Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

C# static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C# code

Filtered: 57 rules found

pitfall

Impact

Clean code attribute

Literal suffixes should be upper case
Code Smell
Use a format provider when parsing date and time
Code Smell
Use UTC when recording DateTime instants
Code Smell
Always set the "DateTimeKind" when creating new "DateTime" instances
Code Smell
"PartCreationPolicyAttribute" should be used with "ExportAttribute"
Bug
Secure random number generators should not output predictable values
Vulnerability
"Shared" parts should not be created with "new"
Bug
Getters and setters should access the expected fields
Bug
Events should have proper arguments
Code Smell
Members should not have conflicting transparency annotations
Vulnerability
Windows Forms entry points should be marked with STAThread
Bug
Native methods should be wrapped
Code Smell
Classes should implement their "ExportAttribute" interfaces
Bug
Overloads with a "CultureInfo" or an "IFormatProvider" parameter should be used
Code Smell
Literals should not be passed as localized parameters
Code Smell
Operators should be overloaded consistently
Code Smell
Strings should be normalized to uppercase
Code Smell
Interface methods should be callable by derived types
Code Smell
Classes implementing "IEquatable<T>" should be sealed
Code Smell
Child class fields should not differ from parent class fields only by capitalization
Code Smell
Base class methods should not be hidden
Code Smell
Inherited member visibility should not be decreased
Code Smell
Threads should not lock on objects with weak identity
Code Smell
Objects should not be disposed more than once
Code Smell
"ISerializable" should be implemented correctly
Code Smell
Assemblies should have version information
Code Smell
"IDisposable" should be implemented correctly
Code Smell
Exceptions should not be thrown from unexpected methods
Code Smell
"operator==" should not be overloaded on reference types
Code Smell
Parameters with "[DefaultParameterValue]" attributes should also be marked "[Optional]"
Code Smell
"[Optional]" should not be used on "ref" or "out" parameters
Code Smell
Method overloads with default parameter values should not overlap
Code Smell
"value" contextual keyword should be used
Code Smell
Method calls should not resolve ambiguously to overloads with "params"
Code Smell
Inner class members should not shadow outer class "static" or type members
Code Smell
Methods named "Dispose" should implement "IDisposable.Dispose"
Code Smell
Conditionally executed code should be reachable
Bug
Whitespace and control characters in string literals should be explicit
Code Smell
Write-only properties should not be used
Code Smell
Public methods should not have multidimensional array parameters
Code Smell
Optional parameters should not be used
Code Smell
Fields should be private
Code Smell
Public constant members should not be used
Code Smell
Array covariance should not be used
Code Smell
Methods and properties that don't access instance data should be static
Code Smell
"async" and "await" should not be used as identifiers
Code Smell
Non-constant static fields should not be visible
Code Smell
Classes named like "Exception" should extend "Exception" or a subclass
Code Smell
Boolean checks should not be inverted
Code Smell
Related "if/else if" statements should not have the same condition
Bug
"switch" statements should not be nested
Code Smell
Constructors should only call non-overridable methods
Code Smell
Private fields only used as local variables in methods should become local variables
Code Smell
"for" loop stop conditions should be invariant
Code Smell
Control structures should use curly braces
Code Smell
Local variables should not shadow class fields or properties
Code Smell
Method overrides should not change parameter defaults
Code Smell

Public constant members should not be used

intentionality - clear

maintainability

Code Smell

pitfall

Why is this an issue?

Constant members are copied at compile time to the call sites, instead of being fetched at runtime.

As an example, say you have a library with a constant Version member set to 1.0, and a client application linked to it. This library is then updated and Version is set to 2.0. Unfortunately, even after the old DLL is replaced by the new one, Version will still be 1.0 for the client application. In order to see 2.0, the client application would need to be rebuilt against the new version of the library.

This means that you should use constants to hold values that by definition will never change, such as Zero. In practice, those cases are uncommon, and therefore it is generally better to avoid constant members.

This rule only reports issues on public constant fields, which can be reached from outside the defining assembly.

Noncompliant code example

public class Foo
{
    public const double Version = 1.0;           // Noncompliant
}

Compliant solution

public class Foo
{
    public static double Version
    {
      get { return 1.0; }
    }
}

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Available Since
9.1

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted