "OperationCanceledException" + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - Использовать "ThrowIfCancellationRequested" + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - Использование конкретных типов позволяет избежать потребления ресурсов на виртуальные вызовы и вызовы интерфейса и включить встраивание. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Измените тип поля "{0}" с "{1}" на "{2}" для повышения производительности + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Измените тип переменной "{0}" с "{1}" на "{2}" для повышения производительности + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Измените тип возвращаемого значения метода "{0}" с "{1}" на "{2}" для повышения производительности + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Измените тип параметра "{0}" с "{1}" на "{2}" для повышения производительности + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Измените тип свойства '{0}' с '{1}' на '{2}' для повышения производительности + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Используйте конкретные типы, когда это возможно, для повышения производительности + Use concrete types when possible for improved performance Use Container Level Access Policy - Использовать политику доступа на уровне контейнера + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Идентификатор политики доступа не указан. Невозможно отозвать токены. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Если возможно, попробуйте использовать управление доступом на основе ролей Azure, а не подписанный URL-адрес (SAS). Если все-таки требуется использовать SAS, при его создании примените политику доступа на уровне контейнера. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - Используйте атрибут DefaultDllImportSearchPaths для P/Invokes. + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - По умолчанию P/Invokes, использующий атрибут DllImportAttribute, проверяет наличие загружаемой библиотеки в нескольких каталогах, включая рабочий каталог. Это может быть проблемой безопасности для некоторых приложений и привести к захвату DLL. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - Метод {0} не использовал атрибут DefaultDllImportSearchPaths для P/Invokes. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Использование эквивалентного кода, который работает при отключенном маршалировании + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - "Environment.CurrentManagedThreadId" работает проще и быстрее, чем "Thread.CurrentThread.ManagedThreadId". + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - Использовать "Environment.CurrentManagedThreadId" + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - Использовать "Environment.CurrentManagedThreadId" вместо "Thread.CurrentThread.ManagedThreadId" + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - Использовать "Environment.CurrentManagedThreadId" + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - "Environment.ProcessId" работает проще и быстрее, чем "Process.GetCurrentProcess().Id". + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - Использование "Environment.ProcessId" + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - Используйте "Environment.ProcessId" вместо "Process.GetCurrentProcess().Id". + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - Использование "Environment.ProcessId" + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - "Environment.ProcessPath" работает проще и быстрее, чем "Process.GetCurrentProcess().MainModule.FileName". + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Использовать "Environment.ProcessPath" + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - Использовать "Environment.ProcessPath" вместо "Process.GetCurrentProcess().MainModule.FileName" + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Использовать "Environment.ProcessPath" + Use 'Environment.ProcessPath' Use indexer - Использовать индексатор + Use indexer Use an invariant version - Использовать инвариантную версию + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Определен метод вызова операционной системы, а метод с аналогичной функциональностью находится в библиотеке классов платформы .NET Framework. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Используйте управляемые эквиваленты API Win32 + Use managed equivalents of win32 api Use managed equivalents of win32 api - Используйте управляемые эквиваленты API Win32 + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - Использовать вспомогательное приложение по вызову ObjectDisposedException + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Нелингвистическая операция сравнения строк не задает для параметра StringComparison значение Ordinal или OrdinalIgnoreCase. Задав явным образом значение StringComparison.Ordinal или StringComparison.OrdinalIgnoreCase для параметра, можно сделать код более быстродействующим, корректным и надежным. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Использование порядкового сравнения строк + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() может выполнять перечисление последовательности, в то время как свойство Length/Count предполагает прямой доступ. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Используйте свойство "{0}" вместо Enumerable.Count(). + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Используйте свойство Length/Count вместо Count(), если оно доступно + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Использовать алгоритм шифрования RSA с достаточным размером ключа + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Алгоритмы шифрования уязвимы для атак методом подбора, если размер используемого ключа слишком мал. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Размер ключа для алгоритма асимметричного шифрования {0} меньше 2048 бит. Перейдите на алгоритм RSA с размером ключа не менее 2048 бит или на алгоритмы ECDH или ECDSA. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - Приложения, доступные через HTTPS, должны использовать защищенные файлы cookie. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - Использовать SharedAccessProtocol HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - При использовании HTTPS сетевой трафик шифруется. Чтобы гарантировать, что сетевой трафик всегда будет зашифрован, а конфиденциальные данные не будут раскрыты, используйте HttpsOnly, а не HttpOrHttps. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Если возможно, попробуйте использовать управление доступом на основе ролей Azure, а не подписанный URL-адрес (SAS). Если все-таки требуется использовать SAS, укажите SharedAccessProtocol.HttpsOnly. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - Использовать "Clear()" + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - Эффективнее использовать "Clear" вместо "Fill" со значением по умолчанию. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - Предпочитать "Span<T>.Clear()" вместо "Span<T>.Fill(default)" + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - Предпочитать "Clear" вместо "Fill" + Prefer 'Clear' over 'Fill' Use 'StartsWith' - Используйте "'StartsWith" + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - Использовать "StartsWith" вместо сравнения результата "IndexOf" с нулем понятнее и быстрее. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - Используйте "StartsWith" вместо сравнения результата "IndexOf" с 0 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - Используйте "StartsWith" вместо "IndexOf" + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - Использовать "string.Equals" + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - Проще и, вероятно, быстрее использовать "string.Equals" вместо сравнения результата "string.Compare" с нулем. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - Использовать "string.Equals" вместо сравнения результата "string.Compare" с 0 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - Использовать "string.Equals" - - - - Use 'AsSpan' with 'string.Concat' - Использовать "AsSpan" с "string.Concat" - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - Использование "AsSpan" и "string.Concat" более эффективно, чем применение "Substring" и оператора объединения. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - Использовать "string.Concat" и "AsSpan" на основе интервалов вместо "Substring" - - - - Use span-based 'string.Concat' - Использовать "string.Concat" на основе интервалов - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - "string.Contains(char)" доступен в качестве перегрузки с улучшенной производительностью для поиска одного знака. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Использовать "string.Contains(char)" вместо "string.Contains(string)" при поиске одного знака - - - - Use char literal for a single character lookup - Использовать знаковый литерал для поиска одного знака + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Помощники по вызову являются более простыми и эффективными, чем блок if, создающий новый экземпляр исключения. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - Использовать "{0}.{1}" + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Используйте "{0}.{1}" вместо явного вызова нового экземпляра исключения + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - Анализатору совместимости платформы требуется допустимое имя и версия платформы. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - Версия "{0}" недопустима для платформы "{1}". Используйте версию с 2{2} частями для этой платформы. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - Версия "{0}" недопустима для платформы "{1}". Не используйте версии для этой платформы. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Использовать допустимую строку платформы + Use valid platform string The platform '{0}' is not a known platform name - Платформа "{0}" не является известным именем платформы + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - ValueTask, возвращаемые в результате вызова членов, должны ожидаться напрямую. Попытки использовать ValueTask несколько раз или получить прямой доступ к результату, прежде чем он будет получен, могут привести к выдаче исключения или повреждению данных. Пропуск такого ValueTask, вероятно, свидетельствует о функциональной ошибке и может привести к снижению производительности. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - Прямой доступ к результатам экземпляров ValueTask не должен осуществляться, если обработка экземпляра не была завершена. В отличие от Tasks, вызов Result или GetAwaiter().GetResult() для ValueTask может не блокироваться до завершения операции. Если вы не можете просто ожидать экземпляр, проверьте свойство IsCompleted экземпляра (или убедитесь, что оно имеет значение true, если оно должно иметь такое значение). + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - Экземпляры ValueTask следует использовать только один раз, например через await. Использование одного и того же экземпляра ValueTask несколько раз может привести к выдаче исключений и повреждению данных. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Экземпляры ValueTask, возвращаемые из вызовов методов, необходимо непосредственно ожидать, возвращать или передавать в качестве аргумента в другой вызов метода. Другое использование экземпляров (например, сохранение экземпляра в локальной переменной или в поле), вероятно, свидетельствует об ошибке, так как экземпляры ValueTask всегда должны использоваться только один раз. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Экземпляры ValueTask, возвращаемые из вызовов методов, всегда должны использоваться (как правило, они должны ожидаться). Если они не используются, это часто является функциональной ошибкой, но, даже если ошибки нет, это может привести к снижению производительности, если целевой метод добавляет экземпляры ValueTasks в пулы объектов для использования. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - Используйте ValueTasks правильно + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Обработка XML-кода из ненадежных данных может привести к загрузке опасных внешних ссылок, что следует ограничить, используя XmlReader с безопасным сопоставителем или отключив обработку DTD. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - Используйте XmlReader для "DataSet.ReadXml()". + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - Используйте XmlReader для "XmlSerializer.Deserialize()". + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - Используйте XmlReader для "XmlSchema.Read()". + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - Используйте XmlReader для конструктора XmlValidatingReader. + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - Используйте XmlReader для конструктора XPathDocument. + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - Перегрузка метода "{0}.{1}" потенциально небезопасна. Она может включать определение типа документа (DTD), которое может быть уязвимо для атак типа "отказ в обслуживании", или может использовать XmlResolver, что может представлять уязвимость для раскрытия информации. Используйте перегрузку, которая принимает экземпляр XmlReader, с отключенной обработкой DTD и без XmlResolver. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - "{0}" использует предварительную версию типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - "{0}" {3} использует предварительную версию типа "{1}", поэтому требуется согласие на использование предварительных версий функций. Дополнительные сведения см. в разделе {2}. - - - - Use 'TryGetValue(TKey, out TValue)' - Использовать "TryGetValue(TKey, out TValue)" - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - Предпочитать метод "IDictionary.TryGetValue(TKey, out TValue)" - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Предпочитать вызов TryGetValue доступу к индексатору словаря, защищенного проверкой ContainsKey, чтобы избежать двойного поиска - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - Предпочитать вызов TryGetValue"доступу к индексатору словаря, защищенного проверкой ContainsKey. Как ContainsKey, так и индексатор будут искать ключ в фоновом режиме, поэтому при использовании TryGetValue удаляется дополнительный поиск. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf index 1cd04abaf6..344cd8630b 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf @@ -4,52 +4,52 @@ Add the 'NonSerialized' attribute to this field. - Bu alana 'NonSerialized' özniteliğini ekleyin. + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - Serileştirilebilir öznitelik ekle + Add Serializable attribute Review cipher mode usage with cryptography experts - Şifreleme uzmanları ile şifreleme modu kullanımını gözden geçirin + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - Bu şifreleme modları saldırılara karşı savunmasız olabilir. Önerilen modları (CBC, CTS) kullanmayı düşünün. + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - Şifreleme uzmanlarıyla '{0}' şifreleme modunun kullanımını gözden geçirin. Önerilen modları (CBC, CTS) kullanmayı düşünün. + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - Bir URL, GUID veya sürüm için bir özniteliğin dize sabit değeri parametresi doğru ayrıştırılmıyor. + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - '{0}' öğesinin oluşturucusunda '{1}' bağımsız değişkeninin şu anda "{2}" olan değerini, '{3}' olarak doğru bir şekilde ayrıştırılabilecek bir değere değiştirin + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - '{0}' öğesinin oluşturucusunda '{1}' bağımsız değişkeninin şu anda boş bir dize ("") olan değerini, '{2}' olarak doğru bir şekilde ayrıştırılabilecek bir değere değiştirin + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - Öznitelik dizesinin sabit değerleri doğru ayrıştırılmalıdır + Attribute string literals should parse correctly Extract to static readonly field - Statik salt okunur alana ayıklayın + Extract to static readonly field @@ -64,512 +64,512 @@ Avoid constant arrays as arguments - Sabit dizileri bağımsız değişkenler olarak kullanmaktan sakının + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - 'StringBuilder' öğesinin hazırlanması her zaman, bir hazırlama işlemi için birden çok ayırmaya neden olan yerel arabellek kopyası oluşturur. + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - P/Invoke'lar için 'StringBuilder' parametreleri kullanmaktan kaçının. Bunun yerine bir karakter arabelleği kullanabilirsiniz. + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - P/Invoke'lar için 'StringBuilder' parametreleri kullanmaktan kaçının + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - .NET Framework sınıf kitaplığı, özel öznitelikleri almaya yönelik yöntemler sağlar. Varsayılan olarak bu yöntemler öznitelik devralma hiyerarşisinde arama yapar. Özniteliğin mühürlenmesi, devralma hiyerarşisinde arama yapılmasını engeller ve performansı artırabilir. + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - Mühürsüz öznitelikleri kullanmayın + Avoid unsealed attributes Avoid unsealed attributes - Mühürsüz öznitelikleri kullanmayın + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - Gereksiz sıfır uzunluklu dizi ayırmaları kullanmayın. Bunun yerine {0} kullanın. + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - Sıfır uzunluklu dizi ayırmaları kullanmaktan kaçının + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Güvenilmeyen veriler, seri durumdan çıkarılmış nesne grafındaki nesnelerin türünü kısıtlamak için SerializationBinder kullanılmadan seri durumdan çıkarılırken '{0}' yöntemi güvenli değildir. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - BinaryFormatter.Deserialize çağırmadan önce BinaryFormatter.Binder öğesinin ayarlandığından emin olun + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Güvenilmeyen veriler, seri durumdan çıkarılmış nesne grafındaki nesnelerin türünü kısıtlamak için SerializationBinder kullanılmadan seri durumdan çıkarılırken '{0}' yöntemi güvenli değildir. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - İlk olarak BinaryFormatter.Binder öğesini ayarlamadan önce BinaryFormatter.Deserialize çağırmayın + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. Bunun yerine SerializationBinder ayarlanmadan BinaryFormatter seri durumdan çıkarma işlemi algılamanız gerekiyorsa, CA2300 kuralını devre dışı bırakıp CA2301 ve CA2302 kurallarını etkinleştirin. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - Güvenli olmayan seri kaldırıcı BinaryFormatter kullanmayın + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy', 'count' bağımsız değişkeni için kopyalanacak bayt sayısını bekler. 'Array.Length' kullanmak, kopyalanması gereken bayt sayısıyla eşleşmeyebilir. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy', 'count' bağımsız değişkeni için kopyalanacak bayt sayısını bekler. 'Array.Length' kullanmak, kopyalanması gereken bayt sayısıyla eşleşmeyebilir. + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - 'Buffer.BlockCopy', 'count' bağımsız değişkeni için kopyalanacak bayt sayısını bekliyor + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - Dispose uygulaması olan bir metot GC.SuppressFinalize çağrısı yapmıyor, Dispose uygulaması olmayan bir metot GC.SuppressFinalize çağrısı yapıyor ya da bir metot GC.SuppressFinalize çağrısı yapıyor ve this (Visual Basic’te Me) dışında bir şey geçiriyor. + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - {0} öğesini {1} çağrısı yapacak şekilde değiştirin. Bu, bir sonlandırıcı sunan türetilmiş türlerin 'IDisposable' çağrısı yapabilmesi için bunu yeniden uygulamak zorunda kalmasını engeller. + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - {0} öğesini {1} çağrısı yapacak şekilde değiştirin. Bu, nesne atıldıktan ve kapsam dışı kaldıktan sonra nesnenin gereksiz bir biçimde sonlandırılmasını önler. + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0}, kendi dışında bir şey üzerinde {1} çağrısı yapıyor. Çağrı konumunu bunun yerine 'this' (Visual Basic’te 'Me') geçirecek şekilde değiştirin. + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0}, genellikle yalnızca bir 'IDisposable.Dispose' uygulamasının içinden çağrılan bir yöntem olan {1} öğesine çağrı yapıyor. Daha fazla bilgi edinmek için IDisposable desenine başvurun. + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Dispose yöntemleri tarafından SuppressFinalize çağrılmalıdır + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - ConstantExpected özniteliği parametreye doğru olarak uygulanmadı. + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - ConstantExpected özniteliğinin yanlış kullanımı + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - Üst yöntem ek açıklaması nedeniyle parametre için ConstantExpected özniteliği gereklidir + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - '{0}' değeri '{1}' parametre türüyle uyumlu değil + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - '{0}' değeri, '{2}' için '{1}' parametre değeri sınırlarına uymuyor + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - Sabit, parametreyle aynı '{0}' türünde değil + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - Min ve Max değerleri ters çevrilmiş + The Min and Max values are inverted The argument should be a constant for optimal performance - En iyi performans için bağımsız değişken sabit olmalıdır + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - '{0}' türü ConstantExpected özniteliği için desteklenmiyor + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - Sabit, '{1}' için '{0}' değer sınırlarına uymuyor + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - Parametre, en iyi performans için bir sabit bekliyor. + The parameter expects a constant for optimal performance. A constant is expected for the parameter - Parametre için bir sabit bekleniyor + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Güvenilmeyen giriş seri durumdan çıkarılırken, {0} nesnesinin seri durumdan çıkarılması güvenli değildir. '{1}', {0} nesnesidir veya bu nesneden türetilmiştir + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - Seri durumdan çıkarılabilir nesne grafında güvenli olmayan DataSet veya DataTable türü bulundu + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - IFormatter tabanlı seri hale getirici ile güvenilmeyen giriş seri durumdan çıkarılırken, {0} nesnesinin seri durumdan çıkarılması güvenli değildir. '{1}', bir {0} nesnesidir veya bu nesneden türetilmiştir. Otomatik olarak oluşturulan türün hiçbir zaman güvenilmeyen verilerle seri durumdan çıkarılmadığından emin olun. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - Otomatik oluşturulmuş seri hale getirilebilir türdeki güvenli olmayan DataSet veya DataTable, uzaktan kod yürütme saldırılarına karşı savunmasız olabilir + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Güvenilmeyen giriş seri durumdan çıkarılırken, {0} nesnesinin seri durumdan çıkarılması güvenli değildir. '{1}', {0} nesnesidir veya bu nesneden türetilmiştir + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - Seri durumdan çıkarılan nesne grafındaki güvenli olmayan DataSet veya DataTable, uzaktan kod yürütme saldırılarına karşı savunmasız olabilir + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - IFormatter tabanlı seri hale getirici ile güvenilmeyen giriş seri durumdan çıkarılırken {0} nesnesinin seri durumdan çıkarılması güvenli değildir. '{1}', {0} öğesidir veya bu öğeden türemiştir. + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - Seri hale getirilebilir türdeki güvenli olmayan DataSet veya DataTable, uzaktan kod yürütme saldırılarına karşı savunmasız olabilir + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Güvenilmeyen giriş seri durumdan çıkarılırken, {0} nesnesinin seri durumdan çıkarılması güvenli değildir. '{1}', {0} nesnesidir veya bu nesneden türetilmiştir + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - Seri hale getirilebilir türdeki güvenli olmayan DataSet veya DataTable + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - Güvenilmeyen giriş seri durumdan çıkarılırken, {0} nesnesinin seri durumdan çıkarılması güvenli değildir. '{1}', {0} nesnesidir veya bu nesneden türetilmiştir + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Web'de seri durumdan çıkarılabilir nesne grafındaki güvenli olmayan DataSet veya DataTable türü + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - '{0}' metodu, güvenilmeyen veriler seri durumdan çıkarılırken güvenli değildir. '{0}' çağrısını içeren otomatik oluşturulan sınıfın, güvenilmeyen verilerle seri durumdan çıkarılmadığından emin olun. + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - DataSet.ReadXml() içeren otomatik oluşturulmuş sınıfın güvenilmeyen verilerle kullanılmadığından emin olun + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - Güvenilmeyen verilerle DataSet.ReadXml() kullanmayın + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - Güvenilmeyen verilerle DataTable.ReadXml() kullanmayın + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients, sertifika iptal listesi denetimlerini etkinleştirmelidir + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - HttpClient, CheckCertificateRevocationList etkinleştirilmeden oluşturuldu + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - Sertifikaları Kök Depoya Ekleme + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - Sertifikaların, işletim sisteminin güvenilen kök sertifikalarına eklenmesi, geçerli olmayan bir sertifikanın hatalı bir şekilde kimliğinin doğrulanması riskini artırır + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - Varsayılan olmayan IV ile CreateEncryptor kullanma + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - Simetrik şifreleme, yinelenmesi olası, varsayılan olmayan başlatma vektörü kullanıyor + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - ASP.NET Core'da Güvenli Tanımlama Bilgileri Kullan + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - Tanımlama bilgisi ayarlarken CookieOptions.Secure = true olarak ayarlayın + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - Yetersiz Sayıda Yineleme ile Zayıf Anahtar Türetme İşlevi Kullanmayın + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Bir paroladan şifreleme anahtarı türetirken en az {0} yineleme kullanın. Varsayılan olarak, Rfc2898DeriveByte'ın IterationCount değeri yalnızca 1000'dir + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - Aktarım Katmanı Güvenliği'nin (TLS) eski protokol sürümleri TLS 1.2 ve TLS 1.3'ten daha az güvenli olduğundan yeni güvenlik açıkları oluşma olasılığı daha yüksektir. Riski en aza indirmek için eski protokol sürümlerini kullanmaktan kaçının. + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - Aktarım Katmanı Güvenliği protokol sürümü '{0}' kullanımdan kaldırılmış. İşletim Sistemi'nin sürüm seçmesine izin vermek için 'Yok' seçeneğini belirleyin. + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - Kullanımdan kaldırılmış SslProtocols değerlerini kullanma + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}', '{1}' önizleme sınıfından türetildiğinden önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}', '{1}' önizleme sınıfından türetildiğinden önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - Bir derlemenin kullanmadan önce önizleme özelliklerini kabul etmesi gerekiyor. + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - '{0}' kullanabilmeniz için önizleme özelliklerinin kabul edilmesi gerekir. Daha fazla bilgi için bkz. {1}. + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} '{0}' kullanabilmeniz için önizleme özelliklerinin kabul edilmesi gerekir. Daha fazla bilgi için bkz. {1}. + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - Bu API, önizleme özelliklerini kabul etmeyi gerektirir + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - System.IDisposable uygulayan bir tür, kendileri de IDisposable uygulayan türlerde alanlar bildiriyor. Alanın Dispose metodu, bildirim türünün Dispose metodu tarafından çağrılmıyor. Bu kural ihlalini düzeltmek için, alan tarafından tutulan yönetilmeyen kaynakları ayırmak ve serbest bırakmaktan sorumluysanız, IDisposable uygulayan türlerdeki alanlarda Dispose çağrısı yapın. + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - '{0}', IDisposable '{2}' türündeki '{1}' alanını içeriyor, ancak hiç Dispose uygulamadı. '{0}' üzerindeki Dispose metodunu, bu alanda Close veya Dispose çağrısı yapacak şekilde değiştirin. + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - Atılabilir alanlar atılmalıdır + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - System.IDisposable uygulayan ve yönetilmeyen kaynakların kullanılmasını gerektiren alanlara sahip olan bir tür, Object.Finalize tarafından açıklandığı gibi bir sonlandırıcı uygulamıyor. + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - Atılabilir türler sonlandırıcı bildirmelidir + Disposable types should declare finalizer Disposable types should declare finalizer - Atılabilir türler sonlandırıcı bildirmelidir + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - System.IDisposable uygulayan bir tür, aynı şekilde IDisposable uygulayan bir türden devralıyor. Devralan türün Dispose metodu, üst türün Dispose metodunu çağırmıyor. Bu kural ihlalini düzeltmek için Dispose metodunuzda base.Dispose çağrısı yapın. + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - '{0}' metodunun olası tüm denetim akışı yollarında '{1}' çağrısı yaptığından emin olun + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Atma yöntemleri taban sınıf atmayı çağırmalıdır + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - Yok edilmiş nesne tüm başvuruları kapsam dışı olmadan önce tamamen elden geçirilmez, belirsiz bir zamanda çöp toplayıcısı nesne sonlandırıcısını çalıştırıldığında elden çıkarılacaktır. Olağanüstü bir olay yüzünden sonlandırıcının çalışmasının engellenmesi ortaya çıkarabilir, nesne açıkça elden çıkarılmalıdır. + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - '{0}' tarafından oluşturulan nesnenin tüm yollarda atıldığından emin olmak için önerilen atma desenini kullanın. Mümkünse, oluşturulan nesneyi 'using' deyimi veya 'using' bildirimiyle sarmalayın. Aksi halde, try bölgesinden önce bildirilen ayrılmış bir yerel değişkeni ve 'finally' bölgesinde null olmayan değer üzerinde koşulsuz bir Dispose çağrısı (örneğin, 'x?.Dispose()') olan bir try-finally deseni kullanın. Nesne try bölgesi içinde açıkça atıldıysa veya atma sahipliği başka bir nesne ya da metoda aktarıldıysa, 'finally' bölgesinde çift atma gerçekleşmesini önlemek için bu tür bir işlemden hemen sonra yerel değişkene 'null' atayın. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - '{0}' tarafından oluşturulan nesnenin tüm özel durum yollarında atıldığından emin olmak için önerilen atma desenini kullanın. Mümkünse oluşturulan nesneyi 'using' deyimi veya 'using' bildirimiyle sarmalayın. Aksi halde, try bölgesinden önce bildirilen ayrılmış bir yerel değişkeni ve 'finally' bölgesinde null olmayan değer üzerinde koşulsuz bir Dispose çağrısı (örneğin, 'x?.Dispose()') olan bir try-finally deseni kullanın. Nesne try bölgesi içinde açıkça atıldıysa veya atma sahipliği başka bir nesne ya da metoda aktarıldıysa, 'finally' bölgesinde çift atma gerçekleşmesini önlemek için bu tür bir işlemden hemen sonra yerel değişkene 'null' atayın. + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - '{0}' tarafından oluşturulan nesnenin tüm başvuruları kapsam dışına çıkmadan önce nesne üzerinde System.IDisposable.Dispose çağrısı yapın + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - '{0}' tarafından oluşturulan nesne tüm özel durum yolları boyunca atılmıyor. Tüm başvuruları kapsam dışına çıkmadan önce nesne üzerinde System.IDisposable.Dispose çağırın. + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - Kapsamı kaybetmeden çnce nesneleri bırakın + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - Arşiv Öğesinin Yolunu Hedef Dosya Sistemi Yoluna Ekleme + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - Bir arşivden dosya ayıklarken ve arşiv öğesinin yolunu kullanırken yolun güvenli olup olmadığını denetleyin. Arşiv yolu göreli olabilir ve beklenen dosya sistemi hedef yolunun dışında bir dosya sistemi erişimine yönlendirebilir. Bu durum, düzenleme ve bekleme tekniği aracılığıyla kötü amaçlı yapılandırma değişikliklerine ve uzaktan kod yürütmeye yol açabilir. + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - Dosyayı ayıklamak için göreli arşiv öğesi yolundan '{1} metodu içindeki {0}' için yol oluşturuluyorsa ve kaynak güvenilmeyen bir ZIP arşiviyse, '{3} metodu içindeki {2}' göreli arşiv öğesi yolunu temizlediğinizden emin olun + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - URL'ye Göre Şema Eklemeyin + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - XmlSchemaCollection.Add metodunun bu aşırı yüklemesi, kullanılan XML okuyucu örneğinde dahili olarak DTD işleme sağlar ve dış XML varlıklarını çözümlemek için UrlResolver kullanır. Bunun sonucunda bilgilerin açığa çıkması durumu ortaya çıkar. Dosya sistemindeki içerikler veya XML'yi işleyen makinenin ağ paylaşımları saldırgana açılabilir. Buna ek olarak, bir saldırgan bunu DoS vektörü olarak kullanabilir. + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Tehlikeli dış başvuruları çözümleyebileceğinden Add metodunun bu aşırı yüklemesi güvenli olmayabilir + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - Kritik TokenValidationParameter doğrulama temsilcileri true olarak ayarlandığında, herhangi bir yayımcıdan veya süresi dolmuş belirteçlerden yanlış doğrulanmış belirteçlere neden olabilecek önemli kimlik doğrulama korumaları devre dışı bırakılır. + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} her zaman true döndüren bir işleve ayarlanır. Doğrulama temsilcisini ayarlayarak, varsayılan doğrulamayı geçersiz kılarsınız ve her zaman doğru döndürerek bu doğrulama tamamen devre dışı bırakılır. + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - Temsilcilerde belirteç doğrulamasını her zaman atlamayın + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - Güvenli Olmayan Seri Durumdan Çıkarma, güvenilmeyen verilerin bir uygulamanın mantığını kötüye kullanmak, bir Hizmet Reddi (DoS) saldırısı gerçekleştirmek veya seri durumdan çıkarıldığında rastgele kod yürütmek için kullanılması durumunda oluşan bir güvenlik açığıdır. Kötü amaçlı kullanıcıların uygulama kendi denetimlerindeki güvenilmeyen verileri seri durumdan çıkarırken bu seri durumdan çıkarma özelliklerini kötüye kullanması mümkündür. Özellikle, seri durumdan çıkarma işleminde tehlikeli yöntemler çağrılabilir. Başarılı güvenli olmayan seri durumdan çıkarma salgırıları, saldırganların DoS saldırıları gerçekleştirmesine, kimlik doğrulamasını atlamasına ve uzaktan kod yürütmesine olanak sağlar. + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - '{0}' sınıfının bir örneği seri durumdan getirilirken '{1}' metodu tehlikeli olan '{2}' metodunu doğrudan veya dolaylı olarak çağırabilir + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - Seri Durumdan Çıkarırken Tehlikeli Metotlar Çağırma + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> ve Enumerable.OfType<T> metotları, beklendiği gibi çalışmaları için uyumlu türler gerektirir. -Enumerable.Cast<T> tarafından döndürülen dizi tarafından kullanılan genel tür dönüştürme (IL 'unbox.any'), belirtilen türdeki öğelerde çalışma zamanında InvalidCastException oluşturur. -Enumerable.OfType<T> tarafından kullanılan genel tür denetimi (C# 'is' işleci/IL 'isinst'), belirtilen türdeki öğelerle hiçbir zaman başarılı olamaz ve bu çağrı boş bir dizi ile sonuçlanır. -Genel türlerde genişletme ve kullanıcı tanımlı dönüştürmeler desteklenmez. + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - '{0}' türü '{1}' türüyle uyumsuz olduğundan tür dönüştürme girişimleri çalışma zamanında InvalidCastException oluşturur + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - '{0}' türü '{1}' türüyle uyumsuz olduğundan bu çağrı her zaman boş bir dizi ile sonuçlanır + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - Uyumsuz türlerle Enumerable.Cast<T> veya Enumerable.OfType<T> metotlarını çağırmayın + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - Bir {1} değeri üzerinde {0} çağırmayın + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - Bir ImmutableCollection değeri üzerinde ToImmutableCollection çağırmayın + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource, temel alınan görevi denetleyen TaskCreationOptions öğesini ve görevde depolanan nesne durumunu alan oluşturucuları alan oluşturucuları içerir. TaskCreationOptions yerine yanlışlıkla TaskContinuationOptions geçirilmesi, çağrının seçenekleri durum olarak değerlendirmesine neden olur. + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - TaskContinuationOptions öğesini TaskCreationOptions ile değiştirin. + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - Bağımsız değişken TaskCreationOptions sabit listesi yerine TaskContinuationsOptions sabit listesini içeriyor + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - TaskCompletionSource oluşturucusuna geçirilen bağımsız değişken, TaskContinuationOptions sabit listesi yerine TaskCreationOptions sabit listesi olmalıdır + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - Bir TaskScheduler kabul eden aşırı yüklerden birini kullanmıyorsanız görev oluşturmayın. Varsayılan, TaskScheduler.Current üzerinde zamanlamaktır. Bu kilitlenmelere neden olur. İş parçacığı havuzunda zamanlamak için TaskScheduler.Default kullanın veya amacınızı açıklamak için açıkça TaskScheduler.Current geçirin. + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - Bir TaskScheduler geçirmeden bir görev oluşturmayın + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - Bir TaskScheduler geçirmeden bir görev oluşturmayın + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - MemoryManager<T> öğesinden türetilen bir türe sonlandırıcı eklenmesi, belleğin bir Span<T> tarafından hala kullanımdayken serbest bırakılmasına izin verebilir. + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - MemoryManager<T> öğesinden türetilen bir türe sonlandırıcı eklenmesi, belleğin bir Span<T> tarafından hala kullanımdayken serbest bırakılmasına izin verebilir + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - MemoryManager<T> öğesinden türetilen türler için sonlandırıcıları tanımlama + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - Sertifika Doğrulamasını Devre Dışı Bırakma + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - Bir sertifika sunucunun kimliğini doğrulamaya yardımcı olabilir. İstemciler, isteklerin doğru sunucuya gönderildiğinden emin olmak için sunucu sertifikasını doğrulamalıdır. ServerCertificateValidationCallback her zaman 'true' döndürüyorsa, tüm sertifikalar doğrulamayı geçer. + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - ServerCertificateValidationCallback, her zaman true döndürerek tüm sunucu sertifikatarını kabul eden bir işleve ayarlanmış. Sunucu sertifikalarının istekleri alan sunucunun kimliğini doğrulamak için doğrulandığından emin olun. - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - CheckCertificateRevocationList özelliğinin true olarak ayarlandığı, platforma özel bir işleyici (WinHttpHandler veya CurlHandler veya HttpClientHandler) sağlamadan HttpClient kullanmak, iptal edilen sertifikaların HttpClient tarafından geçerli olarak kabul edilmesine olanak sağlar. + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - HTTP Üst Bilgisi Denetlemeyi Devre Dışı Bırakmayın + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - HTTP üst bilgisi denetleme, yanıt üst bilgilerinde bulunan satır başı ve yeni satır karakterlerinin (\r ve \n) kodlamasını sağlar. Bu kodlama, üst bilginin içerdiği güvenilmeyen verileri yansıtan bi uygulamanın açıklarından yararlanan ekleme saldırılarını önlemeye yardımcı olabilir. + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - HTTP üst bilgisi denetlemeyi devre dışı bırakmayın + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - İstek Doğrulamayı Devre Dışı Bırakmayın + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - İstek doğrulama, HTTP isteklerini inceleyen ve bu isteklerin potansiyel olarak tehlikeli içeriğe sahip olup olmadığını belirleyen bir ASP.NET özelliğidir. Bu denetleme, URL sorgu dizesi, tanımlama bilgileri veya kötü amaçlarla eklenmiş olabilecek gönderilmiş form değerlerindeki işaretleme veya kodlara karşı koruma sağlar. Dolayısıyla bu genellikle istenen bir özelliktir ve kapsamlı savunma için etkin olarak bırakılmalıdır. + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - {0} öğesinde istek doğrulama devre dışı + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - Güçlü Şifrelemenin Schannel Kullanımını Devre Dışı Bırakma + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - .NET Framework 4.6'dan itibaren, yeni protokolleri kullanmak için System.Net.ServicePointManager ve System.Net.Security.SslStream sınıfları önerilir. Eski sınıflar protokol zayıflıklarına sahip olduğundan bunlar desteklenmez. Switch.System.Net.DontEnableSchUseStrongCrypto özelliğinin true olarak ayarlanması eski zayıf şifreleme denetimini kullanır ve protokol geçişini reddeder. + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0}, TLS 1.2'yi devre dışı bırakır ve SSLv3'ü etkinleştirir + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - Belirteç doğrulama kontrolleri, belirteçleri doğrularken tüm yönlerin analiz edilmesini ve doğrulanmasını sağlar. Doğrulamayı kapatmak, güvenilmeyen belirteçlerin doğrulamadan geçmesine izin vererek güvenlik açıklarına yol açabilir. + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters. {0} önemli doğrulamayı devre dışı bıraktığından false olarak ayarlanmamalıdır + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - Belirteç doğrulama denetimlerini devre dışı bırakma + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols anahtarını true olarak ayarlamayın. Bu anahtarı ayarlamak, Windows Communication Framework'ü (WCF) güvenli olmayan ve eski Aktarım Katmanı Güvenliği (TLS) 1.0 kullanacak şekilde kısıtlar. + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - ServicePointManagerSecurityProtocols öğesini devre dışı bırakmayın + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - 'Dictionary.ContainsKey(key)' ile 'Dictionary.Remove(key)' öğesini korumayın. İlki zaten anahtarın mevcut olup olmadığını denetler ve değilse oluşturmaz. + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - 'Dictionary.ContainsKey(key)' ile 'Dictionary.Remove(key)' öğesini korumayın + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - Gereksiz 'Dictionary.ContainsKey(key)' çağrısı + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - Sertifikayı sabit olarak kodlama + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - Kaynak kodundaki sabit olarak kodlanmış sertifikalar, güvenlik açığından yararlanmaya karşı savunmasızdır. + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - '{1}' metodundaki '{0}' öğesinin, '{3}' metodundaki '{2}' öğesinde bulunan sabit kodlanmış sertifika nedeniyle zarar görmüş olabileceği olası güvenlik açığı bulundu + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - Şifreleme anahtarını sabit olarak kodlama + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - SymmetricAlgorithm'in .Key özelliği veya bir metodun rgbKey parametresi hiçbir zaman sabit kodlanmış bir değer olamaz. + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - '{1}' metodundaki '{0}' öğesinin, '{3}' metodundaki '{2}' öğesinde bulunan sabit kodlanmış anahtar nedeniyle zarar görmüş olabileceği olası güvenlik açığı bulundu + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - Varsayılan olarak, Güvenilen Kök Sertifika Yetkilileri sertifika depolama alanı, Microsoft Kök Sertifika Programı gereksinimlerini karşılayan bir genel CA kümesiyle yapılandırılır. Tüm güvenilen kök CA'lar herhangi bir etki alanı için sertifika verebileceği için, bir saldırgan yüklediğiniz savunmasız veya zorlanabilir bir CA'yı saldırı için seçebilir ve tek bir zayıf, kötü amaçlı ya da zorlanabilir CA tüm sistemin güvenliğini tehlikeye atabilir. Daha da kötüsü, bu saldırıların gözden kaçırılması oldukça kolaydır. + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - Bir nesneye uygulama etki alanı sınırları dışından doğrudan erişilebiliyorsa nesnenin zayıf bir kimliğe sahip olduğu söylenir. Zayıf kimlikli bir nesneyi kilitlemeye çalışan bir iş parçacığı, farklı bir uygulama etki alanında bulunan ve aynı nesneyi kilitlemiş ikinci bir iş parçacığı tarafından engellenebilir. + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - Zayıf kimliği olan nesneleri kilitlemeyin + Do not lock on objects with weak identity Do not lock on objects with weak identity - Zayıf kimliği olan nesneleri kilitlemeyin + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - Bir metot, bir dize sabit değerini .NET Framework sınıf kitaplığında oluşturucuya veya metoda parametre olarak geçiriyor ve bu dize yerelleştirilebilir olmalı. Bu kural ihlalini düzeltmek için dize sabit değerini ResourceManager sınıfı örneği aracılığıyla alınan bir dizeyle değiştirin. + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - '{0}' metodu bir '{2}' çağrısına '{1}' parametresi olarak bir sabit dizesi geçiriyor. Bunun yerine şu dizeleri bir kaynak tablosundan alın: {3}. + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - Harfleri yerelleştirilmiş parametreler olarak göndermeyin + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - Kullanıcı kodu tarafından hiçbir zaman yeterince belirgin olmayan veya çalışma zamanı tarafından ayrılmış türdeki bir özel durum tetiklenmemelidir. Bu, özgün hatanın algılanmasını ve ayıklanmasını zorlaştırır. Bu özel durum örneği oluşturulabiliyorsa farklı bir özel durum türü kullanın. + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - {0} özel durum türü çalışma zamanı tarafından ayrılmış + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - {0} özel durum türü yeterince belirli değil + Exception type {0} is not sufficiently specific Do not raise reserved exception types - Ayrılmış özel durum türleri tetiklemeyin + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - İşaretçi Alanlara Sahip Türleri Serileştirmeyin + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - İşaretçiler, işaret ettikleri belleğin doğruluğunu garanti edemediğinden "tür kullanımı uyumlu" değildir. Bu nedenle, bir saldırganın işaretçiyi kontrol etmesine olanak sağlayabileceğinden işaretçi alanlara sahip türleri serileştirmek tehlikelidir. + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - Serileştirilebilir türde {0} işaretçi alanı + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - Hesabın Paylaşılan Erişim İmzasını Kullanmayın + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - Paylaşılan Erişim İmzaları (SAS), Azure Depolama kullanan tüm uygulamalar için güvenlik modelinin önemli bir bölümüdür, hesap anahtarı olmayan istemciler için depolama hesabınıza yönelik sınırlı ve güvenli izinler sağlar. Hizmet SAS'si üzerinden kullanılabilir olan işlemlerin tümü ayrıca, hesap SAS'sinin çok güçlü olması durumunda hesap SAS'si üzerinden de kullanılabilir. Bu nedenle daha dikkatli bir şekilde erişim vermek için Hizmet SAS'sini kullanmanız önerilir. + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - Ayrıntılı erişim denetimi ve kapsayıcı düzeyinde erişim ilkesi için Hesap SAS'si yerine Hizmet SAS'sini kullanın + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - Bozuk Kriptografik Algoritmalar Kullanma + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - Bu algoritmayı bozmayı işlemsel olarak uygun hale getiren bir saldırı var. Bu, saldırganların sağlamak için tasarlanan kriptografik garantileri aşmasına olanak sağlar. Bu kriptografik algoritmanın türü ve uygulamasına bağlı olarak, bu saldırganların şifrelenmiş iletileri okumasına, şifrelenmiş iletilen üzerinde oynamasına, dijital imza sahteciliği yapmasına, karma içerik üzerinde oynamasına veya bu algoritmayı temel alan herhangi bir kriptosistemin güvenliğini bozmasına neden olabilir. AES algoritması (AES-256, AES-192 ve AES-128 kabul edilebilir) ile şifreleme kullanımlarını 128 bit veya daha büyük bir anahtar uzunluğuyla değiştirin. Karma kullanımlarını SHA512, SHA384 veya SHA256 gibi SHA-2 ailesindeki bir karma işleviyle değiştirin. RSA ile dijital imza kullanımlarını 2048 bit veya daha büyük bir anahtar uzunluğuyla veya ECDSA’yı 256 bit veya daha büyük bir anahtar uzunluğuyla değiştirin. + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} bozuk {1} kriptografik algoritmasını kullanıyor + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - Boş olmayan koleksiyonlarda CountAsync() ve LongCountAsync() dizinin tamamını numaralandırır. AnyAsync() ise ilk öğede veya koşulu karşılayan ilk öğede durur. + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - Performansı artırmak için AnyAsync() metodu kullanılabilecekken bunun yerine {0}() kullanılıyor + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - AnyAsync() kullanılabiliyorsa CountAsync() veya LongCountAsync() kullanma + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - Boş olmayan koleksiyonlarda Count() ve LongCount() dizinin tamamını numaralandırır. Any() ise ilk öğede veya koşulu karşılayan ilk öğede durur. + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - Performansı artırmak için Any() metodu kullanılabilecekken bunun yerine {0}() kullanılıyor + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - Any() kullanılabiliyorsa Count() veya LongCount() kullanma + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - Simetrik şifrelemenin, sözlük saldırılarını önlemek için her zaman yinelenemeyen bir başlatma vektörü kullanması gerekir. - - - - Do Not Use Deprecated Security Protocols - Kullanım Dışı Güvenlik Protokollerini Kullanmayın - - - - Using a deprecated security protocol rather than the system default is risky. - Sistem varsayılanı yerine bir kullanım dışı güvenlik protokolünü kullanmak risklidir. - - - - Hard-coded use of deprecated security protocol {0} - Kullanım dışı {0} güvenlik protokolünün sabit kodlanmış kullanımı + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - Dijital İmza Algoritması (DSA) Kullanma + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - DSA, kullanmak için çok zayıf. + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - {0} asimetrik şifreleme algoritması zayıf. Bunun yerine en az 2048 anahtar boyutunda, ECDH veya ECDSA algoritmasına sahip bir RSA'ya geçiş yapın. + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - Bu koleksiyonun doğrudan dizini oluşturulabilir. Burada LINQ uygulanması gereksiz ayırmalara ve CPU yoğunluğuna yol açar. + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - Dizini oluşturulabilen koleksiyonlarda Enumerable metotlarını kullanmayın. Bunun yerine doğrudan koleksiyonu kullanın. + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - Dizini oluşturulabilen koleksiyonlarda Enumerable metotlarını kullanmayın + Do not use Enumerable methods on indexable collections Do not use insecure randomness - Güvenli olmayan rastgelelik kullanmayın + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - Şifreleme açısından zayıf olan bir sözde rastgele sayı oluşturucu kullanılması, saldırganın, oluşturulacak güvenlik açısından hassas değeri tahmin etmesini sağlayabilir. Tahmin edilemeyen bir değer gerekiyorsa, şifreleme açısından güçlü bir rastgele sayı oluşturucu kullanın veya güvenlik gerektiren işlemlerde zayıf sözde rastgele sayıların kullanılmadığından emin olun. + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0}, güvenli olmayan bir rastgele sayı üreticidir. Güvenlik için rastgelelik gerekli olduğunda şifreli olarak güvenli rastgele sayı üreticileri kullanın. + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - Artık kullanılmayan anahtar türetme işlevini kullanma + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - Parola tabanlı anahtar türetme SHA-2 ile PBKDF2 kullanmalıdır. Bir PBKDF1 anahtarı ürettiğinden PasswordDeriveBytes kullanmaktan kaçının. Yineleme sayısı veya güvenlik dizisi kullanmadığından Rfc2898DeriveBytes.CryptDeriveKey kullanmaktan kaçının. + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - Artık kullanılmayan {0}.{1} anahtar türetme işlevine çağrı + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - 'OutAttribute' ile değer tarafından geçirilen dize parametreleri, dizeye intern uygulanmışsa çalışma zamanının kararsız hale gelmesine neden olabilir. + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - Değerle geçirilen '{0}' dize parametresi için 'OutAttribute' kullanmayın. Değiştirilmiş verilerin yeniden çağırana yönelik olarak hazırlanması gerekirse, dizeyi başvuruyla geçirmek için 'out' anahtar sözcüğünü kullanın. + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - P/Invokes için dize parametrelerinde 'OutAttribute' kullanmayın + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - 'ReferenceEqualityComparer' üzerinde 'Equals' metoduna '{0}' değer türünde bir bağımsız değişken geçirmeyin. Değer kutulama nedeniyle bu 'Equals' çağrısı beklenmeyen bir sonuç döndürebilir. Yerine 'EqualityComparer' kullanmayı düşünün veya 'ReferenceEqualityComparer' kullanmayı amaçlıyorsanız başvuru türünde bağımsız değişkenler geçirin. + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - Değer türü kullanan bağımsız değişkenler bu metoda yönelik her çağrı için benzersiz şekilde kutulandığından beklenmeyen sonuçlar alınabilir. + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - 'ReferenceEqualitys' metoduna '{0}' değer türünde bir bağımsız değişken geçirmeyin. Değer kutulama nedeniyle bu 'ReferenceEquals' çağrısı beklenmeyen bir sonuç döndürebilir. Yerine 'Equals' kullanmayı düşünün veya 'ReferenceEqualitys' kullanmayı amaçlıyorsanız başvuru türünde bağımsız değişkenler geçirin. + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - ReferenceEquals metodunu değer türleriyle birlikte kullanmayın + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - Stackalloc tarafından ayrılan yığın alanı yalnızca geçerli metot çağrısının sonunda bırakılır. Bunu bir döngüde kullanmak, sınırsız yığın büyümesi ve sonunda yığın taşması durumlarına neden olabilir. + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - Olası yığın taşması. Stackalloc'u döngünün dışına taşıyın. + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - Döngüler içinde stackalloc kullanmayın + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - Daha yüksek frekanslı düzenli etkinlik, CPU’nun meşgul kalmasına neden olmasının yanı sıra ekranı ve sabit diskleri kapatarak güç tasarrufu sağlayan boşta süreölçerlerini etkileyebilir. + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - Güç durumu değişikliklerini engelleyen süreölçerleri kullanmayın + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - Güç durumu değişikliklerini engelleyen süreölçerleri kullanmayın + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - Güvenli olmayan DllImportSearchPath değeri kullanmayın + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - Varsayılan arama dizinlerinde zararlı bir DLL olabilir veya uygulamanızın çalıştığı konuma bağlı olarak uygulama dizininde zararlı bir DLL olabilir. Bunun yerine açık bir arama yolu belirten DllImportSearchPath değeri kullanın. Bu kuralın aradığı DllImportSearchPath bayrakları .editorconfig içinde yapılandırılabilir. + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - Güvenli olmayan DllImportSearchPath değeri {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - Tek bir görevle 'WaitAll' kullanılması performans kaybına neden olabilir. Bunun yerine bekleyin veya göreve geri dönün. + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - 'WaitAll'ı tek 'Wait' ile değiştirin + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - Tek bir görevle 'WaitAll' kullanmayın + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - Zayıf Kriptografik Algoritmalar Kullanma + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - Saldırgan daha fazla işlem erişimi elde ettikçe kriptografik algoritmalar zaman içinde zayıflar. Bu kriptografik algoritmanın türü ve uygulamasına bağlı olarak, kriptografik gücün daha da zayıflatılması saldırganların şifrelenmiş iletileri okumasına, şifrelenmiş iletilen üzerinde oynamasına, dijital imza sahteciliği yapmasına, karma içerik üzerinde oynamasına veya bu algoritmayı temel alan herhangi bir kriptosistemin güvenliğini bozmasına neden olabilir. AES algoritması (AES-256, AES-192 ve AES-128 kabul edilebilir) ile şifreleme kullanımlarını 128 bit veya daha büyük bir anahtar uzunluğuyla değiştirin. Karma kullanımlarını SHA-2 512, SHA-2 384 veya SHA-2 256 gibi SHA-2 ailesindeki bir karma işleviyle değiştirin. + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} zayıf {1} kriptografik algoritmasını kullanıyor + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - Anahtar Türetme İşlevi algoritmasının yeterince güçlü olduğundan emin olun + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Rfc2898DeriveBytes sınıfının bazı uygulamaları, bir karma algoritması değerinin oluşturucu parametresinde belirtilmesine veya HashAlgorithm özelliğinde üzerine yazılmasına olanak sağlar. Bir karma algoritması belirtilirse SHA-256 veya üzeri olmalıdır. + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0}, zayıf bir karma algoritması kullanıyor olabilir. Paroladan güçlü bir anahtar oluşturmak için SHA256, SHA384 veya SHA512 kullanın. + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - Parola gibi kullanıcı tarafından sağlanan girişlerden şifreleme anahtarları türetirken, yeterli sayıda yineleme (en az 100.000) kullanın. + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - Tek bir görevle 'WhenAll' kullanılması performans kaybına neden olabilir. Bunun yerine bekleyin veya göreve geri dönün. + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - 'WhenAll' çağrısını bağımsız değişkenle değiştirin + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - Tek bir görevle 'WhenAll' kullanmayın + Do not use 'WhenAll' with a single task Do Not Use XslTransform - XslTransform Kullanma + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - XslTransform kullanmayın. Tehlikeli olabilecek dış başvuruları kısıtlamaz. + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - İşlevsel bir 'DynamicInterfaceCastableImplementationAttribute'-öznitelikli arabirim sağlamak için Visual Basic’te desteklenmeyen Varsayılan Arabirim Üyeleri özelliği gereklidir. + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Visual Basic içinde 'DynamicInterfaceCastableImplementation' arabirimi sağlama desteklenmiyor + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - Visual Basic içinde 'DynamicInterfaceCastableImplementation' arabirimi sağlama desteklenmiyor + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - Çalışma zamanı sıralaması devre dışı bırakıldığında çalışma zamanı sıralamasını gerektiren özelliklerin kullanılması, çalışma zamanı istisnalarına neden olur. + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - “[StructLayout(LayoutKind.Auto)]” içeren türler, çalışma zamanı sıralamasının etkinleştirilmesini gerektirir + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - By-ref parametreleri, çalışma zamanı sıralamasının etkinleştirilmesini gerektirir + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - Parametre veya dönüş türü olarak yönetilen türlere sahip temsilciler, temsilcinin tanımlandığı derlemede çalışma zamanı sıralamasının etkinleştirilmesini gerektirir. + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - HResult-swapping, çalışma zamanı sıralamasının etkinleştirilmesini gerektirir + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - “LCIDConversionAttribute” kullanımı, çalışma zamanı sıralamasının etkinleştirilmesini gerektirir + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - Yönetilen parametre veya dönüş türleri, çalışma zamanı sıralamasının etkinleştirilmesini gerektirir + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - SetLastError'ın “true” olarak ayarlanması, çalışma zamanı sıralamasının etkinleştirilmesini gerektirir + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Varadic P/Invoke imzaları, çalışma zamanı sıralamasının etkinleştirilmesini gerektirir + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - Özellik, tür veya öznitelik, çalışma zamanı sıralamasını gerektirir + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - '{0}' türü '{1}' önizleme türünü içerdiğinden önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3} '{0}' türü, '{1}' önizleme türünü içerdiğinden önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - İşlem iptali bildirimlerinin doğru yayılmasını sağlamak için 'CancellationToken' parametresini metotlara iletin veya belirtecin kasıtlı olarak yayılmayacağını belirtmek için 'CancellationToken.None' ifadesini açıkça geçirin. + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - '{0}' parametresini '{1}' metoduna iletin veya kasıtlı olarak belirteci yaymadığını açıkça belirtmek için 'CancellationToken.None' içinde geçirin + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - 'CancellationToken' parametresini metotlara ilet + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - SecurityProtocolType {0} değerini sabit kodlamaktan kaçının ve bunun yerine işletim sisteminin kullanılacak en iyi Aktarım Katmanı Güvenlik protokolünü seçmesine izin vermek için SecurityProtocolType.SystemDefault kullanın. + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - SecurityProtocolType değerini sabit kodlamaktan kaçının + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - Güvenlik açıkları bulunursa, geçerli Aktarım Katmanı Güvenliği protokol sürümleri kullanımdan kaldırılmış olabilir. Uygulamanızın güvenliğini sağlamak için sabit kodlanmış SslProtocols değerleri kullanmaktan kaçının. İşletim Sisteminin bir sürüm seçmesi için 'Yok' seçeneğini belirleyin. + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - Uygulamanızın ileride de güvenli kalmasını sağlamak için sabit kodlanmış SslProtocols '{0}' kullanmaktan kaçının. İşletim Sisteminin bir sürüm seçmesi için 'Yok' seçeneğini belirleyin. + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - Sabit kodlanmış SslProtocols değerlerinden kaçının + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - Genel matematik arabirimleri, türetilmiş türün kendi kendini yineleyen tür parametresi için kullanılmasını gerektirir. + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - '{0}', '{1}' tipi parametresinin türetilmiş '{2}' tipi ile doldurulmasını gerektirir. + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - Doğru tür parametresini kullanın + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - Bu kural ihlalini düzeltmek için GetObjectData metodunu görünür ve geçersiz kılınabilir hale getirin ve tüm örnek alanlarının serileştirme işlemine dahil edildiğinden veya NonSerializedAttribute özniteliği kullanılarak açıkça işaretlendiğinden emin olun. + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - {0} türüne GetObjectData'nın bir uygulamasını ekleyin + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - {0}.GetObjectData'yı sanal ve geçersiz kılınabilir yapın + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - {0}.GetObjectData erişilebilirliğini türetilmiş türlere görünür olacak şekilde artırın + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - ISerializable'ı doğru uygulayın + Implement ISerializable correctly Implement inherited interfaces - Devralınan arabirimleri uygulayın + Implement inherited interfaces Implement Serialization constructor - Serileştirme oluşturucusunu uygulayın + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - Bu kural ihlalini düzeltmek için serileştirme oluşturucusunu uygulayın. Mühürlü bir sınıf için oluşturucuyu özel yapın. Aksi halde korumalı hale getirin. + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - {0} için bu imzayla bir oluşturucu ekleyin: 'protected {0}(SerializationInfo info, StreamingContext context)'. + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - Mühürlenmiş bir tür olan {0} için seri hale getirme oluşturucusunu private olarak bildirin. + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - Mühürlenmemiş bir tür olan {0} için seri hale getirme oluşturucusunu protected olarak bildirin. + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - Serileştirme oluşturucularını uygulayın + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - Serileştirme olayını işleyen bir metot, doğru imzaya, dönüş türüne veya görünürlüğe sahip değildir. + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - {0} metodu OnSerializing, OnSerialized, OnDeserializing ya da OnDeserialized ile işaretli olduğundan, imzasını genel olmayacak şekilde değiştirin + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - {0} metodu OnSerializing, OnSerialized, OnDeserializing ya da OnDeserialized ile işaretli olduğundan, imzasını 'System.Runtime.Serialization.StreamingContext' türünde tek bir parametre alacak şekilde değiştirin + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - {0} metodu OnSerializing, OnSerialized, OnDeserializing ya da OnDeserialized ile işaretli olduğundan, dönüş türünü {1} yerine void (Visual Basic'te Sub) olarak değiştirin + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - {0} metodu OnSerializing, OnSerialized, OnDeserializing ya da OnDeserialized ile işaretli olduğundan, statik (Visual Basic'te Shared) yerine bir örnek metoduna değiştirin + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - {0} metodu OnSerializing, OnSerialized, OnDeserializing ya da OnDeserialized ile işaretli olduğundan, erişilebilirliğini private olarak değiştirin + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - Serileştirme yöntemlerini doğru uygulayın + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}', '{1}' önizleme arabirimini uyguladığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}', '{1}' önizleme arabirimini uyguladığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}', '{1}' önizleme yöntemini uyguladığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}', '{1}' önizleme yöntemini uyguladığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Bir başvuru türü, açık bir statik oluşturucu bildirir. Bu kuralın ihlal edildiği bir durumu düzeltmek için, statik veriler bildirildiğinde bunların tümünü başlatın ve statik oluşturucuyu kaldırın. + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - Başvuru türünde statik alanları satır içi olarak başlatın + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - '{0}' içindeki statik alanlar bildirildiğinde bunların tümünü başlatın ve açık statik oluşturucuyu kaldırın + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - Bir değer türü, açık bir statik oluşturucu bildirir. Bu kuralın ihlal edildiği bir durumu düzeltmek için, statik veriler bildirildiğinde bunların tümünü başlatın ve statik oluşturucuyu kaldırın. + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - Değer türünde statik alanları satır içi olarak başlatın + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - İki bağımsız değişken oluşturucusunu çağırmak için değiştirin, ileti için null değerini geçirin. + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - ArgumentException olan veya bundan türetilen bir özel durum türünün varsayılan (parametresiz) oluşturucusuna bir çağrı yapıldı veya ArgumentException olan veya bundan türetilen bir özel durum türünün parametreli oluşturucusuna yanlış bir dize bağımsız değişkeni geçirildi. + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - Bağımsız değişken sırasını değiştir + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - {0} yöntemi, bir {3} oluşturucusuna {2} bağımsız değişkeni olarak '{1}' parametre adını geçiriyor. Bu bağımsız değişkeni açıklayıcı bir iletiyle değiştirin ve parametre adını doğru konumda geçirin. + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - {0} yöntemi, bir {3} oluşturucusuna {2} bağımsız değişkeni olarak '{1}' değerini geçiriyor. Bu bağımsız değişkeni yöntemin parametre adlarından biriyle değiştirin. Sağlanan parametre adındaki büyük/küçük harf kullanımının yöntemde bildirilenle aynı olması gerektiğini unutmayın. + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - Bir iletiyi ve/veya paramName parametresini içeren {0} oluşturucusunu çağırın + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - Bağımsız değişken özel durumlarını doğru bir şekilde başlatın + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - 'DynamicInterfaceCastableImplementationAttribute' özniteliğine sahip olan türler, 'IDynamicInterfaceCastable' türünü uygulayan bir tür için arabirim uygulaması olarak davranır. Sonuç olarak, devralınan arabirimlerde tanımlanan tüm üyelerin uygulanmasını sağlamalıdır çünkü diğer durumlarda 'IDynamicInterfaceCastable' uygulayan tür bu değeri sağlamaz. + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - '{0}' türüne 'DynamicInterfaceCastableImplementationAttribute' uygulanmış ama devralınan arabirimlerde tanımlanan tüm arabirim üyelerinin uygulanmasını sağlamıyor + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - Üst arabirimlerde bildirilen tüm üyelerin DynamicInterfaceCastableImplementation-öznitelikli bir arabirimde uygulanması gerekir + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - '{0}' yöntemi, SimpleTypeResolver ile başlatılmış bir JavaScriptSerializer ile güvenilmeyen veriler seri durumdan çıkarılırken güvenli değildir. JavaScriptSerializer'ın bir JavaScriptTypeResolver belirtilmeden başlatıldığından veya seri durumdan çıkarılan nesne grafındaki nesne türlerini sınırlayan bir JavaScriptTypeResolver ile başlatıldığından emin olun. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - Seri durumdan çıkarmadan önce JavaScriptSerializer'ın SimpleTypeResolver ile başlatılmadığından emin olun + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - '{0}' yöntemi, SimpleTypeResolver ile başlatılmış bir JavaScriptSerializer ile güvenilmeyen veriler seri durumdan çıkarılırken güvenli değildir. JavaScriptSerializer'ı JavaScriptTypeResolver belirtmeden veya seri durumdan çıkarılan nesne grafındaki nesne türlerini sınırlayan bir JavaScriptTypeResolver ile başlatın. + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - SimpleTypeResolver kullanarak JavaScriptSerializer ile seri durumdan çıkarma + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Güvenilmeyen girişler seri durumdan çıkarılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializer seri durumdan çıkarılırken TypeNameHandling.None kullanın veya Hiçbiri dışındaki değerler için, SerializationBinder ile seri durumdan çıkarılan türleri kısıtlayın. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - Güvenli olmayan yapılandırma kullanarak JsonSerializer ile seri durumdan kaldırmayın + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Güvenilmeyen girişler seri durumdan kaldırılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializerSettings kullanılırken, TypeNameHandling.None kullanın veya Hiçbiri dışındaki değerler için, SerializationBinder ile seri durumda çıkarılan türleri kısıtlayın. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - Güvenli olmayan JsonSerializerSettings kullanmayın + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - Güvenilmeyen girişler seri durumdan çıkarılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializer seri durumdan çıkarılırken TypeNameHandling.None kullanın veya Hiçbiri dışındaki değerler için, SerializationBinder ile seri durumdan çıkarılan türleri kısıtlayın. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - Seri durumdan kaldırırken JsonSerializer'ın güvenli yapılandırmaya sahip olduğundan emin olun + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - Güvenilmeyen girişler seri durumdan kaldırılırken, rastgele türlerin seri durumdan çıkarılmasına izin vermek güvenli değildir. JsonSerializerSettings kullanılırken, TypeNameHandling.None belirtildiğinden veya Hiçbiri dışındaki değerler için, seri durumda çıkarılan türleri kısıtlamak için SerializationBinder belirtildiğinden emin olun. + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - JsonSerializerSettings'in güvenli olduğundan emin olun + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - None dışında bir TypeNameHandling değeri kullanılırken JSON'nin seri durumundan çıkarılması güvenli olmayabilir. SerializationBinder belirtilmediğinde, Json.NET'in seri durumundan çıkarılmasının algılanması gerekiyorsa, CA2326 kuralını devre dışı bırakıp CA2327, CA2328, CA2329 ve CA2330 kurallarını etkinleştirin. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - None dışında bir TypeNameHandling değeri kullanılırken JSON'nin seri durumundan çıkarılması güvenli olmayabilir. + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - None dışında bir TypeNameHandling değeri kullanmayın + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - Güvenli olmayan seri kaldırıcı LosFormatter kullanmayın + Do not use insecure deserializer LosFormatter Convert to static method - Statik yönteme dönüştür + Convert to static method Converting an instance method to a static method may produce invalid code - Örnek metodunu statik bir metoda dönüştürmek geçersiz kod üretebilir + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - Sıfır parametrelerini 'public' olarak alan bir oluşturucu oluşturun + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - Serileştirilebilir olmayan bir örnek alanı türü, serileştirilebilir bir türde bildirildi. + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - {0} alanı serileştirilebilir {1} türünün bir üyesidir, ancak serileştirilebilir olmayan {2} türündendir + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - Tüm serileştirilebilir olmayan alanları işaretleyin + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - NeutralResourcesLanguage özniteliği ResourceManager’a bir derleme için nötr kültürdeki kaynakları görüntülemek için kullanılan dili bildirir. Bu, yüklediğiniz ilk kaynak için arama performansını iyileştirir ve çalışma kümenizi azaltabilir. + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - Bütünleştirilmiş kodları NeutralResourcesLanguageAttribute ile işaretle + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - Bütünleştirilmiş kodları NeutralResourcesLanguageAttribute ile işaretle + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - Boole veri türleri yönetilmeyen kodda birden çok gösterime sahiptir. + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - MarshalAsAttribute’u P/Invoke {1} öğesinin {0} parametresine ekleyin. Karşılık gelen yönetilmeyen parametre bir 4 bayt Win32 'BOOL' ise, [MarshalAs(UnmanagedType.Bool)] kullanın. 1-byte C++ 'bool' için, MarshalAs(UnmanagedType.U1) kullanın. + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - MarshalAsAttribute’u P/Invoke {0} öğesinin dönüş türüne ekleyin. Karşılık gelen yönetilmeyen dönüş türü bir 4 bayt Win32 'BOOL' ise, [MarshalAs(UnmanagedType.Bool)] kullanın. 1-byte C++ 'bool' için, MarshalAs(UnmanagedType.U1) kullanın. + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - Boolean PInvoke bağımsız değişkenlerini MarshalAs olarak işaretleyin + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - Ortak dil çalışma zamanı modülü tarafından serileştirilebilir olarak tanınmak için, tür ISerializable arabiriminin uygulanması aracılığıyla özel bir serileştirme yordamı kullandığında bile, türler SerializableAttribute özniteliği kullanılarak işaretlenmelidir. + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - {0} türü ISerializable uyguladığı için [Serializable] ekleyin + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - ISerializable türlerini serileştirilebilir ile işaretleyin + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - HttpClient sertifika iptal listesi denetiminin devre dışı bırakılmadığından emin olun + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - HttpClient, CheckCertificateRevocationList etkinleştirilmeden oluşturulabilir + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - Sertifikaların Kök Depoya Eklenmediğinden Emin Olun + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - Sertifikaların, işletim sisteminin güvenilen kök sertifikalarına eklenmesi güvenli değildir. Hedef deponun kök depo olmadığından emin olun. + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - Varsayılan IV ile CreateEncryptor kullan + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - Şifrelemede, muhtemelen yinelenebilir, varsayılan olmayan başlatma vektörü kullanılıyor. Varsayılan başlatma vektörünü kullandığınızdan emin olun. + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - ASP.NET Core'da Güvenli Tanımlama Bilgileri Kullanılmasını Sağla + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - Tanımlama bilgisi ayarlanırken CookieOptions.Secure = true olduğundan emin olun + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - Zayıf Anahtar Türetme İşlevini Kullanırken Yeterli Sayıda Yineleme Sağlayın + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - Bir paroladan şifreleme anahtarı türetirken yineleme sayısının en az {0} olduğundan emin olun. Varsayılan olarak, Rfc2898DeriveByte'ın IterationCount değeri yalnızca 1000'dir + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - 'IDynamicInterfaceCastable' uygulayan bir tür meta verilerde dinamik arabirim uygulamayabileceği için, bu tür üzerinde tanımlı açık bir uygulama olmayan bir örnek arabirim üyesine yapılan çağrılar, çalışma zamanında başarısız olabilir. Çalışma zamanı hatalarını önlemek için yeni arabirim üyelerini 'static' olarak işaretleyin. + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - '{1}' türü üzerindeki '{0}' 'static' olarak işaretlenmeli çünkü '{1}' için 'DynamicInterfaceImplementationAttribute' uygulanmış + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - Bir arabirimde 'DynamicInterfaceCastableImplementationAttribute' ile tanımlanan üyeler 'static' olmalıdır + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}', '{1}' önizleme türünü döndürdüğünden önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}', '{1}' önizleme türünü döndürdüğünden önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}', '{1}' türünün önizleme parametresinde olduğundan önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}', '{1}' türünün önizleme parametresinde olduğundan önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - Bu yöntem, çalışma zamanı sıralaması devre dışı bırakıldığında bile çalışma zamanı sıralaması kullanır; bu, bir türün yerel düzeninin farklı beklentileri nedeniyle çalışma zamanında beklenmeyen davranış farklılıklarına neden olabilir. + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - “{0}”, “DisableRuntimeMarshallingAttribute” uygulandığında bile çalışma zamanı sıralamasını kullanıyor. Doğru sonuçlar sağlamak için doğrudan “sizeof” gibi özellikleri ve işaretçileri kullanın. + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - Bu yöntem, “DisableRuntimeMarshallingAttribute” uygulandığında bile çalışma zamanı sıralamasını kullanır + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - Eylem metotları için HttpVerb özniteliği eksik + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - Metodun [HttpPost] aşırı yüklemesinde verileri oluşturan, düzenleyen, silen veya değiştiren tüm metotların, istek sahteciliğine karşı sahteciliğe karşı koruma özniteliği ile korunması gerekir. GET işlemi, yan etki içermeyen ve kalıcı verilerinizi değiştirmeyen güvenli bir işlem olmalıdır. + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - {0} eylem metodunun HTTP istek tipini açık olarak belirtmesi gerekir + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - Modül başlatıcılar, uygulama kodu yürütülmeye başlamadan önce uygulamanın bileşenlerinin başlatılmasını sağlamak için uygulama kodu tarafından kullanılmak içindir. Kitaplık kodu 'ModuleInitializerAttribute' öznitelikli bir yöntem bildirirse, uygulamanın başlatılmasına engel olabilir ve ayrıca bu uygulamanın kırpma becerileriyle ilgili sınırlamalara neden olabilir. Kitaplık, 'ModuleInitializerAttribute' özniteliği ile işaretli yöntemleri kullanmak yerine, içindeki bileşenlerin başlatılması için kullanılabilecek ve başlatılırken uygulamanın çağırabileceği yöntemleri kullanıma sunmalıdır. + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - 'ModuleInitializer' özniteliğinin yalnızca uygulama kodunda veya gelişmiş kaynak oluşturucu senaryolarında kullanılması amaçlanmıştır + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - 'ModuleInitializer' özniteliği kitaplıklarda kullanılmamalıdır + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Güvenilmeyen veriler, seri durumdan çıkarılmış nesne grafındaki nesnelerin türünü kısıtlamak için SerializationBinder kullanılmadan seri durumdan çıkarılırken '{0}' yöntemi güvenli değildir. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - Seri durumdan çıkarmadan önce NetDataContractSerializer.Binder öğesinin ayarlandığından emin olun + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - Güvenilmeyen veriler, seri durumdan çıkarılmış nesne grafındaki nesnelerin türünü kısıtlamak için SerializationBinder kullanılmadan seri durumdan çıkarılırken '{0}' yöntemi güvenli değildir. + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - İlk olarak NetDataContractSerializer.Binder öğesini ayarlamadan seri durumdan çıkarmayın + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. Bunun yerine SerializationBinder ayarlanmadan NetDataContractSerializer seri durumdan çıkarma işlemi algılamanız gerekiyorsa, CA2310 kuralını devre dışı bırakıp CA2311 ve CA2312 kurallarını etkinleştirin. + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - Güvenli olmayan seri kaldırıcı NetDataContractSerializer kullanmayın + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - Dizeler büyük harf olacak şekilde normalleştirilmelidir. Küçük bir karakter grubu küçük harfe dönüştürüldüğünde gidiş-dönüş gerçekleştiremez. Gidiş-dönüş gerçekleştirme, karakterlerin bir yerel ayardan karakterleri farklı temsil eden başka bir yerel ayara dönüştürülmesi, sonra da dönüştürülen karakterlerden özgün karakterlerin doğru bir şekilde alınması anlamına gelir. + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - '{0}' metodunda '{1}' çağrısını '{2}' ile değiştirin + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - Dizeleri büyük harf olacak şekilde normalleştirin + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - '{0}' metodu güvenilmeyen veriler seri durumdan çıkarılırken güvenli değil. + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - Güvenli olmayan seri kaldırıcı ObjectStateFormatter kullanmayın + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}', '{1}' önizleme yöntemini geçersiz kıldığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}', '{1}' önizleme yöntemini geçersiz kıldığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - Ortak bir türdeki ortak veya korumalı bir yöntem System.Runtime.InteropServices.DllImportAttribute özniteliğine sahip (ayrıca Visual Basic içinde Declare anahtar sözcüğü tarafından uygulanır). Bu tür yöntemler açığa çıkarılmamalıdır. + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - P/Invoke yöntemi '{0}' görünür olmamalıdır + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - P/Invokes görünür olmamalıdır + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - ve diğer tüm platformlar + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - '{0}' tüm sürümler + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - Bileşen üzerinde platforma bağımlı API kullanmak, kodun artık tüm platformlarda çalışmamasına neden olur. + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - '{0}' {1} sürümünden {2} sürümüne kadar + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - Bu çağrı sitesine tüm platformlarda ulaşılabilir. '{0}' şurada kullanım dışıdır: {1}. + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - Bu çağrı sitesine şurada ulaşılabilir: {2}. '{0}' şurada kullanım dışıdır: {1}. + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - Bu çağrı sitesine tüm platformlarda ulaşılabilir. '{0}' yalnızca şurada desteklenir: {1}. + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - Bu çağrı sitesine şurada ulaşılabilir: {2}. '{0}' yalnızca şurada desteklenir: {1}. + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - Bu çağrı sitesine şurada ulaşılamaz: {2}. '{0}' yalnızca şurada desteklenir: {1}. + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - Bu çağrı sitesine tüm platformlarda ulaşılabilir. '{0}' şurada desteklenir: {1}. + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - Bu çağrı sitesine şurada ulaşılabilir: {2}. '{0}' şurada desteklenir: {1}. + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - Platform uyumluluğunu doğrula + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - Bu çağrı sitesine tüm platformlarda ulaşılabilir. '{0}' şurada desteklenmez: {1}. + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - Bu çağrı sitesine şurada ulaşılabilir: {2}. '{0}' şurada desteklenmez: {1}. + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - '{0}' {1} ve öncesi + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - '{0}' {1} ve sonrası + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - Beklenmeyen başvuru döngülerinin işlenmesi için, seri durumdan çıkarılmış güvenilmeyen verileri işleyen kodu inceleyin. Beklenmeyen başvuru döngüsü, kodun sonsuz bir döngüye girmesine neden olmamalıdır. Buna neden olursa beklenmeyen başvuru döngüsü, güvenilmeyen veriler seri durumdan çıkarılırken saldırganın DOS'a erişmesine izin verebilir veya işlem belleğini tüketebilir. + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0}, olası bir başvuru döngüsünde yer alıyor + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - Seri durumdan çıkarılan nesne grafındaki olası başvuru döngüsü + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - 'Substring'i 'AsSpan' ile değiştirin + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - 'AsSpan', 'Substring'den daha verimlidir. 'Substring' bir O(n) dizesi kopyası oluşturur ama 'AsSpan' bunu yapmaz ve sabit bir maliyeti vardır. + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - Yayılma tabanlı aşırı yüklemeler kullanılabilir olduğunda 'Substring' yerine 'AsSpan' tercih edin + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - 'Substring' yerine 'AsSpan' tercih edin + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - 'Any()' yerine 'Count' denetimi kullanın + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - Hem kolay anlaşılırlık hem de performans için 'Count' değerini 'Any()' yerine 0 ile karşılaştırmayı tercih edin + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - 'ContainsKey' kullanın + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey' genellikle O(1) iken 'Keys.Contains' bazı durumlarda O(n) olabilir. Ayrıca birçok sözlük uygulaması ayırmaları sınırlandırmak için Keys koleksiyonunu geç başlatır. + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - Sözlük türü '{0}' için 'Keys.Contains' yerine 'ContainsKey' tercih edin + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - Dictionary.Contains yöntemleri tercih edin + Prefer Dictionary.Contains methods Use 'ContainsValue' - 'ContainsValue' kullanın + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - Birçok sözlük uygulaması Values derlemesini geç başlatır. Gereksiz ayırmaları önlemek için 'Values.Contains' yerine 'ContainsValue' tercih edin. + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - Sözlük türü '{0}' için 'Values.Contains' yerine 'ContainsValue' tercih edin + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - 'HashData' yöntemiyle değiştir + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - 'ComputeHash' çağırmak için HashAlgorithm örneği oluşturup yönetmek yerine statik 'HashData' yöntemini kullanmak daha verimlidir. + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - 'ComputeHash' yerine statik '{0}.HashData' yöntemini tercih edin + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - 'ComputeHash' yerine statik 'HashData' yöntemini tercih edin + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - 'Any()' yerine 'IsEmpty' denetimi kullan + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - Hem kolay anlaşılırlık hem de performans için 'Any()' kullanmak yerine bir 'IsEmpty' denetimi yapmayı tercih edin + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - 'Enumerable.Any()' metodunu çağırmak yerine hangisi mevcutsa 'IsEmpty', 'Count' veya 'Length' özelliklerinden birini kullanmayı tercih edin. Amaç daha kolay anlaşılır ve 'Enumerable.Any()' genişletme metoduna göre daha yüksek performans sunar. + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - 'Enumerable.Any()' genişletme metodunu kullanmayın + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - 'Any()' yerine 'Length' denetimi kullanın + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - Hem kolay anlaşılırlık hem de performans için 'Length' değerini 'Any()' yerine 0 ile karşılaştırmayı tercih edin + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - 'Stream', ilk bağımsız değişken olarak 'Memory<Byte>' alan bir 'ReadAsync' aşırı yüklemesine ve ilk bağımsız değişken olarak 'ReadOnlyMemory<Byte>' alan bir 'WriteAsync' aşırı yüklemesine sahip. Daha verimli olan bellek tabanlı aşırı yüklemeleri çağırmayı tercih edin. - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - Nesnenin öğe içerip içermediğini belirlemek için 'Count' özelliğinden öğe sayısını almak yerine 'IsEmpty' özelliğini kullanmayı ve bunu 0 veya 1 ile karşılaştırmayı tercih edin. - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - Nesnenin boş olup olmadığını belirlemek için 'Count' yerine 'IsEmpty' seçeneğini tercih edin - - - - Prefer IsEmpty over Count - Count yerine IsEmpty tercih edin + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - '{0}' metot çağrısını, '{1}' aşırı yüklemesini kullanacak şekilde değiştir + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - 'ReadAsync' ve 'WriteAsync' için 'Memory' tabanlı aşırı yüklemeleri tercih et + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - 'string.Contains' ile değiştir + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - Sonucu, bir alt dizenin varlığını/yokluğunu denetlemek için kullanılan 'string.IndexOf' çağrıları 'string.Contains' ile değiştirilebilir. + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - Okunabilirliği artırmak için 'string.IndexOf' yerine 'string.Contains' kullanın + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - 'string.IndexOf' yerine 'string.Contains' kullanmayı düşünün + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append ve StringBuilder.Insert, System.String'in ötesinde birden çok türe yönelik aşırı yükleme sağlar. Mümkün olduğunda, ToString() ve dize tabanlı aşırı yüklemeyi kullanmak yerine kesin tür belirtilmiş aşırı yüklemeleri tercih edin. + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - Kesin tür belirtilmiş bir StringBuilder aşırı yüklemesi kullanmak için ToString çağrısını kaldırın + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - ToString çağrısını kaldırın + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - StringBuilder'da kesin tür belirtilmiş Append ve Insert metodu aşırı yüklemelerini tercih edin - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - Dize tek bir karakter olduğunda 'StringBuilder.Append(char)', 'StringBuilder.Append(string)' öğesinden daha verimlidir. 'Append' bir sabit değer ile çağrıldığında, bir karakter içeren sabit bir dize yerine sabit bir karakter kullanmayı tercih edin. - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - Giriş, sabit birim dizesi olduğunda 'StringBuilder.Append(string)' yerine 'StringBuilder.Append(char)' kullanın - - - - Consider using 'StringBuilder.Append(char)' when applicable - Uygun olduğunda 'StringBuilder.Append(char)' kullanabilirsiniz + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - .NET 7 ile başlayarak, denetlenmemiş bir bağlamda taşarken '{0}' açık dönüşümü özel durum oluşturmaz. .NET 6 davranışını geri yüklemek için ifadeyi 'denetlenmiş' bir deyimle sarın. + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - .NET 7 ile başlayarak, denetlenmemiş bir bağlamda taşarken '{0}' açık dönüşümü özel durum oluşturmaz. .NET 6 davranışını geri yüklemek için ifadeyi 'denetlenmemiş' bir deyimle sarın. + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - .NET 7'ye eklenen bazı yerleşik işleçler, .NET 6 ve önceki sürümlerde karşılık gelen kullanıcı tanımlı işleçlerde taşma olduğunda farklı davranır. Daha önce işaretlenmemiş bir bağlamda oluşturulan bazı işleçler, işaretli bir bağlam içinde kaydırılana kadar artık oluşturmaz. Ayrıca, daha önce denetlenmiş bir bağlamda oluşturulmamış bazı işleçler şimdi işaretsiz bir bağlamda sarmalanmadıysa oluşturulur. + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - .NET 7 ile başlayarak, denetlenmiş bir bağlamda taşarken '{0}' operatörü özel durum oluşturur. .NET 6 davranışını geri yüklemek için ifadeyi 'denetlenmemiş' bir deyimle sarın. + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - Davranış değişikliğini önle + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - 'Enum.HasFlag' metodu, 'sabit listesi' bağımsız değişkeninin, metodun çağrıldığı örnekle aynı 'sabit listesi' türünde olmasını ve bu 'sabit listesi' bağımsız değişkeninin 'System.FlagsAttribute' ile işaretlenmesini bekler. Bunlar farklı 'sabit listesi' türleriyse çalışma zamanında işlenmeyen özel durum oluşur. 