Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Roslyn Cookbook Compiler as a Service, Code Analysis, Code Quality and more

Product type Paperback

Published in Jul 2017

Publisher Packt

ISBN-13 9781787286832

Length 350 pages

Edition 1st Edition

Languages

Tools

Visual Studio

Concepts

Programming Language

Author (1):

Manish Vasani

View More author details

Table of Contents (11) Chapters

Preface

1. Writing Diagnostic Analyzers FREE CHAPTER

2. Consuming Diagnostic Analyzers in .NET Projects

3. Writing IDE Code Fixes, Refactorings, and Intellisense Completion Providers

4. Improving Code Maintenance of C# Code Base

5. Catch Security Vulnerabilities and Performance Issues in C# Code

6. Live Unit Testing in Visual Studio Enterprise

7. C# Interactive and Scripting

8. Contribute Simple Functionality to Roslyn C# Compiler Open Source Code

9. Design and Implement a New C# Language Feature

10. Command-Line Tools Based on Roslyn API

Introduction

In this chapter, we will cover two very important and popular category of Roslyn analyzers: security and performance analyzers.

Security: Given the extremely large domain of .NET applications, each of them with very domain-specific security vulnerabilities, it is critical that we have a domain-specific tools/extensions to catch these vulnerabilities. Roslyn-based security analyzers, such as PUMA scan analyzers, catch these vulnerabilities at compile time and report diagnostics. PUMA scan analyzer rules are classified into the following broad categories:
- Configuration (https://www.pumascan.com/rules.html#overview): Rules to catch vulnerabilities in ASP.NET Web configuration files
- Cross-site Scripting (https://www.pumascan.com/rules.html#cross-site-scripting): Rules to catch cross-site scripting (XSS) vulnerabilities
- Injection (https://www.pumascan.com/rules.html...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at R$50/month. Cancel anytime

Authors (1)

Manish Vasani

Manish Vasani is a Senior Software Developer working for Microsoft Corporation based in Redmond, WA, US. He is extremely passionate about working on extensible compiler platforms designed to enable rich analysis scenarios. He has roughly about 10+ years' work experience at Microsoft. During this time, he has worked on the Roslyn compiler, analyzers and IDE teams. He was part of the design team for the analyzer and code fix API and implemented the analyzer driver that executes the analyzers in the compiler and VS IDE.

See other products by Manish Vasani