Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump Microsoft.CodeAnalysis.FxCopAnalyzers from 2.9.8 to 3.0.0 #132

Merged
merged 1 commit into from
Jun 7, 2020
Merged

build(deps): bump Microsoft.CodeAnalysis.FxCopAnalyzers from 2.9.8 to 3.0.0 #132

merged 1 commit into from
Jun 7, 2020

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps Microsoft.CodeAnalysis.FxCopAnalyzers from 2.9.8 to 3.0.0.

Release notes

Sourced from Microsoft.CodeAnalysis.FxCopAnalyzers's releases.

v3.0.0

Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 3.0.0 NuGet packages. Works with VS 2019 or later.

Contains following important changes on top of v2.9.x releases

Bug Fixes

Tons of bug fixes

Additional analyzers/fixers:

Added

  • Design
    • CA1021: Avoid out parameters
    • CA1069: Enums values should not be duplicated -- Enabled by default
  • Reliability
    • CA2011: Avoid infinite recursion -- Enabled by default
    • CA2012: Use ValueTasks correctly -- Enabled by default
    • CA2013: Do not use ReferenceEquals with value types -- Enabled by default
  • Usage
    • CA2215: Dispose methods should call base class dispose -- Enabled by default

Changed

  • Security
    • CA5361: Do Not Disable SChannel Use of Strong Crypto -- Now disabled by default
    • CA5376: Use SharedAccessProtocol HttpsOnly -- Now disabled by default
    • CA5377: Use Container Level Access Policy -- Now disabled by default
    • CA5378: Do not disable ServicePointManagerSecurityProtocols -- Now disabled by default
    • CA5380: Do Not Add Certificates To Root Store -- Now disabled by default
    • CA5381: Ensure Certificates Are Not Added To Root Store -- Now disabled by default

v3.0.0-beta3.final

Pre-release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 3.0.0 NuGet packages. Works with VS 2019 or later.

Contains following important changes on top of v2.9.x releases

Bug Fixes

Lot of bug fixes

Additional analyzers/fixers:

Added

  • Design
    • CA1021: Avoid out parameters
    • CA1069: Enums values should not be duplicated -- Enabled by default
  • Reliability
    • CA2011: Avoid infinite recursion -- Enabled by default
    • CA2012: Use ValueTasks correctly -- Enabled by default
    • CA2013: Do not use ReferenceEquals with value types -- Enabled by default
  • Usage
    • CA2215: Dispose methods should call base class dispose -- Enabled by default

Changed

  • Security
    • CA5361: Do Not Disable SChannel Use of Strong Crypto -- Now disabled by default
... (truncated)
Commits
  • 39d189a Merge pull request #3561 from paulomorgado/fix/docs-urls
  • bee7e7a Fix URLs in comments
  • 5ce9fe7 Merge pull request #3483 from Evangelink/CA1806-user-option
  • 4f550e8 Update xlf resources
  • 9ac40dc Merge pull request #3543 from Evangelink/roslyn-resx
  • 8634ca6 Fix typo in resx
  • 624f1b5 Address review comments for user options
  • 990ca20 Merge branch 'master' into CA1806-user-option
  • 2763ec7 Merge pull request #3415 from Evangelink/use-eventhandler-helper
  • d7d170a Instantiate ArgumentExceptions Correctly analyzer updates and fixer implement...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview bot requested a review from a team April 28, 2020 00:12
@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Apr 28, 2020
@glennawatson glennawatson merged commit 2650a3d into master Jun 7, 2020
@glennawatson glennawatson deleted the dependabot/nuget/Microsoft.CodeAnalysis.FxCopAnalyzers-3.0.0 branch June 7, 2020 06:38
@reactiveui reactiveui locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@glennawatson glennawatson glennawatson approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@glennawatson