'Sabit listesi' türü 'System.FlagsAttribute' ile işaretlenmemişse çağrı, çalışma zamanında her zaman 'false' değerini döndürür. + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - '{0}' bağımsız değişken türü, '{1}' sabit listesi türüyle aynı olmalıdır. + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - 'Enum.HasFlag' için doğru 'sabit listesi' bağımsız değişkenini belirtin + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - System.String.Format’a geçirilen biçim bağımsız değişkeni, her nesne bağımsız değişkenine karşılık gelen bir biçim öğesi içermiyor ve tersi için de aynısı geçerli. + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - Biçimlendirme yöntemlerine doğru bağımsız değişkenleri sağlayın + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - Biçimlendirme yöntemlerine doğru bağımsız değişkenleri sağlayın + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - Tür, System.Runtime.Serialization.OptionalFieldAttribute özniteliği kullanılarak işaretlenen bir alana sahip ve tür, seri durumdan çıkarma olayı işleme metotlarını sağlamıyor. + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - {0} türüne 'private void OnDeserialized(StreamingContext)' metodunu ekleyin ve System.Runtime.Serialization.OnDeserializedAttribute ile özniteliğini belirleyin + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - {0} türüne 'private void OnDeserializing(StreamingContext)' metodunu ekleyin ve System.Runtime.Serialization.OnDeserializingAttribute ile özniteliğini belirleyin + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - İsteğe bağlı yöntemler için serileştirme kaldırma yöntemler sağlayın + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - 'System.Runtime.InteropServices.SafeHandle'dan türetilmiş bir tür için kapsayan tür kadar görülebilen parametresiz bir oluşturucu sağlamak, kaynak tarafından oluşturulan birlikte çalışma çözümleriyle daha iyi performans ve kullanım olanağı sağlar. + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - 'System.Runtime.InteropServices.SafeHandle'dan türetilen '{0}' türü için kapsayan tür kadar görülebilen parametresiz bir oluşturucu belirtin + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - 'System.Runtime.InteropServices.SafeHandle'dan türetilen somut türler için kapsayan tür kadar görülebilen parametresiz bir oluşturucu belirtin + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - Performansı artırmak için, 'Stream'i alt sınıflandırması yaparken bellek tabanlı zaman uyumsuz yöntemleri geçersiz kılın. Daha sonra, dizi tabanlı yöntemleri bellek tabanlı metotlara göre uygulayın. + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - '{0}', dizi tabanlı '{1}' öğesini geçersiz kılıyor ancak bellek tabanlı '{2}' öğesini geçersiz kılmıyor. Performansı artırmak için bellek tabanlı '{2}' öğesini geçersiz kılmayı düşünün. + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - 'Stream' alt sınıflandırması yapılırken olduğunda zaman uyumsuz yöntemlerin bellek tabanlı geçersiz kılmalarını sağlayın + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - Gereksiz çağrıyı kaldır + Remove redundant call Remove unnecessary call - Gereksiz çağrıyı kaldır + Remove unnecessary call Replace string literal with char literal - Sabit değerli dizeyi sabit değerli karakter ile değiştirin + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası DLL ekleme güvenlik açığı bulundu. + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - Kodu DLL ekleme güvenlik açıkları için inceleyin + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası dosya yolu ekleme güvenlik açığı bulundu. + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - Kodu dosya yolu ekleme güvenlik açıkları için inceleyin + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan istenmeyen bilgileri içeriyor olabileceği, bilgilerin açığa çıkmasına yönelik olası bir güvenlik açığı bulundu. + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - Kodu bilgilerin açığa çıkması güvenlik açıkları için inceleyin + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası LDAP ekleme güvenlik açığı bulundu. + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - Kodu LDAP ekleme güvenlik açıkları için inceleyin + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası açık yeniden yönlendirme güvenlik açığı bulundu. + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - Kodu açık yeniden yönlendirme güvenlik açıkları için inceleyin + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası işlem komutu ekleme güvenlik açığı bulundu. + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - Kodu işlem komutu ekleme güvenlik açıkları için inceleyin + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası normal ifade ekleme güvenlik açığı bulundu. + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - Kodu normal ifade ekleme güvenlik açıkları için inceleyin + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası SQL ekleme güvenlik açığı bulundu. + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - Kodu SQL ekleme güvenlik açıkları için inceleyin + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası XAML ekleme güvenlik açığı bulundu. + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - Kodu XAML ekleme güvenlik açıkları için inceleyin + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası XML ekleme güvenlik açığı bulundu. + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - Kodu XML ekleme güvenlik açıkları için inceleyin - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası XPath ekleme güvenlik açığı bulundu. - - - - Review code for XPath injection vulnerabilities - Kodu XPath ekleme güvenlik açıkları için inceleyin + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - '{1}' metodundaki '{0}' öğesinin '{3}' metodundaki '{2}' öğesinde bulunan kullanıcı denetimindeki veriler nedeniyle zarar görmüş olabileceği bir olası siteler arası betik yazma (XSS) güvenlik açığı bulundu. + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - Kodu XSS güvenlik açıkları için inceleyin + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - Doğrudan kullanıcı girişi kullanan SQL sorguları, SQL ekleme saldırılarına karşı savunmasız olabilir. Bu SQL sorgusunu olası güvenlik açıkları için inceleyin ve parametre tabanlı bir SQL sorgusu kullanmayı deneyin. + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - '{1}' içinde '{0}' öğesine geçirilen sorgu dizesinin kullanıcı girişi kabul edip etmediğini gözden geçirin + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - SQL sorgularını güvenlik açıkları için inceleyin + Review SQL queries for security vulnerabilities Seal class - Sınıfı mühürle + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - Bir türe bütünleştirilmiş kodunun dışında erişilemediğinde ve türün kapsayan bütünleştirilmiş kodu içinde alt türü olmadığında, bu tür güvenli bir şekilde mühürlenebilir. Mühürleme türleri performansı artırabilir. + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - '{0}' türünün kapsayan bütünleştirilmiş kodunda alt türü olmadığından ve dışarıdan görünür olmadığından bu tür mühürlenebilir + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - İç türleri mühürle + Seal internal types Set HttpOnly to true for HttpCookie - HttpCookie için HttpOnly'yi true olarak ayarlayın + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - Derinlik ölçümü savunması olarak, güvenlik açısından önemli HTTP tanımlama bilgilerinin HttpOnly biçiminde işaretlendiğinden emin olun. Bu, web tarayıcılarının betiklerin tanımlama bilgilerine erişmesini engelleyeceğini belirtir. Eklenmiş kötü amaçlı betikler, tanımlama bilgilerini çalmak için kullanılan yaygın bir yoldur. + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - HttpCookie kullanılırken HttpCookie.HttpOnly false olarak ayarlandı veya hiç ayarlanamadı. Kötü amaçlı betiklerin tanımlama bilgilerini çalmasını engellemek için, güvenlik açısından önemli tanımlama bilgilerinin HttpOnly olarak işaretlendiğinden emin olun + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - Sayfadan Türetilen Sınıflar için ViewStateUserKey Ayarlayın + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - ViewStateUserKey özelliğini ayarlamak, görüntüleme durumu değişkenine tanımlayıcı atayarak kullanıcıların bu değişkeni uygulamanıza saldırı oluşturmak üzere kullanmasını önlemeye yardımcı olabilir. Aksi halde siteler arası istek sahteciliği güvenlik açıkları meydana gelir. + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - System.Web.UI.Page sınıfından türetilen {0} sınıfı OnInit metodunda veya Page_Init metodunda ViewStateUserKey özelliğini ayarlamıyor + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - Geçerli kültürde yanlışlıkla yapılan örtük bağımlılıktan kaçınmaya yardımcı olmak için kültürü belirtin. Sabit bir sürümün kullanılması, uygulamanın kültüründen bağımsız olarak tutarlı sonuçlar verir. + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - Geçerli kültürde örtük bağımlılıktan kaçınmak için bir kültür belirtin veya sabit bir sürüm kullanın + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - Bir kültür belirtin veya sabit bir sürüm kullanın + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - Bir yöntem veya oluşturucu, bir System.Globalization.CultureInfo parametresini kabul eden bir aşırı yüklemeye sahip bir üyeyi çağırır, ancak bu yöntem veya oluşturucu, CultureInfo parametresini almayan aşırı yüklemeyi çağırmaz. CultureInfo veya System.IFormatProvider nesnesi sağlanmadığında, aşırı yüklenen üye tarafından sağlanan varsayılan değer tüm yerel ayarlarda istediğiniz etkiye sahip olmayabilir. Sonuç kullanıcıya görüntülenecekse 'CultureInfo' parametresi olarak 'CultureInfo.CurrentCulture' değerini belirtin. Aksi takdirde, sonuç depolanacak ve yazılım tarafından erişilecekse (örneğin, diskte veya bir veritabanında kalıcı hale getirildiğinde) 'CultureInfo.InvariantCulture' değerini belirtin. + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' öğesinin davranışı, geçerli kullanıcının yerel ayarlarına göre farklılık gösterebilir. '{1}' öğesinde bu çağrıyı bir '{2}' çağrısıyla değiştirin. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - CultureInfo’yu belirtin + Specify CultureInfo Specify current culture - Geçerli kültürü belirtin + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - Bir metot veya oluşturucu, bir System.IFormatProvider parametresini kabul eden aşırı yüklemelere sahip bir veya daha fazla üyeyi çağırır, ancak bu metot veya oluşturucu, IFormatProvider parametresini alan aşırı yüklemeyi çağırmaz. System.Globalization.CultureInfo veya IFormatProvider nesnesi sağlanmadığında, aşırı yüklenen üye tarafından sağlanan varsayılan değer tüm yerel ayarlarda istediğiniz etkiye sahip olmayabilir. Sonuç kullanıcı girişine/kullanıcıya görüntülenecek çıkışa bağlı olacaksa 'IFormatProvider' parametresi olarak 'CultureInfo.CurrentCulture' belirtin. Aksi takdirde, sonuç yazılım tarafından depolanacaksa ve erişilecekse (örneğin, diskten/veritabanından yüklendiğinde ve diskte/veritabanında kalıcı hale getirildiğinde) 'CultureInfo.InvariantCulture' belirtin. + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' öğesinin davranışı, geçerli kullanıcının yerel ayarlarına göre farklılık gösterebilir. '{1}' öğesinde bu çağrıyı bir '{2}' çağrısıyla değiştirin. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' öğesinin davranışı, geçerli kullanıcının yerel ayarlarına göre farklılık gösterebilir. '{1}' öğesinde bu çağrıyı bir '{2}' çağrısıyla değiştirin. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - '{0}' davranışı, geçerli kullanıcının yerel ayarlarına göre değişebilir. 'IFormatProvider' bağımsız değişkeni için bir değer belirtin. + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}', '{2}' öğesine 'IFormatProvider' parametresi olarak '{1}' değerini geçiriyor. Bu özellik, biçimlendirme yöntemleri için uygun olmayan bir kültür döndürüyor. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}', '{2}' öğesine 'IFormatProvider' parametresi olarak '{1}' değerini geçiriyor. Bu özellik, biçimlendirme yöntemleri için uygun olmayan bir kültür döndürüyor. + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - IFormatProvider belirtin + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - Platform çağırma üyeleri kısmen güvenilen çağıranlara izin verir, bir dize parametresine sahiptir ve dizeyi açıkça sıralamaz. Bu olası bir güvenlik açığına neden olabilir. + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - P/Invoke dize bağımsız değişkenleri için sıralamayı belirtme + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Dize karşılaştırması, bir StringComparison parametresi ayarlamayan bir yöntem aşırı yüklemesi kullanır. Amaç netliği için, StringComparison parametresini içeren aşırı yüklemenin kullanılması önerilir. Sonuç kullanıcıya görüntülenecekse (örneğin, bir liste kutusunda görüntülenmek üzere bir öğe listesi sıralanırken), 'StringComparison' parametresi olarak 'StringComparison.CurrentCulture' veya 'StringComparison.CurrentCultureIgnoreCase' değerini belirtin. Dosya yolları, ortam değişkenleri veya kayıt defteri anahtarları ve değerleri gibi büyük/küçük harfe duyarlı olmayan tanımlayıcılar karşılaştırılıyorsa 'StringComparison.OrdinalIgnoreCase' değerini belirtin. Aksi takdirde, yani büyük/küçük harfe duyarlı tanımlayıcılar karşılaştırılıyorsa 'StringComparison.Ordinal' değerini belirtin. + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - '{0}', bir 'StringComparison' parametresi alan bir yöntem aşırı yüklemesiyle karşılaştı. '{1}' içinde bu çağrıyı, amaç netliği için '{2}' çağrısıyla değiştirin. + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - Netlik için StringComparison belirtin + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - Dize karşılaştırması, bir StringComparison parametresi ayarlamayan bir yöntem aşırı yüklemesi kullanır, bu nedenle davranışı geçerli kullanıcının yerel ayarlarına göre değişebilir. Doğruluk ve amaç netliği için, StringComparison parametresini içeren aşırı yüklemenin kullanılması önemle önerilir. Sonuç kullanıcıya görüntülenecekse (örneğin, bir liste kutusunda görüntülenmek üzere bir öğe listesi sıralanırken), 'StringComparison' parametresi olarak 'StringComparison.CurrentCulture' veya 'StringComparison.CurrentCultureIgnoreCase' değerini belirtin. Dosya yolları, ortam değişkenleri veya kayıt defteri anahtarları ve değerleri gibi büyük/küçük harfe duyarlı olmayan tanımlayıcılar karşılaştırılıyorsa 'StringComparison.OrdinalIgnoreCase' değerini belirtin. Aksi takdirde, yani büyük/küçük harfe duyarlı tanımlayıcılar karşılaştırılıyorsa 'StringComparison.Ordinal' değerini belirtin. + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' öğesinin davranışı, geçerli kullanıcının yerel ayarlarına göre farklılık gösterebilir. '{1}' öğesinde bu çağrıyı bir '{2}' çağrısıyla değiştirin. + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - Doğruluk için StringComparison belirtin + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - Hem 'static' hem de 'abstract' değiştiriciler kullanmak önizleme özelliklerini kabul etmeyi gerektirir. Daha fazla bilgi için bkz. https://aka.ms/dotnet-warnings/preview-features + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - Dizeleri Equals yerine String.Length özelliğini veya String.IsNullOrEmpty yöntemini kullanarak karşılaştırmak önemli ölçüde daha hızlıdır. + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - Equality denetimi yerine 'string.Length' özelliğini veya 'string.IsNullOrEmpty' metodunu kullanarak boş dize testi uygulayın + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - Dize uzunluğunu kullanarak boş dize testi uygulayın + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - Bu ifade, bir değeri Single.Nan veya Double.Nan ile karşılaştırarak test eder. Değeri test etmek için Single.IsNan(Single) veya Double.IsNan(Double) kullanın. + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - NaN testini doğru uygulayın + Test for NaN correctly Test for NaN correctly - NaN testini doğru uygulayın + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - 'ThreadStatic' alanları kullanım sırasında geç başlatılmalıdır. Satır içi başlatma kullanılarak veya yalnızca türün statik oluşturucusunu çalıştıran iş parçacığındaki alanı başlatacak olan bir statik oluşturucuda açıkça başlatılmamalıdır. + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - 'ThreadStatic' alanları satır içi başlatma kullanmamalıdır + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - 'ThreadStatic' alanı başlatması hatalı + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - 'ThreadStatic' yalnızca statik alanları etkiler. Örnek alanlara uygulandığında davranış üzerinde etkisi yoktur. + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - 'ThreadStatic' iş parçacığının yalnızca statik alanlarla kullanıldığından emin olun + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - 'ThreadStatic' yalnızca statik alanları etkiler + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - ArgumentException oluşturma yardımcısı kullan + Use ArgumentException throw helper Use ArgumentNullException throw helper - ArgumentNullException oluşturma yardımcısını kullan + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - ArgumentOutOfRangeException oluşturma yardımcısı kullan + Use ArgumentOutOfRangeException throw helper Use Array.Empty - Array.Empty kullanın + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - Dizi değerleri üzerindeki Aralık tabanlı dizin oluşturucu, dizinin istenen kısmının bir kopyasını üretir. Bu kopya, örtük olarak bir Yayılma veya Bellek değeri olarak kullanıldığında genellikle istenmez. Kopya oluşturmamak için AsSpan metodunu kullanın. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - Gereksiz veri kopyaları oluşturmamak için '{2}' üzerinde '{1}' tabanlı dizin oluşturucu yerine '{0}' kullanın + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - Dizede Aralık tabanlı dizin oluşturucular yerine `{0}` kullanın + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - Dizide Aralık tabanlı dizin oluşturucular yerine `{0}` kullanın + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - Uygun olduğunda Aralık tabanlı dizin oluşturucular yerine AsSpan veya AsMemory kullanın + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Dize değerleri üzerindeki Aralık tabanlı dizin oluşturucu, dizenin istenen kısmının bir kopyasını oluşturur. Bu kopya örtük olarak bir ReadOnlySpan veya ReadOnlyMemory değeri olarak kullanıldığında genellikle gereksizdir. Kopya oluşturmamak için AsSpan metodunu kullanın. + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - Dizi değerleri üzerindeki Aralık tabanlı dizin oluşturucu, dizinin istenen kısmının bir kopyasını üretir. Bu kopya, örtük olarak bir ReadOnlySpan veya ReadOnlyMemory değeri olarak kullanıldığında genellikle gerekli değildir. Kopya oluşturmamak için AsSpan metodunu kullanın. + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - Task döndüren bir yöntemin içindeyken, varsa yöntemlerin zaman uyumsuz sürümünü kullanın. + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - '{0}' zaman uyumlu olarak engeller. Bunun yerine '{1}' bekleyin. + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - '{0}' zaman uyumlu olarak engeller. Bunun yerine await kullanın. + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - Zaman uyumsuz metottayken zaman uyumsuz metotlar çağırın + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - ASP.NET Core MVC denetleyicilerinde sahtecilik önleme belirteçleri kullanın + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - POST, PUT, PATCH veya DELETE isteğini sahtecilik önleme belirtecini doğrulamadan işlemek, sizi siteler arası istek sahteciliği saldırılarına karşı savunmasız bırakır. Siteler arası istek sahteciliği saldırısı, kimliği doğrulanmamış kullanıcıdan ASP.NET Core MVC denetleyicinize kötü amaçlı istekler gönderebilir. + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - {0} metodu, {1} isteğini sahtecilik önleme belirtecini doğrulamadan işler. Ayrıca HTML formunuzun sahtecilik önleme belirteci gönderdiğinden emin olmanız gerekir. + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - 'CancellationToken.ThrowIfCancellationRequested' ile değiştirin + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - 'ThrowIfCancellationRequested', belirtecin iptal edilip edilmediğini otomatik olarak denetler ve iptal edilmişse 'OperationCanceledException' oluşturur. + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - 'IsCancellationRequested'i kontrol etmek ve 'OperationCanceledException' oluşturmak yerine 'ThrowIfCancellationRequested' kullanın + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - 'ThrowIfCancellationRequested' kullanın + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - Somut türlerin kullanımı, sanal veya arabirim çağrısı ek yükünü önler ve satır içine alma sağlar. + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - Daha iyi performans için '{1}' olan '{0}' alan türünü '{2}' olarak değiştirin + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - Daha iyi performans için '{1}' olan '{0}' değişken türünü '{2}' olarak değiştirin + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - Daha performans için '{1}' olan '{0}' metot türünü '{2}' olarak değiştirin + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - Daha iyi performans için '{1}' olan '{0}' parametre türünü '{2}' olarak değiştirin + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - Daha iyi performans için '{0}' özelliğinin '{1}' olan türünü '{2}' olarak değiştirin + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - Daha iyi performans için mümkün olduğunda somut türler kullanın + Use concrete types when possible for improved performance Use Container Level Access Policy - Kapsayıcı Düzeyinde Erişim İlkesi Kullan + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - Erişim ilkesi tanımlayıcısı belirtilmediğinden belirteçler iptal edilemez. + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - Mümkünse Paylaşılan Erişim İmzası (SAS) yerine Azure'un rol tabanlı erişim denetimini kullanmayı düşünün. Yine de SAS kullanmanız gerekiyorsa, SAS oluştururken kapsayıcı düzeyinde bir erişim ilkesi kullanın. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - P/Invokes için DefaultDllImportSearchPaths özniteliğini kullan + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - DllImportAttribute kullanan P/Invokesusing varsayılan olarak, yüklenecek kitaplığın geçerli çalışma dizini de dahil olmak üzere birkaç dizini araştırır. Bu, belirli uygulamalar için DLL'nin ele geçirilmesine yol açan bir güvenlik sorunu olabilir. + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - {0} metodu P/Invokes için DefaultDllImportSearchPaths özniteliğini kullanmadı. + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - Sıralama devre dışı bırakıldığında çalışan eşdeğer kodu kullanın + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - 'Environment.CurrentManagedThreadId', 'Thread.CurrentThread.ManagedThreadId'den daha basit ve daha hızlıdır. + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - 'Environment.CurrentManagedThreadId' kullanın + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - 'Thread.CurrentThread.ManagedThreadId' yerine 'Environment.CurrentManagedThreadId' kullanın + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - 'Environment.CurrentManagedThreadId' kullanın + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - 'Environment.ProcessId' şundan daha basit ve hızlıdır: 'Process.GetCurrentProcess().Id'. + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - 'Environment.ProcessId' kullanın + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - 'Process.GetCurrentProcess().Id' yerine 'Environment.ProcessId' kullanın + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - 'Environment.ProcessId' kullanın + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - 'Environment.ProcessPath', 'Process.GetCurrentProcess().MainModule.FileName'dan daha basit ve hızlıdır. + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - Use 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - 'Process.GetCurrentProcess().MainModule.FileName' yerine 'Environment.ProcessPath' kullanın + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - Use 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use indexer - Dizin oluşturucuyu kullanın + Use indexer Use an invariant version - Sabit bir sürüm kullanın + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - Bir işletim sistemi çağırma yöntemi tanımlanır ve .NET Framework sınıf kitaplığında eşdeğer işleve sahip bir yöntem bulunur. + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - Win32 API’sinin yönetilen eşdeğerlerini kullan + Use managed equivalents of win32 api Use managed equivalents of win32 api - Win32 API’sinin yönetilen eşdeğerlerini kullan + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - ObjectDisposedException oluşturma yardımcısı kullan + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - Dille ilgili olmayan bir dize karşılaştırma işlemi, StringComparison parametresini Ordinal veya OrdinalIgnoreCase olarak ayarlamaz. Parametreyi açıkça StringComparison.Ordinal veya StringComparison.OrdinalIgnoreCase olarak ayarladığınızda kodunuz genellikle hızlanır, daha doğru ve daha güvenilir hale gelir. + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - Sıralı dize karşılaştırması kullanın + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() diziyi numaralandırabilir, bir Length/Count özelliği doğrudan erişimdir. + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - Enumerable.Count() yerine "{0}" özelliğini kullanın + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - Kullanılabilir olduğunda Count() yerine Length/Count özelliğini kullanın + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - Yeterli Anahtar Boyutuna Sahip Rivest-Shamir-Adleman (RSA) Algoritmasını Kullan + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - Çok küçük boyutlu bir anahtar kullanıldığında şifreleme algoritmaları deneme yanılma saldırılarına karşı savunmasız durumda kalır. + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - Asimetrik şifreleme algoritması {0} anahtar boyutu 2048'den az. Bunun yerine en az 2048 anahtar boyutuna, ECDH veya ECDSA algoritmasına sahip bir RSA'ya geçiş yapın. + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - HTTPS üzerinden kullanılabilen uygulamalar güvenli tanımlama bilgileri kullanmalıdır. + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - SharedAccessProtocol HttpsOnly Kullan + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS ağ trafiğini şifreler. Hassas verilerin açıklanmasını önlemeye yardımcı olmak için, ağ trafiğinin her zaman şifrelenmesini sağlamak amacıyla HttpOrHttps yerine HttpsOnly kullanın. + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - Mümkünse Paylaşılan Erişim İmzası (SAS) yerine Azure'un rol tabanlı erişim denetimini kullanmayı düşünün. Yine de SAS kullanmanız gerekiyorsa, SharedAccessProtocol.HttpsOnly belirtin. + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - 'Clear()' kullan + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - Varsayılan değerle 'Fill' yerine 'Clear' kullanmak daha verimlidir. + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - 'Span<T>.Fill(default)' yerine 'Span<T>.Clear()' tercih et + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - 'Fill' yerine 'Clear' tercih et + Prefer 'Clear' over 'Fill' Use 'StartsWith' - 'StartsWith' kullanın + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - 'IndexOf' sonucunu sıfır ile karşılaştırmak yerine 'StartsWith' kullanmak hem daha net hem de daha hızlı. + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - 'IndexOf' sonucunu 0 ile karşılaştırmak yerine 'StartsWith' kullanın + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - 'IndexOf' yerine 'StartsWith' kullanın + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - 'string.Equals' kullanın + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - 'string.Compare' sonucunu sıfırla karşılaştırmak yerine 'string.Equals' kullanmak hem daha net hem de çoğu zaman daha hızlıdır. + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - 'string.Compare' sonucunu 0 ile karşılaştırmak yerine 'string.Equals' kullanın + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - 'string.Equals' kullanın - - - - Use 'AsSpan' with 'string.Concat' - 'string.Concat' ile 'AsSpan' kullanın - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - 'Substring' ve birleştirme işleci yerine 'AsSpan' ve 'string.Concat' kullanmak daha verimlidir. - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - 'Substring' yerine yayılma tabanlı 'string.Concat' ve 'AsSpan' kullanın - - - - Use span-based 'string.Concat' - Yayılma tabanlı 'string.Concat' kullanın - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - 'string.Contains(char)' tek karakter araması için daha iyi performanslı bir aşırı yükleme olarak kullanılabilir. - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - Tek bir karakter ararken 'string.Contains(string)' yerine 'string.Contains(char)' kullanın - - - - Use char literal for a single character lookup - Tek bir karakter araması için sabit değerli karakter kullanın + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - Oluşturma yardımcıları, yeni bir özel durum örneği oluşturan bir if bloğundan daha basit ve daha verimlidir. + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - '{0}.{1}' kullan + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - Açıkça yeni bir özel durum örneği oluşturmak yerine '{0}.{1}' kullanın + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - Platform uyumluluğu çözümleyicisi geçerli bir platform adı ve sürümü gerektiriyor. + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - '{0}' sürümü '{1}' platformu için geçerli değil. Bu platform için 2{2} bölümden oluşan bir sürüm kullanın. + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - '{0}' sürümü '{1}' platformu için geçerli değil. Bu platform için olan sürümleri kullanmayın. + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - Geçerli platform dizesi kullanın + Use valid platform string The platform '{0}' is not a known platform name - '{0}' platformu bilinen bir platform adı değil + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - Üye çağırmalarından döndürülen ValueTask'lerin doğrudan beklenmesi amaçlanır. Bir ValueTask'ı birden çok kez kullanmak ya da tamamlandığı bilinmeden önce birinin sonucuna doğrudan erişmek, bir özel duruma veya bozulmaya neden olabilir. Bu tür bir ValueTask'ın yoksayılması, büyük olasılıkla bir işlev hatasının göstergesidir ve performansı düşürebilir. + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - ValueTask örneklerinin sonuçlarına, örnek tamamlanmadığı sürece doğrudan erişilmemelidir. Task'lerin aksine, ValueTask üzerinde Result veya GetAwaiter().GetResult() çağırmak, işlem tamamlanana kadar engellemeyi garantilemez. Örneği bekleyemiyorsanız, önce örneğin IsCompleted özelliğini kontrol etmeyi (veya durumunu biliyorsanız doğruluğunu onaylamayı) deneyin. + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - ValueTask örnekleri yalnızca bir kez kullanılmalıdır (örneğin bir await aracılığıyla). Aynı ValueTask örneğini birden çok kez kullanmak, özel durumlara ve veri bozulmasına neden olabilir. + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - Metot çağrılarından döndürülen ValueTask örnekleri doğrudan beklenmeli, döndürülmeli veya başka bir metot çağrısına bağımsız değişken olarak geçirilmelidir. Bir örneğin yerele veya alana depolanması gibi diğer kullanımlar, ValueTask örneklerinin yalnızca bir kez kullanılması gerektiğinden büyük olasılıkla bir hata göstergesidir. + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - Metot çağrılarından döndürülen ValueTask örneklerinin her zaman kullanılması ve genellikle beklenmesi gerekir. Bunun sıklıkla yapılmaması bir işlev hatasını temsil eder. Ancak temsil etmese bile, hedef metot nesneleri ValueTask'ler ile kullanılmak üzere biriktiriyorsa bu durum düşük performansa neden olabilir. + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - ValueTask'leri doğru kullanın + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - Güvenilmeyen verilerden XML işlenirse tehlikeli dış başvurular yüklenebilir. Bunun, güvenli bir çözümleyicisi olan bir XmlReader kullanılarak veya DTD işleme devre dışı bırakılarak kısıtlanması gerekir. + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - 'DataSet.ReadXml()' için XmlReader kullanın + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - 'XmlSerializer.Deserialize()' için XmlReader kullanın + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - 'XmlSchema.Read()' için XmlReader kullanın + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - XmlValidatingReader oluşturucusu için XmlReader kullanın + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - XPathDocument oluşturucusu için XmlReader kullanın + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - '{0}.{1}' metodunun bu aşırı yüklemesi güvenli olmayabilir. Hizmet reddi saldırılarına açık olabilecek Belge Türü Tanımı'nı (DTD) etkinleştirebilir veya bilginin açığa çıkmasına karşı savunmasız olabilecek XmlResolver kullanabilir. Bunun yerine DTD işlemesinin devre dışı olduğu ve XmlResolver'ın olmadığı XmlReader örneğini alan bir aşırı yükleme kullanın. + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}', '{1}' önizleme türünü kullandığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}', '{1}' önizleme türünü kullandığından önizleme özelliklerini kabul etmesi gerekir. Daha fazla bilgi için bkz. {2}. - - - - Use 'TryGetValue(TKey, out TValue)' - 'TryGetValue(TKey, out TValue)' kullanın - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - 'IDictionary.TryGetValue(TKey, out TValue)' yöntemini tercih edin - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - Çift aramayı önlemek için 'ContainsKey' denetimi tarafından korunan Sözlük dizin oluşturucu erişimi yerine 'TryGetValue' çağrısı tercih edin - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - 'ContainsKey' denetimi tarafından korunan bir Sözlük dizin oluşturucu erişimi yerine 'TryGetValue' çağrısı tercih edin. 'ContainsKey' ve dizin oluşturucunun her ikisi de başlık altındaki anahtarı arayacağından 'TryGetValue' kullanmak, ek aramayı kaldırır. + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf index 12f87fc5fd..36826c39db 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - 将 "NonSerialized" 特性添加到此字段。 + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - 添加 Serializable 特性 + Add Serializable attribute Review cipher mode usage with cryptography experts - 与加密专家一起审阅密码模式使用情况 + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - 这些密码模式可能易受攻击。请考虑使用建议的模式(CBC、CTS)。 + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - 与加密专家一起审阅密码模式“{0}”的使用情况。请考虑使用建议的模式(CBC、CTS)。 + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - 特性的字符串文本参数未正确解析 URL、GUID 或版本。 + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - 在“{0}”的构造函数中,将参数“{1}”的当前值“{2}”更改为可正确解析为“{3}”的某个值 + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - 在“{0}”的构造函数中,将参数“{1}”的值(此值当前为空字符串(""))更改为可正确解析为“{2}”的某个值 + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - 特性字符串文本应正确分析 + Attribute string literals should parse correctly Extract to static readonly field - 提取到 static readonly 字段 + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - 重复调用时不会重复使用作为参数传递的常量数组,这意味着每次都会创建一个新数组。如果所传递的数组未在调用的方法中发生改变,请考虑将其提取到 "static readonly" 字段以提高性能。 + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - 如果调用的方法重复调用且未改变传递的数组,则首选 "static readonly" 字段而不是常量数组参数 + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - 不要将常量数组作为参数 + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - "StringBuilder" 的封送处理总是会创建一个本机缓冲区副本,这导致一个封送处理操作出现多次分配。 + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - 不要对 P/Invoke 使用 "StringBuilder" 参数。请考虑改用字符缓冲区。 + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - 不要对 P/Invoke 使用 "StringBuilder" 参数 + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - .NET Framework 类库提供用于检索自定义特性的方法。默认情况下,这些方法搜索特性继承层次结构。通过密封特性,将无需搜索继承层次结构并可提高性能。 + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - 避免使用非密封特性 + Avoid unsealed attributes Avoid unsealed attributes - 避免使用非密封特性 + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - 避免不必要的长度为零的数组分配。改用 {0}。 + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - 避免长度为零的数组分配 + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 在不使用 SerializationBinder 的情况下对不受信任的数据进行反序列化,以限制反序列化对象图中的对象类型时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - 请确保在调用 BinaryFormatter.Deserialize 之前设置 BinaryFormatter.Binder + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 在不使用 SerializationBinder 的情况下对不受信任的数据进行反序列化,以限制反序列化对象图中的对象类型时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - 在未设置 BinaryFormatter.Binder 的情况下,请不要调用 BinaryFormatter.Deserialize + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - 反序列化不受信任的数据时,方法“{0}”不安全。如果需要在未设置 SerializationBinder 的情况下改为检测 BinaryFormatter 反序列化,则请禁用 CA2300 规则,并启用 CA2301 和 CA2302 规则。 + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - 对不受信任的数据进行反序列化时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - 请勿使用不安全的反序列化程序 BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - “Buffer.BlockCopy” 需要为 “count” 参数复制字节数。使用 “Array.Length” 可能与需要复制的字节数不匹配。 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - “Buffer.BlockCopy” 需要为 “count” 参数复制字节数。使用 “Array.Length” 可能与需要复制的字节数不匹配。 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - “Buffer.BlockCopy” 需要为 “count” 参数复制字节数 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - 表示 Dispose 实现的方法没有调用 GC.SuppressFinalize;或不表示 Dispose 实现的方法调用了 GC.SuppressFinalize;或方法调用了 GC.SuppressFinalize 并传递 this (在 Visual Basic 中是 Me)以外的某个值。 + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - 将 {0} 更改为调用 {1}。这将使引入终结器的派生类型无需重新实现 "IDisposable" 即可调用它。 + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - 将 {0} 更改为调用 {1}。这样可以防止当对象已释放并超出范围时,对该对象进行不必要的终止。 + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} 对除自身以外的其他对象调用 {1}。请更改调用站点,改而传递 "this" (在 Visual Basic 中为 "Me")。 + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} 调用 {1},该方法通常只在 "IDisposable.Dispose" 实现内部调用。有关详细信息,请参见 IDisposable 模式。 + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Dispose 方法应调用 SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - ConstantExpected 属性未正确应用于参数。 + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - ConstantExpected 属性的用法不正确 + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - 由于父方法批注,参数需要 ConstantExpected 属性 + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - "{0}" 值与 "{1}" 的参数类型不兼容 + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - "{0}" 值不符合 "{1}" 到 "{2}" 的参数值界限 + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - 常量与参数的 "{0}" 类型不同 + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - 已反转最小值和最大值 + The Min and Max values are inverted The argument should be a constant for optimal performance - 参数应是一个常量,以获得最佳性能 + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - ConstantExpected 特性不支持 "{0}" 类型 + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - 该常量不适合 "{0}" 到 "{1}" 的值边界内 + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - 该参数需要一个常量来获得最佳性能。 + The parameter expects a constant for optimal performance. A constant is expected for the parameter - 参数需要常量 + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 对不受信任的输入进行反序列化处理时,反序列化 {0} 对象是不安全的。“{1}”是或派生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - 在可反序列化的对象图中找到不安全的数据集或数据表类型 + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - 在使用基于 IFormatter 的序列化程序对不受信任的输入进行反序列化处理时,反序列化 {0} 对象是不安全的。“{1}”是或派生自 {0}。请确保自动生成的类型绝不使用不受信任的数据进行反序列化。 + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - 自动生成的可序列化类型中不安全的数据集或数据表易受远程代码执行攻击 + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 对不受信任的输入进行反序列化处理时,反序列化 {0} 对象是不安全的。“{1}”是或派生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - 已反序列化的对象图中不安全的数据集或数据表可能易受远程代码执行攻击 + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - 在使用基于 IFormatter 的序列化程序来反序列化不受信任的输入时,反序列化 {0} 对象是不安全的。“{1}”是或派生自 {0}。 + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - 可序列化类型中不安全的数据集或数据表易受远程代码执行攻击 + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 对不受信任的输入进行反序列化处理时,反序列化 {0} 对象是不安全的。“{1}”是或派生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - 可序列化类型中不安全的数据集或数据表 + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 对不受信任的输入进行反序列化处理时,反序列化 {0} 对象是不安全的。“{1}”是或派生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - Web 可反序列化对象图中的不安全数据集或数据表类型 + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - 对不受信任的数据进行反序列化处理时,方法“{0}”不安全。请确保包含“{0}”调用的自动生成的类没有使用不受信任的数据进行反序列化。 + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - 请确保包含 DataSet.ReadXml() 的自动生成的类没有与不受信任的数据一起使用 + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - 对不受信任的数据进行反序列化处理时,方法“{0}”不安全 + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - 请勿将 DataSet.ReadXml() 与不受信任的数据一起使用 + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - 对不受信任的数据进行反序列化处理时,方法“{0}”不安全 + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - 请勿将 DataTable.ReadXml() 与不受信任的数据一起使用 + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients 应启用证书吊销列表检查 + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - 在不启用 CheckCertificateRevocationList 的情况下创建了 HttpClient + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - 不将证书添加到根存储 + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - 如果将证书添加到操作系统受信任的根证书中,则会增加非法证书验证不当的风险 + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - 不要将 CreateEncryptor 与非默认 IV 结合使用 + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - 对称加密使用非默认初始化向量,该向量可能是可重复的 + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - 在 ASP.NET Core 中使用安全 Cookie + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - 设置 Cookie 时设置 CookieOptions.Secure = true + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - 请勿使用迭代计数不足的弱密钥派生功能 + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - 基于密码派生加密密钥时,请至少进行 {0} 次迭代。默认情况下,Rfc2898DeriveByte 的 IterationCount 仅为 1000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - 旧协议版本的传输层安全性(TLS)不如 TLS 1.2 和 TLS 1.3 安全,更有可能存在新的漏洞。请避免使用旧协议版本,以将风险降至最低。 + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - 传输层安全协议版本“{0}”已被弃用。请使用“无”,让操作系统选择一个版本。 + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - 请勿使用已弃用的 SslProtocols 值 + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}”派生自预览类“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}.“{0}”派生自预览类“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - 程序集必须先选择加入预览功能,然后才能使用它们。 + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - 使用“{0}”需要选择加入预览功能。有关详细信息,请参阅 {1}。 + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} 使用“{0}”需要选择加入预览功能。有关详细信息,请参阅 {1}。 + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - 此 API 需要选择加入预览功能 + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - 实现 System.IDisposable 的类型将声明一些字段,这些字段所属的类型还实现 IDisposable。字段的 Dispose 方法不由声明类型的 Dispose 方法调用。若要修复此规则的违规行为,如果你负责分配和释放该字段持有的非托管资源,请在其所属类型实现 IDisposable 的字段上调用 Dispose。 + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - “{0}”包含 IDisposable 类型“{2}”的字段“{1}”,但从未进行释放。请更改“{0}”上的 Dispose 方法以对此字段调用 Close 或 Dispose。 + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - 应释放可释放的字段 + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - 如果某类型实现了 System.IDisposable 且包含建议使用非托管资源的字段,则该类型不会实现 Object.Finalize 所述的终结器。 + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - 可释放类型应声明终结器 + Disposable types should declare finalizer Disposable types should declare finalizer - 可释放类型应声明终结器 + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - 实现 System.IDisposable 的类型继承自实现 IDisposable 的类型。继承类型的 Dispose 方法不调用父类型的 Dispose 方法。若要修复此规则的违规行为,请在 Dispose 方法中调用 base.Dispose。 + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - 请确保方法“{0}”在所有可能的控制流路径中都调用“{1}” + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Dispose 方法应调用基类释放 + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - 如果在对某个可释放对象的所有引用超出范围之前未显式释放该对象,则当垃圾回收器运行该对象的终结器时,会在某个不确定时间释放该对象。由于可能会发生阻止该对象的终结器运行的意外事件,因此应改为显式释放该对象。 + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 使用推荐的 Dispose 模式以确保“{0}”创建的对象释放于所有路径上。如果可能,将创建包装在 "using" 语句或 "using" 声明中。否则,使用 try-finally 模式,在 try 区域之前声明一个专用的本地变量,在 "finally" 区域中对非 null 值进行无条件 Dispose 调用,比如,"x?.Dispose()"。如果对象显式释放在 try 区域内或释放所有权转让给另一个对象或方法,则在这样的操作之后立即将 "null" 分配给本地变量,以防止在 "finally" 中进行双重释放。 + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 使用推荐的 Dispose 模式以确保“{0}”创建的对象在所有异常路径上释放。如果可能,将创建包装在 "using" 语句或 "using" 声明中。否则,使用 try-finally 模式,在 try 区域之前声明一个专用的本地变量,在 "finally" 区域中对非 null 值进行无条件 Dispose 调用,比如,"x?.Dispose()"。如果对象显式释放在 try 区域内或释放所有权已转让给另一个对象或方法,则在这样的操作之后立即将 "null" 分配给本地变量,以防止在 "finally" 中进行双重释放。 + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - 在对 System.IDisposable.Dispose 的所有引用超出范围之前,在“{0}”创建的对象上对其进行调用 + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - “{0}”创建的对象未按所有异常路径释放。请在对 System.IDisposable.Dispose 的所有引用超出范围之前,在该对象上对其进行调用。 + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - 丢失范围之前释放对象 + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - 请勿将存档项的路径添加到目标文件系统路径 + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - 从存档中提取文件并使用该存档项的路径时,请检查该路径是否安全。存档路径可以是相对路径,并可能导致文件系统在预期的文件系统目标路径之外进行访问,从而导致恶意配置更改并通过 "lay-and-wait" 方法执行远程代码。 + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - 从提取文件的相对存档项路径为“方法 {1} 中的 {0}”创建路径时,如果源为不受信任的 ZIP 存档文件,请确保净化相对存档项路径“方法 {3} 中的 {2}” + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - 请勿通过 URL 添加架构 + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - XmlSchemaCollection.Add 方法的此项重载在内部启用了对所使用的 XML 读取器实例的 DTD 处理,并使用 UrlResolver 解析外部 XML 实体。这会导致信息泄漏。文件系统的内容或供计算机处理 XML 的网络共享中的内容可能会暴露给攻击者。此外,攻击者可将其用作 DoS 向量。 + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - Add 方法的此项重载可能不安全,因为它可能会解析危险的外部引用 + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - 将重要 TokenValidationParameter 验证委托设置为 true,会禁用重要身份验证安全措施,这可能导致来自任何颁发者的令牌或过期令牌被错误验证。 + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} 被设置为总是返回 true 的函数。通过设置验证委托,将覆盖默认验证,并且通过始终返回 true,此验证将被完全禁用。 + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - 不要总是跳过委托中的令牌验证 + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - 不安全反序列化是一种漏洞,当不受信任的数据被用来滥用应用程序的逻辑、实施拒绝服务(dos)攻击,甚至在反序列化时执行任意代码时发生。当应用程序反序列化由其控制的不受信任的数据时,恶意用户通常可能会滥用这些反序列化功能。具体来说,在反序列化过程中调用危险方法。成功的不安全反序列化攻击可能允许攻击者执行攻击,例如 dos 攻击、身份验证绕过和远程代码执行。 + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - 反序列化类'{0}'的实例时,方法'{1}'可以直接或间接调用危险方法'{2}' + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - 在反序列化中不要调用危险方法 + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T>和 Enumerable.OfType<T> 需要兼容类型才能正常工作。 -Enumerable.Cast<T> 返回的序列使用的泛型强制转换 (IL 'unbox.any') 将在运行时对指定类型的元素引发 InvalidCastException。 -Enumerable.OfType<T> 使用的泛型类型检查 (C# 'is' operator/IL 'isinst') 将从不会成功与指定类型的元素一起使用,从而导致一个空序列。 -泛型类型不支持扩大转换和用户定义的转换。 + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - 类型'{0}'与类型'{1}'不兼容,强制转换尝试将在运行时引发 InvalidCastException + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - 此调用将始终导致空序列,因为类型'{0}'与类型'{1}'不兼容 + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - 请勿使用不兼容的类型调用 Enumerable.Cast<T> 或 Enumerable.OfType<T> + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - 请勿对 {1} 值调用 {0} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - 请勿对 ImmutableCollection 值调用 ToImmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource 具有采用 TaskCreationOptions 的控制基础任务的构造函数,以及采用任务中存储的对象状态的构造函数。如果意外地传递 TaskContinuationOptions 而不是 TaskCreationOptions,会导致调用将选项视为状态。 + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - 将 TaskContinuationOptions 替换为 TaskCreationOptions。 + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - 参数包含 TaskContinuationsOptions 枚举而不是 TaskCreationOptions 枚举 + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - 传递到 TaskCompletionSource 构造函数的参数应为 TaskCreationOptions 枚举,而不是 TaskContinuationOptions 枚举 + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - 除非使用具有 TaskScheduler 的任一重载,否则不要创建任务。默认是在 TaskScheduler.Current 上进行调度,但这将导致死锁。可使用 TaskScheduler.Default 在线程池上进行调度,或显示传递 TaskScheduler.Current 以明确表达意图。 + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - 不要在未传递 TaskScheduler 的情况下创建任务 + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - 不要在未传递 TaskScheduler 的情况下创建任务 + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - 将终结器添加到派生自 MemoryManager<T> 的类型可能使内存在仍被 Span<T> 使用时得到释放。 + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - 将终结器添加到派生自 MemoryManager<T> 的类型可能使内存在仍被 Span<T> 使用时得到释放 + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - 请勿为派生自 MemoryManager<T> 的类型定义终结器 + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - 请勿禁用证书验证 + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - 证书可以帮助认证服务器的身份。客户端应该验证服务器的证书,以确保将请求发送到预期的服务器。如果 ServerCertificateValidationCallback 始终返回 "true",那么任何证书都将通过验证。 + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - 已将 ServerCertificateValidationCallback 设置为通过始终返回 true 来接受任何服务器证书的一个函数。请确保服务器证书已经过验证,从而验证要接收请求的服务器的标识。 - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - 将 CheckCertificateRevocationList 属性设置为 true 时,如果使用 HttpClient 而不提供特定于平台的处理程序(WinHttpHandler、CurlHandler 或 HttpClientHandler),则将允许 HttpClient 将被吊销的证书作为有效证书接受。 + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - 请勿禁用 HTTP 标头检查 + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - HTTP 标头检查可对在响应标头中找到的回车和换行符(\r 和 \n)进行编码。这种编码有助于避免注入攻击,此类攻击会利用应答标头包含的不受信任数据的应用程序。 + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - 请勿禁用 HTTP 标头检查 + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - 请勿禁用请求验证 + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - 请求验证是 ASP.NET 中的一项功能,用于检查 HTTP 请求,并确定它们是否包含潜在危险内容。此检查可针对 URL 查询字符串中的标记或代码、cookie 或可能因恶意目的而添加的已发布表单值进行防护。因此,通常需要此验证并且应该保持启用以进行深度防御。 + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - {0} 已禁用请求验证 + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - 请勿禁用较强加密的 SChannel 使用 + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - 建议从 .NET Framework 4.6、System.Net.ServicePointManager 和 System.Net.Security.SslStream 类开始以使用新的协议。旧的协议具有协议缺陷,不受支持。将 Switch.System.Net.DontEnableSchUseStrongCrypto 设置为 true 将使用旧的弱加密检查并选择退出协议迁移。 + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} 禁用 TLS 1.2 并且启用 SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - 令牌验证检查确保在验证令牌时,对所有方面进行分析和验证。关闭验证会允许不受信任的令牌通过验证,从而导致安全漏洞。 + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters。{0} 不应设置为 false,因为它会禁用重要验证 + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - 请勿禁用令牌验证检查 + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - 不要将 Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols 设置为 true。设置此开关会将 Windows Communication Framework (WCF)限制为使用传输层安全性(TLS) 1.0,而该层不安全且已过时。 + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - 不禁用 ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - 不要使用 “Dictionary.ContainsKey(key)” 保护 “Dictionary.Remove(key)”。后者已检查密钥是否存在,并且如果不存在则不会引发。 + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - 不要使用 “Dictionary.ContainsKey(key)” 保护 “Dictionary.Remove(key)” + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - 对 “Dictionary.ContainsKey(key)” 的不必要调用 + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - 请勿硬编码证书 + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - 源代码中的硬编码证书易受攻击。 + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - 找到了潜在安全漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的硬编码证书污染。 + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - 请勿编码加密密钥 + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - SymmetricAlgorithm 的 .Key 属性或方法的 rgbKey 参数永远都不得是硬编码值。 + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - 找到了潜在安全漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的硬编码密钥污染。 + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - 默认情况下,“受信任的根证书颁发机构”证书存储配置有一组符合 Microsoft 根证书程序的公共 CA。由于所有受信任的根 CA 都可为任意域颁发证书,因此攻击者可能会选择你自行安装的某个安全性较弱或可强迫的 CA 进行攻击 - 易受攻击、恶意或可强迫的 CA 会降低整个系统的安全性。更糟糕的是,这些攻击者可能很难被察觉。 + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - 当可以跨应用程序域边界直接访问对象时,则认为该对象具有弱标识。如果某线程尝试获取具有弱标识的对象上的锁,则该线程可能会被其他应用程序域中持有同一对象的锁的另一线程阻止。 + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - 不要锁定具有弱标识的对象 + Do not lock on objects with weak identity Do not lock on objects with weak identity - 不要锁定具有弱标识的对象 + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - 方法将文本字符串作为参数传递到构造函数或 .NET Framework 类库中的方法,该字符串应该是可本地化字符串。若要修复此规则的违规行为,将文本字符串替换为通过 ResourceManager 类的实例检索到的字符串。 + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - 方法“{0}”将文本字符串作为“{2}”的调用的参数“{1}”进行传递。改为从资源表检索以下字符串:“{3}”。 + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - 请不要将文本作为本地化参数传递 + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - 用户代码永不会引发不够具体或运行时保留的异常类型。这样会使原来的错误难以检测和调试。如有可能引发此异常实例,请使用其他异常类型。 + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - 异常类型 {0} 是运行时保留的 + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - 异常类型 {0} 不够具体 + Exception type {0} is not sufficiently specific Do not raise reserved exception types - 不要引发保留的异常类型 + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - 请勿序列化具有 Pointer 字段的类型 + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - Pointer 不是“类型安全”,因为无法保证它们所指向内存的正确性。因此,序列化具有 Pointer 字段的类型是危险的,它可能允许攻击者控制指针。 + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - 可序列化类型上的 Pointer 字段 {0} + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - 不使用帐户共享访问签名 + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - 共享访问签名(SAS)是使用 Azure 存储的任何应用程序的安全模型的重要部分,它们应为没有帐户密钥的客户端提供对存储帐户的有限安全权限。通过服务 SAS可使用的所有操作也可通过帐户 SAS 实现,即帐户 SAS 的功能太过强大。因此,建议使用服务 SAS 更仔细地委派访问权限。 + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - 使用服务 SAS 而不是帐户 SAS 实现精细访问控制和容器级访问策略 + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - 不要使用损坏的加密算法 + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - 存在可能在计算方面破坏此算法的攻击。这使得攻击者可以破坏它本应提供的加密保证。根据此加密算法的类型和应用情况,可能会使攻击者读取加密消息、篡改加密消息、伪造数字签名、篡改哈希内容,或以其他方式危害任何基于该算法的加密系统。将加密用法替换为密钥长度大于或等于 128 位的 AES 算法(AES-256、AES-192 和 AES-128 均可)。将哈希用法替换为 SHA-2 系列中的哈希函数,例如 SHA512、SHA384 或 SHA256。将数字签名用法替换为密钥长度大于等于 2048 位的 RSA,或者密钥长度大于等于 256 位的 ECDSA。 + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} 使用损坏的加密算法 {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - 对于非空集合,CountAsync() 和 LongCountAsync() 将枚举整个序列,而 AnyAsync() 将在第一项或满足条件的第一项处停止。 + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - 使用的是 {0}(),但本可以使用 AnyAsync() 来提高性能 + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - 如果可以使用 AnyAsync(),请勿使用 CountAsync() 或 LongCountAsync() + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - 对于非空集合,Count() 和 LongCount() 将枚举整个序列,而 Any() 将在第一项或满足条件的第一项处停止。 + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - 如果可以使用 Any(),请改为使用 {0}() 来提高性能 + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - 如果可以使用 Any(),请勿使用 Count() 或 LongCount() + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - 对称加密应始终使用非可重复的初始化向量,以防止字典攻击。 - - - - Do Not Use Deprecated Security Protocols - 请勿使用弃用的安全协议 - - - - Using a deprecated security protocol rather than the system default is risky. - 使用弃用的安全协议而不是系统默认协议将有风险。 - - - - Hard-coded use of deprecated security protocol {0} - 以硬编码方式使用弃用的安全协议 {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - 不使用数字签名算法(DSA) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - DSA 太弱,无法使用。 + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 非对称加密算法 {0} 较弱。请转而切换到至少具有 2048 位密钥大小的 RSA、ECDH 或者 ECDSA 算法。 + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - 该集合是可直接索引的。在此处查看 LINQ 会导致不必要的分配和 CPU 工作。 + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - 不要在可索引的集合上使用 Enumerable 方法。而是直接使用集合。 + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - 不要在可索引的集合上使用 Enumerable 方法 + Do not use Enumerable methods on indexable collections Do not use insecure randomness - 请勿使用不安全的随机性 + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - 使用加密的弱伪随机数生成器,攻击者可以预测将生成的安全敏感值。如果需要不可预测的值,请使用加密的强随机数生成器,或确保不以安全敏感的方式使用弱伪随机数。 + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} 是不安全的随机数生成器。当需要随机性以确保安全性时,请使用加密的安全随机数生成器。 + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - 请勿使用已过时的密钥派生功能 + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - 基于密码的密钥派生应结合使用 PBKDF2 和 SHA-2。请避免使用 PasswordDeriveBytes,因为它会生成 PBKDF1 密钥。还需避免使用 Rfc2898DeriveBytes.CryptDeriveKey,因为它不使用迭代计数或加盐。 + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - 调用已过时的密钥派生功能 {0}。{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - 如果字符串是暂存的字符串,则具有 "OutAttribute" 的值传递的字符串参数可能使运行时不稳定。 + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - 不要将 "OutAttribute" 用于通过值传递的字符串参数“{0}”。如果需要将已修改的数据整理回调用方,请改用 " out" 关键字通过引用传递字符串。 + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - 请勿对 P/Invokes 的字符串参数使用 "OutAttribute" + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - 不要将值类型为 '{0}' 的参数传递到 'ReferenceEqualityComparer' 上的 'Equals' 方法。由于数据封装,此对 'Equals' 的调用可能会返回意外的结果。如果打算使用 'ReferenceEqualityComparer',请考虑改用 'EqualityComparer' 或传递引用类型参数。 + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - 每次调用此方法时,值类型的类型化参数都唯一装箱,因此结果可能是意外的。 + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - 请勿将值类型为 '{0}' 的参数传递到 'ReferenceEquals'。由于数据封装,此对 'ReferenceEquals' 的调用可能会返回意外的结果。如果打算使用 'ReferenceEquals',请考虑改用 'Equals' 或传递引用类型参数。 + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - 不要使用具有值类型的 ReferenceEquals + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - Stackalloc 分配的堆栈空间仅在当前方法的调用结束时释放。 在循环中使用它可能会导致无限堆栈增长和最终堆栈溢出条件。 + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - 潜在的堆栈溢出。将 stackalloc 移出循环。 + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - 不要循环使用 stackalloc + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - 频率较高的定期活动会使 CPU 处于忙状态并且干扰具有节能功能(关闭显示器和硬盘)的空闲计时器。 + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - 不要使用阻止电源状态更改的计时器 + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - 不要使用阻止电源状态更改的计时器 + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - 请勿使用不安全的 DllImportSearchPath 值 + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - 默认 DLL 搜索目录中可能有恶意 DLL。或者,根据应用程序的运行位置,应用程序的目录中可能有恶意 DLL。请改为使用指定显式搜索路径的 DllImportSearchPath 值。可在 .editorconfig 中配置此规则查找的 DllImportSearchPath 标志。 + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - 使用了不安全的 DllImportSearchPath 值 {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - 对单个任务使用 “WaitAll” 可能导致性能丢失、等待或返回该任务。 + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - 将 “WaitAll” 替换为单个 “Wait” + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - 不要对单个任务使用 “WaitAll” + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - 不要使用弱加密算法 + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - 加密算法随时间的推移而变弱,因为攻击成为攻击者获取更多计算的推动因素。根据此加密算法的类型和应用情况,其加密强度逐渐降低可能会使攻击者读取加密消息、篡改加密消息、伪造数字签名、篡改哈希内容,或以其他方式危害任何基于该算法的加密系统。将加密用法替换为密钥长度大于或等于 128 位的 AES 算法(AES-256、AES-192 和 AES-128 均可)。将哈希用法替换为 SHA-2 系列中的哈希函数,例如 SHA-2 512、SHA-2 384 或 SHA-2 256。 + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} 使用弱加密算法 {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - 确保密钥派生功能算法足够强大 + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Rfc2898DeriveBytes 类的某些实现允许在构造函数参数中指定哈希算法或在 HashAlgorithm 属性中覆盖它。如果指定了哈希算法,则它应为 SHA-256 或更高版本。 + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0} 可能正在使用弱哈希算法。请使用 SHA256、SHA384 或 SHA512 根据密码创建强密钥。 + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - 基于用户提供的输入(如密码)派生加密密钥时,请使用足够大的迭代计数(至少 100,000 次)。 + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - 将 “WhenAll” 与单个任务一起使用可能导致性能丢失、等待或返回任务。 + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - 将 “WhenAll” 调用替换为参数 + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - 不要对单个任务使用 “WhenAll” + Do not use 'WhenAll' with a single task Do Not Use XslTransform - 请勿使用 XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - 请勿使用 XslTransform。它对具有潜在危险的外部引用并没有限制。 + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - 提供功能 “DynamicInterfaceCastableImplementationAttribute” 特性化接口需要默认接口成员功能,这在 Visual Basic 中不受支持。 + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - 不支持在 Visual Basic 中提供 “DynamicInterfaceCastableImplementation” 接口 + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - 不支持在 Visual Basic 中提供 “DynamicInterfaceCastableImplementation” 接口 + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - 在禁用运行时封送时使用需要运行时封送的功能将导致运行时异常。 + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - 具有 “[StructLayout(LayoutKind.Auto)]” 的类型需要启用运行时封送 + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - By-ref 参数需要启用运行时封送 + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - 以托管类型作为参数或返回类型的委派需要在定义该委派的程序集中启用运行时封送 + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - HResult-swapping 需要启用运行时封送 + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - 使用 “LCIDConversionAttribute” 需要启用运行时封送 + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - 托管参数或返回类型需要启用运行时封送 + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - 将 SetLastError 设置为 “true” 需要启用运行时封送 + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Varadic P/Invoke 签名需要启用运行时封送 + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - 属性、类型或特性需要运行时封送 + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - “{0}”类型包含预览类型“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3}.“{0}”类型包含预览类型“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - 将 "CancellationToken" 参数转发给方法来确保操作取消通知得到正确传播,或者在 "CancellationToken.None" 中显式传递,以指示有意不传播令牌。 + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - 将“{0}”参数转发给“{1}”方法,或在 "CancellationToken.None" 中显式传递以指示有意不传播令牌 + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - 将 "CancellationToken" 参数转发给方法 + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - 避免 hardcoding SecurityProtocolType {0}, 转而使用 SecurityProtocolType. SystemDefault 允许操作系统选择要使用的最佳传输层安全性协议。 + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - 避免 hardcoding SecurityProtocolType 值 + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - 如果发现漏洞,则当前传输层安全协议版本可能会被弃用。请避免硬编码 SslProtocols 值,以确保应用程序安全。请使用“无”,让操作系统选择一个版本。 + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - 请避免硬编码 SslProtocols“{0}”,以确保应用程序在将来保持安全。请使用“无”,让操作系统选择一个版本。 + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - 避免硬编码的 SslProtocols 值 + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - 泛型数学接口要求将派生类型本身用于自重复类型参数。 + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - "{0}" 需要使用派生类型 "{2}" 填充 "{1}" 类型参数。 + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - 使用正确的类型参数 + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - 若要修复此规则的违规行为,将 GetObjectData 方法设置为可见并可重写,并确保所有实例字段都包含在序列化进程中或使用 NonSerializedAttribute 特性显式标记所有实例字段。 + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - 向类型 {0} 中添加对 GetObjectData 的实现 + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - 将 {0}.GetObjectData 设置为虚拟的和可重写的 + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - 提高 {0}.GetObjectData 的可访问性以便它对于派生类型可见 + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - 正确实现 ISerializable + Implement ISerializable correctly Implement inherited interfaces - 实现继承的接口 + Implement inherited interfaces Implement Serialization constructor - 实现序列化构造函数 + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - 若要修复此规则的违规行为,请实现序列化构造函数。对于密封类,请将构造函数设为专用;否则,使它处于受保护状态。 + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - 使用以下签名向 {0} 添加构造函数: “protected {0} (SerializationInfo info, StreamingContext context)”。 + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - 将密封类型 {0} 的序列化构造函数声明为 private。 + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - 将非密封类型 {0} 的序列化构造函数声明为 protected。 + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - 实现序列化构造函数 + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - 处理序列化事件的方法没有正确的签名、返回类型或可见性。 + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - 由于 {0} 标记有 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,因此请更改它的签名,使它不再是泛型的 + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - 由于 {0} 标记有 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,因此请更改它的签名,使它采用类型为“System.Runtime.Serialization.StreamingContext”的单个参数 + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - 由于 {0} 标记有 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,因此请将它的返回类型从 {1} 改为 void (Visual Basic 中为 Sub) + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - 由于 {0} 标记有 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,因此请将它从 static (Visual Basic 中为 Shared)改为实例方法 + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - 由于 {0} 标记有 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,因此请将它的可访问性改为 private + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - 正确实现序列化方法 + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}”实现预览界面“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}.“{0}”实现预览界面“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}”实现预览方法“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}.“{0}”实现预览方法“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 某引用类型声明了显式静态构造函数。要修复与该规则的冲突,请在声明它时初始化所有静态数据,并删除静态构造函数。 + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - 以内联方式初始化引用类型的静态字段 + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - 在声明这些字段时初始化“{0}”中的所有静态字段,并删除静态构造函数 + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 某值类型声明了显式静态构造函数。要修复与该规则的冲突,请在声明它时初始化所有静态数据,并删除静态构造函数。 + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - 以内联方式初始化值类型的静态字段 + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - 更改为调用两个参数构造函数,请为消息传递 null。 + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - 调用了 ArgumentException 异常类型或其派生异常类型的默认(无参数)构造函数,或将不正确的字符串参数传递给 ArgumentException. 异常类型或其派生异常类型的参数化构造函数。 + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - 交换参数顺序 + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - 方法 {0} 将参数名“{1}”作为变量 {2} 传递给构造函数 {3}。请将此参数替换为一则说明性消息并在正确的位置传递参数名。 + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - 方法 {0} 将“{1}”作为变量 {2} 传递给构造函数 {3}。请将此参数替换为该方法的某个参数名。请注意,所提供的参数名的大小写应与方法中声明的大小写完全一致。 + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - 调用 {0} 构造函数,该函数包含 message 和/或 paramName 参数 + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - 正确实例化参数异常 + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - 使用 “DynamicInterfaceCastableImplementationAttribute” 特性化的类型充当实现 “IDynamicInterfaceCastable” 类型的类型的接口实现。因此,它必须提供在继承的接口中定义的所有成员的实现,因为实现 “IDynamicInterfaceCastable” 的类型将不会提供它们。 + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - 类型“{0}”已应用 “DynamicInterfaceCastableImplementationAttribute”,但不提供继承接口中定义的所有接口成员的实现 + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - 在父接口中声明的所有成员必须在 DynamicInterfaceCastableImplementation-attributed 接口中具有实现 + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 使用通过 SimpleTypeResolver 初始化的 JavaScriptSerializer 反序列化不可信数据时,{0} 方法不安全。请确保初始化 JavaScriptSerializer 但不指定 JavaScriptTypeResolver,或使用限制为反序列化对象图形中的对象类型的 JavaScriptTypeResolver 初始化该对象。 + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - 请确保 JavaScriptSerializer 在反序列化之前未使用 SimpleTypeResolver 初始化 + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 使用通过 SimpleTypeResolver 初始化的 JavaScriptSerializer 反序列化不可信数据时,{0} 方法不安全。请初始化 JavaScriptSerializer 但不指定 JavaScriptTypeResolver,或使用限制为反序列化对象图形中的对象类型的 JavaScriptTypeResolver 初始化该对象。 + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - 请勿通过使用 SimpleTypeResolver 的 JavaScriptSerializer 进行反序列化 + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用反序列化 JsonSerializer 时,请使用 TypeNameHandling.None;对于“无”以外的值,请使用 SerializationBinder 限制反序列化的类型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - 请勿使用不安全的配置对 JsonSerializer 进行反序列化 + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用 JsonSerializerSettings 时,请使用 TypeNameHandling.None;对于不是“无”的值,请使用 SerializationBinder 限制反序列化的类型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - 请勿使用不安全的 JsonSerializerSettings + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用反序列化 JsonSerializer 时,请使用 TypeNameHandling.None;对于“无”以外的值,请使用 SerializationBinder 限制反序列化的类型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - 请确保在反序列化时 JsonSerializer 具有安全配置 + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - 对不信任的输入进行反序列化时,允许反序列化任意类型这一行为是不安全的。使用 JsonSerializerSettings 时,请确保已指定 TypeNameHandling.None;对于不是“无”的值,请确保指定了 SerializationBinder 来限制反序列化的类型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - 请确保 JsonSerializerSetting 是安全的 + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - 使用“无”以外的 TypeNameHandling 值时,进行 JSON 反序列化可能不安全。如需在未指定 SerializationBinder 时检测 Json.NET 反序列化,请禁用规则 CA2326 并启用规则 CA2327、CA2328、CA2329 和 CA2330。 + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - 使用“无”以外的 TypeNameHandling 值时,进行 JSON 反序列化可能不安全。 + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - 请勿使用“无”以外的 TypeNameHandling 值 + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - 对不受信任的数据进行反序列化时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - 请勿使用不安全的反序列化程序 LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - 转换为静态方法 + Convert to static method Converting an instance method to a static method may produce invalid code - 将实例方法转换为静态方法可能生成无效的代码 + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - 使采用零参数的构造函数成为 “public” + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - 不可序列化类型的实例字段在可序列化类型中声明。 + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - 字段 {0} 是可序列化类型 {1} 的成员,但该字段是不可序列化的类型 {2}。 + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - 标记所有不可序列化的字段 + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - NeutralResourcesLanguage 特性将通知资源管理器用于显示程序集非特定区域性的资源的语言。这样可提高所加载的第一个资源的查找性能,并可减少工作集。 + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - 用 NeutralResourcesLanguageAttribute 标记程序集 + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - 用 NeutralResourcesLanguageAttribute 标记程序集 + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - 布尔数据类型在非托管代码中有多个表示形式。 + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - 向 P/Invoke {1} 的参数 {0} 添加 MarshalAsAttribute。如果对应的非托管参数为 4 字节的 Win32 "BOOL",则使用 [MarshalAs(UnmanagedType.Bool)]。对于 1 字节的 C++ "bool",请使用 MarshalAs(UnmanagedType.U1)。 + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - 向 P/Invoke {0} 的返回类型添加 MarshalAsAttribute。如果对应的非托管返回类型为 4 字节的 Win32 "BOOL",则使用 MarshalAs(UnmanagedType.Bool)。对于 1 字节的 C++ "bool",请使用 MarshalAs(UnmanagedType.U1)。 + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - 用 MarshalAs 标记布尔型 PInvoke 参数 + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - 要被公共语言运行时识别为可序列化,必须使用 SerializableAttribute 特性标记类型,即使类型通过 ISerializable 接口的实现使用自定义序列化例程时也不例外。 + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - 将 [Serializable] 添加到 {0},因为此类型实现 ISerializable + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - 将 ISerializable 类型标记为“可序列化” + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - 确保未禁用 HttpClient 证书吊销列表检查 + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - 可在不启用 CheckCertificateRevocationList 的情况下创建 HttpClient + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - 确保没有将证书添加到根存储 + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - 将证书添加到操作系统受信任的根证书很不安全。请确保目标存储不是根存储。 + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - 将 CreateEncryptor 与默认 IV 结合使用 + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - 加密中使用了可能是可重复的非默认初始化向量。请确保使用默认值。 + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - 确保在 ASP.NET Core 中使用安全 Cookie + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - 请确保设置 Cookie 时 CookieOptions.Secure = true + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - 使用弱密钥派生功能时,请确保迭代计数足够大 + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - 基于密码派生加密密钥时,请确保迭代计数至少为 {0}。默认情况下,Rfc2898DeriveByte 的 IterationCount 仅为 1000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - 由于实现 “IDynamicInterfaceCastable” 的类型可能不会在元数据中实现动态接口,因此对不是针对此类型定义的显式实现的实例接口成员的调用可能会在运行时失败。请将新的接口成员标记为 “static” 以避免运行时错误。 + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - “{0}”成员(在“{1}”类型上)应标记为 “static”,因为“{1}”应用了 “DaynamicInterfaceImplementationAttribute” + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - 在具有 “DynamicInterfaceCastableImplementationAttribute” 的接口上定义的成员应为 “static” + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}”返回预览类型“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}.“{0}”返回预览类型“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - “{0}”接受类型“{1}”的预览参数,并且需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3}.“{0}”接受类型“{1}”的预览参数,并且需要选择加入预览功能。有关详细信息,请参阅 {2}。 + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - 即使禁用运行时封送,此方法也使用运行时封送,这可能会由于类型的本机布局的不同期望导致在运行时出现意外的行为差异。 + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - 即使应用了 “DisableRuntimeMarshallingAttribute”,“{0}”也使用运行时封送。直接使用 “sizeof” 和指针等功能可确保结果准确。 + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - 即使应用了 “DisableRuntimeMarshallingAttribute”,此方法也会使用运行时封送 + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - 缺少操作方法的 HttpVerb 属性 + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - 创建、编辑、删除或以其他方式修改数据的所有方法都在方法的 [HttpPost] 重载中执行,这需要使用来自请求伪造的防伪造属性来保护。执行 GET 操作应是不具有任何副作用且不会修改永久性数据的安全操作。 + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - 操作方法 {0} 需要显式指定 HTTP 请求类型 + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - 模块初始化表达式旨在由应用程序代码用于确保在应用程序代码开始执行之前初始化应用程序的组件。如果库代码使用 “ModuleInitializer” 声明方法,则可能干扰应用程序初始化,并且还会导致限制该应用程序的剪裁功能。因此库不应使用标记为 “ModuleInitializerAttribute” 的方法,而应公开可用于初始化库中任何组件的方法,并允许应用程序在应用程序初始化期间调用该方法。 + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - “ModuleInitializer” 属性仅用于应用程序代码或高级源生成器方案 + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - 不应在库中使用 “ModuleInitializer” 属性 + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 在不使用 SerializationBinder 的情况下对不受信任的数据进行反序列化,以限制反序列化对象图中的对象类型时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - 请确保在反序列化之前设置 NetDataContractSerializer.Binder + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 在不使用 SerializationBinder 的情况下对不受信任的数据进行反序列化,以限制反序列化对象图中的对象类型时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - 在未设置 NetDataContractSerializer.Binder 的情况下,请不要反序列化 + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - 反序列化不受信任的数据时,方法“{0}”不安全。如果需要在未设置 SerializationBinder 的情况下改为检测 NetDataContractSerializer 反序列化,则请禁用 CA2310 规则,并启用 CA2311 和 CA2312 规则。 + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - 对不受信任的数据进行反序列化时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - 请勿使用不安全的反序列化程序 NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - 字符串应规范化为大写。有少量字符在转换为小写后不能转换回来。往返转换是指将字符从一个区域设置转换为按其他方式表示字符数据的另一区域设置,然后准确地从转换后的字符中检索到原始字符。 + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - 在方法“{0}”中,将对“{1}”的调用替换为“{2}” + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - 将字符串规范化为大写 + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - 对不受信任的数据进行反序列化时,方法“{0}”不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - 请勿使用不安全的反序列化程序 ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - “{0}”覆盖预览方法“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3}.“{0}”覆盖预览方法“{1}”,因此需要选择加入预览功能。有关详细信息,请参阅 {2}。 + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - 公共类型中的公共方法或受保护的方法具有 System.Runtime.InteropServices.DllImportAttribute 属性(在 Visual Basic 中也由 Declare 关键字实现)。不应公开此类方法。 + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - P/Invoke 方法“{0}”应该是不可见的 + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - P/Invokes 应该是不可见的 + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - 和其他所有平台 + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - "{0}" 所有版本 + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - 在组件上使用依赖于平台的 API 会使代码无法用于所有平台。 + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - "{0}" 版本 {1} 到 {2}。 + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - 可在所有平台上访问此调用站点。"{0}" 在 {1} 上过时。 + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - 此调用站点可在以下位置访问:{2}。“{0}”在以下位置过时:{1}。 + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - 可在所有平台上访问此调用站点。"{0}" 仅在 {1} 上受支持。 + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - 可在 {2} 上访问此调用站点。"{0}" 仅在 {1} 上受支持。 + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - 无法在 {2} 上访问此调用站点。"{0}" 仅在 {1} 上受支持。 + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - 可在所有平台上访问此调用站点。"{0}" 在 {1} 上受支持。 + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - 可在 {2} 上访问此调用站点。"{0}" 在 {1} 上受支持。 + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - 验证平台兼容性 + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - 可在所有平台上访问此调用站点。"{0}" 在 {1} 上不受支持。 + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - 可在 {2} 上访问此调用站点。"{0}" 在 {1} 上不受支持。 + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - "{0}" {1} 及之前版本 + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - "{0}" {1} 及更高版本 + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - 查看处理不受信任的反序列化数据(为了处理意外引用循环)的代码。意外引用循环不应导致代码进入无限循环。否则,当反序列化不受信任的数据时,意外的引用循环可能导致攻击者 DOS 或耗尽进程的内存。 + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} 参与潜在的引用周期 + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - 反序列化对象图中的潜在引用循环 + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - 将 “Substring” 替换为 “AsSpan” + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - “AsSpan” 比 “Substring” 效率更高。“Substring” 执行 O(n)字符串复制,而 “AsSpan” 不执行且具有固定成本。 + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - 当基于跨度的重载可用时,首选 “AsSpan” 而不是 “Substring” + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - 首选 “AsSpan” 而不是 “Substring” + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - 使用 'Count' 检查而不是 'Any()' + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - 更喜欢将 'Count' 与 0 进行比较,而不是使用 'Any()',这既是为了清楚明了,也是为了提高性能 + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - 使用 “ContainsKey” + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - “ContainsKey” 通常是 O(1),而 “Keys.Contains” 在某些情况下可能是 O(n)。此外,许多字典实现会延迟地初始化 Keys 集合,以减少分配。 + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - 对于字典类型“{0}”,首选 “ContainsKey” 而不是 “Keys.Contains”。 + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - 首选 Dictionary.Contains 方法 + Prefer Dictionary.Contains methods Use 'ContainsValue' - 使用 “ContainsValue” + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - 许多字典实现延迟初始化 Values 集合。为了避免不必要的分配,首选 “ContainsValue” 而不是 “Values.Contains”。 + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - 对于字典类型“{0}”,首选 “ContainsValue” 而不是 “Values.Contains”。 + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - 替换为“HashData”方法 + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - 相比创建并管理 HashAlgorithm 实例来调用“ComputeHash”,使用静态“HashData”方法更高效。 + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - 首选静态“{0}.HashData”而不是的“ComputeHash” + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - 首选静态“HashData”而不是的“ComputeHash” + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - 使用 'IsEmpty' 检查而不是'Any()' + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - 首选 'IsEmpty'检查,而不是使用 'Any()',这既是为了清楚明了,也是为了提高性能 + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - 首选使用可用的 'IsEmpty'、'Count' 或 'Length' 属性,而不是调用 'Enumerable.Any()'。意向更清晰,其性能高于使用 'Enumerable.Any() 扩展方法。 + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - 避免使用 'Enumerable.Any()' 扩展方法 + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - 使用 'Length' 检查而非 'Any()' + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - 为了清楚起见和提高性能,首选将 'Length'与 0 进行比较,而不是使用 'Any()'。 + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - "Stream" 有一个将 "Memory<Byte>" 作为第一个参数的 "ReadAsync" 重载和一个将 "Memory<Byte>" 作为第一个参数的 "WriteAsync" 重载。首选调用基于内存的重载,它们的效率更高。 - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - 若要确定对象是否包含项,最好使用 "IsEmpty" 属性,而不是从 "Count" 属性检索项的数目并将其与 0 或 1 进行比较。 - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - 最好使用 "IsEmpty" (而不是 "Count")来确定对象是否为空 - - - - Prefer IsEmpty over Count - 最好使用 "IsEmpty" (而不是 "Count") + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - 请将“{0}”方法调用更改为使用“{1}”重载 + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - 对于 "ReadAsync" 和 "WriteAsync",首选基于内存的重载 + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - 替换为 "string.Contains" + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - 如果结果用于检查是否存在/缺少子字符串,对 "string.IndexOf" 的调用可替换为对 "string.Contains" 的调用。 + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - 使用 "string.Contains" 而不是 "string.IndexOf" 来提高可读性 + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - 请考虑使用 "string.Contains" 而不是 "string.IndexOf" + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append 和 StringBuilder.Insert 为 System.String 之外的多种类型提供重载。在可能情况下,尽量使用强类型重载而非使用 ToString() 和基于字符串的重载。 + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - 删除 ToString 调用以使用强类型 StringBuilder 重载 + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - 删除 ToString 调用 + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - 最好使用 StringBuilder 的强类型 Append 和 Insert 方法重载 - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - 当字符串是单个字符时,"StringBuilder.Append(char)" 比 "StringBuilder.Append(string)" 更高效。使用常量调用 "Append" 时,请首选使用常量字符,而不是包含一个字符的常量字符串。 - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - 当输入是常量单位字符串时,请使用 "StringBuilder.Append(char)" 而不是 "StringBuilder.Append(string)" - - - - Consider using 'StringBuilder.Append(char)' when applicable - 若适用,请考虑使用 "StringBuilder.Append(char)" + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - 从 .NET 7 开始,在未选中上下文中溢出时,显式转换“{0}”将不会引发。使用“已选中”语句包装表达式以还原 .NET 6 行为。 + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - 从 .NET 7 开始,在已选中上下文中溢出时,显式转换“{0}”将会引发。使用“未选中”语句包装表达式以还原 .NET 6 行为。 + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - 在 .NET 7 中添加的某些内置运算符在溢出时的行为与 .NET 6 和早期版本中相应的用户定义运算符的行为不同。之前在未检查的上下文中引发的一些运算符现在只有在经检查的上下文中被包装时才会引发。此外,一些之前在经检查的上下文中不引发的运算符现在会引发,除非在未检查的上下文中被包装。 + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - 从 .NET 7 开始,运算符“{0}”将在选中上下文中溢出时引发。使用“未选中”语句包装表达式以还原 .NET 6 行为。 + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - 防止行为变更 + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - "Enum.HasFlag" 方法要求 "enum" 参数与调用该方法的实例具有相同的 "enum" 类型,并且此 "enum" 用 "System.FlagsAttribute" 标记。如果它们是不同的 "enum" 类型,则在运行时将引发未经处理的异常。如果 "enum" 类型未使用 "System.FlagsAttribute" 进行标记,则调用在运行时将始终返回 "false"。 + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - 参数类型“{0}”必须与枚举类型“{1}”相同。 + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - 向 "Enum.HasFlag" 提供正确的 "enum" 参数 + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - 传递到 System.String.Format 的 format 参数不包含与各对象参数相对应的格式项,反之亦然。 + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - 为格式化方法提供正确的参数 + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - 为格式化方法提供正确的参数 + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - 类型具有使用 System.Runtime.Serialization.OptionalFieldAttribute 特性标记的字段,并且该类型不提供反序列化事件处理方法。 + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - 向类型 {0} 中添加“private void OnDeserialized(StreamingContext)”方法并使其具有 System.Runtime.Serialization.OnDeserializedAttribute 特性 + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - 向类型 {0} 中添加“private void OnDeserializing(StreamingContext)”方法并使其具有 System.Runtime.Serialization.OnDeserializingAttribute 特性 + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - 为可选字段提供反序列化方法 + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - 提供与派生自 “System.Runtime.InteropServices.SafeHandle” 的类型的包含类型一样可见的无参数构造函数可改进源生成的互操作解决方案的性能和使用情况。 + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - 提供与派生自 “System.Runtime.InteropServices.SafeHandle” 的“{0}”类型的包含类型一样可见的无参数构造函数 + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - 提供与派生自 “System.Runtime.InteropServices.SafeHandle” 的具体类型的包含类型一样可见的无参数构造函数 + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - 若要提高性能,请在子类化“Stream”时重写基于内存的异步方法。然后,根据基于内存的方法实现基于数组的方法。 + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - “{0}”重写基于数组的“{1}”,但不会重写基于内存的“{2}”,请考虑重写基于内存的“{2}”以提高性能。 + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - 在子类化 “Stream” 时提供异步方法的基于内存的重写 + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - 删除冗余的调用 + Remove redundant call Remove unnecessary call - 删除不必要调用 + Remove unnecessary call Replace string literal with char literal - 将字符串字面量替换为字符型文本 + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在的 DLL 注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - 查看 DLL 注入漏洞的代码 + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在的文件路径注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - 查看文件路径注入漏洞的代码 + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - 找到了潜在信息泄露漏洞,其中方法“{1}”中的“{0}”可能包含方法“{3}”中“{2}”的意外信息。 + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - 查看信息泄露漏洞的代码 + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在 LDAP 注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - 查看 LDAP 注入漏洞的代码 + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在开放重定向漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - 查看开放重定向漏洞的代码 + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在进程命令注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - 查看进程命令注入漏洞的代码 + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在正则表达式注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - 查看正则表达式注入漏洞的代码 + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在 SQL 注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - 检查 SQL 注入漏洞的代码 + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在 XAML 注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - 查看 XAML 注入漏洞的代码 + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在 XML 注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - 查看 XML 注入漏洞的代码 - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在 XPath 注入漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 - - - - Review code for XPath injection vulnerabilities - 查看 XPath 注入漏洞的代码 + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 找到了潜在跨站点脚本(XSS)漏洞,其中方法“{1}”中的“{0}”可能会受到方法“{3}”中“{2}”的用户控制数据的污染。 + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - 检查 XSS 漏洞的代码 + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - 直接使用用户输入的 SQL 查询可能容易受到 SQL 注入攻击。查看此 SQL 查询以查找潜在漏洞,请考虑使用参数化 SQL 查询。 + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - 查看传递给“{1}”中的“{0}”的查询字符串是否接受任何用户输入 + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - 检查 SQL 查询是否存在安全漏洞 + Review SQL queries for security vulnerabilities Seal class - 密封类 + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - 当某类型在其程序集外部不可访问且其包含程序集中没有子类型时,可以安全地密封该类型。密封类型可以提高性能。 + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - 类型“{0}”可以密封,因为它的包含程序集中没有子类型,并且在外部不可见 + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - 密封内部类型 + Seal internal types Set HttpOnly to true for HttpCookie - 将 HttpCookie 的 HttpOnly 设置为 true + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - 作为深度防御措施,请确保将安全敏感的 HTTP cookie 标记为 HttpOnly。这表示 Web 浏览器应禁止脚本访问 cookie。注入的恶意脚本是窃取 cookie 的常用方法。 + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - 使用 HttpCookie 时,HttpCookie.HttpOnly 被设置为 false 或根本不设置。请确保安全敏感的 cookie 标记为 HttpOnly,以防止恶意脚本窃取 cookie + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - 针对派生自 Page 的类设置 ViewStateUserKey + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - 设置 ViewStateUserKey 属性可帮助防止对应用程序的攻击,方法是允许为单个用户的视图状态变量分配标识符,使他们不能使用该变量来生成攻击。否则,会出现跨站点请求伪造漏洞。 + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - 从 ViewStateUserKey 派生的 {0} 类不能在 OnInit 方法或 Page_Init 方法中设置属性 + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - 指定区域性以帮助避免对当前区域性的意外隐式依赖。无论应用程序的区域性如何,使用固定版本都会生成一致的结果。 + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - 指定区域性或使用固定版本以避免对当前区域性的隐式依赖 + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - 指定区域性或使用固定版本 + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - 某方法或构造函数调用的成员有一个接受 System.Globalization.CultureInfo 参数的重载,但该方法或构造函数没有调用接受 CultureInfo 参数的重载。如果未提供 CultureInfo 或 System.IFormatProvider 对象,则重载成员提供的默认值可能不会在所有区域设置中产生想要的效果。如果要向用户显示结果,请指定 "CultureInfo.CurrentCulture" 作为 "CultureInfo" 参数。或者,如果软件将存储和访问此结果(例如,当将此结果保留到磁盘或数据库中时),则指定 "CultureInfo.InvariantCulture"。 + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - “{0}”的行为可能因当前用户的区域设置而异。请将“{1}”中的此调用替换为对“{2}”的调用。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - 指定 CultureInfo + Specify CultureInfo Specify current culture - 指定当前区域性 + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - 某方法或构造函数调用的一个或多个成员具有接受 System.IFormatProvider 参数的重载,但该方法或构造函数没有调用接受 IFormatProvider 参数的重载。如果未提供 System.Globalization.CultureInfo 或 System.IFormatProvider 对象,则重载成员提供的默认值可能不会在所有区域设置中产生想要的效果。如果要基于输入/输出向用户显示结果,请指定 "CultureInfo.CurrentCulture" 作为 "IFormatProvider" 参数。或者,如果软件将存储和访问此结果(例如,从磁盘/数据库加载此结果以及将它保留到磁盘/数据库中时),则指定 "CultureInfo.InvariantCulture"。 + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - “{0}”的行为可能因当前用户的区域设置而异。请将“{1}”中的此调用替换为对“{2}”的调用。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - “{0}”的行为可能因当前用户的区域设置而异。请将“{1}”中的此调用替换为对“{2}”的调用。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - “{0}”的行为可能因当前用户的区域设置而异。为 “IFormatProvider” 参数提供值。 + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - “{0}”将“{1}”作为 "IFormatProvider" 参数传递给“{2}”。此属性返回一个区域性,但它不适合格式化方法。 + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - “{0}”将“{1}”作为 "IFormatProvider" 参数传递给“{2}”。此属性返回一个区域性,但它不适合格式化方法。 + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - 指定 IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - 平台调用成员允许部分受信任的调用方,具有字符串参数,且不显式封送字符串。这可能导致潜在的安全漏洞。 + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - 指定对 P/Invoke 字符串参数进行封送处理 + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 字符串比较运算使用不设置 StringComparison 参数的方法重载。为了阐明意图,建议将重载与 StringComparison 参数一起使用。如果要向用户显示结果(例如,在对某个项列表进行排序以便在列表框中显示时),请指定 "StringComparison.CurrentCulture" 或 "StringComparison.CurrentCultureIgnoreCase" 作为 "StringComparison" 参数。如果比较不区分大小写的标识符(例如文件路径、环境变量或注册表项和值),则指定 "StringComparison.OrdinalIgnoreCase"。如果比较区分大小写的标识符,则指定 "StringComparison.Ordinal"。 + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - “{0}”具有采用 "StringComparison" 参数的方法重载。为了阐明意图,请将“{1}”中的此调用替换为对“{2}”的调用。 + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - 为了清晰起见,请指定 StringComparison + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 字符串比较运算使用不设置 StringComparison 参数的方法重载,因此它的行为可能因当前用户的区域设置而异。为了确保正确并阐明意图,强烈建议将重载与 StringComparison 参数一起使用。如果要向用户显示结果(例如,在对某个项列表进行排序以便在列表框中显示时),请指定 "StringComparison.CurrentCulture" 或 "StringComparison.CurrentCultureIgnoreCase" 作为 "StringComparison" 参数。如果比较不区分大小写的标识符(例如文件路径、环境变量或注册表项和值),则指定 "StringComparison.OrdinalIgnoreCase"。如果比较区分大小写的标识符,则指定 "StringComparison.Ordinal"。 + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - “{0}”的行为可能因当前用户的区域设置而异。请将“{1}”中的此调用替换为对“{2}”的调用。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - 为了确保正确,请指定 StringComparison + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - 同时使用 “static” 和 “abstract” 修饰符需要选择加入预览功能。有关详细信息,请参阅 https://aka.ms/dotnet-warnings/preview-features。 + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - 相比于使用 Equals,使用 String.Length 属性或 String.IsNullOrEmpty 方法比较字符串的速度要快得多。 + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - 使用 "string.Length" 属性或 "string.IsNullOrEmpty" 方法而不是 Equality 检查来测试是否有空字符串 + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - 使用字符串长度测试是否有空字符串 + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - 此表达式针对 Single.Nan 或 Double.Nan 测试某个值。使用 Single.IsNan(Single) 或 Double.IsNan(Double) 来测试值。 + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - 正确测试 NaN + Test for NaN correctly Test for NaN correctly - 正确测试 NaN + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - “ThreadStatic” 字段应在使用时延迟初始化,不应使用内联初始化,也不应在静态构造函数中显式初始化,这只会初始化县城上运行该类型的静态构造函数的字段。 + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - “ThreadStatic” 字段不应使用内联初始化 + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - “ThreadStatic” 字段初始化不正确 + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - “ThreadStatic” 仅影响静态字段。应用于实例字段时,它不会影响行为。 + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - 确保 “ThreadStatic” 仅用于静态字段 + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - “ThreadStatic” 仅影响静态字段 + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - 使用 ArgumentException 引发帮助程序 + Use ArgumentException throw helper Use ArgumentNullException throw helper - 使用 ArgumentNullException 引发帮助程序 + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - 使用 ArgumentOutOfRangeException 引发帮助程序 + Use ArgumentOutOfRangeException throw helper Use Array.Empty - 使用 Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - 数组值的基于范围的索引器生成数组所请求部分的副本。此副本在隐式用作 Span 或 Memory 值时常常是不需要的。使用 AsSpan 方法可避免此副本。 + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - 请使用 "{0}" 代替 "{2}" 上的基于 "{1}" 的索引器,以避免创建不必要的数据副本 + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - 对字符串使用“{0}”而不是基于范围的索引器 + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - 对数组使用“{0}”而不是基于范围的索引器 + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - 适当时,使用 AsSpan 或 AsMemory,而不是基于范围的索引器 + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 字符串值基于范围的索引器生成字符串的请求部分的副本。此副本在隐式用作 ReadOnlySpan 或 ReadOnlyMemory 值时常常是不需要的。使用 AsSpan 方法可避免使用不必要的副本。 + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 数组值的基于范围的索引器生成数组所请求部分的副本。此副本在隐式用作 ReadOnlySpan 或 ReadOnlyMemory 值时常常是不需要的。使用 AsSpan 方法可避免使用不必要的副本。 + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - 在返回 Task 的方法中时,使用方法的异步版本(如果存在)。 + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - “{0}”同步阻止。改为等待“{1}”。 + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - “{0}”同步阻止。请改用 await。 + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - 当在异步方法中时,调用异步方法 + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - 在 ASP.NET Core MVC 控制器中使用防伪造令牌 + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - 在未验证防伪造令牌的情况下处理 POST、PUT、PATCH 或 DELETE 请求可能易受跨站点请求伪造攻击。跨站点请求伪造攻击可将来自已通过身份验证的用户的恶意请求发送到 ASP.NET Core MVC 控制器。 + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - 方法 {0} 在不执行防伪造令牌验证的情况下处理 {1} 请求。你还需要确保 HTML 窗体发送防伪造令牌。 + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - 替换为 “CancellationToken.ThrowIfCancellationRequested” + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - “ThrowIfCancellationRequested” 自动检查是否已取消令牌,如果已取消,则引发 “OperationCanceledException”。 + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - 使用 “ThrowIfCancellationRequested”,而不是检查 “IsCancellationRequested” 并引发 “OperationCanceledException” + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - 使用 “ThrowIfCancellationRequested” + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - 使用具体类型可避免虚拟或接口调用开销,并启用内联。 + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - 将字段“{0}”的类型从“{1}”更改为“{2}”,以提高性能 + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - 将变量“{0}”的类型从“{1}”更改为“{2}”,以提高性能 + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - 将方法“{0}”的返回类型从“{1}”更改为“{2}”以提高性能 + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - 将参数“{0}”的类型从“{1}”更改为“{2}”以提高性能 + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - 将属性 '{0}' 的类型从 '{1}'更改为 '{2}',以提高性能 + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - 尽可能使用具体类型以提高性能 + Use concrete types when possible for improved performance Use Container Level Access Policy - 使用容器级别访问策略 + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - 未指定访问策略标识符,这使得令牌不可撤消。 + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - 如果可能,请考虑使用 Azure 基于角色的访问控制,而不是共享访问签名(SAS)。如果仍需使用 SAS,请在创建 SAS 时使用容器级别访问策略。 + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - 对 P/Invoke 使用 DefaultDllImportSearchPaths 属性 + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - 默认情况下,使用 DllImportAttribute 探测的 P/Invoke 包含许多目录,包括要加载的库的当前工作目录。对于某些应用程序,这可能是一个安全问题,它会导致 DLL 劫持。 + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - 方法 {0} 未对 P/Invoke 使用 DefaultDllImportSearchPaths 属性。 + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - 使用在禁用封送时起作用的等效代码 + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - “Environment.CurrentManagedThreadId” 比 “Thread.CurrentThread.ManagedThreadId” 更加简单快速。 + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - 使用 “Environment.CurrentManagedThreadId” + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - 使用 “Environment.CurrentManagedThreadId” 而不是 “Thread.CurrentThread.ManagedThreadId” + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - 使用 “Environment.CurrentManagedThreadId” + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - "Environment.ProcessId" 比 "Process.GetCurrentProcess().Id" 更简单且速度更快。 + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - 使用 "Environment.ProcessId" + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - 使用 "Environment.ProcessId" 而不是 "Process.GetCurrentProcess().Id" + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - 使用 "Environment.ProcessId" + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - “Environment.ProcessPath” 比 “Process.GetCurrentProcess().MainModule.FileName” 更为简单快速。 + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - 使用 “Environment.ProcessPath” + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - 使用 “Environment.ProcessPath” 而不是 “Process.GetCurrentProcess().MainModule.FileName” + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - 使用 “Environment.ProcessPath” + Use 'Environment.ProcessPath' Use indexer - 使用索引器 + Use indexer Use an invariant version - 使用固定版本 + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - 已定义操作系统调用方法,且具有等效功能的方法位于 .NET Framework 类库中。 + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - 使用 Win32 API 的托管等效项 + Use managed equivalents of win32 api Use managed equivalents of win32 api - 使用 Win32 API 的托管等效项 + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - 使用 ObjectDisposedException 引发帮助程序 + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - 非语义的字符串比较运算没有将 StringComparison 参数设置为 Ordinal 或 OrdinalIgnoreCase。通过将参数显式设置为 StringComparison.Ordinal 或 StringComparison.OrdinalIgnoreCase,通常可提高代码的速度、准确率和可靠性。 + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - 使用序数字符串比较 + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - Enumerable.Count() 可能枚举序列,而 Length/Count 属性是直接访问。 + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - 请使用 "{0}" 属性而不是 Enumerable.Count() + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - 在可用时使用 Length/Count 属性而不是 Count() + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - 设置具有足够密钥大小的 Rivest-Shamir-Adleman (RSA)算法 + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - 在使用的密钥大小太小时,加密算法容易遭到暴力破解攻击。 + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 非对称加密算法 {0} 的密钥大小小于 2048 位。请转而切换到至少具有 2048 位密钥大小的 RSA、ECDH 或者 ECDSA 算法。 + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - 通过 HTTPS 提供的应用程序必须使用安全 Cookie。 + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - 使用 SharedAccessProtocol HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS 对网络流量加密。请使用 HttpsOnly (而不是 HttpOrHttps)确保网络流量始终加密,从而帮助防止敏感数据泄露。 + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - 如果可能,请考虑使用 Azure 基于角色的访问控制,而不是共享访问签名(SAS)。如果仍需使用 SAS,请指定 SharedAccessProtocol.HttpsOnly。 + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - 使用“Clear()” + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - 使用“清除”(而不是具有默认值的“填充”)效率更高。 + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - 首选“Span<T>.Clear()”而不是“Span<T>.Fill(default)” + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - 首选“清除”而不是“填充” + Prefer 'Clear' over 'Fill' Use 'StartsWith' - 使用 "StartsWith" + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - 相较于将 "IndexOf" 的结果与零进行比较,使用 "StartsWith" 既更清晰又更快。 + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - 使用 "StartsWith",而不是将 "IndexOf" 的结果与 0 进行比较 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - 使用 "StartsWith" 而不是 "IndexOf" + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - 使用 “string.Equals” + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - 使用 “string.Equals” 更清晰还可能更快速,而不是将 “string.Compare” 的结果与零进行比较。 + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - 使用 “string.Equals”,而不是将 “string.Compare” 的结果与 0 进行比较 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - 使用 “string.Equals” - - - - Use 'AsSpan' with 'string.Concat' - 将 “AsSpan” 与 “string.Concat” 配合使用 - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - 使用 “AsSpan” 和 “string.Concat” 效率高于使用 “Substring” 和串联运算符。 - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - 使用基于跨度的 “string.Concat” 和 “AsSpan” 而不是 “Substring” - - - - Use span-based 'string.Concat' - 使用基于跨度的 “string.Concat” - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - “string.Contains(char)” 可用作用于单个字符查找的性能更好的重载。 - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - 在搜索单个字符时使用 “string.Contains(char)” 而不是 “string.Contain(string)” - - - - Use char literal for a single character lookup - 将字符型文本用于单个字符查找 + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - 在构造新的异常实例方面,引发帮助程序比 if 块更简单、更高效。 + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - 使用 "{0}.{1}" + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - 使用 "{0}.{1}",而不是显式引发新的异常实例 + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - 平台兼容性分析器需要有效的平台名称和版本。 + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - 版本“{0}”对于平台“{1}”无效。请为此平台使用包含 2{2} 部分的版本。 + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - 版本“{0}”对于平台“{1}”无效。请勿对此平台使用版本。 + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - 使用有效的平台字符串 + Use valid platform string The platform '{0}' is not a known platform name - 平台“{0}”不是已知的平台名称 + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - 应直接等待从成员调用返回的 ValueTask。尝试多次使用 ValueTask 或在已知完成前直接访问结果可能导致异常或损坏。 忽略此类 ValueTask 很可能表示存在功能 bug,可能会降低性能。 + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - ValueTask 实例不应让其结果可直接访问,除非该实例已完成。与任务不同,对 ValueTask 调用 Result 或 GetAwaiter().GetResult() 不能保证在操作完成前保持阻止。如果不能仅仅等待该实例,请考虑首先检查其 IsCompleted 属性(如果你知道是这种情况,则断言为 true)。 + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - ValueTask 实例应只使用一次,例如通过 await。多次使用同一个 ValueTask 实例会导致异常和数据损坏。 + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - 从方法调用返回的 ValueTask 实例应直接等待、返回或作为参数传递给另一个方法调用。其他用法(例如,将实例存储到本地或字段中)可能表示存在 bug,因为 ValueTask 实例必须只使用一次。 + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - 从方法调用返回的 ValueTask 实例应始终被使用(通常被等待)。如果不是这样,那么通常表示存在功能性 bug,但即使不存在功能性 bug,如果目标方法池对象与 ValueTask 一起使用,可能导致性能下降。 + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - 正确使用 ValueTask + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - 从不受信任的数据处理 XML 可能会加载危险的外部引用,这应该通过使用带有安全解析程序的 XmlReader 或禁用 DTD 处理来限制。 + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - 将 XmlReader 用于 "DataSet.ReadXml()" + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - 将 XmlReader 用于 "XmlSerializer.Deserialize()" + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - 将 XmlReader 用于 "XmlSchema.Read()" + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - 将 XmlReader 用于 XmlValidatingReader 构造函数 + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - 将 XmlReader 用于 XPathDocument 构造函数 + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - 重载“{0}.{1}”方法可能不安全。这样做可能会启用文档类型定义(DTD),DTD 可能会遭到拒绝服务攻击,这样做也可能会使用 XmlResolver,这可能会导致信息泄露。请改用采用 XmlReader 实例的重载,禁用 DTD 处理且没有 XmlResolver。 + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - “{0}”使用预览类型“{1}”,并且需要选择加入预览功能。有关详细信息,请参阅 {2}。 + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3}.“{0}”使用预览类型“{1}”,并且需要选择加入预览功能。有关详细信息,请参阅 {2}。 - - - - Use 'TryGetValue(TKey, out TValue)' - 使用 “TryGetValue(TKey, out TValue)” - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - 首选 “IDictionary.TryGetValue(TKey, out TValue)” 方法 - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - 首选 “TryGetValue” 调用,而不是由 “ContainsKey” 检查保护的字典索引器访问,以避免双重查找 - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - 首选 “TryGetValue” 调用,而不是通过 “ContainsKey” 检查保护的字典索引器访问。“ContainsKey” 和索引器都会查找位于底层的密钥,因此使用 “TryGetValue” 会删除额外的查找。 + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf index d71c7a0cc6..ba1f8bd793 100644 --- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf +++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf @@ -4,572 +4,572 @@ Add the 'NonSerialized' attribute to this field. - 將 'NonSerialized' 屬性新增至此欄位。 + Add the 'NonSerialized' attribute to this field. Add Serializable attribute - 新增可序列化屬性 + Add Serializable attribute Review cipher mode usage with cryptography experts - 與加密專家一同審查 Cipher 模式使用方式 + Review cipher mode usage with cryptography experts These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). - 這些 Cipher 模式可能容易遭受攻擊。請考慮使用建議的模式 (CBC、CTS)。 + These cipher modes might be vulnerable to attacks. Consider using recommended modes (CBC, CTS). Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). - 與加密專家一同審查 Cipher 模式 '{0}' 的使用方式。請考慮使用建議的模式 (CBC、CTS)。 + Review the usage of cipher mode '{0}' with cryptography experts. Consider using recommended modes (CBC, CTS). The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. - 屬性的字串常值參數並未正確剖析 URL、GUID 或版本。 + The string literal parameter of an attribute does not parse correctly for a URL, a GUID, or a version. In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' - 在 '{0}' 的建構函式中,將目前為 "{2}" 的引數值 '{1}',變更為可正確剖析成 '{3}' 的值 + In the constructor of '{0}', change the value of argument '{1}', which is currently "{2}", to something that can be correctly parsed as '{3}' In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' - 在 '{0}' 的建構函式中,將目前為空字串 ("") 的引數值 '{1}',變更為可正確剖析成 '{2}' 的值 + In the constructor of '{0}', change the value of argument '{1}', which is currently an empty string (""), to something that can be correctly parsed as '{2}' Attribute string literals should parse correctly - 屬性字串常值應正確剖析 + Attribute string literals should parse correctly Extract to static readonly field - 解壓縮至靜態唯讀欄位 + Extract to static readonly field Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. - 重複呼叫時不會重複使用以引數傳遞的常數陣列,這表示每次都會建立新的陣列。如果傳遞的陣列在呼叫的方法中未變動,請考慮將它們解壓縮至 'static readonly' 欄位,以提升效能。 + Constant arrays passed as arguments are not reused when called repeatedly, which implies a new array is created each time. Consider extracting them to 'static readonly' fields to improve performance if the passed array is not mutated within the called method. {Locked="static readonly"} Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array - 如果重複以呼叫的方法進行呼叫且未變動傳遞的陣列,則優先使用 'static readonly' 欄位,而不是常數陣列引數 + Prefer 'static readonly' fields over constant array arguments if the called method is called repeatedly and is not mutating the passed array {Locked="static readonly"} Avoid constant arrays as arguments - 避免常數陣列作為引數 + Avoid constant arrays as arguments Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. - 封送處理 'StringBuilder' 一律都會建立原生緩衝區複本,因而導致單一封送處理作業出現多重配置。 + Marshalling of 'StringBuilder' always creates a native buffer copy, resulting in multiple allocations for one marshalling operation. Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. - 請勿對 P/Invoke 使用 'StringBuilder' 參數。請考慮改用字元緩衝區。 + Avoid 'StringBuilder' parameters for P/Invokes. Consider using a character buffer instead. Avoid 'StringBuilder' parameters for P/Invokes - 請勿對 P/Invoke 使用 'StringBuilder' 參數 + Avoid 'StringBuilder' parameters for P/Invokes The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. - .NET Framework 類別庫可提供擷取自訂屬性的方法。根據預設,這些方法會搜尋屬性繼承階層。使用密封屬性可免於搜尋整個繼承階層,因而能提升效能。 + The .NET Framework class library provides methods for retrieving custom attributes. By default, these methods search the attribute inheritance hierarchy. Sealing the attribute eliminates the search through the inheritance hierarchy and can improve performance. Avoid unsealed attributes - 避免非密封屬性 + Avoid unsealed attributes Avoid unsealed attributes - 避免非密封屬性 + Avoid unsealed attributes Avoid unnecessary zero-length array allocations. Use {0} instead. - 避免非必要長度為零的陣列配置。改為使用 {0}。 + Avoid unnecessary zero-length array allocations. Use {0} instead. Avoid zero-length array allocations - 避免長度為零的陣列配置 + Avoid zero-length array allocations The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 將未受信任的資料還原序列化時,若沒有使用 SerializationBinder 來限制已還原序列化物件圖中的物件類型,方法 '{0}' 就不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize - 呼叫 BinaryFormatter.Deserialize 之前,請務必先設定 BinaryFormatter.Binder + Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 將未受信任的資料還原序列化時,若沒有使用 SerializationBinder 來限制已還原序列化物件圖中的物件類型,方法 '{0}' 就不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder - 未先設定 BinaryFormatter.Binder 之前,請勿呼叫 BinaryFormatter.Deserialize + Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. - 將不受信任的資料還原序列化時,方法 '{0}' 不安全。如果您需要改為偵測 BinaryFormatter 還原序列化,而不想要設定 SerializationBinder,則請停用規則 CA2300,並啟用規則 CA2301 和 CA2302。 + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302. The method '{0}' is insecure when deserializing untrusted data. - 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer BinaryFormatter - 請勿使用不安全的還原序列化程式 BinaryFormatter + Do not use insecure deserializer BinaryFormatter 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' 應該有要針對 'count' 引數複製的位元組數。使用 'Array.Length' 可能不符合需要複製的位元組數。 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. - 'Buffer.BlockCopy' 應該有要針對 'count' 引數複製的位元組數。使用 'Array.Length' 可能不符合需要複製的位元組數。 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument. Using 'Array.Length' may not match the number of bytes that needs to be copied. 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument - 'Buffer.BlockCopy' 應該有要針對 'count' 引數複製的位元組數 + 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). - 實作 Dispose 的方法,不會呼叫 GC.SuppressFinalize; 或未實作的 Dispose,會呼叫 GC.SuppressFinalize; 或方法會呼叫 GC.SuppressFinalize,並傳遞 'this' (Visual Basic 中為 Me) 以外的項目。 + A method that is an implementation of Dispose does not call GC.SuppressFinalize; or a method that is not an implementation of Dispose calls GC.SuppressFinalize; or a method calls GC.SuppressFinalize and passes something other than this (Me in Visual Basic). Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. - 將 {0} 變更為呼叫 {1}。如此一來,引進完成項的衍生類型即無須重新實作 'IDisposable' 就可呼叫它。 + Change {0} to call {1}. This will prevent derived types that introduce a finalizer from needing to re-implement 'IDisposable' to call it. Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. - 將 {0} 變更為呼叫 {1}。如此一來,可避免在物件處置過後或不在範圍內時,產生不必要的完成項。 + Change {0} to call {1}. This will prevent unnecessary finalization of the object once it has been disposed and it has fallen out of scope. {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. - {0} 於本身以外的其他項目上呼叫了 {1}。變更呼叫位置以傳遞 'this' (在 Visual Basic 中為 'Me')。 + {0} calls {1} on something other than itself. Change the call site to pass 'this' ('Me' in Visual Basic) instead. {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. - {0} 呼叫了 {1},但此方法通常只在 'IDisposable.Dispose' 的實作內呼叫。如需詳細資訊,請參閱 IDisposable 模式。 + {0} calls {1}, a method that is typically only called within an implementation of 'IDisposable.Dispose'. Refer to the IDisposable pattern for more information. Dispose methods should call SuppressFinalize - Dispose 方法應該呼叫 SuppressFinalize + Dispose methods should call SuppressFinalize , - , + , Separator used for separating list of platform names: {API} is only supported on: {‘windows’, ‘browser’, ‘linux’} ConstantExpected attribute is not applied correctly on the parameter. - 未在參數上正確套用 ConstantExpected 屬性。 + ConstantExpected attribute is not applied correctly on the parameter. Incorrect usage of ConstantExpected attribute - ConstantExpected 屬性的用法不正確 + Incorrect usage of ConstantExpected attribute The ConstantExpected attribute is required for the parameter due to the parent method annotation - 由於父方法註釋,參數需要 ConstantExpected 屬性 + The ConstantExpected attribute is required for the parameter due to the parent method annotation The '{0}' value is not compatible with parameter type of '{1}' - '{0}' 值與 '{1}' 的參數類型不相容 + The '{0}' value is not compatible with parameter type of '{1}' The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' - '{0}' 值不符合 '{1}' 到 '{2}' 的參數值範圍 + The '{0}' value does not fit within the parameter value bounds of '{1}' to '{2}' The constant is not of the same '{0}' type as the parameter - 常數不是與參數相同的 '{0}' 類型 + The constant is not of the same '{0}' type as the parameter The Min and Max values are inverted - 最小值和最大值會反轉 + The Min and Max values are inverted The argument should be a constant for optimal performance - 引數應為常數,以獲得最佳效能 + The argument should be a constant for optimal performance The '{0}' type is not supported for ConstantExpected attribute - ConstantExpected 屬性不支援 '{0}' 類型 + The '{0}' type is not supported for ConstantExpected attribute The constant does not fit within the value bounds of '{0}' to '{1}' - 常數不符合 '{0}' 到 '{1}' 的值範圍 + The constant does not fit within the value bounds of '{0}' to '{1}' The parameter expects a constant for optimal performance. - 參數需要常數,以獲得最佳效能。 + The parameter expects a constant for optimal performance. A constant is expected for the parameter - 預期參數為常數 + A constant is expected for the parameter When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 還原序列化不受信任的輸入時,將 {0} 物件還原序列化並不安全。'{1}' 屬於或衍生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type found in deserializable object graph - 在可還原序列化的物件圖形中,找到不安全的 DataSet 或 DataTable 類型 + Unsafe DataSet or DataTable type found in deserializable object graph When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. - 以 IFormatter 形式的序列化程式,還原序列化不受信任的輸入時,還原序列化 {0} 物件並不安全。'{1}' 屬於或衍生自 {0}。請確認自動產生的類型一律不會還原序列化不受信任的資料。 + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Ensure that the auto-generated type is never deserialized with untrusted data. Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks - 自動產生的可序列化類型中,出現的不安全 DataSet 或 DataTable,容易受到遠端程式碼執行攻擊 + Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 還原序列化不受信任的輸入時,將 {0} 物件還原序列化並不安全。'{1}' 屬於或衍生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks - 還原序列化後之物件圖表中的 Unsafe DataSet 或 DataTable 容易受到遠端程式碼執行攻擊 + Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. - 當使用採用 IFormatter 之序列化程式還原序列化不信任的輸入時,將 {0} 物件還原序列化並不安全。'{1}' 屬於或衍生自 {0}。 + When deserializing untrusted input with an IFormatter-based serializer, deserializing a {0} object is insecure. '{1}' either is or derives from {0}. Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks - 可序列化類型中不安全的 DataSet 或 DataTable 容易受到遠端程式碼執行攻擊 + Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 還原序列化不受信任的輸入時,將 {0} 物件還原序列化並不安全。'{1}' 屬於或衍生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable in serializable type - 可序列化類型中不安全的 DataSet 或 DataTable + Unsafe DataSet or DataTable in serializable type When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} - 還原序列化不受信任的輸入時,將 {0} 物件還原序列化並不安全。'{1}' 屬於或衍生自 {0} + When deserializing untrusted input, deserializing a {0} object is insecure. '{1}' either is or derives from {0} Unsafe DataSet or DataTable type in web deserializable object graph - 可還原序列化之物件圖形中不安全的 DataSet 或 DataTable 類型 + Unsafe DataSet or DataTable type in web deserializable object graph The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. - 還原序列化不受信任的資料時,方法 '{0}' 並不安全。請確定包含 '{0}' 呼叫的自動產生類別,不會還原序列化不受信任的資料。 + The method '{0}' is insecure when deserializing untrusted data. Make sure that auto-generated class containing the '{0}' call is not deserialized with untrusted data. Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data - 請確認包含 DataSet.ReadXml() 的自動產生類別,不會與不受信任的資料一起使用 + Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data The method '{0}' is insecure when deserializing untrusted data - 還原序列化不受信任的資料時,方法 '{0}' 不安全 + The method '{0}' is insecure when deserializing untrusted data Do not use DataSet.ReadXml() with untrusted data - 使用 DataSet.ReadXml() 時請勿附上不受信任的資料 + Do not use DataSet.ReadXml() with untrusted data The method '{0}' is insecure when deserializing untrusted data - 還原序列化不受信任的資料時,方法 '{0}' 不安全 + The method '{0}' is insecure when deserializing untrusted data Do not use DataTable.ReadXml() with untrusted data - 使用 DataTable.ReadXml() 時請勿附上不受信任的資料 + Do not use DataTable.ReadXml() with untrusted data HttpClients should enable certificate revocation list checks - HttpClients 應啟用憑證撤銷清單檢查 + HttpClients should enable certificate revocation list checks HttpClient is created without enabling CheckCertificateRevocationList - 已建立 HttpClient,但未啟用 CheckCertificateRevocationList + HttpClient is created without enabling CheckCertificateRevocationList Do Not Add Certificates To Root Store - 請勿將憑證新增至根存放區 + Do Not Add Certificates To Root Store Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate - 將憑證新增至作業系統的受信任根憑證,會增加驗證非法憑證不正確的風險 + Adding certificates to the operating system's trusted root certificates increases the risk of incorrectly authenticating an illegitimate certificate Do not use CreateEncryptor with non-default IV - 請勿使用具有非預設 IV 的 CreateEncryptor + Do not use CreateEncryptor with non-default IV Symmetric encryption uses non-default initialization vector, which could be potentially repeatable - 對稱式加密使用可能可重複的非預設初始化向量 + Symmetric encryption uses non-default initialization vector, which could be potentially repeatable Use Secure Cookies In ASP.NET Core - 在 ASP.Net Core 中使用安全 Cookie + Use Secure Cookies In ASP.NET Core Set CookieOptions.Secure = true when setting a cookie - 在設定 Cookie 時設定 CookieOptions.Secure = true + Set CookieOptions.Secure = true when setting a cookie Do Not Use Weak Key Derivation Function With Insufficient Iteration Count - 不要使用反覆運算計數不足的弱式金鑰衍生函數 (Key Derivation Function) + Do Not Use Weak Key Derivation Function With Insufficient Iteration Count Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - 當從密碼衍生密碼編譯金鑰時,請至少使用 {0} 個反覆項目。根據預設,Rfc2898DeriveByte 的 IterationCount 只有 1000 + Use at least {0} iterations when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. - 較舊的通訊協定版本的傳輸層安全性 (TLS) 比 TLS 1.2 和 TLS 1.3 不安全,而且更可能有新的弱點。請避免較舊的通訊協定版本,以將風險降至最低。 + Older protocol versions of Transport Layer Security (TLS) are less secure than TLS 1.2 and TLS 1.3, and are more likely to have new vulnerabilities. Avoid older protocol versions to minimize risk. Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. - 傳輸層安全性通訊協定版本 '{0}' 已淘汰。請使用 'None' 讓作業系統選擇版本。 + Transport Layer Security protocol version '{0}' is deprecated. Use 'None' to let the Operating System choose a version. Do not use deprecated SslProtocols values - 不要使用已淘汰的 SslProtocols 值 + Do not use deprecated SslProtocols values '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' 衍生自預覽類別 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' 衍生自預覽類別 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + {3} '{0}' derives from preview class '{1}' and therefore needs to opt into preview features. See {2} for more information. An assembly has to opt into preview features before using them. - 組合在使用前必須先加入預覽功能。 + An assembly has to opt into preview features before using them. Using '{0}' requires opting into preview features. See {1} for more information. - 使用 '{0}' 必須加入預覽功能。如需詳細資訊,請參閱 {1}。 + Using '{0}' requires opting into preview features. See {1} for more information. {2} Using '{0}' requires opting into preview features. See {1} for more information. - {2} 使用 '{0}' 必須加入預覽功能。如需詳細資訊,請參閱 {1}。 + {2} Using '{0}' requires opting into preview features. See {1} for more information. This API requires opting into preview features - 此 API 需要加入預覽功能 + This API requires opting into preview features A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. - 實作 System.IDisposable 的類型,宣告的欄位會是也實作 IDisposable 的類型。該欄位的 Dispose 方法,並非由宣告類型的 Dispose 方法呼叫。若要修正此規則違規,如果由您負責配置及釋放由該欄位所保留的非受控資源,則請在會實作 IDisposable 的欄位類型欄位上,呼叫 Dispose。 + A type that implements System.IDisposable declares fields that are of types that also implement IDisposable. The Dispose method of the field is not called by the Dispose method of the declaring type. To fix a violation of this rule, call Dispose on fields that are of types that implement IDisposable if you are responsible for allocating and releasing the unmanaged resources held by the field. '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. - '{0}' 包含 IDisposable 類型 '{2}' 的欄位 '{1}',但從未處置過該欄位。請變更 '{0}' 上的 Dispose 方法,在此欄位上呼叫 Close 或 Dispose。 + '{0}' contains field '{1}' that is of IDisposable type '{2}', but it is never disposed. Change the Dispose method on '{0}' to call Close or Dispose on this field. Disposable fields should be disposed - 可處置的欄位應受到處置 + Disposable fields should be disposed A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. - 實作 System.IDisposable 且有欄位會建議使用非受控資源的類型,不會實作完成項 (如 Object.Finalize 所述)。 + A type that implements System.IDisposable and has fields that suggest the use of unmanaged resources does not implement a finalizer, as described by Object.Finalize. Disposable types should declare finalizer - 可處置的類型應宣告完成項 + Disposable types should declare finalizer Disposable types should declare finalizer - 可處置的類型應宣告完成項 + Disposable types should declare finalizer A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. - 實作 System.IDisposable 的類型,會繼承自也實作 IDisposable 的類型。但繼承類型的 Dispose 方法,並未呼叫父類型的 Dispose 方法。若要修正此規則違規,請在 Dispose 方法中呼叫 base.Dispose。 + A type that implements System.IDisposable inherits from a type that also implements IDisposable. The Dispose method of the inheriting type does not call the Dispose method of the parent type. To fix a violation of this rule, call base.Dispose in your Dispose method. Ensure that method '{0}' calls '{1}' in all possible control flow paths - 確保方法 '{0}' 呼叫了所有可能控制流程路徑中的 '{1}' + Ensure that method '{0}' calls '{1}' in all possible control flow paths Dispose methods should call base class dispose - Dispose 方法應該呼叫基底類別處置 + Dispose methods should call base class dispose If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. - 如果未在可處置物件的所有參考都超出範圍前明確處置掉該物件,則該物件將在記憶體回收行程執行該物件的完成項時,於某個不定時間被處置掉。因為可能發生例外事件,導致物件的完成項無法執行,所以應改為明確處置掉物件。 + If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 請使用建議的處置模式,確認會在所有路徑上,處置由 '{0}' 所建立的物件。在可能的情況下,請將建立包在 'using' 陳述式或 'using' 宣告內。否則,請使用 try-finally 模式,同時在 try 區域之前先宣告專用的區域變數,並在 'finally' 區域中的非 null 值上,設定無條件 Dispose 引動過程,比如 'x?.Dispose()'。如果 try 區域內已明確地處置了該物件,或是處置擁有權已轉移到另一個物件或方法,則請在這類作業之後,對區域變數指派 'null',以避免在 'finally' 中發生雙重處置。 + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. - 請使用建議的處置模式,確認會在所有例外狀況路徑上,處置由 '{0}' 所建立的物件。在可能的情況下,請將建立包在 'using' 陳述式或 'using' 宣告內。否則,請使用 try-finally 模式,同時在 try 區域之前先宣告專用的區域變數,並在 'finally' 區域中的非 null 值上,設定無條件 Dispose 引動過程,比如 'x?.Dispose()'。如果 try 區域內已明確地處置了該物件,或是處置擁有權已轉移到另一個物件或方法,則請在這類作業之後,對區域變數指派 'null',以避免在 'finally' 中發生雙重處置。 + Use recommended dispose pattern to ensure that object created by '{0}' is disposed on all exception paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope - 在 '{0}' 所建立的物件上,在所有參考 System.IDisposable.Dispose 的項目超出範圍前,呼叫 System.IDisposable.Dispose + Call System.IDisposable.Dispose on object created by '{0}' before all references to it are out of scope Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. - 由 {0} 所建立的物件,並非隨著所有例外狀況路徑處置。於物件的所有參考之前呼叫 System.IDisposable.Dispose,超出範圍。 + Object created by '{0}' is not disposed along all exception paths. Call System.IDisposable.Dispose on the object before all references to it are out of scope. Dispose objects before losing scope - 必須在超出範圍前處置物件 + Dispose objects before losing scope Do Not Add Archive Item's Path To The Target File System Path - 請勿將封存項目的路徑新增到目標檔案系統路徑 + Do Not Add Archive Item's Path To The Target File System Path When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. - 從封存擷取檔案並使用封存項目的路徑時,請檢查路徑是否安全。封存路徑可以是相對路徑,可能導致從預期的檔案系統目標路徑外存取檔案系統,從而引發透過偷襲技術進行的惡意組態變更及遠端程式碼執行。 + When extracting files from an archive and using the archive item's path, check if the path is safe. Archive path can be relative and can lead to file system access outside of the expected file system target path, leading to malicious config changes and remote code execution via lay-and-wait technique. When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' - 在從相對封存項目路徑建立「方法 {1} 中的 {0}」路徑以擷取檔案,而且來源是未受信任的 ZIP 封存時,請務必處理相對封存項目路徑「方法 {3} 中的 {2}」 + When creating path for '{0} in method {1}' from relative archive item path to extract file and the source is an untrusted zip archive, make sure to sanitize relative archive item path '{2} in method {3}' Do Not Add Schema By URL - 請勿利用 URL 新增結構描述 + Do Not Add Schema By URL This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. - XmlSchemaCollection.Add 方法的此項多載,會在使用的 XML 讀取器執行個體上,從內部啟用 DTD 處理,然後使用 UrlResolver 解析外部 XML 實體。而結果就是會導致資訊外洩。攻擊者有可能會看到來自檔案系統或網路共用要進行機器處理 XML 的內容。此外,攻擊者也可將其用作為 DoS 向量。 + This overload of XmlSchemaCollection.Add method internally enables DTD processing on the XML reader instance used, and uses UrlResolver for resolving external XML entities. The outcome is information disclosure. Content from file system or network shares for the machine processing the XML can be exposed to attacker. In addition, an attacker can use this as a DoS vector. This overload of the Add method is potentially unsafe because it may resolve dangerous external references - 因為 Add 方法的此項多載可能解析了危險的外部參考,而有可能不安全 + This overload of the Add method is potentially unsafe because it may resolve dangerous external references By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. - 將重大的 TokenValidationParameter 驗證委派設定為 True 時,會停用重要的驗證保護,這可能會導致來自任何發行者或過期權杖的權杖遭到錯誤驗證。 + By setting critical TokenValidationParameter validation delegates to true, important authentication safeguards are disabled which can lead to tokens from any issuer or expired tokens being wrongly validated. The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. - {0} 設定為永遠傳回 True 的函式。設定驗證委派之後,即會覆寫預設驗證,並因為永遠會傳回 True,表示已完全停用此驗證。 + The {0} is set to a function that is always returning true. By setting the validation delegate, you are overriding default validation and by always returning true, this validation is completely disabled. Do not always skip token validation in delegates - 永遠不要在委派中略過權杖驗證 + Do not always skip token validation in delegates Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. - 不安全的還原序列化是一種弱點,會在有人使用未受信任的資料來不當使用應用程式的邏輯、發動拒絕服務的攻擊 (DoS),甚至是在任何程式碼的還原序列化期間執行該程式碼時出現。惡意使用者經常會在應用程式將他們控制的未受信任資料還原序列化時,濫用這些還原序列化功能 (基本上就是在還原序列化期間叫用危險的方法)。不安全的還原序列化攻擊一旦成功,攻擊者就有機會發動後續攻擊,例如 DoS 攻擊、驗證略過和遠端程式碼執行。 + Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict a Denial-of-Service (DoS) attack, or even execute arbitrary code upon it being deserialized. It’s frequently possible for malicious users to abuse these deserialization features when the application is deserializing untrusted data which is under their control. Specifically, invoke dangerous methods in the process of deserialization. Successful insecure deserialization attacks could allow an attacker to carry out attacks such as DoS attacks, authentication bypasses, and remote code execution. When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' - 將類別 '{0}' 的執行個體還原序列化時,方法 '{1}' 可以直接或間接呼叫危險的方法 '{2}' + When deserializing an instance of class '{0}', method '{1}' can directly or indirectly call dangerous method '{2}' Do Not Call Dangerous Methods In Deserialization - 不要在還原序列化期間呼叫危險的方法 + Do Not Call Dangerous Methods In Deserialization @@ -577,2625 +577,2660 @@ The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. Widening and user defined conversions are not supported with generic types. - Enumerable.Cast<T> 和 Enumerable.OfType<T> 需要相容的型別,以預期運作。 -Enumerable.Cast<T> 返回序列所使用的一般轉換 (IL 'unbox.any') 將在執行階段的指定型別元素上擲回 InvalidCastException。 -Enumerable.OfType<T> 使用的一般型別檢查 (C# 'is' operator/IL 'isinst') 永遠不會與指定的型別元素成功,因而產生空的順序。 -一般型別不支援擴大和使用者定義的轉換。 + Enumerable.Cast<T> and Enumerable.OfType<T> require compatible types to function expectedly. +The generic cast (IL 'unbox.any') used by the sequence returned by Enumerable.Cast<T> will throw InvalidCastException at runtime on elements of the types specified. +The generic type check (C# 'is' operator/IL 'isinst') used by Enumerable.OfType<T> will never succeed with elements of types specified, resulting in an empty sequence. +Widening and user defined conversions are not supported with generic types. Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime - 型別 '{0}' 與型別 '{1}' 不相容,轉換嘗試將在執行階段擲出 InvalidCastException + Type '{0}' is incompatible with type '{1}' and cast attempts will throw InvalidCastException at runtime This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' - 因為型別 '{0}' 與型別 '{1}' 不相容,所以此呼叫一定會產生空的順序 + This call will always result in an empty sequence because type '{0}' is incompatible with type '{1}' Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types - 請勿呼叫型別不相容的 Enumerable.Cast<T> 或 Enumerable.OfType<T> + Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types Do not call {0} on an {1} value - 請勿對 {1} 值呼叫 {0} + Do not call {0} on an {1} value Do not call ToImmutableCollection on an ImmutableCollection value - 請勿對 ImmutableCollection 值呼叫 TolmmutableCollection + Do not call ToImmutableCollection on an ImmutableCollection value TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. - TaskCompletionSource 有建構函式會採用控制基礎工作的 TaskCreationOptions,也有會採用儲存在工作內物件狀態的建構函式。不小心傳遞了 TaskContinuationOptions 而非 TaskCreationOptions 時,會導致呼叫將選項視為狀態。 + TaskCompletionSource has constructors that take TaskCreationOptions that control the underlying Task, and constructors that take object state that's stored in the task. Accidentally passing a TaskContinuationOptions instead of a TaskCreationOptions will result in the call treating the options as state. Replace TaskContinuationOptions with TaskCreationOptions. - 以 TaskCreationOptions 取代 TaskContinuationOptions。 + Replace TaskContinuationOptions with TaskCreationOptions. Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum - 引數內含 TaskContinuationsOptions 列舉,而非 TaskCreationOptions 列舉 + Argument contains TaskContinuationsOptions enum instead of TaskCreationOptions enum Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum - 傳遞到 TaskCompletionSource 建構函式的引數應為 TaskCreationOptions 列舉,而非 TaskContinuationOptions 列舉 + Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. - 建立工作時,請務必使用採用 TaskScheduler 的其中一個多載。預設會在 TaskScheduler.Current 上排程,但如此會造成死結。您可以使用 TaskScheduler.Default 在執行緒集區上進行排程,或明確傳遞 TaskScheduler.Current 以讓目的更加明確。 + Do not create tasks unless you are using one of the overloads that takes a TaskScheduler. The default is to schedule on TaskScheduler.Current, which would lead to deadlocks. Either use TaskScheduler.Default to schedule on the thread pool, or explicitly pass TaskScheduler.Current to make your intentions clear. Do not create tasks without passing a TaskScheduler - 建立工作時請務必傳遞 TaskScheduler + Do not create tasks without passing a TaskScheduler Do not create tasks without passing a TaskScheduler - 建立工作時請務必傳遞 TaskScheduler + Do not create tasks without passing a TaskScheduler Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. - 將完成項新增到衍生自 MemoryManager<T> 的類型時,可能會允許在 Span<T> 仍在使用記憶體時,釋出該記憶體。 + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T>. Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> - 將完成項新增到衍生自 MemoryManager<T> 的型別時,可能會在 Span<T> 仍在使用記憶體時,允許釋出該記憶體 + Adding a finalizer to a type derived from MemoryManager<T> may permit memory to be freed while it is still in use by a Span<T> Do not define finalizers for types derived from MemoryManager<T> - 請勿為衍生自 MemoryManager<T> 的類型定義完成項 + Do not define finalizers for types derived from MemoryManager<T> Do Not Disable Certificate Validation - 請勿停用憑證驗證 + Do Not Disable Certificate Validation A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. - 憑證可協助驗證伺服器的身分識別。用戶端應該驗證伺服器憑證來確保要求會傳送到正確的伺服器。如果 ServerCertificateValidationCallback 一律傳回 'true',則所有憑證都會通過驗證。 + A certificate can help authenticate the identity of the server. Clients should validate the server certificate to ensure requests are sent to the intended server. If the ServerCertificateValidationCallback always returns 'true', any certificate will pass validation. The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. - ServerCertificateValidationCallback 已設定為會一律傳回 true 來接受所有伺服器憑證的函式。請確保伺服器憑證經過驗證,以驗證收到要求之伺服器的身分識別。 - - - - Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. - 當 CheckCertificateRevocationList 屬性設為 true 時,使用 HttpClient 而不提供平台特定處理常式 (WinHttpHandler 或 CurlHandler 或 HttpClientHandler),將允許 HttpClient 接受已撤銷的憑證為有效。 + The ServerCertificateValidationCallback is set to a function that accepts any server certificate, by always returning true. Ensure that server certificates are validated to verify the identity of the server receiving requests. Do Not Disable HTTP Header Checking - 請勿停用 HTTP 標頭檢查 + Do Not Disable HTTP Header Checking HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. - 利用 HTTP 標頭檢查可編碼回應標頭中所發現的歸位字元與換行字元 (\r 與 \n)。此編碼方式有助於避開插入式攻擊,這類攻擊會惡意探索應用程式是否會回應標頭所包含的不受信任資料。 + HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header. Do not disable HTTP header checking - 請勿停用 HTTP 標頭檢查 + Do not disable HTTP header checking + + + + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. + Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler or HttpClientHandler) where the CheckCertificateRevocationList property is set to true, will allow revoked certificates to be accepted by the HttpClient as valid. Do Not Disable Request Validation - 請勿停用要求驗證 + Do Not Disable Request Validation Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. - 要求驗證是 ASP.NET 中的功能,其會檢查 HTTP 要求,並會決定其是否包含具潛在危險性的內容。這項檢查對標記或程式碼的 URL 查詢字串、Cookie 或因惡意目的而可能新增的張貼表單值,提供更佳的安全性。因此,一般最好能使用,且應持續啟用以達到全面性防禦。 + Request validation is a feature in ASP.NET that examines HTTP requests and determines whether they contain potentially dangerous content. This check adds protection from markup or code in the URL query string, cookies, or posted form values that might have been added for malicious purposes. So, it is generally desirable and should be left enabled for defense in depth. {0} has request validation disabled - {0} 已停用要求驗證 + {0} has request validation disabled Do Not Disable SChannel Use of Strong Crypto - 請勿停用 SChannel 使用強式加密 + Do Not Disable SChannel Use of Strong Crypto Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. - 自 .NET Framework 4.6 起,即建議 System.Net.ServicePointManager 及 System.Net.Security.SslStream 類別使用新的通訊協定。舊款通訊協定中有通訊協定弱點,已不支援。將 Switch.System.Net.DontEnableSchUseStrongCrypto 設定為 true,將會使用舊的弱式密碼編譯檢查,並會選擇退出通訊協定移轉。 + Starting with the .NET Framework 4.6, the System.Net.ServicePointManager and System.Net.Security.SslStream classes are recommended to use new protocols. The old ones have protocol weaknesses and are not supported. Setting Switch.System.Net.DontEnableSchUseStrongCrypto with true will use the old weak crypto check and opt out of the protocol migration. {0} disables TLS 1.2 and enables SSLv3 - {0} 停用 TLS 1.2 並啟用 SSLv3 + {0} disables TLS 1.2 and enables SSLv3 Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. - 權杖驗證檢查可確保在驗證權杖時,分析並驗證所有方面。關閉驗證可能會造成安全性漏洞,因為可能會允許未受信任的權杖通過驗證。 + Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation. TokenValidationParameters.{0} should not be set to false as it disables important validation - TokenValidationParameters.{0} 不應設定為 False,因為它會停用重要驗證 + TokenValidationParameters.{0} should not be set to false as it disables important validation Do not disable token validation checks - 請勿停用權杖驗證檢查 + Do not disable token validation checks Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. - 不要將 Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols 設定為 true。設定此參數會限制 Windows Communication Framework (WCF) 使用不安全且已淘汰的傳輸層安全性 (TLS) 1.0。 + Do not set Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols to true. Setting this switch limits Windows Communication Framework (WCF) to using Transport Layer Security (TLS) 1.0, which is insecure and obsolete. Do not disable ServicePointManagerSecurityProtocols - 不要停用 ServicePointManagerSecurityProtocols + Do not disable ServicePointManagerSecurityProtocols Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. - 請勿使用 'Dictionary.ContainsKey(key)' 保護 'Dictionary.Remove(key)'。前者已檢查金鑰是否存在,若沒有,則不會擲回。 + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)'. The former already checks whether the key exists, and will not throw if it does not. Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' - 請勿使用 'Dictionary.ContainsKey(key)' 保護 'Dictionary.Remove(key)' + Do not guard 'Dictionary.Remove(key)' with 'Dictionary.ContainsKey(key)' Unnecessary call to 'Dictionary.ContainsKey(key)' - 不需要呼叫 'Dictionary.ContainsKey(key)' + Unnecessary call to 'Dictionary.ContainsKey(key)' Do not hard-code certificate - 不要硬式編碼憑證 + Do not hard-code certificate Hard-coded certificates in source code are vulnerable to being exploited. - 原始程式碼中的硬式編碼憑證容易受到攻擊。 + Hard-coded certificates in source code are vulnerable to being exploited. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' - 發現潛在的安全性弱點,方法 '{1}' 中的 '{0}' 可能受來自方法 '{3}' 中 '{2}' 由硬式編碼的憑證所感染 + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded certificate from '{2}' in method '{3}' Do not hard-code encryption key - 不要硬式編碼加密金鑰 + Do not hard-code encryption key SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. - SymmetricAlgorithm 的 .Key 屬性,或方法的 rgbKey 參數不應為硬式編碼值。 + SymmetricAlgorithm's .Key property, or a method's rgbKey parameter, should never be a hard-coded value. Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' - 發現潛在的安全性弱點,方法 '{1}' 中的 '{0}' 可能受來自方法 '{3}' 中 '{2}' 由硬式編碼的金鑰所感染。 + Potential security vulnerability was found where '{0}' in method '{1}' may be tainted by hard-coded key from '{2}' in method '{3}' By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. - 根據預設,信任的根憑證授權單位的憑證存放區,設定有一組符合 Microsoft 根憑證計劃需求的公開 CA。因為所有信任的根 CA,都可以為任何所有發出憑證,所以攻擊者可以挑選一個您自行安裝的弱式 CA 或強迫式 CA 來攻擊,而只要一個弱式、惡意或強迫式 CA,就會侵害整個系統的安全性。而且,這些攻擊還很可能輕易地就被忽略,而讓事情變得更糟。 + By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Since all trusted root CAs can issue certificates for any domain, an attacker can pick a weak or coercible CA that you install by yourself to target for an attack - and a single vulnerable, malicious or coercible CA undermines the security of the entire system. To make matters worse, these attacks can go unnoticed quite easily. An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. - 若可以跨應用程式定義域界限直接存取某個物件,該物件即為弱式識別。嘗試取得弱式識別物件的鎖定之執行緒,有可能會被具有相同物件鎖定之不同應用程式定義域中的第二個執行緒封鎖。 + An object is said to have a weak identity when it can be directly accessed across application domain boundaries. A thread that tries to acquire a lock on an object that has a weak identity can be blocked by a second thread in a different application domain that has a lock on the same object. Do not lock on objects with weak identity - 請勿鎖定弱式識別的物件 + Do not lock on objects with weak identity Do not lock on objects with weak identity - 請勿鎖定弱式識別的物件 + Do not lock on objects with weak identity A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. - 方法會將字串常值以參數方式傳遞到 .NET Framework 類別庫中的建構函式或方法,且該字串應當地語系化。若要修正此規則的違規,請以透過 ResourceManager 類別的執行個體所擷取的字串,取代字串常值。 + A method passes a string literal as a parameter to a constructor or method in the .NET Framework class library and that string should be localizable. To fix a violation of this rule, replace the string literal with a string retrieved through an instance of the ResourceManager class. Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". - 方法 '{0}' 在呼叫 '{2}' 時傳遞了常值字串做為參數 '{1}'。請改為從資源表格擷取下列字串: "{3}"。 + Method '{0}' passes a literal string as parameter '{1}' of a call to '{2}'. Retrieve the following string(s) from a resource table instead: "{3}". Do not pass literals as localized parameters - 不要將常值當做已當地語系化的參數傳遞 + Do not pass literals as localized parameters An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. - 明確度不足或由執行階段所保留的例外狀況類型,一律不應由使用者程式碼引發。這會讓原始錯誤的偵測與偵錯更加困難。如果可能會擲回此例外狀況執行個體,請使用其他例外狀況類型。 + An exception of type that is not sufficiently specific or reserved by the runtime should never be raised by user code. This makes the original error difficult to detect and debug. If this exception instance might be thrown, use a different exception type. Exception type {0} is reserved by the runtime - 例外狀況型別 {0} 由執行階段所保留 + Exception type {0} is reserved by the runtime Exception type {0} is not sufficiently specific - 例外狀況型別 {0} 不夠明確 + Exception type {0} is not sufficiently specific Do not raise reserved exception types - 請勿引發保留的例外狀況類型 + Do not raise reserved exception types Do Not Serialize Types With Pointer Fields - 請勿將類型序列化為指標欄位 + Do Not Serialize Types With Pointer Fields Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. - 指標並非「安全類型」意味著您無法保證其所指向的記憶體是否正確。因此,指標欄位若為序列化類型很危險,因為如此可能會讓攻擊者能控制指標。 + Pointers are not "type safe" in the sense that you cannot guarantee the correctness of the memory they point at. So, serializing types with pointer fields is dangerous, as it may allow an attacker to control the pointer. Pointer field {0} on serializable type - 可序列化型別上的指標欄位 {0} + Pointer field {0} on serializable type Do Not Use Account Shared Access Signature - 不要使用帳戶共用存取簽章 + Do Not Use Account Shared Access Signature Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. - 共用存取簽章 (SAS) 對於使用 Azure 儲存體的任何應用程式而言,都是資訊安全模型至關重要的一部份,應向不具帳戶金鑰的用戶端提供儲存體帳戶有限且安全的權限。只要是可以透過服務 SAS 提供的作業,就也可以透過帳戶 SAS 提供,這意味著帳戶 SAS 的權限過大。因此建議您使用服務 SAS,更謹慎地委派存取權。 + Shared Access Signatures(SAS) are a vital part of the security model for any application using Azure Storage, they should provide limited and safe permissions to your storage account to clients that don't have the account key. All of the operations available via a service SAS are also available via an account SAS, that is, account SAS is too powerful. So it is recommended to use Service SAS to delegate access more carefully. Use Service SAS instead of Account SAS for fine grained access control and container-level access policy - 請使用服務 SAS 而非帳戶 SAS,以執行微調的存取控制和容器層級存取原則 + Use Service SAS instead of Account SAS for fine grained access control and container-level access policy Do Not Use Broken Cryptographic Algorithms - 請勿使用損壞的密碼編譯演算法 + Do Not Use Broken Cryptographic Algorithms An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. - 目前出現可用運算方式中斷此演算法的攻擊。如此會讓攻擊者能破壞原設計保證提供的密碼編譯。視此密碼編譯演算法的類型及應用方式之不同,會讓攻擊者能讀取加密的訊息、竄改加密的訊息、偽造數位簽章、竄改雜湊內容,或危害任何以此演算法為基礎的密碼系統。以長度大於或等於 128 位元的金鑰,取代搭配 AES (可接受 AES-256、AES-192 和 AES-128) 演算法的加密。以 SHA512、SHA384 或 SHA256 等 SHA-2 系列中的雜湊函數,取代雜湊用法。以長度大於或等於 2048 位元的金鑰,或金鑰長度大於或等於 256 位元的 ECDSA,取代搭配 RSA 的數位簽章。 + An attack making it computationally feasible to break this algorithm exists. This allows attackers to break the cryptographic guarantees it is designed to provide. Depending on the type and application of this cryptographic algorithm, this may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA512, SHA384, or SHA256. Replace digital signature uses with RSA with a key length greater than or equal to 2048-bits, or ECDSA with a key length greater than or equal to 256 bits. {0} uses a broken cryptographic algorithm {1} - {0} 使用損壞的密碼編譯演算法 {1} + {0} uses a broken cryptographic algorithm {1} For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. - 對於非空白集合,CountAsync() 和 LongCountAsync() 會列舉整個序列,而 AnyAsync() 則會停止於第一個項目或第一個符合條件的項目。 + For non-empty collections, CountAsync() and LongCountAsync() enumerate the entire sequence, while AnyAsync() stops at the first item or the first item that satisfies a condition. {0}() is used where AnyAsync() could be used instead to improve performance - 會在可使用 AnyAsync() 的地方改用 {0}() 來提升效能 + {0}() is used where AnyAsync() could be used instead to improve performance Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used - 不要在可使用 AnyAsync() 時使用 CountAsync() 或 LongCountAsync() + Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. - 對於非空白集合,Count() 和 LongCount() 會列舉整個序列,而 Any() 則會停止於第一個項目或第一個符合條件的項目。 + For non-empty collections, Count() and LongCount() enumerate the entire sequence, while Any() stops at the first item or the first item that satisfies a condition. {0}() is used where Any() could be used instead to improve performance - 會在可使用 Any() 的地方改用 {0}() 來提升效能 + {0}() is used where Any() could be used instead to improve performance Do not use Count() or LongCount() when Any() can be used - 不要在可使用 Any() 時使用 Count() 或 LongCount() + Do not use Count() or LongCount() when Any() can be used Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. - 對稱式加密應永遠使用不可重複的初始化向量以防止字典攻擊。 - - - - Do Not Use Deprecated Security Protocols - 請勿使用已淘汰的安全性通訊協定 - - - - Using a deprecated security protocol rather than the system default is risky. - 使用了已淘汰的安全性通訊協定而非系統預設值,相當具風險。 - - - - Hard-coded use of deprecated security protocol {0} - 硬式編碼使用了已淘汰的安全性通訊協定 {0} + Symmetric encryption should always use a non-repeatable initialization vector to prevent dictionary attacks. Do Not Use Digital Signature Algorithm (DSA) - 請勿使用數位簽章演算法 (DSA) + Do Not Use Digital Signature Algorithm (DSA) DSA is too weak to use. - DSA 太弱,所以無法使用。 + DSA is too weak to use. Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 非對稱式加密演算法 {0} 是弱式加密。請改為至少有 2048 金鑰大小的 RSA、ECDH 或 ECDSA 演算法。 + Asymmetric encryption algorithm {0} is weak. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. + + + + Do Not Use Deprecated Security Protocols + Do Not Use Deprecated Security Protocols + + + + Using a deprecated security protocol rather than the system default is risky. + Using a deprecated security protocol rather than the system default is risky. + + + + Hard-coded use of deprecated security protocol {0} + Hard-coded use of deprecated security protocol {0} This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. - 此集合是可直接編製索引的集合。完成此處的 LINQ 會導致不必要的配置與 CPU 工作。 + This collection is directly indexable. Going through LINQ here causes unnecessary allocations and CPU work. Do not use Enumerable methods on indexable collections. Instead use the collection directly. - 請勿在可索引的集合上,使用 Enumerable 方法。改為直接使用集合。 + Do not use Enumerable methods on indexable collections. Instead use the collection directly. Do not use Enumerable methods on indexable collections - 請勿在可索引的集合上,使用 Enumerable 方法 + Do not use Enumerable methods on indexable collections Do not use insecure randomness - 不要使用不安全的隨機性 + Do not use insecure randomness Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. - 使用密碼編譯弱式虛擬亂數產生器可能會讓攻擊者得以預測將要產生的安全性敏感性值。如果需要無法預測的值,或是要確保未以安全性敏感性方式使用弱式虛擬亂數時,請使用密碼編譯強式亂數產生器。 + Using a cryptographically weak pseudo-random number generator may allow an attacker to predict what security-sensitive value will be generated. Use a cryptographically strong random number generator if an unpredictable value is required, or ensure that weak pseudo-random numbers aren't used in a security-sensitive manner. {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. - {0} 是不安全的亂數產生器。當安全性需要隨機性時,請使用密碼編譯安全性亂數產生器。 + {0} is an insecure random number generator. Use cryptographically secure random number generators when randomness is required for security. Do not use obsolete key derivation function - 請勿使用已淘汰的金鑰衍生函數 + Do not use obsolete key derivation function Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. - 以密碼為基礎的金鑰衍生應搭配 SHA-2 使用 PBKDF2。請避免使用 PasswordDeriveBytes,因為這會產生 PBKDF1 金鑰。請避免使用 Rfc2898DeriveBytes.CryptDeriveKey,因為其未使用反覆運算次數或 Salt。 + Password-based key derivation should use PBKDF2 with SHA-2. Avoid using PasswordDeriveBytes since it generates a PBKDF1 key. Avoid using Rfc2898DeriveBytes.CryptDeriveKey since it doesn't use the iteration count or salt. Call to obsolete key derivation function {0}.{1} - 呼叫已淘汰的金鑰衍生函數 {0}.{1} + Call to obsolete key derivation function {0}.{1} String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. - 如果字串是暫留字串,則使用 'OutAttribute' 以值傳遞的字串參數可能會造成執行階段不穩定。 + String parameters passed by value with the 'OutAttribute' can destabilize the runtime if the string is an interned string. Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. - 請勿對以值傳遞的字串參數 '{0}' 使用 'OutAttribute'。如果需要將已修改的資料封送處理至呼叫者,請改用 'out' 關鍵字以傳址方式傳遞字串。 + Do not use the 'OutAttribute' for string parameter '{0}' which is passed by value. If marshalling of modified data back to the caller is required, use the 'out' keyword to pass the string by reference instead. Do not use 'OutAttribute' on string parameters for P/Invokes - 請勿在 P/Invoke 的字串參數上使用 'OutAttribute' + Do not use 'OutAttribute' on string parameters for P/Invokes Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. - 請勿將數值型別為 '{0}' 的引數傳遞至 'ReferenceEqualityComparer' 上的 'Equals' 方法。由於值 Boxing,這個對 'Equals' 的呼叫可能會返回未預期的結果。如果您想要使用 'ReferenceEqualityComparer',請考慮改為使用 'EqualityComparer',或傳遞參考型別引數。 + Do not pass an argument with value type '{0}' to the 'Equals' method on 'ReferenceEqualityComparer'. Due to value boxing, this call to 'Equals' can return an unexpected result. Consider using 'EqualityComparer' instead, or pass reference type arguments if you intend to use 'ReferenceEqualityComparer'. Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. - 每次呼叫此方法時,實值型別所輸入的引數,都是經過 Box 的唯一值,因此其結果可以是未預期的。 + Value type typed arguments are uniquely boxed for each call to this method, therefore the result can be unexpected. Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. - 請勿將數值型別為 '{0}' 的引數傳遞至 'ReferenceEquals'。由於值 Boxing,這個對 'Equals' 的呼叫可能會返回未預期的結果。如果您想要使用 'ReferenceEquals',請考慮改為使用 'Equals',或傳遞參考型別引數。 + Do not pass an argument with value type '{0}' to 'ReferenceEquals'. Due to value boxing, this call to 'ReferenceEquals' can return an unexpected result. Consider using 'Equals' instead, or pass reference type arguments if you intend to use 'ReferenceEquals'. Do not use ReferenceEquals with value types - 請勿使用有實值型別的 ReferenceEquals + Do not use ReferenceEquals with value types Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. - stackalloc 配置的堆疊空間只會在目前方法的引動過程結束時釋出。在迴圈中使用該空間可能會造成堆疊無限增長,最終導致堆疊溢位。 + Stack space allocated by a stackalloc is only released at the end of the current method's invocation. Using it in a loop can result in unbounded stack growth and eventual stack overflow conditions. Potential stack overflow. Move the stackalloc out of the loop. - 可能發生堆疊溢位。請將 stackalloc 移出迴圈。 + Potential stack overflow. Move the stackalloc out of the loop. Do not use stackalloc in loops - 請勿在迴圈中使用 stackalloc + Do not use stackalloc in loops Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. - 更高頻率的週期性活動,會讓 CPU 一直處於忙碌狀態,且會干擾關閉顯示器與硬碟的省電閒置計時器。 + Higher-frequency periodic activity will keep the CPU busy and interfere with power-saving idle timers that turn off the display and hard disks. Do not use timers that prevent power state changes - 請勿使用會讓電源狀態無法變更的計時器 + Do not use timers that prevent power state changes Do not use timers that prevent power state changes - 請勿使用會讓電源狀態無法變更的計時器 + Do not use timers that prevent power state changes Do not use unsafe DllImportSearchPath value - 不要使用不安全的 DllImportSearchPath 值 + Do not use unsafe DllImportSearchPath value There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. - 預設 DLL 搜尋目錄中可能有惡意的 DLL。或者,視應用程式的執行位置而定,應用程式的目錄中可能有惡意的 DLL。請改用指定明確搜尋路徑的 DllImportSearchPath 值。此規則尋找的 DllImportSearchPath 旗標可在 .editorconfig 中設定。 + There could be a malicious DLL in the default DLL search directories. Or, depending on where your application is run from, there could be a malicious DLL in the application's directory. Use a DllImportSearchPath value that specifies an explicit search path instead. The DllImportSearchPath flags that this rule looks for can be configured in .editorconfig. Use of unsafe DllImportSearchPath value {0} - 使用不安全的 DllImportSearchPath 值 {0} + Use of unsafe DllImportSearchPath value {0} Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. - 對單一工作使用 'WaitAll' 可能會造成效能降低,請改為等待或返回工作。 + Using 'WaitAll' with a single task may result in performance loss, await or return the task instead. Replace 'WaitAll' with single 'Wait' - 以單一 'Wait' 取代 'WaitAll' + Replace 'WaitAll' with single 'Wait' Do not use 'WaitAll' with a single task - 不要對單一工作使用 'WaitAll' + Do not use 'WaitAll' with a single task Do Not Use Weak Cryptographic Algorithms - 請勿使用弱式密碼編譯演算法 + Do Not Use Weak Cryptographic Algorithms Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. - 因為攻擊者取得更多的運算存取,讓攻擊升級,以致密碼編譯演算法隨著時間減弱。視此密碼編譯演算法的類型及應用方式之不同,密碼編譯強度日益減弱,會讓攻擊者能讀取加密的訊息、竄改加密的訊息、偽造數位簽章、竄改雜湊內容,或危害任何以此演算法為基礎的密碼系統。以長度大於或等於 128 位元的金鑰,取代搭配 AES (可接受 AES-256、AES-192 和 AES-128) 演算法的加密。以 SHA-2 512、SHA-2 384 或 SHA-2 256 等 SHA-2 系列中的雜湊函數,取代雜湊用途。 + Cryptographic algorithms degrade over time as attacks become for advances to attacker get access to more computation. Depending on the type and application of this cryptographic algorithm, further degradation of the cryptographic strength of it may allow attackers to read enciphered messages, tamper with enciphered  messages, forge digital signatures, tamper with hashed content, or otherwise compromise any cryptosystem based on this algorithm. Replace encryption uses with the AES algorithm (AES-256, AES-192 and AES-128 are acceptable) with a key length greater than or equal to 128 bits. Replace hashing uses with a hashing function in the SHA-2 family, such as SHA-2 512, SHA-2 384, or SHA-2 256. {0} uses a weak cryptographic algorithm {1} - {0} 使用弱式密碼編譯演算法 {1} + {0} uses a weak cryptographic algorithm {1} Ensure Key Derivation Function algorithm is sufficiently strong - 確認金鑰衍生函數 (Key Derivation Function) 演算法是否夠強 + Ensure Key Derivation Function algorithm is sufficiently strong Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. - Rfc2898DeriveBytes 類別的部分實作使雜湊演算法能在建構函式參數中指定,或在 HashAlgorithm 屬性中覆寫。如果指定雜湊演算法,則其應為 SHA-256 以上 (含)。 + Some implementations of the Rfc2898DeriveBytes class allow for a hash algorithm to be specified in a constructor parameter or overwritten in the HashAlgorithm property. If a hash algorithm is specified, then it should be SHA-256 or higher. {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. - {0} 可能使用的是弱式雜湊演算法。請使用 SHA256、SHA384 或 SHA512,從密碼建立增強式金鑰。 + {0} might be using a weak hash algorithm. Use SHA256, SHA384, or SHA512 to create a strong key from a password. When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). - 當從密碼等使用者提供的輸入衍生密碼編譯金鑰時,請使用足夠的反覆項目計數 (至少 100k)。 + When deriving cryptographic keys from user-provided inputs such as password, use sufficient iteration count (at least 100k). Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. - 對單一工作使用 'WhenAll' 可能會造成效能降低,請改為等待或返回工作。 + Using 'WhenAll' with a single task may result in performance loss, await or return the task instead. Replace 'WhenAll' call with argument - 請以引數取代 'WhenAll' 呼叫 + Replace 'WhenAll' call with argument Do not use 'WhenAll' with a single task - 不要對單一工作使用 'WhenAll' + Do not use 'WhenAll' with a single task Do Not Use XslTransform - 請勿使用 XslTransform + Do Not Use XslTransform Do not use XslTransform. It does not restrict potentially dangerous external references. - 請勿使用 XslTransform。它不會限制可能引發危險的外部參考。 + Do not use XslTransform. It does not restrict potentially dangerous external references. Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. - 提供功能性 'DynamicInterfaceCastableImplementationAttribute' 屬性介面需要預設的介面成員功能,但 Visual Basic 不支援此功能。 + Providing a functional 'DynamicInterfaceCastableImplementationAttribute'-attributed interface requires the Default Interface Members feature, which is unsupported in Visual Basic. Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - 不支援在 Visual Basic 中提供 'DynamicInterfaceCastableImplementation' 介面 + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported - 不支援在 Visual Basic 中提供 'DynamicInterfaceCastableImplementation' 介面 + Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. - 停用執行階段封送處理時,使用需要執行階段封送處理的功能會導致執行階段例外狀況。 + Using features that require runtime marshalling when runtime marshalling is disabled will result in runtime exceptions. Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled - 具有 '[StructLayout(LayoutKind.Auto)]' 的類型需要啟用執行階段封送處理 + Types with '[StructLayout(LayoutKind.Auto)]' require runtime marshalling to be enabled By-ref parameters require runtime marshalling to be enabled - By-ref 參數需要啟用執行階段封送處理 + By-ref parameters require runtime marshalling to be enabled Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined - 若委派受管理的類型為參數或傳回型別,則需要在定義委派的組件中啟用執行階段封送處理 + Delegates with managed types as parameters or the return type require runtime marshalling to be enabled in the assembly where the delegate is defined HResult-swapping requires runtime marshalling to be enabled - HResult-swapping 需要啟用執行階段封送處理 + HResult-swapping requires runtime marshalling to be enabled Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled - 使用 'LCIDConversionAttribute' 需要啟用執行階段封送處理 + Using 'LCIDConversionAttribute' requires runtime marshalling to be enabled Managed parameter or return types require runtime marshalling to be enabled - 受控參數或傳回類型需要啟用執行階段封送處理 + Managed parameter or return types require runtime marshalling to be enabled Setting SetLastError to 'true' requires runtime marshalling to be enabled - 將 SetLastError 設定為 'true' 需要啟用執行階段封送處理 + Setting SetLastError to 'true' requires runtime marshalling to be enabled Varadic P/Invoke signatures require runtime marshalling to be enabled - Varadic P/Invoke 簽章需要啟用執行階段封送處理 + Varadic P/Invoke signatures require runtime marshalling to be enabled Property, type, or attribute requires runtime marshalling - 屬性、類型或屬性需要執行階段封送處理 + Property, type, or attribute requires runtime marshalling '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - '{0}' 的類型包含預覽類型 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. - {3} '{0}' 的類型包含預覽類型 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + {3} '{0}''s type contains the preview type '{1}' and requires opting into preview features. See {2} for more information. Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. - 將 'CancellationToken' 參數轉送給方法,以確保作業取消通知能正確地散佈,或明確地傳入 'CancellationToken.None',以表示刻意不散佈權杖。 + Forward the 'CancellationToken' parameter to methods to ensure the operation cancellation notifications gets properly propagated, or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token. Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token - 將 '{0}' 參數傳遞給 '{1}' 方法,或明確傳遞 'CancellationToken.None',以表示有意不散佈權杖 + Forward the '{0}' parameter to the '{1}' method or pass in 'CancellationToken.None' explicitly to indicate intentionally not propagating the token Forward the 'CancellationToken' parameter to methods - 將 'CancellationToken' 參數轉送給方法 + Forward the 'CancellationToken' parameter to methods Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. - 請避免對 SecurityProtocolType {0} 進行硬式編碼,並改為使用 SecurityProtocolType.SystemDefault 以便作業系統針對要使用的傳輸層安全性通訊協定進行最佳選擇。 + Avoid hardcoding SecurityProtocolType {0}, and instead use SecurityProtocolType.SystemDefault to allow the operating system to choose the best Transport Layer Security protocol to use. Avoid hardcoding SecurityProtocolType value - 請避免對 SecurityProtocolType 值進行硬式編碼 + Avoid hardcoding SecurityProtocolType value Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. - 若發現弱點,則目前的傳輸層安全性通訊協定版本可能會受到淘汰。請避免硬式編碼 SslProtocols 值來確保應用程式安全。請使用 'None' 讓作業系統選擇版本。 + Current Transport Layer Security protocol versions may become deprecated if vulnerabilities are found. Avoid hardcoding SslProtocols values to keep your application secure. Use 'None' to let the Operating System choose a version. Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. - 請避免硬式編碼 SslProtocols '{0}',以確保應用程式在未來的安全性。請使用 'None' 讓作業系統選擇版本。 + Avoid hardcoding SslProtocols '{0}' to ensure your application remains secure in the future. Use 'None' to let the Operating System choose a version. Avoid hardcoded SslProtocols values - 避免硬式編碼 SslProtocols 值 + Avoid hardcoded SslProtocols values Generic math interfaces require the derived type itself to be used for the self recurring type parameter. - 泛型數學介面需要衍生型別本身,才能用於自我週期性類型參數。 + Generic math interfaces require the derived type itself to be used for the self recurring type parameter. The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' - '{0}' 需要 '{1}' 類型參數,以填入衍生類型 '{2}' + The '{0}' requires the '{1}' type parameter to be filled with the derived type '{2}' Use correct type parameter - 使用正確的類型參數 + Use correct type parameter To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. - 若要修正此規則違規,請將 GetObjectData 方法設定為可見且可覆寫,並確定所有執行個體欄位都包含在序列化程序中,或是使用 NonSerializedAttribute 屬性明確地標記。 + To fix a violation of this rule, make the GetObjectData method visible and overridable, and make sure that all instance fields are included in the serialization process or explicitly marked by using the NonSerializedAttribute attribute. Add an implementation of GetObjectData to type {0} - 將 GetObjectData 的實作加入型別 {0} + Add an implementation of GetObjectData to type {0} Make {0}.GetObjectData virtual and overridable - 請將 {0}.GetObjectData 設定成虛擬和可覆寫 + Make {0}.GetObjectData virtual and overridable Increase the accessibility of {0}.GetObjectData so that it is visible to derived types - 增大 {0}.GetObjectData 的存取範圍,讓它對衍生型別而言為可見的 + Increase the accessibility of {0}.GetObjectData so that it is visible to derived types Implement ISerializable correctly - 必須正確實作 ISerializable + Implement ISerializable correctly Implement inherited interfaces - 實作繼承的介面 + Implement inherited interfaces Implement Serialization constructor - 實作序列化建構函式 + Implement Serialization constructor To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. - 若要修正此規則違規,請實作序列化建構函式。若是密封類別,請將其設定為私人建構函式; 否則,請將其設定為受保護。 + To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected. Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. - 使用下列簽章將建構函式加入 {0}: 'protected {0}(SerializationInfo info, StreamingContext context)'。 + Add a constructor to {0} with the following signature: 'protected {0}(SerializationInfo info, StreamingContext context)'. Declare the serialization constructor of {0}, a sealed type, as private. - 將 {0} 的序列化建構函式 (sealed 類型) 宣告為 private。 + Declare the serialization constructor of {0}, a sealed type, as private. Declare the serialization constructor of {0}, an unsealed type, as protected. - 將 {0} 的序列化建構函式 (unsealed 類型) 宣告為 protected。 + Declare the serialization constructor of {0}, an unsealed type, as protected. Implement serialization constructors - 必須實作序列化建構函式 + Implement serialization constructors A method that handles a serialization event does not have the correct signature, return type, or visibility. - 處理序列化事件的方法,沒有正確的簽章、傳回型別或可見度。 + A method that handles a serialization event does not have the correct signature, return type, or visibility. Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic - 因為 {0} 標記著 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,請變更其特徵標記,使其不再是泛型 + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it is no longer generic Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' - 因為 {0} 標記著 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,請變更其特徵標記,使其接受 'System.Runtime.Serialization.StreamingContext' 型別的單一參數 + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its signature so that it takes a single parameter of type 'System.Runtime.Serialization.StreamingContext' Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) - 因為 {0} 標記著 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,請將它的傳回型別從 {1} 變更成 void (Visual Basic 中為 Sub) + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its return type from {1} to void (Sub in Visual Basic) Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method - 因為 {0} 標記著 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,請將它從 static (Visual Basic 中為 Shared) 變更成執行個體方法 + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change it from static (Shared in Visual Basic) to an instance method Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private - 因為 {0} 標記著 OnSerializing、OnSerialized、OnDeserializing 或 OnDeserialized,請將其存取範圍變更成 private + Because {0} is marked with OnSerializing, OnSerialized, OnDeserializing, or OnDeserialized, change its accessibility to private Implement serialization methods correctly - 必須正確實作序列化方法 + Implement serialization methods correctly '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' 會實作預覽介面 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' 會實作預覽介面 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + {3} '{0}' implements the preview interface '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' 會實作預覽方法 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' 會實作預覽方法 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + {3} '{0}' implements the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 參考型別會宣告明確的靜態建構函式。若要修正此規則的違規,請於宣告所有靜態資料時將其初始化,並移除靜態建構函式。 + A reference type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize reference type static fields inline - 初始化參考型別靜態欄位內嵌 + Initialize reference type static fields inline Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor - 在宣告 {0} 中的所有靜態欄位時,將其初始化,並移除明確的靜態建構函式。 + Initialize all static fields in '{0}' when those fields are declared and remove the explicit static constructor A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. - 實值型別會宣告明確的靜態建構函式。若要修正此規則的違規,請於宣告所有靜態資料時將其初始化,並移除靜態建構函式。 + A value type declares an explicit static constructor. To fix a violation of this rule, initialize all static data when it is declared and remove the static constructor. Initialize value type static fields inline - 初始化實值型別靜態欄位內嵌 + Initialize value type static fields inline Change to call the two argument constructor, pass null for the message. - 變更為呼叫兩個引數建構函式,針對訊息傳遞 Null。 + Change to call the two argument constructor, pass null for the message. A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. - 已呼叫例外狀況類型為 ArgumentException 或由其衍生的預設 (無參數) 建構函式; 或將不正確的字串引數傳遞到例外狀況類型為 ArgumentException 或由其衍生的參數化建構函式。 + A call is made to the default (parameterless) constructor of an exception type that is or derives from ArgumentException, or an incorrect string argument is passed to a parameterized constructor of an exception type that is or derives from ArgumentException. Swap the arguments order - 交換引數順序 + Swap the arguments order Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. - 方法 {0} 會將參數名稱 '{1}' 以 {2} 引數傳遞到 {3} 建構函式。請以描述性訊息取代此引數,並將該參數名稱傳遞到正確的位置。 + Method {0} passes parameter name '{1}' as the {2} argument to a {3} constructor. Replace this argument with a descriptive message and pass the parameter name in the correct position. Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. - 方法 {0} 會將 '{1}' 以 {2} 引數傳遞到 {3} 建構函式。請以此方法的其中一個參數名稱,取代此引數。請注意,提供的參數名稱大小寫必須和該方法上宣告的大小寫完全一樣。 + Method {0} passes '{1}' as the {2} argument to a {3} constructor. Replace this argument with one of the method's parameter names. Note that the provided parameter name should have the exact casing as declared on the method. Call the {0} constructor that contains a message and/or paramName parameter - 呼叫包含 message 及 (或) paramName 參數的 {0} 建構函式 + Call the {0} constructor that contains a message and/or paramName parameter Instantiate argument exceptions correctly - 正確地將引數例外狀況具現化 + Instantiate argument exceptions correctly Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. - 以 'DynamicInterfaceCastableImplementationAttribute' 作為屬性的類型,會當作實作 'IDynamicInterfaceCastable' 類型之類型的介面實作。因此,它必須提供繼承介面中定義之所有成員的實作,因為實作 'IDynamicInterfaceCastable' 的類型不會以其他方式提供它們。 + Types attributed with 'DynamicInterfaceCastableImplementationAttribute' act as an interface implementation for a type that implements the 'IDynamicInterfaceCastable' type. As a result, it must provide an implementation of all of the members defined in the inherited interfaces, because the type that implements 'IDynamicInterfaceCastable' will not provide them otherwise. Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces - 類型 '{0}' 已套用 'DynamicInterfaceCastableImplementationAttribute',但未提供繼承介面中定義之所有介面成員的實作 + Type '{0}' has the 'DynamicInterfaceCastableImplementationAttribute' applied to it but does not provide an implementation of all interface members defined in inherited interfaces All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface - 在父介面中宣告的所有成員,在 DynamicInterfaceCastableImplementation 屬性介面中都必須有一個實作 + All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 若使用以 SimpleTypeResolver 初始化的 JavaScriptSerializer 將未受信任的資料還原序列化,方法 '{0}' 就不安全。請確認將 JavaScriptSerializer 初始化時,未指定 JavaScriptTypeResolver,或使用 JavaScriptTypeResolver 來限制已還原序列化物件圖中的物件類型。 + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Ensure that the JavaScriptSerializer is initialized without a JavaScriptTypeResolver specified, or initialized with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing - 請確認 JavaScriptSerializer 在還原序列化之前未以 SimpleTypeResolver 初始化 + Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. - 若使用以 SimpleTypeResolver 初始化的 JavaScriptSerializer 將未受信任的資料還原序列化,方法 '{0}' 就不安全。將 JavaScriptSerializer 初始化時,請不要指定 JavaScriptTypeResolver,或使用 JavaScriptTypeResolver 來限制已還原序列化物件圖中的物件類型。 + The method '{0}' is insecure when deserializing untrusted data with a JavaScriptSerializer initialized with a SimpleTypeResolver. Initialize JavaScriptSerializer without a JavaScriptTypeResolver specified, or initialize with a JavaScriptTypeResolver that limits the types of objects in the deserialized object graph. Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver - 無法以使用了 SimpleTypeResolver 的 JavaScriptSerializer 還原序列化 + Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用還原序列化 JsonSerializer 時,請使用 TypeNameHandling.None,或對 None 以外的值使用 SerializationBinder 來限制還原序列化類型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not deserialize with JsonSerializer using an insecure configuration - 不要使用不安全的組態以 JsonSerializer 還原序列化 + Do not deserialize with JsonSerializer using an insecure configuration When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用 JsonSerializerSettings 時,請使用 TypeNameHandling.None,或對 None 以外的值使用 SerializationBinder 來限制還原序列化類型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Do not use insecure JsonSerializerSettings - 請勿使用不安全的 JsonSerializerSettings + Do not use insecure JsonSerializerSettings When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. - 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用還原序列化 JsonSerializer 時,請使用 TypeNameHandling.None,或對 None 以外的值使用 SerializationBinder 來限制還原序列化類型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using deserializing JsonSerializer, use TypeNameHandling.None, or for values other than None, restrict deserialized types with a SerializationBinder. Ensure that JsonSerializer has a secure configuration when deserializing - 還原序列化時,請確認 JsonSerializer 有安全的組態 + Ensure that JsonSerializer has a secure configuration when deserializing When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. - 將不信任的輸入還原序列化時,允許將任意類型還原序列化是不安全的。當使用 JsonSerializerSettings 時,請確保指定 TypeNameHandling.None,或對 None 以外的值確保指定 SerializationBinder 來限制還原序列化類型。 + When deserializing untrusted input, allowing arbitrary types to be deserialized is insecure. When using JsonSerializerSettings, ensure TypeNameHandling.None is specified, or for values other than None, ensure a SerializationBinder is specified to restrict deserialized types. Ensure that JsonSerializerSettings are secure - 確保 JsonSerializerSettings 是安全的 + Ensure that JsonSerializerSettings are secure Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. - 使用非 None 的 TypeNameHandling 值時,將 JSON 還原序列化可能不安全。若您需要在未指定 SerializationBinder 時,偵測 Json.NET 還原序列化,請停用規則 CA2326,並啟用規則 CA2327、CA2328、CA2329 及 CA2330。 + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. If you need to instead detect Json.NET deserialization when a SerializationBinder isn't specified, then disable rule CA2326, and enable rules CA2327, CA2328, CA2329, and CA2330. Deserializing JSON when using a TypeNameHandling value other than None can be insecure. - 使用非 None 的 TypeNameHandling 值時,將 JSON 還原序列化可能不安全。 + Deserializing JSON when using a TypeNameHandling value other than None can be insecure. Do not use TypeNameHandling values other than None - 請勿使用非 None 的 TypeNameHandling 值 + Do not use TypeNameHandling values other than None The method '{0}' is insecure when deserializing untrusted data. - 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer LosFormatter - 請勿使用不安全的還原序列化程式 LosFormatter + Do not use insecure deserializer LosFormatter Convert to static method - 轉換成靜態方法 + Convert to static method Converting an instance method to a static method may produce invalid code - 將執行個體方法轉換為靜態方法可能會產生不正確的程式碼 + Converting an instance method to a static method may produce invalid code Make the constructor that takes zero parameters 'public' - 將接受零個參數的建構函式設為 'public' + Make the constructor that takes zero parameters 'public' An instance field of a type that is not serializable is declared in a type that is serializable. - 非可序列化類型的執行個體欄位,被宣告為可序列化的類型。 + An instance field of a type that is not serializable is declared in a type that is serializable. Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable - 欄位 {0} 是可序列化類型 {1} 的成員,但其所屬類型 {2} 則不可序列化 + Field {0} is a member of type {1} which is serializable but is of type {2} which is not serializable Mark all non-serializable fields - 必須標記所有不可序列化的欄位 + Mark all non-serializable fields The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. - NeutralResourcesLanguage 屬性會通知 ResourceManager 用於顯示組件之中性文化特性 (Culture) 資源的語言。如此可改善載入第一項源的查閱效能,且可減少您的工作集。 + The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. Mark assemblies with NeutralResourcesLanguageAttribute - 將組件標記為 NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute Mark assemblies with NeutralResourcesLanguageAttribute - 將組件標記為 NeutralResourcesLanguageAttribute + Mark assemblies with NeutralResourcesLanguageAttribute The Boolean data type has multiple representations in unmanaged code. - 布林值資料類型在非受控的程式碼中有多種表示法。 + The Boolean data type has multiple representations in unmanaged code. Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - 將 MarshalAsAttribute 新增至 P/Invoke {1} 的參數 {0}。若相對應的非受控參數為 4 位元組的 Win32 'BOOL',請使用 [MarshalAs(UnmanagedType.Bool)]。若為 1 位元組的 C++ 'bool',請使用 MarshalAs(UnmanagedType.U1)。 + Add the MarshalAsAttribute to parameter {0} of P/Invoke {1}. If the corresponding unmanaged parameter is a 4-byte Win32 'BOOL', use [MarshalAs(UnmanagedType.Bool)]. For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). - 將 MarshalAsAttribute 新增至 P/Invoke {0} 的傳回型別。若相對應的非受控傳回型別為 4 位元組的 Win32 'BOOL',請使用 MarshalAs(UnmanagedType.Bool)。若為 1 位元組的 C++ 'bool',請使用 MarshalAs(UnmanagedType.U1)。 + Add the MarshalAsAttribute to the return type of P/Invoke {0}. If the corresponding unmanaged return type is a 4-byte Win32 'BOOL', use MarshalAs(UnmanagedType.Bool). For a 1-byte C++ 'bool', use MarshalAs(UnmanagedType.U1). Mark boolean PInvoke arguments with MarshalAs - 將布林值 PInvoke 引數標記為 MarshalAs + Mark boolean PInvoke arguments with MarshalAs To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. - 若要通用語言執行階段將其辨識為可序列化,即使類型透過實作 ISerializable 介面使用自訂序列化常式,也必須使用 SerializableAttribute 屬性來標示類型。 + To be recognized by the common language runtime as serializable, types must be marked by using the SerializableAttribute attribute even when the type uses a custom serialization routine through implementation of the ISerializable interface. Add [Serializable] to {0} as this type implements ISerializable - 將 [Serializable] 新增至 {0},因為這個類型會實作 ISerializable + Add [Serializable] to {0} as this type implements ISerializable Mark ISerializable types with serializable - 將 ISerializable 類型標示為可序列化 + Mark ISerializable types with serializable Ensure HttpClient certificate revocation list check is not disabled - 確認未停用 HttpClient 憑證撤銷清單檢查 + Ensure HttpClient certificate revocation list check is not disabled HttpClient may be created without enabling CheckCertificateRevocationList - 可在不啟用 CheckCertificateRevocationList 的情況下建立 HttpClient + HttpClient may be created without enabling CheckCertificateRevocationList Ensure Certificates Are Not Added To Root Store - 請確認憑證不會新增至根存放區 + Ensure Certificates Are Not Added To Root Store Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. - 將憑證新增至作業系統的受信任根憑證並不安全。請確認目標存放區並非根存放區。 + Adding certificates to the operating system's trusted root certificates is insecure. Ensure that the target store is not root store. Use CreateEncryptor with the default IV - 使用具有預設 IV 的 CreateEncryptor + Use CreateEncryptor with the default IV The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. - 加密中使用了可能可以重複的非預設初始化向量。請務必使用預設值。 + The non-default initialization vector, which can be potentially repeatable, is used in the encryption. Ensure use the default one. Ensure Use Secure Cookies In ASP.NET Core - 請確認在 ASP.Net Core 中使用安全 Cookie + Ensure Use Secure Cookies In ASP.NET Core Ensure that CookieOptions.Secure = true when setting a cookie - 請確認設定 Cookie 時,CookieOptions.Secure = true + Ensure that CookieOptions.Secure = true when setting a cookie Ensure Sufficient Iteration Count When Using Weak Key Derivation Function - 使用弱式金鑰衍生函數 (Key Derivation Function) 時,請確保反覆項目計量足夠 + Ensure Sufficient Iteration Count When Using Weak Key Derivation Function Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 - 當從密碼衍生密碼編譯金鑰時,請確保反覆項目計數至少為 {0}。根據預設,Rfc2898DeriveByte 的 IterationCount 只有 1000 + Ensure that the iteration count is at least {0} when deriving a cryptographic key from a password. By default, Rfc2898DeriveByte's IterationCount is only 1000 Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. - 因為實作 'IDynamicInterfaceCastable' 的類型不會在中繼資料中實作動態介面,所以呼叫在此類型不是明確實作的執行個體介面成員,在執行階段可能會失敗。請標示新的介面成員 'static' 以避免執行階段錯誤。 + Since a type that implements 'IDynamicInterfaceCastable' may not implement a dynamic interface in metadata, calls to an instance interface member that is not an explicit implementation defined on this type are likely to fail at runtime. Mark new interface members 'static' to avoid runtime errors. The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied - '{1}' 類型的 '{0}' 成員應該標記為 'static',因為 '{1}' 已套用 'DynamicInterfaceImplementationAttribute' + The '{0}' member on the '{1}' type should be marked 'static' as '{1}' has the 'DynamicInterfaceImplementationAttribute' applied Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' - 在有 'DynamicInterfaceCastableImplementationAttribute' 介面上定義的成員應為 'static' + Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' 會傳回預覽類型 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' 會傳回預覽類型 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + {3} '{0}' returns the preview type '{1}' and therefore needs to opt into preview features. See {2} for more information. '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' 接受類型 '{1}' 的預覽參數,因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' 接受類型 '{1}' 的預覽參數,因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + {3} '{0}' takes in a preview parameter of type '{1}' and needs to opt into preview features. See {2} for more information. This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. - 即使停用執行階段封送處理,此方法也會使用執行階段封送處理,這可能會在執行階段造成未預期的行為差異,因為對類型原生配置有不同的期望。 + This method uses runtime marshalling even when runtime marshalling is disabled, which can cause unexpected behavior differences at runtime due to different expectations of a type's native layout. '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. - 即使已套用 'DisableRuntimeMarshallingAttribute','{0}' 也會使用執行階段封送處理。直接使用 'sizeof' 和指標等功能,以確保結果正確。 + '{0}' uses runtime marshalling even when 'DisableRuntimeMarshallingAttribute' is applied. Use features like 'sizeof' and pointers directly to ensure accurate results. This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied - 即使已套用 'DisableRuntimeMarshallingAttribute',此方法也會使用執行階段封送處理 + This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied Miss HttpVerb attribute for action methods - 缺少動作方法的 HttpVerb 屬性 + Miss HttpVerb attribute for action methods All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. - 建立、編輯、刪除或修改資料的所有方法,都會在方法的 [HttpPost] 多載中進行,其需要由反偽造屬性保護免受偽造要求侵害。執行 GET 作業是安全的操作,沒有任何副作用且不會修改保存的資料。 + All the methods that create, edit, delete, or otherwise modify data do so in the [HttpPost] overload of the method, which needs to be protected with the anti forgery attribute from request forgery. Performing a GET operation should be a safe operation that has no side effects and doesn't modify your persisted data. Action method {0} needs to specify the HTTP request kind explicitly - Action 方法 {0} 必須明確地指定 HTTP 要求種類 + Action method {0} needs to specify the HTTP request kind explicitly Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. - 模組初始設定式供應用程式程式碼使用,以確保應用程式程式碼開始執行前先初始化應用程式的元件。如果程式庫程式碼宣告擁有 'ModuleInitializerAttribute' 的方法,它可能會干擾應用程式初始化,而且也會導致該應用程式的截斷功能遭到限制。不使用標示為 'ModuleInitializerAttribute' 的方法,程式庫應該公開可用於初始化程式庫內任何元件的方法,並允許應用程式在應用程式初始化期間叫用方法。 + Module initializers are intended to be used by application code to ensure an application's components are initialized before the application code begins executing. If library code declares a method with the 'ModuleInitializerAttribute', it can interfere with application initialization and also lead to limitations in that application's trimming abilities. Instead of using methods marked with 'ModuleInitializerAttribute', the library should expose methods that can be used to initialize any components within the library and allow the application to invoke the method during application initialization. The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios - 'ModuleInitializer' 屬性只適用於應用程式程式碼或進階原始檔產生器案例中 + The 'ModuleInitializer' attribute is only intended to be used in application code or advanced source generator scenarios The 'ModuleInitializer' attribute should not be used in libraries - 程式庫中不應使用 'ModuleInitializer' 屬性 + The 'ModuleInitializer' attribute should not be used in libraries The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 將未受信任的資料還原序列化時,若沒有使用 SerializationBinder 來限制已還原序列化物件圖中的物件類型,方法 '{0}' 就不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Ensure NetDataContractSerializer.Binder is set before deserializing - 還原序列化之前,請務必先設定 NetDataContractSerializer.Binder + Ensure NetDataContractSerializer.Binder is set before deserializing The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. - 將未受信任的資料還原序列化時,若沒有使用 SerializationBinder 來限制已還原序列化物件圖中的物件類型,方法 '{0}' 就不安全。 + The method '{0}' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph. Do not deserialize without first setting NetDataContractSerializer.Binder - 未先設定 NetDataContractSerializer.Binder 之前,請勿還原序列化 + Do not deserialize without first setting NetDataContractSerializer.Binder The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. - 將不受信任的資料還原序列化時,方法 '{0}' 不安全。如果您需要改為偵測 NetDataContractSerializer 還原序列化,而不想要設定 SerializationBinder,則請停用規則 CA2310,並啟用規則 CA2311 和 CA2312。 + The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect NetDataContractSerializer deserialization without a SerializationBinder set, then disable rule CA2310, and enable rules CA2311 and CA2312. The method '{0}' is insecure when deserializing untrusted data. - 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer NetDataContractSerializer - 請勿使用不安全的還原序列化程式 NetDataContractSerializer + Do not use insecure deserializer NetDataContractSerializer Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. - 字串應標準化為大寫。如果有一小組的字元轉換為小寫,這些字元就無法再轉換回來。進行來回行程即表示會將字元從某個地區設定轉換成其他地區設定 (以不同的方式呈現字元資料),然後精確地擷取來自轉換字元的原始字元。 + Strings should be normalized to uppercase. A small group of characters cannot make a round trip when they are converted to lowercase. To make a round trip means to convert the characters from one locale to another locale that represents character data differently, and then to accurately retrieve the original characters from the converted characters. In method '{0}', replace the call to '{1}' with '{2}' - 在方法 '{0}' 中,以 '{2}' 取代對 '{1}' 的呼叫 + In method '{0}', replace the call to '{1}' with '{2}' Normalize strings to uppercase - 將字串標準化為大寫 + Normalize strings to uppercase The method '{0}' is insecure when deserializing untrusted data. - 將不受信任的資料還原序列化時,方法 '{0}' 不安全。 + The method '{0}' is insecure when deserializing untrusted data. Do not use insecure deserializer ObjectStateFormatter - 請勿使用不安全的還原序列化程式 ObjectStateFormatter + Do not use insecure deserializer ObjectStateFormatter '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - '{0}' 會覆寫預覽方法 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. - {3} '{0}' 會覆寫預覽方法 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + {3} '{0}' overrides the preview method '{1}' and therefore needs to opt into preview features. See {2} for more information. A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. - 公用類型中的公用方法或受保護方法,具有 System.Runtime.InteropServices.DllImportAttribute 屬性 (也由 Visual Basic 中的 Declare 關鍵字實作)。這類方法不應公開。 + A public or protected method in a public type has the System.Runtime.InteropServices.DllImportAttribute attribute (also implemented by the Declare keyword in Visual Basic). Such methods should not be exposed. P/Invoke method '{0}' should not be visible - 不應看得見 P/Invokes 方法 '{0}' + P/Invoke method '{0}' should not be visible P/Invokes should not be visible - 不應看得見 P/Invoke + P/Invokes should not be visible ({0}) - ({0}) + ({0}) and all other platforms - 及所有其他平台 + and all other platforms This call site is reachable on: 'windows' 10.0.2000 and later, and all other platforms '{0}' all versions - '{0}' 所有版本 + '{0}' all versions This call site is reachable on: 'Windows' all versions. Using platform dependent API on a component makes the code no longer work across all platforms. - 在元件上使用相依於平台的 API,會使程式碼無法繼續在所有平台上運作。 + Using platform dependent API on a component makes the code no longer work across all platforms. '{0}' from version {1} to {2} - '{0}' 從 {1} 至 {2} 的版本 + '{0}' from version {1} to {2} 'SupportedOnWindows1903UnsupportedOn2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. - 可在所有平台上連線到此呼叫網站。'{0}' 已在 {1} 上淘汰。 + This call site is reachable on all platforms. '{0}' is obsoleted on: {1}. This call site is reachable on all platforms. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. - 可在 {2} 上連線到此呼叫網站。'{0}' 已在 {1} 上淘汰。 + This call site is reachable on: {2}. '{0}' is obsoleted on: {1}. This call site is reachable on 'macos', 'linux'. 'OboletedOnMacOS()' is obsoleted on: 'macos'. This call site is reachable on all platforms. '{0}' is only supported on: {1}. - 可在所有平台上連線到此呼叫網站。只有 {1} 支援 '{0}'。 + This call site is reachable on all platforms. '{0}' is only supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindowsAndBrowser()' is only supported on: 'windows', 'browser' . This call site is reachable on: {2}. '{0}' is only supported on: {1}. - 可在 {2} 上連線到此呼叫網站。只有 {1} 支援 '{0}'。 + This call site is reachable on: {2}. '{0}' is only supported on: {1}. This call site is reachable on: 'windows' all versions.'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before This call site is unreachable on: {2}. '{0}' is only supported on: {1}. - 無法在下列位置連線到此呼叫網站: {2}。只有 {1} 支援 '{0}'。 + This call site is unreachable on: {2}. '{0}' is only supported on: {1}. This call site is unreachable on: 'browser'. 'SupportedOnWindowsAndBrowser()' is only supported on: 'browser', 'windows'. This call site is reachable on all platforms. '{0}' is supported on: {1}. - 可在所有平台上連線到此呼叫網站。{1} 支援 '{0}'。 + This call site is reachable on all platforms. '{0}' is supported on: {1}. This call site is reachable on all platforms. 'SupportedOnWindows1903UnsupportedFrom2004()' is supported on: 'windows' from version 10.0.1903 to 10.0.2004. This call site is reachable on: {2}. '{0}' is supported on: {1}. - 可在 {2} 上連線到此呼叫網站。{1} 支援 '{0}'。 + This call site is reachable on: {2}. '{0}' is supported on: {1}. This call site is reachable on: 'windows' 10.0.2000 and before. 'UnsupportedOnWindowsSupportedOn1903()' is supported on: 'windows' 10.0.1903 and later. Validate platform compatibility - 驗證平台相容性 + Validate platform compatibility This call site is reachable on all platforms. '{0}' is unsupported on: {1}. - 可在所有平台上連線到此呼叫網站。{1} 不支援 '{0}'。 + This call site is reachable on all platforms. '{0}' is unsupported on: {1}. This call site is reachable on all platforms. 'UnsupportedOnWindows()' is unsupported on: 'windows' This call site is reachable on: {2}. '{0}' is unsupported on: {1}. - 可在 {2} 上連線到此呼叫網站。{1} 不支援 '{0}'。 + This call site is reachable on: {2}. '{0}' is unsupported on: {1}. This call site is reachable on: 'windows', 'browser'. 'UnsupportedOnBrowser()' is unsupported on: 'browser'. '{0}' {1} and before - '{0}' {1} 及之前的版本 + '{0}' {1} and before 'SupportedOnWindowsUnsupportedFromWindows2004()' is only supported on: 'windows' 10.0.2004 and before. '{0}' {1} and later - '{0}' {1} 及之後的版本 + '{0}' {1} and later 'SupportedOnWindows10()' is only supported on: 'windows' 10.0 and later. Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. - 檢閱會處理未受信任之還原序列化資料的程式碼,以處理未預期的參考迴圈。未預期的參考迴圈不應導致程式碼進入無限迴圈,否則,未預期的參考週期可能讓攻擊者得以 DOS,或在將未受信任的資料還原序列化時耗盡處理序的記憶體。 + Review code that processes untrusted deserialized data for handling of unexpected reference cycles. An unexpected reference cycle should not cause the code to enter an infinite loop. Otherwise, an unexpected reference cycle can allow an attacker to DOS or exhaust the memory of the process when deserializing untrusted data. {0} participates in a potential reference cycle - {0} 參與了可能的參照循環 + {0} participates in a potential reference cycle Potential reference cycle in deserialized object graph - 還原序列化物件圖中的潛在參考迴圈 + Potential reference cycle in deserialized object graph Replace 'Substring' with 'AsSpan' - 請以 'AsSpan' 取代 'Substring' + Replace 'Substring' with 'AsSpan' 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. - 'AsSpan' 比 'Substring' 更有效率。'Substring' 會執行 O(n) 字串複製,而 'AsSpan' 不會且有固定成本。 + 'AsSpan' is more efficient then 'Substring'. 'Substring' performs an O(n) string copy, while 'AsSpan' does not and has a constant cost. Prefer 'AsSpan' over 'Substring' when span-based overloads are available - 當範圍型的多載可用時,建議使用 'AsSpan' 而不是 'Substring' + Prefer 'AsSpan' over 'Substring' when span-based overloads are available Prefer 'AsSpan' over 'Substring' - 建議使用 'AsSpan' 而不是 'Substring' + Prefer 'AsSpan' over 'Substring' + + + + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. + + + + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string + + + + Consider using 'StringBuilder.Append(char)' when applicable + Consider using 'StringBuilder.Append(char)' when applicable Use 'Count' check instead of 'Any()' - 使用 'Count' 檢查而非 'Any()' + Use 'Count' check instead of 'Any()' Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance - 為了清楚明瞭和為了提升效能,偏好比較 'Count' 與 0,而不是使用 'Any()' + Prefer comparing 'Count' to 0 rather than using 'Any()', both for clarity and for performance Use 'ContainsKey' - 請使用 'ContainsKey' + Use 'ContainsKey' 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. - 'ContainsKey' 通常為 O(1),但在某些情況下,'Keys.Contains' 可能為 O(n)。此外,許多字典實作會延遲初始化 Keys 集合以縮減配置。 + 'ContainsKey' is usually O(1), while 'Keys.Contains' may be O(n) in some cases. Additionally, many dictionary implementations lazily initialize the Keys collection to cut back on allocations. Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' - 字典類型 '{0}' 建議使用 'ContainsKey' 而不是 'Keys.Contains' + Prefer 'ContainsKey' over 'Keys.Contains' for dictionary type '{0}' Prefer Dictionary.Contains methods - 建議使用 Dictionary.Contains 方法 + Prefer Dictionary.Contains methods Use 'ContainsValue' - 請使用 'ContainsValue' + Use 'ContainsValue' Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. - 許多字典實作會延遲初始化 Values 集合。為避免不必要的配置,建議使用 'ContainsValue' 而不是 'Values.Contains'。 + Many dictionary implementations lazily initialize the Values collection. To avoid unnecessary allocations, prefer 'ContainsValue' over 'Values.Contains'. Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' - 字典類型 '{0}' 建議使用 'ContainsValue' 而不是 'Values.Contains' + Prefer 'ContainsValue' over 'Values.Contains' for dictionary type '{0}' + + + + Use 'TryGetValue(TKey, out TValue)' + Use 'TryGetValue(TKey, out TValue)' + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. + + + + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup + + + + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method + Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method Replace with 'HashData' method - 以 'HashData' 方法取代 + Replace with 'HashData' method It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. - 使用靜態 'HashData' 方法比建立和管理 HashAlgorithm 執行個體來呼叫 'ComputeHash' 更有效率。 + It is more efficient to use the static 'HashData' method over creating and managing a HashAlgorithm instance to call 'ComputeHash'. Prefer static '{0}.HashData' method over 'ComputeHash' - 偏好靜態 '{0}.HashData' 方法而非 'ComputeHash' + Prefer static '{0}.HashData' method over 'ComputeHash' Prefer static 'HashData' method over 'ComputeHash' - 偏好靜態 'HashData' 方法而非 'ComputeHash' + Prefer static 'HashData' method over 'ComputeHash' Use 'IsEmpty' check instead of 'Any()' - 使用 'IsEmpty' 檢查,而不是 'Any()' + Use 'IsEmpty' check instead of 'Any()' Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance - 為了清楚明瞭和為了提升效能,偏好 'IsEmpty' 檢查,而不是使用 'Any()' + Prefer an 'IsEmpty' check rather than using 'Any()', both for clarity and for performance + + + + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. + + + + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + Prefer 'IsEmpty' over 'Count' to determine whether the object is empty + + + + Prefer IsEmpty over Count + Prefer IsEmpty over Count Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. - 偏好使用 'IsEmpty'、'Count' 或 'Length' 屬性 (以可用者為准),而不是呼叫 'Enumerable.Any()'。意圖更清楚,而且比使用 'Enumerable.Any()' 擴充方法更具效能。 + Prefer using 'IsEmpty', 'Count' or 'Length' properties whichever available, rather than calling 'Enumerable.Any()'. The intent is clearer and it is more performant than using 'Enumerable.Any()' extension method. Avoid using 'Enumerable.Any()' extension method - 避免使用 'Enumerable.Any()' 擴充方法 + Avoid using 'Enumerable.Any()' extension method Use 'Length' check instead of 'Any()' - 使用 'Length' 檢查而非 'Any()' + Use 'Length' check instead of 'Any()' Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance - 為了清楚明瞭和為了提升效能,偏好比較 'Length' 與 0,而不是使用 'Any()' + Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. - 'Stream' 具有採用 'Memory<Byte>' 作為第一個引數的 'ReadAsync' 多載,以及採用 'ReadOnlyMemory<Byte>' 作為第一個引數的 'WriteAsync' 多載。建議呼叫採用記憶體的多載,較有效率。 - - - - For determining whether the object contains or not any items, prefer using 'IsEmpty' property rather than retrieving the number of items from the 'Count' property and comparing it to 0 or 1. - 若要判斷物件是否包含項目,建議使用 'IsEmpty' 屬性,而不要從 'Count' 屬性中擷取項目數來與 0 或 1 比較。 - - - - Prefer 'IsEmpty' over 'Count' to determine whether the object is empty - 若要判斷物件是否為空,建議使用 'IsEmpty',而不要使用 'Count' - - - - Prefer IsEmpty over Count - 建議使用 IsEmpty,而不要使用 Count + 'Stream' has a 'ReadAsync' overload that takes a 'Memory<Byte>' as the first argument, and a 'WriteAsync' overload that takes a 'ReadOnlyMemory<Byte>' as the first argument. Prefer calling the memory based overloads, which are more efficient. Change the '{0}' method call to use the '{1}' overload - 將 '{0}' 方法呼叫變更為使用 '{1}' 多載 + Change the '{0}' method call to use the '{1}' overload Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' - 建議針對 'ReadAsync' 和 'WriteAsync' 使用採用 'Memory' 的多載 + Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' Replace with 'string.Contains' - 以 'string.Contains' 取代 + Replace with 'string.Contains' Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. - 呼叫 'String.IndexOf' 的結果,將用於確認有無子字串可由 'String.Contains' 取代。 + Calls to 'string.IndexOf' where the result is used to check for the presence/absence of a substring can be replaced by 'string.Contains'. Use 'string.Contains' instead of 'string.IndexOf' to improve readability - 使用 'String.Contains',而不要使用 'String.IndexOf',以提高可讀性 + Use 'string.Contains' instead of 'string.IndexOf' to improve readability Consider using 'string.Contains' instead of 'string.IndexOf' - 請考慮使用 'String.Contains',而不要使用 'String.IndexOf' + Consider using 'string.Contains' instead of 'string.IndexOf' StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. - StringBuilder.Append 與 StringBuilder.Insert 可為 System.String 以外的多種類型提供多載。建議盡可能使用強型別多載,而非 ToString() 與字串式多載。 + StringBuilder.Append and StringBuilder.Insert provide overloads for multiple types beyond System.String. When possible, prefer the strongly-typed overloads over using ToString() and the string-based overload. Remove the ToString call in order to use a strongly-typed StringBuilder overload - 移除 ToString 呼叫,以使用強型別 StringBuilder 多載 + Remove the ToString call in order to use a strongly-typed StringBuilder overload Remove the ToString call - 移除 ToString 呼叫 + Remove the ToString call Prefer strongly-typed Append and Insert method overloads on StringBuilder - 建議在 StringBuilder 上使用強型別 Append 及 Insert 方法多載 - - - - 'StringBuilder.Append(char)' is more efficient than 'StringBuilder.Append(string)' when the string is a single character. When calling 'Append' with a constant, prefer using a constant char rather than a constant string containing one character. - 當字串是單一字元時,'StringBuilder.Append(char)' 比 'StringBuilder.Append(string)' 更有效率。當以常數呼叫 'Append' 時,建議使用常數字元,而不要使用包含一個字元的常數字串。 - - - - Use 'StringBuilder.Append(char)' instead of 'StringBuilder.Append(string)' when the input is a constant unit string - 當輸入為常數單元字串時,請使用 'StringBuilder.Append(char)',而非 'StringBuilder.Append(string)' - - - - Consider using 'StringBuilder.Append(char)' when applicable - 請在適當時考慮使用 'StringBuilder.Append(char)' + Prefer strongly-typed Append and Insert method overloads on StringBuilder Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. - 從 .NET 7 開始,在未選取的內容中溢位時將不會明確轉換 '{0}'。使用 'checked' 陳述式包裝運算式,以還原 .NET 6 行為。 + Starting with .NET 7 the explicit conversion '{0}' will not throw when overflowing in an unchecked context. Wrap the expression with a 'checked' statement to restore the .NET 6 behavior. Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - 從 .NET 7 開始,在已選取的內容中溢位時將會明確轉換 '{0}'。使用 'unchecked' 陳述式包裝運算式,以還原 .NET 6 行為。 + Starting with .NET 7 the explicit conversion '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. - 在 .NET 7 中新增的某些內建運算子在溢位時的行為不同於 .NET 6 和較舊版本中對應的使用者定義運算子。某些先前擲回未核取內容的運算子現在不會擲回,除非包裝在核取的內容中。此外,某些先前未擲回核取內容的運算子現在會擲回,除非包裝在未選取的內容中。 + Some built-in operators added in .NET 7 behave differently when overflowing than did the corresponding user-defined operators in .NET 6 and earlier versions. Some operators that previously threw in an unchecked context now don't throw unless wrapped within a checked context. Also, some operators that did not previously throw in a checked context now throw unless wrapped in an unchecked context. Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. - 從 .NET 7 開始,在已選取的內容中溢位時將會擲回運算子 '{0}'。使用 'unchecked' 陳述式包裝運算式,以還原 .NET 6 行為。 + Starting with .NET 7 the operator '{0}' will throw when overflowing in a checked context. Wrap the expression with an 'unchecked' statement to restore the .NET 6 behavior. Prevent behavioral change - 防止行為變更 + Prevent behavioral change 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. - 'Enum.HasFlag' 方法需要 'Enum' 引數的類型,與叫用方法之執行個體的類型相同,且此 'enum' 必須標記 'System.FlagsAttribute'。若兩者的 'Enum' 類型不同,將會在執行階段擲回未處理的例外狀況。若 'Enum' 類型未標記 'System.FlagsAttribute',則此呼叫在執行階段時一律會傳回 'False'。 + 'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime. The argument type, '{0}', must be the same as the enum type '{1}' - 引數類型 '{0}' 與列舉類型 '{1}' 必須相同 + The argument type, '{0}', must be the same as the enum type '{1}' Provide correct 'enum' argument to 'Enum.HasFlag' - 為 'Enum.HasFlag' 提供正確的 'Enum' 引數 + Provide correct 'enum' argument to 'Enum.HasFlag' The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. - 傳遞給 System.String.Format 的格式化引數,並未包含與每個物件引數相對應的格式項目,反之亦然。 + The format argument that is passed to System.String.Format does not contain a format item that corresponds to each object argument, or vice versa. Provide correct arguments to formatting methods - 為格式化方法提供正確的引數 + Provide correct arguments to formatting methods Provide correct arguments to formatting methods - 為格式化方法提供正確的引數 + Provide correct arguments to formatting methods A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. - 類型的欄位已使用 System.Runtime.Serialization.OptionalFieldAttribute 屬性進行標記,但該類型不提供還原序列化事件處理方法。 + A type has a field that is marked by using the System.Runtime.Serialization.OptionalFieldAttribute attribute, and the type does not provide deserialization event handling methods. Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute - 將 'private void OnDeserialized(StreamingContext)' 方法加入類型 {0},並為其加上 System.Runtime.Serialization.OnDeserializedAttribute 屬性 + Add a 'private void OnDeserialized(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializedAttribute Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute - 將 'private void OnDeserializing(StreamingContext)' 方法加入型別 {0},並為其加上 System.Runtime.Serialization.OnDeserializingAttribute 屬性 + Add a 'private void OnDeserializing(StreamingContext)' method to type {0} and attribute it with the System.Runtime.Serialization.OnDeserializingAttribute Provide deserialization methods for optional fields - 必須為選擇性欄位提供還原序列化方法 + Provide deserialization methods for optional fields Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. - 提供一種無參數的建構函式,與衍生自 'System.Runtime.InteropServices.SafeHandle' 之類型的包含類型一樣可見,使用原始檔產生的 interop 解決方案可提高效能及使用量。 + Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions. Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' - 提供一種無參數的建構函式,與衍生自 'System.Runtime.InteropServices.SafeHandle' 之 '{0}' 類型的包含類型一樣可見 + Provide a parameterless constructor that is as visible as the containing type for the '{0}' type that is derived from 'System.Runtime.InteropServices.SafeHandle' Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' - 提供一種無參數的建構函式,與衍生自 'System.Runtime.InteropServices.SafeHandle' 之具體類型的包含類型一樣可見 + Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. - 若要提升效能,請在加入子類別 'Stream' 時,覆寫記憶體型的非同步方法,然後以記憶體型方法的方式實作陣列型的方法。 + To improve performance, override the memory-based async methods when subclassing 'Stream'. Then implement the array-based methods in terms of the memory-based methods. '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. - '{0}' 會覆寫陣列型的 '{1}',但不會覆寫記憶體型的 '{2}'。請考慮覆寫記憶體型的 '{2}' 以提升效能。 + '{0}' overrides array-based '{1}' but does not override memory-based '{2}'. Consider overriding memory-based '{2}' to improve performance. 0 = type that subclasses Stream directly, 1 = array-based method, 2 = memory-based method Provide memory-based overrides of async methods when subclassing 'Stream' - 加入子類別 'Stream' 時,提供非同步方法的記憶體型覆寫 + Provide memory-based overrides of async methods when subclassing 'Stream' + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + + + + Prefer using 'StringComparer' to perform a case-insensitive comparison + Prefer using 'StringComparer' to perform a case-insensitive comparison + + + + Use the 'string.{0}(string, StringComparison)' overload + Use the 'string.{0}(string, StringComparison)' overload + + + + Prefer using 'StringComparer' to perform case-insensitive string comparisons + Prefer using 'StringComparer' to perform case-insensitive string comparisons + + + + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons because they lead to an allocation. Instead, prefer calling the method overloads of 'Contains', 'IndexOf' and 'StartsWith' that take a 'StringComparison' enum value to perform case-insensitive comparisons. + + + + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + Prefer the string comparison method overload of '{0}' that takes a 'StringComparison' enum value to perform a case-insensitive comparison + + + + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons + Prefer the 'StringComparison' method overloads to perform case-insensitive string comparisons Remove redundant call - 移除冗餘的呼叫 + Remove redundant call Remove unnecessary call - 移除不必要的呼叫 + Remove unnecessary call Replace string literal with char literal - 以字元常值取代字串常值 + Replace string literal with char literal Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入 DLL 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential DLL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for DLL injection vulnerabilities - 檢閱程式碼以了解是否有 DLL 插入弱點 + Review code for DLL injection vulnerabilities Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入檔案路徑弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential file path injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for file path injection vulnerabilities - 檢閱程式碼以了解是否有插入檔案路徑弱點 + Review code for file path injection vulnerabilities Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. - 發現潛在的資訊洩漏弱點,方法 '{1}' 中的 '{0}' 可能包含來自方法 '{3}' 中 '{2}' 誤用的資訊 + Potential information disclosure vulnerability was found where '{0}' in method '{1}' may contain unintended information from '{2}' in method '{3}'. Review code for information disclosure vulnerabilities - 檢閱程式碼以了解是否有資訊洩漏弱點 + Review code for information disclosure vulnerabilities Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入 LDAP 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential LDAP injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for LDAP injection vulnerabilities - 檢閱程式碼以了解是否有插入 LDAP 弱點 + Review code for LDAP injection vulnerabilities Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的開啟重新導向弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential open redirect vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for open redirect vulnerabilities - 檢閱程式碼以了解是否有開啟重新導向弱點 + Review code for open redirect vulnerabilities Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入處理序命令弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential process command injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for process command injection vulnerabilities - 檢閱程式碼以了解是否有插入處理序命令弱點 + Review code for process command injection vulnerabilities Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入 regex 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential regex injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for regex injection vulnerabilities - 檢閱程式碼以了解是否有插入 regex 弱點 + Review code for regex injection vulnerabilities Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入 SQL 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential SQL injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for SQL injection vulnerabilities - 檢閱程式碼以了解是否有插入 SQL 弱點 + Review code for SQL injection vulnerabilities + + + + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. + + + + Review code for XPath injection vulnerabilities + Review code for XPath injection vulnerabilities Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入 XAML 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential XAML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XAML injection vulnerabilities - 檢閱程式碼以了解是否有插入 XAML 弱點 + Review code for XAML injection vulnerabilities Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入 XML 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential XML injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XML injection vulnerabilities - 檢閱程式碼以了解是否有插入 XML 弱點 - - - - Potential XPath injection vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的插入 XPath 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 - - - - Review code for XPath injection vulnerabilities - 檢閱程式碼以了解是否有插入 XPath 弱點 + Review code for XML injection vulnerabilities Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. - 發現潛在的跨網站指令碼 (XSS) 弱點,方法 '{1}' 中的 '{0}' 可能被來自方法 '{3}' 中 '{2}' 由使用者控制的資料所感染。 + Potential cross-site scripting (XSS) vulnerability was found where '{0}' in method '{1}' may be tainted by user-controlled data from '{2}' in method '{3}'. Review code for XSS vulnerabilities - 檢閱程式碼以了解是否有 XSS 弱點 + Review code for XSS vulnerabilities SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. - 直接利用使用者輸入的 SQL 查詢,有可能會受到插入 SQL 的攻擊。請檢閱此 SQL 查詢是否有潛在的弱點,並請考慮使用參數化的 SQL 查詢。 + SQL queries that directly use user input can be vulnerable to SQL injection attacks. Review this SQL query for potential vulnerabilities, and consider using a parameterized SQL query. Review if the query string passed to '{0}' in '{1}', accepts any user input - 檢閱查詢字串是否已傳遞到 '{1}' 中的 '{0}',接受所有使用者輸入 + Review if the query string passed to '{0}' in '{1}', accepts any user input Review SQL queries for security vulnerabilities - 必須檢閱 SQL 查詢中是否有安全性弱點 + Review SQL queries for security vulnerabilities Seal class - 密封類別 + Seal class When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. - 當一個類型無法在其組建外部進行存取,且其包含元件內沒有子類型時,可以安全地密封該類型。密封類型可以改善效能。 + When a type is not accessible outside its assembly and has no subtypes within its containing assembly, it can be safely sealed. Sealing types can improve performance. Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible - 類型 '{0}' 可以被密封,因為它包含的組建中沒有任何子類型,而且無法從外部所見 + Type '{0}' can be sealed because it has no subtypes in its containing assembly and is not externally visible Seal internal types - 密封內部類型 + Seal internal types Set HttpOnly to true for HttpCookie - 針對 HttpCookie 將 HttpOnly 設為 true + Set HttpOnly to true for HttpCookie As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. - 請確保安全性敏感性 HTTP Cookie 已標記為 HttpOnly,以防止全面性的測量。這代表 Web 瀏覽器應禁止指令碼存取 Cookie。插入的惡意指令碼是竊取 Cookie 的常見方式。 + As a defense in depth measure, ensure security sensitive HTTP cookies are marked as HttpOnly. This indicates web browsers should disallow scripts from accessing the cookies. Injected malicious scripts are a common way of stealing cookies. HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies - 使用 HttpCookie 時,HttpCookie.HttpOnly 設為 false 或完全未設定。請確保安全性敏感性 Cookie 已標記為 HttpOnly,以避免惡意指令碼竊取 Cookie。 + HttpCookie.HttpOnly is set to false or not set at all when using an HttpCookie. Ensure security sensitive cookies are marked as HttpOnly to prevent malicious scripts from stealing the cookies Set ViewStateUserKey For Classes Derived From Page - 設定頁面衍生類別的 ViewStateUserKey + Set ViewStateUserKey For Classes Derived From Page Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. - 設定 ViewStateUserKey 屬性可藉由讓您能為各個使用者的檢視狀態變數,指派識別碼,使其無法使用變數來產生攻擊,因而有助於避免應用程式受到攻擊。否則,將會出現跨網站偽造要求弱點。 + Setting the ViewStateUserKey property can help you prevent attacks on your application by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. Otherwise, there will be cross-site request forgery vulnerabilities. The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method - 衍生自 System.Web.UI.Page 的 {0} 類別未在 OnInit 方法或 Page_Init 方法中設定 ViewStateUserKey 屬性 + The class {0} derived from System.Web.UI.Page does not set the ViewStateUserKey property in the OnInit method or Page_Init method Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. - 指定文化,以避免意外隱含相依於目前的文化。無論應用程式的文化如何,使用固定版本會產生一致的結果。 + Specify culture to help avoid accidental implicit dependency on current culture. Using an invariant version yields consistent results regardless of the culture of an application. Specify a culture or use an invariant version to avoid implicit dependency on current culture - 指定文化或使用固定版本,以避免目前文化上的隱含相依性 + Specify a culture or use an invariant version to avoid implicit dependency on current culture Specify a culture or use an invariant version - 指定文化或使用固定版本 + Specify a culture or use an invariant version A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. - 方法或建構函式會呼叫其多載接受 System.Globalization.CultureInfo 參數的成員,但方法或建構函式不會呼叫接受 CultureInfo 參數的多載。未提供 CultureInfo 或 System.IFormatProvider 物件時,多載成員提供的預設值可能無法在所有地區設定中呈現您想要的效果。如果要對使用者顯示此結果,請將 'CultureInfo.CurrentCulture' 指定為 'CultureInfo' 參數。否則,若將由軟體儲存結果及進行存取 (例如,要保存到磁碟或資料庫時),請指定 'CultureInfo.InvariantCulture' + A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'CultureInfo' parameter. Otherwise, if the result will be stored and accessed by software, such as when it is persisted to disk or to a database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' 的行為可能會因目前使用者的地區設定而異。以呼叫 '{2}' 來取代 '{1}' 中的此呼叫。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify CultureInfo - 指定 CultureInfo + Specify CultureInfo Specify current culture - 指定目前的文化 + Specify current culture A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. - 方法或建構函式會呼叫一或多個其多載接受 System.IFormatProvider 參數的成員,但方法或建構函式不會呼叫接受 IFormatProvider 參數的多載。未提供 System.Globalization.CultureInfo 或 IFormatProvider 物件時,多載成員提供的預設值可能無法在所有地區設定中呈現您想要的效果。如果結果將取決於輸入來源/對使用者顯示的輸出,請將 'CultureInfo.CurrentCulture' 指定為 'IFormatProvider'。否則,若將由軟體儲存結果及進行存取 (例如,從磁碟/資料庫載入時,以及要保存到磁碟/資料庫時),請指定 'CultureInfo.InvariantCulture'。 + A method or constructor calls one or more members that have overloads that accept a System.IFormatProvider parameter, and the method or constructor does not call the overload that takes the IFormatProvider parameter. When a System.Globalization.CultureInfo or IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. If the result will be based on the input from/output displayed to the user, specify 'CultureInfo.CurrentCulture' as the 'IFormatProvider'. Otherwise, if the result will be stored and accessed by software, such as when it is loaded from disk/database and when it is persisted to disk/database, specify 'CultureInfo.InvariantCulture'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' 的行為可能會因目前使用者的地區設定而異。以呼叫 '{2}' 來取代 '{1}' 中的此呼叫。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' 的行為可能會因目前使用者的地區設定而異。以呼叫 '{2}' 來取代 '{1}' 中的此呼叫。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. - '{0}' 的行為可能會依據目前使用者之地區設定的不同而異。提供 'IFormatProvider' 引數的值。 + The behavior of '{0}' could vary based on the current user's locale settings. Provide a value for the 'IFormatProvider' argument. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' 會將 '{1}' 以 'IFormatProvider' 參數的形式傳遞給 '{2}'。此屬性會傳回不適合格式化方法的文化特性 (Culture)。 + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. - '{0}' 會將 '{1}' 以 'IFormatProvider' 參數的形式傳遞給 '{2}'。此屬性會傳回不適合格式化方法的文化特性 (Culture)。 + '{0}' passes '{1}' as the 'IFormatProvider' parameter to '{2}'. This property returns a culture that is inappropriate for formatting methods. Specify IFormatProvider - 指定 IFormatProvider + Specify IFormatProvider A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. - 平台叫用成員允許部分信任的呼叫端、具有字串參數,且不會明確地封送處理字串。如此可能會造成資訊安全漏洞。 + A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. Specify marshaling for P/Invoke string arguments - 指定 P/Invoke 字串引數的封送處理 + Specify marshaling for P/Invoke string arguments A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 字串比較作業使用不設定 StringComparison 參數的方法多載。建議您使用會採用 StringComparison 參數的多載,使意圖更清楚。若要對使用者顯示此結果 (例如,排序項目清單以顯示於清單方塊中),請將 'StringComparison.CurrentCulture' 或 'StringComparison.CurrentCultureIgnoreCase' 指定為 'StringComparison' 參數。若要比較不區分大小寫的識別碼 (例如檔案路徑、環境變數或登錄機碼與值),請指定 'StringComparison.OrdinalIgnoreCase'。而若要比較區分大小寫的識別碼,請指定 'StringComparison.Ordinal'。 + A string comparison operation uses a method overload that does not set a StringComparison parameter. It is recommended to use the overload with StringComparison parameter for clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. - '{0}' 具有採用 'StringComparison' 參數的方法多載。請以對 '{2}' 的呼叫取代 '{1}' 中的此呼叫,使意圖更清楚。 + '{0}' has a method overload that takes a 'StringComparison' parameter. Replace this call in '{1}' with a call to '{2}' for clarity of intent. Specify StringComparison for clarity - 指定 StringComparison 以提升明確性 + Specify StringComparison for clarity A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. - 字串比較作業使用不設定 StringComparison 參數的方法多載,因此,根據目前使用者的地區設定,其行為可能不同。強烈建議您使用會採用 StringComparison 參數的多載,以提升意圖的正確性及明確性。若要對使用者顯示此結果 (例如,排序項目清單以顯示於清單方塊中),請將 'StringComparison.CurrentCulture' 或 'StringComparison.CurrentCultureIgnoreCase' 指定為 'StringComparison' 參數。若要比較不區分大小寫的識別項碼 (例如檔案路徑、環境變數或登錄機碼與值),請指定 'StringComparison.OrdinalIgnoreCase'。而若要比較區分大小寫的識別碼,請指定 'StringComparison.Ordinal'。 + A string comparison operation uses a method overload that does not set a StringComparison parameter, hence its behavior could vary based on the current user's locale settings. It is strongly recommended to use the overload with StringComparison parameter for correctness and clarity of intent. If the result will be displayed to the user, such as when sorting a list of items for display in a list box, specify 'StringComparison.CurrentCulture' or 'StringComparison.CurrentCultureIgnoreCase' as the 'StringComparison' parameter. If comparing case-insensitive identifiers, such as file paths, environment variables, or registry keys and values, specify 'StringComparison.OrdinalIgnoreCase'. Otherwise, if comparing case-sensitive identifiers, specify 'StringComparison.Ordinal'. The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. - '{0}' 的行為可能會因目前使用者的地區設定而異。以呼叫 '{2}' 來取代 '{1}' 中的此呼叫。 + The behavior of '{0}' could vary based on the current user's locale settings. Replace this call in '{1}' with a call to '{2}'. Specify StringComparison for correctness - 指定 StringComparison 以提升正確性 + Specify StringComparison for correctness Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. - 同時使用 'static' 和 'abstract' 修飾元必須加入預覽功能。如需詳細資訊,請參閱 https://aka.ms/dotnet-warnings/preview-features。 + Using both 'static' and 'abstract' modifiers requires opting into preview features. See https://aka.ms/dotnet-warnings/preview-features for more information. Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. - 使用 String.Length 屬性或 String.IsNullOrEmpty 方法來比較字串的速度,大幅快過於使用 Equals。 + Comparing strings by using the String.Length property or the String.IsNullOrEmpty method is significantly faster than using Equals. Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check - 請使用 'string.Length' 屬性或 'string.IsNullOrEmpty' 方法測試空白字串,而非使用相等檢查 + Test for empty strings using 'string.Length' property or 'string.IsNullOrEmpty' method instead of an Equality check Test for empty strings using string length - 使用字串長度測試空白字串 + Test for empty strings using string length This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. - 此運算式會對 Single.Nan 或 Double.Nan 測試值。使用 Single.IsNan(Single) 或 Double.IsNan(Double) 來測試該值。 + This expression tests a value against Single.Nan or Double.Nan. Use Single.IsNan(Single) or Double.IsNan(Double) to test the value. Test for NaN correctly - 正確地測試 NaN + Test for NaN correctly Test for NaN correctly - 正確地測試 NaN + Test for NaN correctly 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. - 'ThreadStatic' 欄位應該在使用時初始化,而非使用內嵌初始化,也不應該明確初始化在靜態建構函式中,而此建構函式只會初始化執行該類型之靜態建構函式之執行緒上的欄位。 + 'ThreadStatic' fields should be initialized lazily on use, not with inline initialization nor explicitly in a static constructor, which would only initialize the field on the thread that runs the type's static constructor. 'ThreadStatic' fields should not use inline initialization - 'ThreadStatic' 欄位不應該使用內嵌初始化 + 'ThreadStatic' fields should not use inline initialization Improper 'ThreadStatic' field initialization - 不正確的 'ThreadStatic' 欄位初始化 + Improper 'ThreadStatic' field initialization 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. - 'ThreadStatic' 只會影響靜態欄位。套用到執行個體欄位時,不會影響行為。 + 'ThreadStatic' only affects static fields. When applied to instance fields, it has no impact on behavior. Ensure 'ThreadStatic' is only used with static fields - 確保 'ThreadStatic' 只用於靜態欄位 + Ensure 'ThreadStatic' is only used with static fields 'ThreadStatic' only affects static fields - 'ThreadStatic' 只會影響靜態欄位 + 'ThreadStatic' only affects static fields Use ArgumentException throw helper - 使用 ArgumentException 擲回協助程式 + Use ArgumentException throw helper Use ArgumentNullException throw helper - 使用 ArgumentNullException 擲回協助程式 + Use ArgumentNullException throw helper Use ArgumentOutOfRangeException throw helper - 使用 ArgumentOutOfRangeException 擲回協助程式 + Use ArgumentOutOfRangeException throw helper Use Array.Empty - 使用 Array.Empty + Use Array.Empty The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. - 陣列值中以 Range 為基礎的索引子會產生陣列中要求部分的複本。隱含使用此複本作為 Span 或 Memory 值時,通常不需此複本。請使用 AsSpan 方法來避免使用此複本。 + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is often unwanted when it is implicitly used as a Span or Memory value. Use the AsSpan method to avoid the copy. Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies - 在 '{2}' 上使用 '{0}' 代替以 '{1}' 為基礎的索引子,以避免建立不必要的資料複本 + Use '{0}' instead of the '{1}'-based indexer on '{2}' to avoid creating unnecessary data copies Use `{0}` instead of Range-based indexers on a string - 請對字串使用 '{0}',而不要使用範圍索引子 + Use `{0}` instead of Range-based indexers on a string Use `{0}` instead of Range-based indexers on an array - 請對陣列使用 '{0}',而不要使用範圍索引子 + Use `{0}` instead of Range-based indexers on an array Use AsSpan or AsMemory instead of Range-based indexers when appropriate - 在適當情況下使用 AsSpan 或 AsMemory 取代以 Range 為基礎的索引子 + Use AsSpan or AsMemory instead of Range-based indexers when appropriate The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 字串值中以 Range 為基礎的索引子會產生字串中要求部分的複本。隱含使用此複本作為 ReadOnlySpan 或 ReadOnlyMemory 值時,通常不需此複本。請使用 AsSpan 方法來避免使用不必要的複本。 + The Range-based indexer on string values produces a copy of requested portion of the string. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. - 陣列值中以 Range 為基礎的索引子會產生陣列中要求部分的複本。隱含使用此複本作為 ReadOnlySpan 或 ReadOnlyMemory 值時,通常不需此複本。請使用 AsSpan 方法來避免使用不必要的複本。 + The Range-based indexer on array values produces a copy of requested portion of the array. This copy is usually unnecessary when it is implicitly used as a ReadOnlySpan or ReadOnlyMemory value. Use the AsSpan method to avoid the unnecessary copy. When inside a Task-returning method, use the async version of methods, if they exist. - 在 Task-returning 方法內時,請使用方法的非同步版本 (如果存在)。 + When inside a Task-returning method, use the async version of methods, if they exist. {Locked="Task"} '{0}' synchronously blocks. Await '{1}' instead. - '{0}' 會同步封鎖。請改用 Await '{1}'。 + '{0}' synchronously blocks. Await '{1}' instead. '{0}' synchronously blocks. Use await instead. - '{0}' 會同步封鎖。請改用 await。 + '{0}' synchronously blocks. Use await instead. Call async methods when in an async method - 在使用非同步方法時呼叫非同步方法 + Call async methods when in an async method Use antiforgery tokens in ASP.NET Core MVC controllers - 使用 ASP.NET Core MVC 控制器中的 antiforgery 權杖 + Use antiforgery tokens in ASP.NET Core MVC controllers Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. - 在不驗證 antiforgery 權杖的情況下處理 POST、PUT、PATCH 或 DELETE 要求,可能會容易受到跨站台偽造要求攻擊。跨站台偽造要求攻擊可將惡意要求從已驗證的使用者傳送到 ASP.NET Core MVC 控制器。 + Handling a POST, PUT, PATCH, or DELETE request without validating an antiforgery token may be vulnerable to cross-site request forgery attacks. A cross-site request forgery attack can send malicious requests from an authenticated user to your ASP.NET Core MVC controller. Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. - 方法 {0} 會在不驗證 antiforgery 權杖的情況下處理 {1} 要求。您也必須確保 HTML 表單傳送 antiforgery 權杖。 + Method {0} handles a {1} request without performing antiforgery token validation. You also need to ensure that your HTML form sends an antiforgery token. Replace with 'CancellationToken.ThrowIfCancellationRequested' - 請以 'CancellationToken.ThrowIfCancellationRequested' 取代 + Replace with 'CancellationToken.ThrowIfCancellationRequested' 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. - 'ThrowIfCancellationRequested' 會自動檢查是否已取消權杖,如果是,則會擲回 'OperationCanceledException'。 + 'ThrowIfCancellationRequested' automatically checks whether the token has been canceled, and throws an 'OperationCanceledException' if it has. Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' - 請使用 'ThrowIfCancellationRequested',而不是檢查 'IsCancellationRequested' 並擲回 'OperationCanceledException' + Use 'ThrowIfCancellationRequested' instead of checking 'IsCancellationRequested' and throwing 'OperationCanceledException' Use 'ThrowIfCancellationRequested' - 請使用 'ThrowIfCancellationRequested' + Use 'ThrowIfCancellationRequested' Using concrete types avoids virtual or interface call overhead and enables inlining. - 使用具象類型可以避免虛擬或介面呼叫額外負荷,並啟用內嵌。 + Using concrete types avoids virtual or interface call overhead and enables inlining. Change type of field '{0}' from '{1}' to '{2}' for improved performance - 將欄位 '{0}' 的類型從 '{1}' 變更為 '{2}' 以提高效能 + Change type of field '{0}' from '{1}' to '{2}' for improved performance Change type of variable '{0}' from '{1}' to '{2}' for improved performance - 將變數 '{0}' 的類型從 '{1}' 變更為 '{2}' 以提高效能 + Change type of variable '{0}' from '{1}' to '{2}' for improved performance Change return type of method '{0}' from '{1}' to '{2}' for improved performance - 將方法 '{0}' 的傳回型別從 '{1}' 變更為 '{2}' 以提高效能 + Change return type of method '{0}' from '{1}' to '{2}' for improved performance Change type of parameter '{0}' from '{1}' to '{2}' for improved performance - 將參數 '{0}' 的類型從 '{1}' 變更為 '{2}' 以提高效能 + Change type of parameter '{0}' from '{1}' to '{2}' for improved performance Change type of property '{0}' from '{1}' to '{2}' for improved performance - 將屬性 '{0}' 的型別從 '{1}' 變更為 '{2}' 以提高效能 + Change type of property '{0}' from '{1}' to '{2}' for improved performance Use concrete types when possible for improved performance - 盡可能使用具象類型以提高效能 + Use concrete types when possible for improved performance Use Container Level Access Policy - 使用容器層級存取原則 + Use Container Level Access Policy No access policy identifier is specified, making tokens non-revocable. - 因為未指定任何存取原則識別碼,所以使權杖無法撤銷。 + No access policy identifier is specified, making tokens non-revocable. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. - 如果可行的話,請考慮從共用存取簽章 (SAS) 改為使用 Azure 的角色型存取控制。如果您仍需要使用 SAS,請於建立 SAS 時使用容器層級存取原則。 + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, use a container-level access policy when creating a SAS. Use DefaultDllImportSearchPaths attribute for P/Invokes - 針對 P/Invoke 使用 DefaultDllImportSearchPaths 屬性 + Use DefaultDllImportSearchPaths attribute for P/Invokes By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. - 根據預設,使用 DllImportAttribute 的 P/Invoke 會探查許多目錄,包括目前正在運作的目錄以供程式庫載入。這可能成為部分應用程式的安全性問題,導致 DLL 劫持。 + By default, P/Invokes using DllImportAttribute probe a number of directories, including the current working directory for the library to load. This can be a security issue for certain applications, leading to DLL hijacking. The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. - 方法 {0} 未針對 P/Invoke 使用 DefaultDllImportSearchPaths 屬性。 + The method {0} didn't use DefaultDllImportSearchPaths attribute for P/Invokes. Use equivalent code that works when marshalling is disabled - 使用停用封送處理時可運作的對等程式碼 + Use equivalent code that works when marshalling is disabled 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. - 'Environment.CurrentManagedThreadId' 比 'Thread.CurrentThread.ManagedThreadId' 更簡單快速。 + 'Environment.CurrentManagedThreadId' is simpler and faster than 'Thread.CurrentThread.ManagedThreadId'. Use 'Environment.CurrentManagedThreadId' - 請使用 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' - 請使用 'Environment.CurrentManagedThreadId' 而非 'Thread.CurrentThread.ManagedThreadId' + Use 'Environment.CurrentManagedThreadId' instead of 'Thread.CurrentThread.ManagedThreadId' Use 'Environment.CurrentManagedThreadId' - 請使用 'Environment.CurrentManagedThreadId' + Use 'Environment.CurrentManagedThreadId' 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. - 'Environment.ProcessId' 比 'Process.GetCurrentProcess().Id' 更簡單快速。 + 'Environment.ProcessId' is simpler and faster than 'Process.GetCurrentProcess().Id'. Use 'Environment.ProcessId' - 請使用 'Environment.ProcessId' + Use 'Environment.ProcessId' Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' - 請使用 'Environment.ProcessId' 而非 'Process.GetCurrentProcess().Id' + Use 'Environment.ProcessId' instead of 'Process.GetCurrentProcess().Id' Use 'Environment.ProcessId' - 請使用 'Environment.ProcessId' + Use 'Environment.ProcessId' 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. - 'Environment.ProcessPath' 比 'Process.GetCurrentProcess().MainModule.FileName' 更簡單快速。 + 'Environment.ProcessPath' is simpler and faster than 'Process.GetCurrentProcess().MainModule.FileName'. Use 'Environment.ProcessPath' - 請使用 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' - 請使用 'Environment.ProcessPath' 而非 'Process.GetCurrentProcess().MainModule.FileName' + Use 'Environment.ProcessPath' instead of 'Process.GetCurrentProcess().MainModule.FileName' Use 'Environment.ProcessPath' - 請使用 'Environment.ProcessPath' + Use 'Environment.ProcessPath' Use indexer - 使用索引子 + Use indexer Use an invariant version - 使用固定版本 + Use an invariant version An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. - 定義有作業系統叫用方法,且在 .NET Framework 類別庫中具有對等的功能。 + An operating system invoke method is defined and a method that has the equivalent functionality is located in the .NET Framework class library. Use managed equivalents of win32 api - 使用 Win32 API 的受控對等項 + Use managed equivalents of win32 api Use managed equivalents of win32 api - 使用 Win32 API 的受控對等項 + Use managed equivalents of win32 api Use ObjectDisposedException throw helper - 使用 ObjectDisposedException 擲回協助程式 + Use ObjectDisposedException throw helper A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. - 非語言的字串比較作業不會將 StringComparison 參數設為 Ordinal 或 OrdinalIgnoreCase。將參數明確設定為 StringComparison.Ordinal 或 StringComparison.OrdinalIgnoreCase 時,程式碼通常會更快速、精確且更可靠。 + A string comparison operation that is nonlinguistic does not set the StringComparison parameter to either Ordinal or OrdinalIgnoreCase. By explicitly setting the parameter to either StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase, your code often gains speed, becomes more correct, and becomes more reliable. Use ordinal string comparison - 使用序數字串比較 + Use ordinal string comparison Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. - 當長度/計數屬性為直接存取時,Enumerable.Count() 可能會列舉序列。 + Enumerable.Count() potentially enumerates the sequence while a Length/Count property is a direct access. Use the "{0}" property instead of Enumerable.Count() - 使用 "{0}" 屬性而非 Enumerable.Count() + Use the "{0}" property instead of Enumerable.Count() Use Length/Count property instead of Count() when available - 可行時,使用長度/計數屬性而非 Count() + Use Length/Count property instead of Count() when available Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size - 使用有足夠金鑰大小的 Rivest-Shamir-Adleman (RSA) 加密演算法 + Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. - 當使用的金鑰大小太小時,加密演算法易面臨暴力密碼破解攻擊。 + Encryption algorithms are vulnerable to brute force attacks when too small a key size is used. Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. - 非對稱式加密演算法 {0} 的金鑰大小小於 2048。請改為切換成至少有 2048 金鑰大小的 RSA、ECDH 或 ECDSA 演算法。 + Asymmetric encryption algorithm {0}'s key size is less than 2048. Switch to an RSA with at least 2048 key size, ECDH or ECDSA algorithm instead. Applications available over HTTPS must use secure cookies. - 透過 HTTPS 使用的應用程式必須使用安全 Cookie。 + Applications available over HTTPS must use secure cookies. Use SharedAccessProtocol HttpsOnly - 使用 SharedAccessProtocol HttpsOnly + Use SharedAccessProtocol HttpsOnly HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. - HTTPS 會加密網路流量。請使用 HttpsOnly 而非 HttpOrHttps,以確保網路流量一律會經過加密來避免敏感性資料洩漏。 + HTTPS encrypts network traffic. Use HttpsOnly, rather than HttpOrHttps, to ensure network traffic is always encrypted to help prevent disclosure of sensitive data. Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. - 如果可行的話,請考慮從共用存取簽章 (SAS) 改為使用 Azure 的角色型存取控制。如果您仍需要使用 SAS,請指定 SharedAccessProtocol.HttpsOnly。 + Consider using Azure's role-based access control instead of a Shared Access Signature (SAS) if possible. If you still need to use a SAS, specify SharedAccessProtocol.HttpsOnly. + + + + Use 'AsSpan' with 'string.Concat' + Use 'AsSpan' with 'string.Concat' + + + + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. + + + + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' + + + + Use span-based 'string.Concat' + Use span-based 'string.Concat' Use 'Clear()' - 使用 'Clear()' + Use 'Clear()' It is more efficient to use 'Clear', instead of 'Fill' with default value. - 使用 'Clear' 比使用預設值的 'Fill' 更有效率。 + It is more efficient to use 'Clear', instead of 'Fill' with default value. Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' - 優先使用 'Span<T>.Clear()',而不是 'Span<T>.Fill(default)' + Prefer 'Span<T>.Clear()' instead of 'Span<T>.Fill(default)' Prefer 'Clear' over 'Fill' - 優先使用 'Clear' 而不是 'Fill' + Prefer 'Clear' over 'Fill' Use 'StartsWith' - 使用 'StartsWith' + Use 'StartsWith' It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. - 使用 'StartsWith' 更清楚且更快速,而不是將 'IndexOf' 的結果與 0 比較。 + It is both clearer and faster to use 'StartsWith' instead of comparing the result of 'IndexOf' to zero. Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 - 使用 'StartsWith' 而不是將 'IndexOf' 的結果與 0 比較 + Use 'StartsWith' instead of comparing the result of 'IndexOf' to 0 Use 'StartsWith' instead of 'IndexOf' - 使用 'StartsWith' 代替 'IndexOf' + Use 'StartsWith' instead of 'IndexOf' + + + + 'string.Contains(char)' is available as a better performing overload for single char lookup. + 'string.Contains(char)' is available as a better performing overload for single char lookup. + + + + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character + + + + Use char literal for a single character lookup + Use char literal for a single character lookup Use 'string.Equals' - 請使用 'string.Equals' + Use 'string.Equals' It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. - 使用 'string.Equals' 更清楚也更快,而不是將 'string.Compare' 的結果與 0 比較。 + It is both clearer and likely faster to use 'string.Equals' instead of comparing the result of 'string.Compare' to zero. Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 - 請使用 'string.Equals' 而不是將 'string.Compare' 的結果與 0 比較 + Use 'string.Equals' instead of comparing the result of 'string.Compare' to 0 Use 'string.Equals' - 請使用 'string.Equals' - - - - Use 'AsSpan' with 'string.Concat' - 請將 'AsSpan' 與 'string.Concat' 一起使用 - - - - It is more efficient to use 'AsSpan' and 'string.Concat', instead of 'Substring' and a concatenation operator. - 使用 'AsSpan' 和 'string.Concat' 比 'Substring' 和串連運算子更有效率。 - - - - Use span-based 'string.Concat' and 'AsSpan' instead of 'Substring' - 請使用範圍型的 'string.Concat' 和 'AsSpan',而非 'Substring' - - - - Use span-based 'string.Concat' - 請使用範圍型的 'string.Concat' - - - - 'string.Contains(char)' is available as a better performing overload for single char lookup. - 'string.Contains(char)' 對單一字元查閱而言可做為更佳的執行多載。 - - - - Use 'string.Contains(char)' instead of 'string.Contains(string)' when searching for a single character - 請在搜尋單一字元時使用 'string.Contains(char)' 而非 'string.Contains(string)' - - - - Use char literal for a single character lookup - 請為單一字元查閱使用字元常值 + Use 'string.Equals' Throw helpers are simpler and more efficient than an if block constructing a new exception instance. - 擲回協助程式比建構新例外狀況執行個體的 if 區塊更簡單且更有效率。 + Throw helpers are simpler and more efficient than an if block constructing a new exception instance. Use '{0}.{1}' - 使用 '{0}.{1}' + Use '{0}.{1}' Use '{0}.{1}' instead of explicitly throwing a new exception instance - 使用 '{0}.{1}',而不是明確擲回新的例外狀況執行個體 + Use '{0}.{1}' instead of explicitly throwing a new exception instance Platform compatibility analyzer requires a valid platform name and version. - 平台相容性分析器需要有效的平台名稱和版本。 + Platform compatibility analyzer requires a valid platform name and version. Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. - 版本 '{0}' 對平台 '{1}' 而言無效。請為此平台使用 2{2} 部分的版本。 + Version '{0}' is not valid for platform '{1}'. Use a version with 2{2} parts for this platform. Version '7' is not valid for platform 'windows'. Use a version with 2-4 parts for this platform. Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. - 版本 '{0}' 對平台 '{1}' 而言無效。請不要為此平台使用版本。 + Version '{0}' is not valid for platform '{1}'. Do not use versions for this platform. Use valid platform string - 請使用有效的平台字串 + Use valid platform string The platform '{0}' is not a known platform name - 平台 '{0}' 不是已知的平台名稱 + The platform '{0}' is not a known platform name ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. - 應直接等候從成員引動過程傳回的 ValueTask。若在已得知完成 ValueTask 之前,嘗試多次使用 ValueTask 或直接存取其結果,可能會導致發生例外狀況或損毀。忽略這類 ValueTask 可能表示發生功能性 Bug,而且可能會降低效能。 + ValueTasks returned from member invocations are intended to be directly awaited. Attempts to consume a ValueTask multiple times or to directly access one's result before it's known to be completed may result in an exception or corruption. Ignoring such a ValueTask is likely an indication of a functional bug and may degrade performance. ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). - 除非 ValueTask 執行個體已經完成,否則不應直接存取其結果。與 Tasks 不同,在 ValueTask 上呼叫 Result 或 GetAwaiter().GetResult() 無法保證會封鎖到作業完成為止。如果您無法耐心等候該執行個體,請考慮先檢查其 IsCompleted 屬性 (或如果您知道確實為 true,則可判斷其為 true)。 + ValueTask instances should not have their result directly accessed unless the instance has already completed. Unlike Tasks, calling Result or GetAwaiter().GetResult() on a ValueTask is not guaranteed to block until the operation completes. If you can't simply await the instance, consider first checking its IsCompleted property (or asserting it's true if you know that to be the case). ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. - ValueTask 執行個體應只能使用一次,例如透過 await。多次使用同一個 ValueTask 執行個體可能會導致發生例外狀況及資料損毀。 + ValueTask instances should only be consumed once, such as via an await. Consuming the same ValueTask instance multiple times can result in exceptions and data corruption. ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. - 從方法呼叫傳回的 ValueTask 執行個體應直接等候、傳回,或作為引數傳遞給另一個方法呼叫。其他使用方式,例如將執行個體儲存到本機或欄位,則可能表示發生 Bug,原因是 ValueTask 執行個體一律只能使用一次。 + ValueTask instances returned from method calls should be directly awaited, returned, or passed as an argument to another method call. Other usage, such as storing an instance into a local or a field, is likely an indication of a bug, as ValueTask instances must only ever be consumed once. ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. - 應一律使用 (通常為等候) 從方法呼叫傳回的 ValueTask 執行個體。未使用通常表示發生功能性 Bug,但即便不是這種情況,如果目標方法集區物件搭配 ValueTasks 使用,也可能會造成效能下降。 + ValueTask instances returned from method calls should always be used, typically awaited. Not doing so often represents a functional bug, but even if it doesn't, it can result in degraded performance if the target method pools objects for use with ValueTasks. Use ValueTasks correctly - 正確使用 ValueTasks + Use ValueTasks correctly Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. - 處理不受信任資料的 XML,可能會載入危險的外部參考,應使用具有安全解析程式或已停用 DTD 處理的 XmlReader,加以限制。 + Processing XML from untrusted data may load dangerous external references, which should be restricted by using an XmlReader with a secure resolver or with DTD processing disabled. Use XmlReader for 'DataSet.ReadXml()' - 將 XmlReader 用於 'DataSet.ReadXml()' + Use XmlReader for 'DataSet.ReadXml()' Use XmlReader for 'XmlSerializer.Deserialize()' - 將 XmlReader 用於 'XmlSerializer.Deserialize()' + Use XmlReader for 'XmlSerializer.Deserialize()' Use XmlReader for 'XmlSchema.Read()' - 將 XmlReader 用於 'XmlSchema.Read()' + Use XmlReader for 'XmlSchema.Read()' Use XmlReader for XmlValidatingReader constructor - 將 XmlReader 用於 XmlValidatingReader 建構函式 + Use XmlReader for XmlValidatingReader constructor Use XmlReader for XPathDocument constructor - 將 XmlReader 用於 XPathDocument 建構函式 + Use XmlReader for XPathDocument constructor This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. - '{0}.{1}' 方法的此多載可能不安全。其會啟用文件類型定義 (DTD) ,而如此可能會容易受到阻斷服務攻擊,或可能會使用 XmlResolver,而造成資訊洩漏。請改用採用 XmlReader 執行個體的多載,並停用 DTD 處理以及禁用 XmlResolver。 + This overload of the '{0}.{1}' method is potentially unsafe. It may enable Document Type Definition (DTD) which can be vulnerable to denial of service attacks, or might use an XmlResolver which can be vulnerable to information disclosure. Use an overload that takes a XmlReader instance instead, with DTD processing disabled and no XmlResolver. '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - '{0}' 使用預覽類型 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 + '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. - {3} '{0}' 使用預覽類型 '{1}',因此必須加入預覽功能。如需詳細資訊,請參閱 {2}。 - - - - Use 'TryGetValue(TKey, out TValue)' - 使用 'TryGetValue(TKey,out TValue)' - - - - Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method - 建議使用 'IDictionary.TryGetValue(TKey,out TValue)' 方法 - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check to avoid double lookup - 建議使用 'TryGetValue' 呼叫,而不是使用 'ContainsKey' 檢查所防護的字典索引子存取權,以避免再次查閱 - - - - Prefer a 'TryGetValue' call over a Dictionary indexer access guarded by a 'ContainsKey' check. 'ContainsKey' and the indexer both would lookup the key under the hood, so using 'TryGetValue' removes the extra lookup. - 建議使用 'TryGetValue' 呼叫,而不是由 'ContainsKey' 檢查所防護的字典索引子存取權。'ContainsKey' 和索引子會在罩下查閱索引鍵,因此使用 'TryGetValue' 會移除額外的查閱。 + {3} '{0}' uses the preview type '{1}' and needs to opt into preview features. See {2} for more information. diff --git a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md index 3f0840886b..4912283216 100644 --- a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md +++ b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md @@ -1704,6 +1704,18 @@ Constant arrays passed as arguments are not reused when called repeatedly, which |CodeFix|True| --- +## [CA1862](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1862): Prefer using 'StringComparer' to perform case-insensitive string comparisons + +Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons. + +|Item|Value| +|-|-| +|Category|Performance| +|Enabled|True| +|Severity|Info| +|CodeFix|True| +--- + ## [CA2000](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000): Dispose objects before losing scope If a disposable object is not explicitly disposed before all references to it are out of scope, the object will be disposed at some indeterminate time when the garbage collector runs the finalizer of the object. Because an exceptional event might occur that will prevent the finalizer of the object from running, the object should be explicitly disposed instead. diff --git a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif index daf94fe054..f767562783 100644 --- a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif +++ b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif @@ -3155,6 +3155,26 @@ ] } }, + "CA1862": { + "id": "CA1862", + "shortDescription": "Prefer using 'StringComparer' to perform case-insensitive string comparisons", + "fullDescription": "Avoid calling 'ToLower', 'ToUpper', 'ToLowerInvariant' and 'ToUpperInvariant' to perform case-insensitive string comparisons when using 'CompareTo', because they lead to an allocation. Instead, use 'StringComparer' to perform case-insensitive comparisons.", + "defaultLevel": "note", + "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1862", + "properties": { + "category": "Performance", + "isEnabledByDefault": true, + "typeName": "RecommendCaseInsensitiveStringComparisonAnalyzer", + "languages": [ + "C#", + "Visual Basic" + ], + "tags": [ + "Telemetry", + "EnabledRuleInAggressiveMode" + ] + } + }, "CA2000": { "id": "CA2000", "shortDescription": "Dispose objects before losing scope", diff --git a/src/NetAnalyzers/RulesMissingDocumentation.md b/src/NetAnalyzers/RulesMissingDocumentation.md index 08969ce815..2c80bd20ee 100644 --- a/src/NetAnalyzers/RulesMissingDocumentation.md +++ b/src/NetAnalyzers/RulesMissingDocumentation.md @@ -8,4 +8,5 @@ CA1512 | | Use ObjectDisposedException throw helper | CA1856 | | Incorrect usage of ConstantExpected attribute | CA1857 | | A constant is expected for the parameter | +CA1862 | | Prefer using 'StringComparer' to perform case-insensitive string comparisons | CA2021 | | Do not call Enumerable.Cast\ or Enumerable.OfType\ with incompatible types | diff --git a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Base.Tests.cs b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Base.Tests.cs new file mode 100644 index 0000000000..57433e4a8a --- /dev/null +++ b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.Base.Tests.cs @@ -0,0 +1,388 @@ +// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information. + +using System; +using System.Collections.Generic; + +namespace Microsoft.NetCore.Analyzers.Performance.UnitTests +{ + public abstract class RecommendCaseInsensitiveStringComparison_Base_Tests + { + private static readonly Tuple[] Cultures = new[] { + Tuple.Create("ToLower", "CurrentCultureIgnoreCase"), + Tuple.Create("ToUpper", "CurrentCultureIgnoreCase"), + Tuple.Create("ToLowerInvariant", "InvariantCultureIgnoreCase"), + Tuple.Create("ToUpperInvariant", "InvariantCultureIgnoreCase") + }; + + private static readonly string[] ContainsStartsWith = new[] { "Contains", "StartsWith" }; + private static readonly string[] UnnamedArgs = new[] { "", ", 1", ", 1, 1" }; + private const string CSharpSeparator = ": "; + private const string VisualBasicSeparator = ":="; + + private static string[] GetNamedArguments(string separator) => new string[] { + "", + $", startIndex{separator}1", + $", startIndex{separator}1, count{separator}1", + $", count{separator}1, startIndex{separator}1" + }; + + public static IEnumerable DiagnosedAndFixedData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"a.{caseChanging}().{method}(b)", $"a.{method}(b, StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"a.{caseChanging}().IndexOf(b{arguments})", $"a.IndexOf(b{arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedInvertedData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"a.{method}(b.{caseChanging}())", $"a.{method}(b, StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"a.IndexOf(b.{caseChanging}(){arguments})", $"a.IndexOf(b{arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable CSharpDiagnosedAndFixedNamedData() => DiagnosedAndFixedNamedData(CSharpSeparator); + public static IEnumerable VisualBasicDiagnosedAndFixedNamedData() => DiagnosedAndFixedNamedData(VisualBasicSeparator); + private static IEnumerable DiagnosedAndFixedNamedData(string separator) + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"a.{caseChanging}().{method}(value{separator}b)", $"a.{method}(value{separator}b, comparisonType{separator}StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in GetNamedArguments(separator)) + { + yield return new object[] { $"a.{caseChanging}().IndexOf(value{separator}b{arguments})", $"a.IndexOf(value{separator}b{arguments}, comparisonType{separator}StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedWithEqualsToData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + // Tests implicit boolean check + yield return new object[] { $"a.{caseChanging}().{method}(b)", $"a.{method}(b, StringComparison.{replacement})", "" }; + } + + // Tests having an appended method invocation at the end + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"a.{caseChanging}().IndexOf(b{arguments})", $"a.IndexOf(b{arguments}, StringComparison.{replacement})", ".Equals(-1)" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedWithEqualsToInvertedData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + // Tests implicit boolean check + yield return new object[] { $"a.{method}(b.{caseChanging}())", $"a.{method}(b, StringComparison.{replacement})", "" }; + } + + // Tests having an appended method invocation at the end + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"a.IndexOf(b.{caseChanging}(){arguments})", $"a.IndexOf(b{arguments}, StringComparison.{replacement})", ".Equals(-1)" }; + } + } + } + + public static IEnumerable CSharpDiagnosedAndFixedWithEqualsToNamedData() => DiagnosedAndFixedWithEqualsToNamedData(CSharpSeparator); + public static IEnumerable VisualBasicDiagnosedAndFixedWithEqualsToNamedData() => DiagnosedAndFixedWithEqualsToNamedData(VisualBasicSeparator); + private static IEnumerable DiagnosedAndFixedWithEqualsToNamedData(string separator) + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + // Tests implicit boolean check + yield return new object[] { $"a.{caseChanging}().{method}(value{separator}b)", $"a.{method}(value{separator}b, comparisonType{separator}StringComparison.{replacement})", "" }; + } + + // Tests having an appended method invocation at the end + + // IndexOf overloads + foreach (string arguments in GetNamedArguments(separator)) + { + yield return new object[] { $"a.{caseChanging}().IndexOf(value{separator}b{arguments})", $"a.IndexOf(value{separator}b{arguments}, comparisonType{separator}StringComparison.{replacement})", ".Equals(-1)" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedStringLiteralsData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"\"aBc\".{caseChanging}().{method}(\"CdE\")", $"\"aBc\".{method}(\"CdE\", StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"\"aBc\".{caseChanging}().IndexOf(\"CdE\"{arguments})", $"\"aBc\".IndexOf(\"CdE\"{arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedStringLiteralsInvertedData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"\"aBc\".{method}(\"CdE\".{caseChanging}())", $"\"aBc\".{method}(\"CdE\", StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"\"aBc\".IndexOf(\"CdE\".{caseChanging}(){arguments})", $"\"aBc\".IndexOf(\"CdE\"{arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable CSharpDiagnosedAndFixedStringLiteralsNamedData() => DiagnosedAndFixedStringLiteralsNamedData(CSharpSeparator); + public static IEnumerable VisualBasicDiagnosedAndFixedStringLiteralsNamedData() => DiagnosedAndFixedStringLiteralsNamedData(VisualBasicSeparator); + private static IEnumerable DiagnosedAndFixedStringLiteralsNamedData(string separator) + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"\"aBc\".{caseChanging}().{method}(value{separator}\"CdE\")", $"\"aBc\".{method}(value{separator}\"CdE\", comparisonType{separator}StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in GetNamedArguments(separator)) + { + yield return new object[] { $"\"aBc\".{caseChanging}().IndexOf(value{separator}\"CdE\"{arguments})", $"\"aBc\".IndexOf(value{separator}\"CdE\"{arguments}, comparisonType{separator}StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedStringReturningMethodsData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"GetStringA().{caseChanging}().{method}(GetStringB())", $"GetStringA().{method}(GetStringB(), StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"GetStringA().{caseChanging}().IndexOf(GetStringB(){arguments})", $"GetStringA().IndexOf(GetStringB(){arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedStringReturningMethodsInvertedData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"GetStringA().{method}(GetStringB().{caseChanging}())", $"GetStringA().{method}(GetStringB(), StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"GetStringA().IndexOf(GetStringB().{caseChanging}(){arguments})", $"GetStringA().IndexOf(GetStringB(){arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable CSharpDiagnosedAndFixedStringReturningMethodsNamedData() => DiagnosedAndFixedStringReturningMethodsNamedData(CSharpSeparator); + public static IEnumerable VisualBasicDiagnosedAndFixedStringReturningMethodsNamedData() => DiagnosedAndFixedStringReturningMethodsNamedData(VisualBasicSeparator); + private static IEnumerable DiagnosedAndFixedStringReturningMethodsNamedData(string separator) + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"GetStringA().{caseChanging}().{method}(value{separator}GetStringB())", $"GetStringA().{method}(value{separator}GetStringB(), comparisonType{separator}StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in GetNamedArguments(separator)) + { + yield return new object[] { $"GetStringA().{caseChanging}().IndexOf(value{separator}GetStringB(){arguments})", $"GetStringA().IndexOf(value{separator}GetStringB(){arguments}, comparisonType{separator}StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedParenthesizedData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"(\"aBc\".{caseChanging}()).{method}(\"CdE\")", $"\"aBc\".{method}(\"CdE\", StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"(\"aBc\".{caseChanging}()).IndexOf(\"CdE\"{arguments})", $"\"aBc\".IndexOf(\"CdE\"{arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable DiagnosedAndFixedParenthesizedInvertedData() + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"\"aBc\".{method}((\"CdE\".{caseChanging}()))", $"\"aBc\".{method}(\"CdE\", StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in UnnamedArgs) + { + yield return new object[] { $"\"aBc\".IndexOf(\"CdE\".{caseChanging}(){arguments})", $"\"aBc\".IndexOf(\"CdE\"{arguments}, StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable CSharpDiagnosedAndFixedParenthesizedNamedData() => DiagnosedAndFixedParenthesizedNamedData(CSharpSeparator); + public static IEnumerable VisualBasicDiagnosedAndFixedParenthesizedNamedData() => DiagnosedAndFixedParenthesizedNamedData(VisualBasicSeparator); + private static IEnumerable DiagnosedAndFixedParenthesizedNamedData(string separator) + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"(\"aBc\".{caseChanging}()).{method}(value{separator}\"CdE\")", $"\"aBc\".{method}(value{separator}\"CdE\", comparisonType{separator}StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in GetNamedArguments(separator)) + { + yield return new object[] { $"(\"aBc\".{caseChanging}()).IndexOf(value{separator}\"CdE\"{arguments})", $"\"aBc\".IndexOf(value{separator}\"CdE\"{arguments}, comparisonType{separator}StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable CSharpDiagnosedAndFixedParenthesizedNamedInvertedData() => DiagnosedAndFixedParenthesizedNamedInvertedData(CSharpSeparator); + public static IEnumerable VisualBasicDiagnosedAndFixedParenthesizedNamedInvertedData() => DiagnosedAndFixedParenthesizedNamedInvertedData(VisualBasicSeparator); + private static IEnumerable DiagnosedAndFixedParenthesizedNamedInvertedData(string separator) + { + foreach ((string caseChanging, string replacement) in Cultures) + { + foreach (string method in ContainsStartsWith) + { + yield return new object[] { $"(GetString()).{method}(value{separator}(GetString().{caseChanging}()))", $"(GetString()).{method}(value{separator}GetString(), comparisonType{separator}StringComparison.{replacement})" }; + } + + // IndexOf overloads + foreach (string arguments in GetNamedArguments(separator)) + { + yield return new object[] { $"(GetString()).IndexOf(value{separator}(GetString().{caseChanging}()){arguments})", $"(GetString()).IndexOf(value{separator}GetString(){arguments}, comparisonType{separator}StringComparison.{replacement})" }; + } + } + } + + public static IEnumerable NoDiagnosticData() + { + // Test needs to define a char ch and an object obj + foreach (string method in new[] { "Contains", "IndexOf", "StartsWith" }) + { + yield return new object[] { $"\"aBc\".{method}(\"cDe\")" }; + yield return new object[] { $"\"aBc\".{method}(\"cDe\", StringComparison.CurrentCultureIgnoreCase)" }; + yield return new object[] { $"\"aBc\".ToUpper().{method}(\"cDe\", StringComparison.InvariantCulture)" }; + yield return new object[] { $"\"aBc\".{method}(ch)" }; + + // Inverted + yield return new object[] { $"\"aBc\".{method}(\"cDe\".ToUpper(), StringComparison.InvariantCulture)" }; + } + + // StarstWith does not have a (char, StringComparison) overload + foreach (string method in new[] { "Contains", "IndexOf" }) + { + yield return new object[] { $"\"aBc\".{method}(ch, StringComparison.Ordinal)" }; + yield return new object[] { $"\"aBc\".ToLowerInvariant().{method}(ch, StringComparison.CurrentCulture)" }; + } + + yield return new object[] { "\"aBc\".CompareTo(obj)" }; + yield return new object[] { "\"aBc\".ToLower().CompareTo(obj)" }; + yield return new object[] { "\"aBc\".CompareTo(\"cDe\")" }; + } + + public static IEnumerable DiagnosticNoFixCompareToData() + { + // Tests need to define strings a, b, and methods GetStringA, GetStringB + foreach ((string caseChanging, _) in Cultures) + { + yield return new object[] { $"a.{caseChanging}().CompareTo(b)" }; + yield return new object[] { $"\"aBc\".{caseChanging}().CompareTo(\"CdE\")" }; + yield return new object[] { $"GetStringA().{caseChanging}().CompareTo(GetStringB())" }; + yield return new object[] { $"(\"aBc\".{caseChanging}()).CompareTo(\"CdE\")" }; + } + } + + public static IEnumerable DiagnosticNoFixCompareToInvertedData() + { + // Tests need to define strings a, b, and methods GetStringA, GetStringB + foreach ((string caseChanging, _) in Cultures) + { + yield return new object[] { $"a.CompareTo(b.{caseChanging}())" }; + yield return new object[] { $"\"aBc\".CompareTo(\"CdE\".{caseChanging}())" }; + yield return new object[] { $"GetStringA().CompareTo(GetStringB().{caseChanging}())" }; + yield return new object[] { $"(\"aBc\").CompareTo(\"CdE\".{caseChanging}())" }; + } + } + + public static IEnumerable CSharpDiagnosticNoFixCompareToNamedData() => DiagnosticNoFixCompareToNamedData(CSharpSeparator); + public static IEnumerable VisualBasicDiagnosticNoFixCompareToNamedData() => DiagnosticNoFixCompareToNamedData(VisualBasicSeparator); + private static IEnumerable DiagnosticNoFixCompareToNamedData(string separator) + { + // Tests need to define strings a, b + foreach ((string caseChanging, _) in Cultures) + { + yield return new object[] { $"a.{caseChanging}().CompareTo(strB{separator}b)" }; + yield return new object[] { $"(\"aBc\".{caseChanging}()).CompareTo(strB{separator}\"CdE\")" }; + + // Inverted + yield return new object[] { $"a.CompareTo(strB{separator}b.{caseChanging}())" }; + yield return new object[] { $"(\"aBc\").CompareTo(strB{separator}\"CdE\".{caseChanging}())" }; + } + } + } +} \ No newline at end of file diff --git a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.CSharp.Tests.cs b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.CSharp.Tests.cs new file mode 100644 index 0000000000..3f43cb3b41 --- /dev/null +++ b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.CSharp.Tests.cs @@ -0,0 +1,291 @@ +// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information. + +using System.Threading.Tasks; +using Microsoft.CodeAnalysis.Testing; +using Xunit; +using VerifyCS = Test.Utilities.CSharpCodeFixVerifier< + Microsoft.NetCore.Analyzers.Performance.RecommendCaseInsensitiveStringComparisonAnalyzer, + Microsoft.NetCore.CSharp.Analyzers.Performance.CSharpRecommendCaseInsensitiveStringComparisonFixer>; + +namespace Microsoft.NetCore.Analyzers.Performance.UnitTests +{ + public class RecommendCaseInsensitiveStringComparison_CSharp_Tests : RecommendCaseInsensitiveStringComparison_Base_Tests + { + [Theory] + [MemberData(nameof(DiagnosedAndFixedData))] + [MemberData(nameof(DiagnosedAndFixedInvertedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedNamedData))] + public async Task Diagnostic_Assign(string diagnosedLine, string fixedLine) + { + string originalCode = $@"using System; +class C +{{ + void M() + {{ + string a = ""aBc""; + string b = ""bc""; + var result = [|{diagnosedLine}|]; + }} +}}"; + string fixedCode = $@"using System; +class C +{{ + void M() + {{ + string a = ""aBc""; + string b = ""bc""; + var result = {fixedLine}; + }} +}}"; + await VerifyFixCSharpAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedData))] + [MemberData(nameof(DiagnosedAndFixedInvertedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedNamedData))] + public async Task Diagnostic_Return(string diagnosedLine, string fixedLine) + { + string originalCode = $@"using System; +class C +{{ + object M() + {{ + string a = ""aBc""; + string b = ""bc""; + return [|{diagnosedLine}|]; + }} +}}"; + string fixedCode = $@"using System; +class C +{{ + object M() + {{ + string a = ""aBc""; + string b = ""bc""; + return {fixedLine}; + }} +}}"; + await VerifyFixCSharpAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedWithEqualsToData))] + [MemberData(nameof(DiagnosedAndFixedWithEqualsToInvertedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedWithEqualsToNamedData))] + public async Task Diagnostic_If(string diagnosedLine, string fixedLine, string equalsTo) + { + string originalCode = $@"using System; +class C +{{ + int M() + {{ + string a = ""aBc""; + string b = ""bc""; + if ([|{diagnosedLine}|]{equalsTo}) + {{ + return 5; + }} + return 4; + }} +}}"; + string fixedCode = $@"using System; +class C +{{ + int M() + {{ + string a = ""aBc""; + string b = ""bc""; + if ({fixedLine}{equalsTo}) + {{ + return 5; + }} + return 4; + }} +}}"; + await VerifyFixCSharpAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedData))] + [MemberData(nameof(DiagnosedAndFixedInvertedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedNamedData))] + public async Task Diagnostic_IgnoreResult(string diagnosedLine, string fixedLine) + { + string originalCode = $@"using System; +class C +{{ + void M() + {{ + string a = ""aBc""; + string b = ""bc""; + [|{diagnosedLine}|]; + }} +}}"; + string fixedCode = $@"using System; +class C +{{ + void M() + {{ + string a = ""aBc""; + string b = ""bc""; + {fixedLine}; + }} +}}"; + await VerifyFixCSharpAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedStringLiteralsData))] + [MemberData(nameof(DiagnosedAndFixedStringLiteralsInvertedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedStringLiteralsNamedData))] + public async Task Diagnostic_StringLiterals_ReturnExpressionBody(string diagnosedLine, string fixedLine) + { + string originalCode = $@"using System; +class C +{{ + object M() => [|{diagnosedLine}|]; +}}"; + string fixedCode = $@"using System; +class C +{{ + object M() => {fixedLine}; +}}"; + await VerifyFixCSharpAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedStringReturningMethodsData))] + [MemberData(nameof(DiagnosedAndFixedStringReturningMethodsInvertedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedStringReturningMethodsNamedData))] + public async Task Diagnostic_StringReturningMethods_Discard(string diagnosedLine, string fixedLine) + { + string originalCode = $@"using System; +class C +{{ + public string GetStringA() => ""aBc""; + public string GetStringB() => ""CdE""; + void M() + {{ + _ = [|{diagnosedLine}|]; + }} +}}"; + string fixedCode = $@"using System; +class C +{{ + public string GetStringA() => ""aBc""; + public string GetStringB() => ""CdE""; + void M() + {{ + _ = {fixedLine}; + }} +}}"; + await VerifyFixCSharpAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedParenthesizedData))] + [MemberData(nameof(DiagnosedAndFixedParenthesizedInvertedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedParenthesizedNamedData))] + [MemberData(nameof(CSharpDiagnosedAndFixedParenthesizedNamedInvertedData))] + public async Task Diagnostic_Parenthesized_ReturnCastedToString(string diagnosedLine, string fixedLine) + { + string originalCode = $@"using System; +class C +{{ + string GetString() => ""aBc""; + string M() + {{ + return ([|{diagnosedLine}|]).ToString(); + }} +}}"; + string fixedCode = $@"using System; +class C +{{ + string GetString() => ""aBc""; + string M() + {{ + return ({fixedLine}).ToString(); + }} +}}"; + await VerifyFixCSharpAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(NoDiagnosticData))] + [InlineData("\"aBc\".CompareTo(null)")] + [InlineData("\"aBc\".ToUpperInvariant().CompareTo((object)null)")] + [InlineData("\"aBc\".CompareTo(value: (object)\"cDe\")")] + [InlineData("\"aBc\".CompareTo(strB: \"cDe\")")] + public async Task NoDiagnostic_All(string ignoredLine) + { + string originalCode = $@"using System; +class C +{{ + object M() + {{ + char ch = 'c'; + object obj = 3; + return {ignoredLine}; + }} +}}"; + + await VerifyNoDiagnosticCSharpAsync(originalCode); + } + + [Theory] + [MemberData(nameof(DiagnosticNoFixCompareToData))] + [MemberData(nameof(DiagnosticNoFixCompareToInvertedData))] + [MemberData(nameof(CSharpDiagnosticNoFixCompareToNamedData))] + public async Task Diagnostic_NoFix_CompareTo(string diagnosedLine) + { + string originalCode = $@"using System; +class C +{{ + string GetStringA() => ""aBc""; + string GetStringB() => ""cDe""; + int M() + {{ + string a = ""AbC""; + string b = ""CdE""; + return [|{diagnosedLine}|]; + }} +}}"; + await VerifyDiagnosticOnlyCSharpAsync(originalCode); + } + + private async Task VerifyNoDiagnosticCSharpAsync(string originalSource) + { + VerifyCS.Test test = new() + { + TestCode = originalSource, + FixedCode = originalSource + }; + + await test.RunAsync(); + } + + private async Task VerifyDiagnosticOnlyCSharpAsync(string originalSource) + { + VerifyCS.Test test = new() + { + TestCode = originalSource, + MarkupOptions = MarkupOptions.UseFirstDescriptor + }; + + await test.RunAsync(); + } + + private async Task VerifyFixCSharpAsync(string originalSource, string fixedSource) + { + VerifyCS.Test test = new() + { + TestCode = originalSource, + FixedCode = fixedSource, + MarkupOptions = MarkupOptions.UseFirstDescriptor + }; + + await test.RunAsync(); + } + } +} \ No newline at end of file diff --git a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.VisualBasic.Tests.cs b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.VisualBasic.Tests.cs new file mode 100644 index 0000000000..b1ce5b0fb6 --- /dev/null +++ b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Performance/RecommendCaseInsensitiveStringComparison.VisualBasic.Tests.cs @@ -0,0 +1,298 @@ +// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information. + +using System.Threading.Tasks; +using Microsoft.CodeAnalysis.Testing; +using Xunit; +using VerifyVB = Test.Utilities.VisualBasicCodeFixVerifier< + Microsoft.NetCore.Analyzers.Performance.RecommendCaseInsensitiveStringComparisonAnalyzer, + Microsoft.NetCore.VisualBasic.Analyzers.Performance.BasicRecommendCaseInsensitiveStringComparisonFixer>; + +namespace Microsoft.NetCore.Analyzers.Performance.UnitTests +{ + public class RecommendCaseInsensitiveStringComparison_VisualBasic_Tests : RecommendCaseInsensitiveStringComparison_Base_Tests + { + [Theory] + [MemberData(nameof(DiagnosedAndFixedData))] + [MemberData(nameof(DiagnosedAndFixedInvertedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedNamedData))] + public async Task Diagnostic_Assign(string diagnosedLine, string fixedLine) + { + string originalCode = $@"Imports System +Class C + Private Function M() As Integer + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + Dim r As Integer = [|{diagnosedLine}|] + Return r + End Function +End Class +"; + string fixedCode = $@"Imports System +Class C + Private Function M() As Integer + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + Dim r As Integer = {fixedLine} + Return r + End Function +End Class +"; + await VerifyFixVisualBasicAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedData))] + [MemberData(nameof(DiagnosedAndFixedInvertedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedNamedData))] + public async Task Diagnostic_Return(string diagnosedLine, string fixedLine) + { + string originalCode = $@"Imports System +Class C + Private Function M() As Integer + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + Return [|{diagnosedLine}|] + End Function +End Class +"; + string fixedCode = $@"Imports System +Class C + Private Function M() As Integer + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + Return {fixedLine} + End Function +End Class +"; + await VerifyFixVisualBasicAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedWithEqualsToData))] + [MemberData(nameof(DiagnosedAndFixedWithEqualsToInvertedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedWithEqualsToNamedData))] + public async Task Diagnostic_If(string diagnosedLine, string fixedLine, string equalsTo) + { + if (equalsTo == " == -1") + { + equalsTo = " = -1"; // VB syntax + } + + string originalCode = $@"Imports System +Class C + Private Function M() As Integer + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + If [|{diagnosedLine}|]{equalsTo} Then + Return 5 + End If + Return 4 + End Function +End Class +"; + string fixedCode = $@"Imports System +Class C + Private Function M() As Integer + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + If {fixedLine}{equalsTo} Then + Return 5 + End If + Return 4 + End Function +End Class +"; + await VerifyFixVisualBasicAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedData))] + [MemberData(nameof(DiagnosedAndFixedInvertedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedNamedData))] + public async Task Diagnostic_IgnoreResult(string diagnosedLine, string fixedLine) + { + string originalCode = $@"Imports System +Class C + Private Sub M() + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + [|{diagnosedLine}|] + End Sub +End Class +"; + string fixedCode = $@"Imports System +Class C + Private Sub M() + Dim a As String = ""aBc"" + Dim b As String = ""bc"" + {fixedLine} + End Sub +End Class +"; + await VerifyFixVisualBasicAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedStringLiteralsData))] + [MemberData(nameof(DiagnosedAndFixedStringLiteralsInvertedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedStringLiteralsNamedData))] + public async Task Diagnostic_StringLiterals_Return(string diagnosedLine, string fixedLine) + { + string originalCode = $@"Imports System +Class C + Private Function M() As Integer + Return [|{diagnosedLine}|] + End Function +End Class +"; + string fixedCode = $@"Imports System +Class C + Private Function M() As Integer + Return {fixedLine} + End Function +End Class +"; + await VerifyFixVisualBasicAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedStringReturningMethodsData))] + [MemberData(nameof(DiagnosedAndFixedStringReturningMethodsInvertedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedStringReturningMethodsNamedData))] + public async Task Diagnostic_StringReturningMethods_Discard(string diagnosedLine, string fixedLine) + { + string originalCode = $@"Imports System +Class C + Public Function GetStringA() As String + Return ""aBc"" + End Function + Public Function GetStringB() As String + Return ""DeF"" + End Function + Public Sub M() + [|{diagnosedLine}|] + End Sub +End Class +"; + string fixedCode = $@"Imports System +Class C + Public Function GetStringA() As String + Return ""aBc"" + End Function + Public Function GetStringB() As String + Return ""DeF"" + End Function + Public Sub M() + {fixedLine} + End Sub +End Class +"; + await VerifyFixVisualBasicAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(DiagnosedAndFixedParenthesizedData))] + [MemberData(nameof(DiagnosedAndFixedParenthesizedInvertedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedParenthesizedNamedData))] + [MemberData(nameof(VisualBasicDiagnosedAndFixedParenthesizedNamedInvertedData))] + public async Task Diagnostic_Parenthesized_ReturnCastedToString(string diagnosedLine, string fixedLine) + { + string originalCode = $@"Imports System +Class C + Public Function GetString() As String + Return ""AbC"" + End Function + Public Function M() As Object + Return ([|{diagnosedLine}|]).ToString() + End Function +End Class"; + string fixedCode = $@"Imports System +Class C + Public Function GetString() As String + Return ""AbC"" + End Function + Public Function M() As Object + Return ({fixedLine}).ToString() + End Function +End Class"; + await VerifyFixVisualBasicAsync(originalCode, fixedCode); + } + + [Theory] + [MemberData(nameof(NoDiagnosticData))] + [InlineData("\"aBc\".CompareTo(Nothing)")] + [InlineData("\"aBc\".ToUpperInvariant().CompareTo(CObj(Nothing))")] + [InlineData("\"aBc\".CompareTo(value:=CObj(1))")] + [InlineData("\"aBc\".CompareTo(strB:=\"cDe\")")] + public async Task NoDiagnostic_All(string ignoredLine) + { + string originalCode = $@"Imports System +Class C + Public Function M() As Object + Dim ch As Char = ""c""c + Dim obj As Object = 3 + Return {ignoredLine} + End Function +End Class"; + + await VerifyNoDiagnosticVisualBasicAsync(originalCode); + } + + [Theory] + [MemberData(nameof(DiagnosticNoFixCompareToData))] + [MemberData(nameof(DiagnosticNoFixCompareToInvertedData))] + [MemberData(nameof(VisualBasicDiagnosticNoFixCompareToNamedData))] + public async Task Diagnostic_NoFix_CompareTo(string diagnosedLine) + { + string originalCode = $@"Imports System +Class C + Public Function GetStringA() As String + Return ""aBc"" + End Function + Public Function GetStringB() As String + Return ""cDe"" + End Function + Public Function M() As Integer + Dim a As String = ""AbC"" + Dim b As String = ""CdE"" + Return [|{diagnosedLine}|] + End Function +End Class"; + await VerifyDiagnosticOnlyVisualBasicAsync(originalCode); + } + + private async Task VerifyNoDiagnosticVisualBasicAsync(string originalSource) + { + VerifyVB.Test test = new() + { + TestCode = originalSource, + FixedCode = originalSource + }; + + await test.RunAsync(); + } + + private async Task VerifyDiagnosticOnlyVisualBasicAsync(string originalSource) + { + VerifyVB.Test test = new() + { + TestCode = originalSource, + MarkupOptions = MarkupOptions.UseFirstDescriptor + }; + + await test.RunAsync(); + } + + private async Task VerifyFixVisualBasicAsync(string originalSource, string fixedSource) + { + VerifyVB.Test test = new() + { + TestCode = originalSource, + FixedCode = fixedSource, + MarkupOptions = MarkupOptions.UseFirstDescriptor + }; + + await test.RunAsync(); + } + } +} \ No newline at end of file diff --git a/src/NetAnalyzers/VisualBasic/Microsoft.NetCore.Analyzers/Performance/BasicRecommendCaseInsensitiveStringComparisonFixer.vb b/src/NetAnalyzers/VisualBasic/Microsoft.NetCore.Analyzers/Performance/BasicRecommendCaseInsensitiveStringComparisonFixer.vb new file mode 100644 index 0000000000..7a9a0a2de2 --- /dev/null +++ b/src/NetAnalyzers/VisualBasic/Microsoft.NetCore.Analyzers/Performance/BasicRecommendCaseInsensitiveStringComparisonFixer.vb @@ -0,0 +1,116 @@ +' Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information. + +Imports System.Composition +Imports Microsoft.CodeAnalysis +Imports Microsoft.CodeAnalysis.CodeFixes +Imports Microsoft.CodeAnalysis.Editing +Imports Microsoft.CodeAnalysis.Operations +Imports Microsoft.CodeAnalysis.VisualBasic.Syntax +Imports Microsoft.NetCore.Analyzers.Performance + +Namespace Microsoft.NetCore.VisualBasic.Analyzers.Performance + + + Public NotInheritable Class BasicRecommendCaseInsensitiveStringComparisonFixer + Inherits RecommendCaseInsensitiveStringComparisonFixer + + Protected Overrides Function GetNewArguments(generator As SyntaxGenerator, mainInvocationOperation As IInvocationOperation, + stringComparisonType As INamedTypeSymbol, ByRef mainInvocationInstance As SyntaxNode) As List(Of SyntaxNode) + + Dim paramName As String = RecommendCaseInsensitiveStringComparisonAnalyzer.StringParameterName + + Dim arguments As New List(Of SyntaxNode) + Dim isAnyArgumentNamed As Boolean = False + + Dim invocationExpression As InvocationExpressionSyntax = DirectCast(mainInvocationOperation.Syntax, InvocationExpressionSyntax) + + Dim caseChangingApproachName As String = "" + Dim isChangingCaseInArgument As Boolean = False + + Dim memberAccessExpression As MemberAccessExpressionSyntax = TryCast(invocationExpression.Expression, MemberAccessExpressionSyntax) + + If memberAccessExpression IsNot Nothing Then + + Dim internalExpression As ExpressionSyntax + + Dim parenthesizedExpression As ParenthesizedExpressionSyntax = TryCast(memberAccessExpression.Expression, ParenthesizedExpressionSyntax) + + internalExpression = If(parenthesizedExpression IsNot Nothing, + parenthesizedExpression.Expression, + memberAccessExpression.Expression) + + Dim internalInvocationExpression As InvocationExpressionSyntax = TryCast(internalExpression, InvocationExpressionSyntax) + Dim internalMemberAccessExpression As MemberAccessExpressionSyntax = Nothing + + If internalInvocationExpression IsNot Nothing Then + internalMemberAccessExpression = TryCast(internalInvocationExpression.Expression, MemberAccessExpressionSyntax) + End If + + If internalMemberAccessExpression IsNot Nothing Then + mainInvocationInstance = internalMemberAccessExpression.Expression + caseChangingApproachName = GetCaseChangingApproach(internalMemberAccessExpression.Name.Identifier.ValueText) + Else + mainInvocationInstance = memberAccessExpression.Expression + isChangingCaseInArgument = True + End If + + End If + + For Each node As SimpleArgumentSyntax In invocationExpression.ArgumentList.Arguments + + Dim argumentName As String = node.NameColonEquals?.Name.Identifier.ValueText + isAnyArgumentNamed = isAnyArgumentNamed Or argumentName IsNot Nothing + + Dim argumentParenthesizedExpression As ParenthesizedExpressionSyntax = TryCast(node.Expression, ParenthesizedExpressionSyntax) + + Dim argumentExpression As ExpressionSyntax = If(argumentParenthesizedExpression IsNot Nothing, + argumentParenthesizedExpression.Expression, + node.Expression) + + Dim argumentMemberAccessExpression As MemberAccessExpressionSyntax = Nothing + Dim argumentInvocationExpression As InvocationExpressionSyntax = TryCast(argumentExpression, InvocationExpressionSyntax) + + If argumentInvocationExpression IsNot Nothing Then + argumentMemberAccessExpression = TryCast(argumentInvocationExpression.Expression, MemberAccessExpressionSyntax) + If argumentMemberAccessExpression IsNot Nothing Then + caseChangingApproachName = GetCaseChangingApproach(argumentMemberAccessExpression.Name.Identifier.ValueText) + End If + End If + + Dim newArgumentNode As SyntaxNode + If isChangingCaseInArgument Then + If argumentMemberAccessExpression IsNot Nothing Then + + newArgumentNode = If(argumentName = paramName, + generator.Argument(paramName, RefKind.None, argumentMemberAccessExpression.Expression), + generator.Argument(argumentMemberAccessExpression.Expression)) + + Else + + newArgumentNode = node + + End If + Else + + newArgumentNode = node + + End If + + arguments.Add(newArgumentNode) + + Next + + Debug.Assert(caseChangingApproachName IsNot Nothing) + Debug.Assert(mainInvocationInstance IsNot Nothing) + + Dim stringComparisonArgument As SyntaxNode = GetNewStringComparisonArgument(generator, stringComparisonType, caseChangingApproachName, isAnyArgumentNamed) + + arguments.Add(stringComparisonArgument) + + Return arguments + + End Function + + End Class + +End Namespace \ No newline at end of file diff --git a/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt b/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt index 43ad39c7a9..cd1c92009b 100644 --- a/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt +++ b/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt @@ -12,7 +12,7 @@ Design: CA2210, CA1000-CA1070 Globalization: CA2101, CA1300-CA1311 Mobility: CA1600-CA1601 -Performance: HA, CA1800-CA1861 +Performance: HA, CA1800-CA1862 Security: CA2100-CA2153, CA2300-CA2330, CA3000-CA3147, CA5300-CA5405 Usage: CA1801, CA1806, CA1816, CA2200-CA2209, CA2211-CA2260 Naming: CA1700-CA1727 diff --git a/src/Utilities/Compiler/WellKnownTypeNames.cs b/src/Utilities/Compiler/WellKnownTypeNames.cs index bd800d4ee3..320e968dfb 100644 --- a/src/Utilities/Compiler/WellKnownTypeNames.cs +++ b/src/Utilities/Compiler/WellKnownTypeNames.cs @@ -391,6 +391,7 @@ internal static class WellKnownTypeNames public const string SystemSpan1 = "System.Span`1"; public const string SystemStackOverflowException = "System.StackOverflowException"; public const string SystemString = "System.String"; + public const string SystemStringComparer = "System.StringComparer"; public const string SystemStringComparison = "System.StringComparison"; public const string SystemSystemException = "System.SystemException"; public const string SystemTextEncoding = "System.Text.Encoding";