SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
C#

C# static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C# code

  • All rules 493
  • Vulnerability46
  • Bug88
  • Security Hotspot24
  • Code Smell335

  • Quick Fix 61
Filtered: 30 rules found
performance
    Impact
      Clean code attribute
        1. API Controllers should derive from ControllerBase instead of Controller

           Code Smell
        2. "string.Create" should be used instead of "FormattableString"

           Code Smell
        3. "Contains" should be used instead of "Any" for simple equality checks

           Code Smell
        4. "First" and "Last" properties of "LinkedList" should be used instead of the "First()" and "Last()" extension methods

           Code Smell
        5. The lambda parameter should be used instead of capturing arguments in "ConcurrentDictionary" methods

           Code Smell
        6. "StartsWith" and "EndsWith" overloads that take a "char" should be used instead of the ones that take a "string"

           Code Smell
        7. "Min/Max" properties of "Set" types should be used instead of the "Enumerable" extension methods

           Code Smell
        8. Prefer indexing instead of "Enumerable" methods on types implementing "IList"

           Code Smell
        9. The collection should be filtered before sorting by using "Where" before "OrderBy"

           Code Smell
        10. Collection-specific "Exists" method should be used instead of the "Any" extension

           Code Smell
        11. The collection-specific "TrueForAll" method should be used instead of the "All" extension

           Code Smell
        12. "Find" method should be used instead of the "FirstOrDefault" extension

           Code Smell
        13. Start index should be used instead of calling Substring

           Code Smell
        14. Non-abstract attributes should be sealed

           Code Smell
        15. Assemblies should be marked with "NeutralResourcesLanguageAttribute"

           Code Smell
        16. "static readonly" constants should be "const" instead

           Code Smell
        17. "Assembly.GetExecutingAssembly" should not be called

           Code Smell
        18. Value types should implement "IEquatable<T>"

           Code Smell
        19. Finalizers should not be empty

           Code Smell
        20. Unchanged variables should be marked as "const"

           Code Smell
        21. Non-derived "private" classes and records should be "sealed"

           Code Smell
        22. Duplicate casts should not be made

           Code Smell
        23. "ConfigureAwait(false)" should be used

           Code Smell
        24. Multiple "OrderBy" calls should not be used

           Code Smell
        25. "StringBuilder" data should be used

           Code Smell
        26. Logging templates should be constant

           Code Smell
        27. Properties should not make collection or array copies

           Code Smell
        28. Strings should not be concatenated using '+' in a loop

           Code Smell
        29. "GC.Collect" should not be called

           Code Smell
        30. "Any()" should be used to test for emptiness

           Code Smell

        "GC.Collect" should not be called

        intentionality - efficient
        maintainability
        Code Smell
        • performance
        • unpredictable
        • bad-practice

        Why is this an issue?

        More Info

        GC.Collect is a method that forces or suggests to the garbage collector to run a collection of objects in the managed heap that are no longer being used and free their memory.

        Calling GC.Collect is rarely necessary and can significantly affect application performance. That’s because it is a tracing garbage collector and needs to examine every object in memory for cleanup and analyze all reachable objects from every application’s root (static fields, local variables on thread stacks, etc.).

        To perform tracing and memory releasing correctly, the garbage collection may need to block all threads currently in execution. That is why, as a general rule, the performance implications of calling GC.Collect far outweigh the benefits.

        This rule raises an issue when any overload of Collect is invoked.

        static void Main(string[] args)
        {
          // ...
          GC.Collect();                              // Noncompliant
          GC.Collect(2, GCCollectionMode.Optimized); // Noncompliant
        }
        

        There may be exceptions to this rule: for example, you’ve just triggered some event that is unique in the run of your program that caused a lot of long-lived objects to die, and you want to release their memory.

        This rule also raises on GC.GetTotalMemory when forceFullCollection is true as it directly invokes GC.Collect.

          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube Community BuildAnalyze code in your
          on-premise CI
          Available Since
          9.1
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use