diff --git a/.editorconfig b/.editorconfig
index 7d06415bb..9b646877b 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -19,6 +19,10 @@ indent_size = 2
indent_style = space
indent_size = 2
+# RESX files
+[*.resx]
+trim_trailing_whitespace = false
+
# JSON files
[*.json]
indent_style = space
@@ -197,3 +201,300 @@ csharp_preserve_single_line_blocks = true
[*.vb]
# Modifier preferences
visual_basic_preferred_modifier_order = Partial,Default,Private,Protected,Public,Friend,NotOverridable,Overridable,MustOverride,Overloads,Overrides,MustInherit,NotInheritable,Static,Shared,Shadows,ReadOnly,WriteOnly,Dim,Const,WithEvents,Widening,Narrowing,Custom,Async:suggestion
+
+##################################
+# DevDiv Recommended Analyzers #
+##################################
+
+# Code files
+[*.{cs,vb}]
+
+dotnet_diagnostic.CA2153.severity = error # Do Not Catch Corrupted State Exceptions
+dotnet_diagnostic.CA2301.severity = error # Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder
+dotnet_diagnostic.CA2302.severity = error # Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize
+dotnet_diagnostic.CA2305.severity = error # Do not use insecure deserializer LosFormatter
+dotnet_diagnostic.CA2311.severity = error # Do not deserialize without first setting NetDataContractSerializer.Binder
+dotnet_diagnostic.CA2312.severity = error # Ensure NetDataContractSerializer.Binder is set before deserializing
+dotnet_diagnostic.CA2315.severity = error # Do not use insecure deserializer ObjectStateFormatter
+dotnet_diagnostic.CA2321.severity = error # Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
+dotnet_diagnostic.CA2327.severity = error # Do not use insecure JsonSerializerSettings
+dotnet_diagnostic.CA2328.severity = error # Ensure that JsonSerializerSettings are secure
+dotnet_diagnostic.CA2329.severity = error # Do not deserialize with JsonSerializer using an insecure configuration
+dotnet_diagnostic.CA2330.severity = error # Ensure that JsonSerializer has a secure configuration when deserializing
+dotnet_diagnostic.CA3061.severity = error # Do Not Add Schema By URL
+dotnet_diagnostic.CA3075.severity = error # Insecure DTD processing in XML
+dotnet_diagnostic.CA3076.severity = error # Insecure XSLT script processing.
+dotnet_diagnostic.CA3077.severity = error # Insecure Processing in API Design, XmlDocument and XmlTextReader
+dotnet_diagnostic.CA3147.severity = error # Mark Verb Handlers With Validate Antiforgery Token
+dotnet_diagnostic.CA5350.severity = error # Do Not Use Weak Cryptographic Algorithms
+dotnet_diagnostic.CA5351.severity = error # Do Not Use Broken Cryptographic Algorithms
+dotnet_diagnostic.CA5358.severity = error # Review cipher mode usage with cryptography experts
+dotnet_diagnostic.CA5361.severity = error # Do Not Disable SChannel Use of Strong Crypto
+dotnet_diagnostic.CA5364.severity = error # Do Not Use Deprecated Security Protocols
+dotnet_diagnostic.CA5378.severity = error # Do not disable ServicePointManagerSecurityProtocols
+dotnet_diagnostic.CA5397.severity = error # Do not use deprecated SslProtocols values
+dotnet_diagnostic.IA5350.severity = error # Do Not Use Weak Cryptographic Algorithms
+dotnet_diagnostic.IA5351.severity = error # Do Not Use Broken Cryptographic Algorithms
+dotnet_diagnostic.IA5352.severity = error # Do Not Misuse Cryptographic APIs
+
+dotnet_diagnostic.CA2322.severity = suggestion # Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
+dotnet_diagnostic.CA2350.severity = suggestion # Do not use DataTable.ReadXml() with untrusted data
+dotnet_diagnostic.CA2351.severity = suggestion # Do not use DataSet.ReadXml() with untrusted data
+dotnet_diagnostic.CA2352.severity = suggestion # Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks
+dotnet_diagnostic.CA2353.severity = suggestion # Unsafe DataSet or DataTable in serializable type
+dotnet_diagnostic.CA2354.severity = suggestion # Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks
+dotnet_diagnostic.CA2355.severity = suggestion # Unsafe DataSet or DataTable type found in deserializable object graph
+dotnet_diagnostic.CA2356.severity = suggestion # Unsafe DataSet or DataTable type in web deserializable object graph
+dotnet_diagnostic.CA2361.severity = suggestion # Ensure autogenerated class containing DataSet.ReadXml() is not used with untrusted data
+dotnet_diagnostic.CA2362.severity = suggestion # Unsafe DataSet or DataTable in autogenerated serializable type can be vulnerable to remote code execution attacks
+dotnet_diagnostic.CA3001.severity = suggestion # Review code for SQL injection vulnerabilities
+dotnet_diagnostic.CA3002.severity = suggestion # Review code for XSS vulnerabilities
+dotnet_diagnostic.CA3003.severity = suggestion # Review code for file path injection vulnerabilities
+dotnet_diagnostic.CA3004.severity = suggestion # Review code for information disclosure vulnerabilities
+dotnet_diagnostic.CA3005.severity = suggestion # Review code for LDAP injection vulnerabilities
+dotnet_diagnostic.CA3006.severity = suggestion # Review code for process command injection vulnerabilities
+dotnet_diagnostic.CA3007.severity = suggestion # Review code for open redirect vulnerabilities
+dotnet_diagnostic.CA3008.severity = suggestion # Review code for XPath injection vulnerabilities
+dotnet_diagnostic.CA3009.severity = suggestion # Review code for XML injection vulnerabilities
+dotnet_diagnostic.CA3010.severity = suggestion # Review code for XAML injection vulnerabilities
+dotnet_diagnostic.CA3011.severity = suggestion # Review code for DLL injection vulnerabilities
+dotnet_diagnostic.CA3012.severity = suggestion # Review code for regex injection vulnerabilities
+dotnet_diagnostic.CA5359.severity = suggestion # Do Not Disable Certificate Validation
+dotnet_diagnostic.CA5380.severity = suggestion # Do Not Add Certificates To Root Store
+dotnet_diagnostic.CA5381.severity = suggestion # Ensure Certificates Are Not Added To Root Store
+dotnet_diagnostic.CA5395.severity = suggestion # Miss HttpVerb attribute for action methods
+dotnet_diagnostic.CA5396.severity = suggestion # Set HttpOnly to true for HttpCookie
+dotnet_diagnostic.CA5398.severity = suggestion # Avoid hardcoded SslProtocols values
+dotnet_diagnostic.CA5386.severity = suggestion # Avoid hardcoding SecurityProtocolType value
+dotnet_diagnostic.CA5391.severity = suggestion # Use antiforgery tokens in ASP.NET Core MVC controllers
+dotnet_diagnostic.IA6450.severity = suggestion # Custom web token handler was found
+dotnet_diagnostic.IA6451.severity = suggestion # Implement required validations for app asserted actor token
+
+# Adding the FxCopAnalyzers NuGet package automatically starts analyzing code at the default
+# severity levels for each rule. We're not ready for that yet, so disable all other rules.
+
+dotnet_diagnostic.CA2310.severity = none # Do not use insecure deserializer NetDataContractSerializer
+dotnet_diagnostic.Async001.severity = none
+dotnet_diagnostic.Async002.severity = none
+dotnet_diagnostic.Async003.severity = none
+dotnet_diagnostic.Async004.severity = none
+dotnet_diagnostic.Async005.severity = none
+dotnet_diagnostic.Async006.severity = none
+dotnet_diagnostic.CA1000.severity = none # Do not declare static members on generic types
+dotnet_diagnostic.CA1001.severity = none # Types that own disposable fields should be disposable
+dotnet_diagnostic.CA1002.severity = none # Do not expose generic lists
+dotnet_diagnostic.CA1003.severity = none # Use generic event handler instances
+dotnet_diagnostic.CA1005.severity = none # Avoid excessive parameters on generic types
+dotnet_diagnostic.CA1008.severity = none # Enums should have zero value
+dotnet_diagnostic.CA1010.severity = none # Generic interface should also be implemented
+dotnet_diagnostic.CA1012.severity = none # Abstract types should not have public constructors
+dotnet_diagnostic.CA1014.severity = none # Mark assemblies with CLSCompliant
+dotnet_diagnostic.CA1016.severity = none # Mark assemblies with assembly version
+dotnet_diagnostic.CA1017.severity = none # Mark assemblies with ComVisible
+dotnet_diagnostic.CA1018.severity = none # Mark attributes with AttributeUsageAttribute
+dotnet_diagnostic.CA1019.severity = none # Define accessors for attribute arguments
+dotnet_diagnostic.CA1021.severity = none # Avoid out parameters
+dotnet_diagnostic.CA1024.severity = none # Use properties where appropriate
+dotnet_diagnostic.CA1027.severity = none # Mark enums with FlagsAttribute
+dotnet_diagnostic.CA1028.severity = none # Enum Storage should be Int32
+dotnet_diagnostic.CA1030.severity = none # Use events where appropriate
+dotnet_diagnostic.CA1031.severity = none # Do not catch general exception types
+dotnet_diagnostic.CA1032.severity = none # Implement standard exception constructors
+dotnet_diagnostic.CA1033.severity = none # Interface methods should be callable by child types
+dotnet_diagnostic.CA1034.severity = none # Nested types should not be visible
+dotnet_diagnostic.CA1036.severity = none # Override methods on comparable types
+dotnet_diagnostic.CA1040.severity = none # Avoid empty interfaces
+dotnet_diagnostic.CA1041.severity = none # Provide ObsoleteAttribute message
+dotnet_diagnostic.CA1043.severity = none # Use Integral Or String Argument For Indexers
+dotnet_diagnostic.CA1044.severity = none # Properties should not be write only
+dotnet_diagnostic.CA1045.severity = none # Do not pass types by reference
+dotnet_diagnostic.CA1046.severity = none # Do not overload equality operator on reference types
+dotnet_diagnostic.CA1047.severity = none # Do not declare protected member in sealed type
+dotnet_diagnostic.CA1050.severity = none # Declare types in namespaces
+dotnet_diagnostic.CA1051.severity = none # Do not declare visible instance fields
+dotnet_diagnostic.CA1052.severity = none # Static holder types should be Static or NotInheritable
+dotnet_diagnostic.CA1054.severity = none # URI-like parameters should not be strings
+dotnet_diagnostic.CA1055.severity = none # URI-like return values should not be strings
+dotnet_diagnostic.CA1056.severity = none # URI-like properties should not be strings
+dotnet_diagnostic.CA1058.severity = none # Types should not extend certain base types
+dotnet_diagnostic.CA1060.severity = none # Move pinvokes to native methods class
+dotnet_diagnostic.CA1061.severity = none # Do not hide base class methods
+dotnet_diagnostic.CA1062.severity = none # Validate arguments of public methods
+dotnet_diagnostic.CA1063.severity = none # Implement IDisposable Correctly
+dotnet_diagnostic.CA1064.severity = none # Exceptions should be public
+dotnet_diagnostic.CA1065.severity = none # Do not raise exceptions in unexpected locations
+dotnet_diagnostic.CA1066.severity = none # Implement IEquatable when overriding Object.Equals
+dotnet_diagnostic.CA1067.severity = none # Override Object.Equals(object) when implementing IEquatable<T>
+dotnet_diagnostic.CA1068.severity = none # CancellationToken parameters must come last
+dotnet_diagnostic.CA1069.severity = none # Enums values should not be duplicated
+dotnet_diagnostic.CA1070.severity = none # Do not declare event fields as virtual
+dotnet_diagnostic.CA1200.severity = none # Avoid using cref tags with a prefix
+dotnet_diagnostic.CA1303.severity = none # Do not pass literals as localized parameters
+dotnet_diagnostic.CA1304.severity = none # Specify CultureInfo
+dotnet_diagnostic.CA1305.severity = none # Specify IFormatProvider
+dotnet_diagnostic.CA1307.severity = none # Specify StringComparison
+dotnet_diagnostic.CA1308.severity = none # Normalize strings to uppercase
+dotnet_diagnostic.CA1309.severity = none # Use ordinal stringcomparison
+dotnet_diagnostic.CA1401.severity = none # P/Invokes should not be visible
+dotnet_diagnostic.CA1417.severity = none # Do not use 'OutAttribute' on string parameters for P/Invokes
+dotnet_diagnostic.CA1501.severity = none # Avoid excessive inheritance
+dotnet_diagnostic.CA1502.severity = none # Avoid excessive complexity
+dotnet_diagnostic.CA1505.severity = none # Avoid unmaintainable code
+dotnet_diagnostic.CA1506.severity = none # Avoid excessive class coupling
+dotnet_diagnostic.CA1507.severity = none # Use nameof to express symbol names
+dotnet_diagnostic.CA1508.severity = none # Avoid dead conditional code
+dotnet_diagnostic.CA1509.severity = none # Invalid entry in code metrics rule specification file
+dotnet_diagnostic.CA1700.severity = none # Do not name enum values 'Reserved'
+dotnet_diagnostic.CA1707.severity = none # Identifiers should not contain underscores
+dotnet_diagnostic.CA1708.severity = none # Identifiers should differ by more than case
+dotnet_diagnostic.CA1710.severity = none # Identifiers should have correct suffix
+dotnet_diagnostic.CA1711.severity = none # Identifiers should not have incorrect suffix
+dotnet_diagnostic.CA1712.severity = none # Do not prefix enum values with type name
+dotnet_diagnostic.CA1713.severity = none # Events should not have 'Before' or 'After' prefix
+dotnet_diagnostic.CA1714.severity = none # Flags enums should have plural names
+dotnet_diagnostic.CA1715.severity = none # Identifiers should have correct prefix
+dotnet_diagnostic.CA1716.severity = none # Identifiers should not match keywords
+dotnet_diagnostic.CA1717.severity = none # Only FlagsAttribute enums should have plural names
+dotnet_diagnostic.CA1720.severity = none # Identifier contains type name
+dotnet_diagnostic.CA1721.severity = none # Property names should not match get methods
+dotnet_diagnostic.CA1724.severity = none # Type names should not match namespaces
+dotnet_diagnostic.CA1725.severity = none # Parameter names should match base declaration
+dotnet_diagnostic.CA1801.severity = none # Review unused parameters
+dotnet_diagnostic.CA1802.severity = none # Use literals where appropriate
+dotnet_diagnostic.CA1805.severity = none # Do not initialize unnecessarily
+dotnet_diagnostic.CA1806.severity = none # Do not ignore method results
+dotnet_diagnostic.CA1810.severity = none # Initialize reference type static fields inline
+dotnet_diagnostic.CA1812.severity = none # Avoid uninstantiated internal classes
+dotnet_diagnostic.CA1813.severity = none # Avoid unsealed attributes
+dotnet_diagnostic.CA1814.severity = none # Prefer jagged arrays over multidimensional
+dotnet_diagnostic.CA1815.severity = none # Override equals and operator equals on value types
+dotnet_diagnostic.CA1816.severity = none # Dispose methods should call SuppressFinalize
+dotnet_diagnostic.CA1819.severity = none # Properties should not return arrays
+dotnet_diagnostic.CA1820.severity = none # Test for empty strings using string length
+dotnet_diagnostic.CA1821.severity = none # Remove empty Finalizers
+dotnet_diagnostic.CA1822.severity = none # Mark members as static
+dotnet_diagnostic.CA1823.severity = none # Avoid unused private fields
+dotnet_diagnostic.CA1824.severity = none # Mark assemblies with NeutralResourcesLanguageAttribute
+dotnet_diagnostic.CA1825.severity = none # Avoid zero-length array allocations
+dotnet_diagnostic.CA1826.severity = none # Do not use Enumerable methods on indexable collections
+dotnet_diagnostic.CA1827.severity = none # Do not use Count() or LongCount() when Any() can be used
+dotnet_diagnostic.CA1828.severity = none # Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used
+dotnet_diagnostic.CA1829.severity = none # Use Length/Count property instead of Count() when available
+dotnet_diagnostic.CA1830.severity = none # Prefer strongly-typed Append and Insert method overloads on StringBuilder
+dotnet_diagnostic.CA1831.severity = none # Use AsSpan or AsMemory instead of Range-based indexers when appropriate
+dotnet_diagnostic.CA1832.severity = none # Use AsSpan or AsMemory instead of Range-based indexers when appropriate
+dotnet_diagnostic.CA1833.severity = none # Use AsSpan or AsMemory instead of Range-based indexers when appropriate
+dotnet_diagnostic.CA1834.severity = none # Consider using 'StringBuilder.Append(char)' when applicable
+dotnet_diagnostic.CA1835.severity = none # Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync'
+dotnet_diagnostic.CA1836.severity = none # Prefer IsEmpty over Count
+dotnet_diagnostic.CA1837.severity = none # Use 'Environment.ProcessId'
+dotnet_diagnostic.CA1838.severity = none # Avoid 'StringBuilder' parameters for P/Invokes
+dotnet_diagnostic.CA2000.severity = none # Dispose objects before losing scope
+dotnet_diagnostic.CA2002.severity = none # Do not lock on objects with weak identity
+dotnet_diagnostic.CA2007.severity = none # Consider calling ConfigureAwait on the awaited task
+dotnet_diagnostic.CA2008.severity = none # Do not create tasks without passing a TaskScheduler
+dotnet_diagnostic.CA2009.severity = none # Do not call ToImmutableCollection on an ImmutableCollection value
+dotnet_diagnostic.CA2010.severity = none
+dotnet_diagnostic.CA2011.severity = none # Avoid infinite recursion
+dotnet_diagnostic.CA2012.severity = none # Use ValueTasks correctly
+dotnet_diagnostic.CA2013.severity = none # Do not use ReferenceEquals with value types
+dotnet_diagnostic.CA2014.severity = none # Do not use stackalloc in loops
+dotnet_diagnostic.CA2015.severity = none # Do not define finalizers for types derived from MemoryManager<T>
+dotnet_diagnostic.CA2016.severity = none # Forward the 'CancellationToken' parameter to methods that take one
+dotnet_diagnostic.CA2100.severity = none # Review SQL queries for security vulnerabilities
+dotnet_diagnostic.CA2101.severity = none # Specify marshaling for P/Invoke string arguments
+dotnet_diagnostic.CA2109.severity = none # Review visible event handlers
+dotnet_diagnostic.CA2119.severity = none # Seal methods that satisfy private interfaces
+dotnet_diagnostic.CA2200.severity = none # Rethrow to preserve stack details
+dotnet_diagnostic.CA2201.severity = none # Do not raise reserved exception types
+dotnet_diagnostic.CA2207.severity = none # Initialize value type static fields inline
+dotnet_diagnostic.CA2208.severity = none # Instantiate argument exceptions correctly
+dotnet_diagnostic.CA2211.severity = none # Non-constant fields should not be visible
+dotnet_diagnostic.CA2213.severity = none # Disposable fields should be disposed
+dotnet_diagnostic.CA2214.severity = none # Do not call overridable methods in constructors
+dotnet_diagnostic.CA2215.severity = none # Dispose methods should call base class dispose
+dotnet_diagnostic.CA2216.severity = none # Disposable types should declare finalizer
+dotnet_diagnostic.CA2217.severity = none # Do not mark enums with FlagsAttribute
+dotnet_diagnostic.CA2218.severity = none # Override GetHashCode on overriding Equals
+dotnet_diagnostic.CA2219.severity = none # Do not raise exceptions in finally clauses
+dotnet_diagnostic.CA2224.severity = none # Override Equals on overloading operator equals
+dotnet_diagnostic.CA2225.severity = none # Operator overloads have named alternates
+dotnet_diagnostic.CA2226.severity = none # Operators should have symmetrical overloads
+dotnet_diagnostic.CA2227.severity = none # Collection properties should be read only
+dotnet_diagnostic.CA2229.severity = none # Implement serialization constructors
+dotnet_diagnostic.CA2231.severity = none # Overload operator equals on overriding value type Equals
+dotnet_diagnostic.CA2234.severity = none # Pass system uri objects instead of strings
+dotnet_diagnostic.CA2235.severity = none # Mark all non-serializable fields
+dotnet_diagnostic.CA2237.severity = none # Mark ISerializable types with serializable
+dotnet_diagnostic.CA2241.severity = none # Provide correct arguments to formatting methods
+dotnet_diagnostic.CA2242.severity = none # Test for NaN correctly
+dotnet_diagnostic.CA2243.severity = none # Attribute string literals should parse correctly
+dotnet_diagnostic.CA2244.severity = none # Do not duplicate indexed element initializations
+dotnet_diagnostic.CA2245.severity = none # Do not assign a property to itself
+dotnet_diagnostic.CA2246.severity = none # Assigning symbol and its member in the same statement
+dotnet_diagnostic.CA2247.severity = none # Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum
+dotnet_diagnostic.CA2248.severity = none # Provide correct 'enum' argument to 'Enum.HasFlag'
+dotnet_diagnostic.CA2249.severity = none # Consider using 'string.Contains' instead of 'string.IndexOf'
+dotnet_diagnostic.CA2300.severity = none # Do not use insecure deserializer BinaryFormatter
+dotnet_diagnostic.CA2326.severity = none # Do not use TypeNameHandling values other than None
+dotnet_diagnostic.CA5360.severity = none # Do Not Call Dangerous Methods In Deserialization
+dotnet_diagnostic.CA5362.severity = none # Potential reference cycle in deserialized object graph
+dotnet_diagnostic.CA5363.severity = none # Do Not Disable Request Validation
+dotnet_diagnostic.CA5365.severity = none # Do Not Disable HTTP Header Checking
+dotnet_diagnostic.CA5366.severity = none # Use XmlReader For DataSet Read Xml
+dotnet_diagnostic.CA5367.severity = none # Do Not Serialize Types With Pointer Fields
+dotnet_diagnostic.CA5368.severity = none # Set ViewStateUserKey For Classes Derived From Page
+dotnet_diagnostic.CA5369.severity = none # Use XmlReader For Deserialize
+dotnet_diagnostic.CA5370.severity = none # Use XmlReader For Validating Reader
+dotnet_diagnostic.CA5371.severity = none # Use XmlReader For Schema Read
+dotnet_diagnostic.CA5372.severity = none # Use XmlReader For XPathDocument
+dotnet_diagnostic.CA5373.severity = none # Do not use obsolete key derivation function
+dotnet_diagnostic.CA5374.severity = none # Do Not Use XslTransform
+dotnet_diagnostic.CA5375.severity = none # Do Not Use Account Shared Access Signature
+dotnet_diagnostic.CA5376.severity = none # Use SharedAccessProtocol HttpsOnly
+dotnet_diagnostic.CA5377.severity = none # Use Container Level Access Policy
+dotnet_diagnostic.CA5379.severity = none # Do Not Use Weak Key Derivation Function Algorithm
+dotnet_diagnostic.CA5382.severity = none # Use Secure Cookies In ASP.Net Core
+dotnet_diagnostic.CA5383.severity = none # Ensure Use Secure Cookies In ASP.Net Core
+dotnet_diagnostic.CA5384.severity = none # Do Not Use Digital Signature Algorithm (DSA)
+dotnet_diagnostic.CA5385.severity = none # Use Rivest–Shamir–Adleman (RSA) Algorithm With Sufficient Key Size
+dotnet_diagnostic.CA5387.severity = none # Do Not Use Weak Key Derivation Function With Insufficient Iteration Count
+dotnet_diagnostic.CA5388.severity = none # Ensure Sufficient Iteration Count When Using Weak Key Derivation Function
+dotnet_diagnostic.CA5389.severity = none # Do Not Add Archive Item's Path To The Target File System Path
+dotnet_diagnostic.CA5390.severity = none # Do not hard-code encryption key
+dotnet_diagnostic.CA5392.severity = none # Use DefaultDllImportSearchPaths attribute for P/Invokes
+dotnet_diagnostic.CA5393.severity = none # Do not use unsafe DllImportSearchPath value
+dotnet_diagnostic.CA5394.severity = none # Do not use insecure randomness
+dotnet_diagnostic.CA5399.severity = none # HttpClients should enable certificate revocation list checks
+dotnet_diagnostic.CA5400.severity = none # Ensure HttpClient certificate revocation list check is not disabled
+dotnet_diagnostic.CA5401.severity = none # Do not use CreateEncryptor with non-default IV
+dotnet_diagnostic.CA5402.severity = none # Use CreateEncryptor with the default IV
+dotnet_diagnostic.CA5403.severity = none # Do not hard-code certificate
+dotnet_diagnostic.CA9999.severity = none # Analyzer version mismatch
+dotnet_diagnostic.IA2989.severity = none # Do not use banned insecure deserialization APIs
+dotnet_diagnostic.IA2992.severity = none # Do Not Use Banned APIs For Insecure Deserializers
+dotnet_diagnostic.IA2993.severity = none # Do Not Use Banned Constructors For Insecure Deserializers
+dotnet_diagnostic.IA2994.severity = none # Do Not Use ResourceSet Without ResourceReader
+dotnet_diagnostic.IA2995.severity = none # Do Not Use ResourceReader
+dotnet_diagnostic.IA2996.severity = none # Do Not Use ResXResourceReader Without ITypeResolutionService
+dotnet_diagnostic.IA2997.severity = none # Do Not Use TypeNameHandling Other Than None
+dotnet_diagnostic.IA2998.severity = none # Do Not Deserialize With BinaryFormatter Without Binder
+dotnet_diagnostic.IA2999.severity = none # Do Not Set BinaryFormatter.Binder to null
+dotnet_diagnostic.IA5359.severity = none # Use approved crypto libraries for the supported platform
+dotnet_diagnostic.IL3000.severity = none # Avoid using accessing Assembly file path when publishing as a single-file
+dotnet_diagnostic.IL3001.severity = none # Avoid using accessing Assembly file path when publishing as a single-file
+dotnet_diagnostic.RS1000.severity = none
+dotnet_diagnostic.RS1001.severity = none
+dotnet_diagnostic.RS1002.severity = none
+dotnet_diagnostic.RS1003.severity = none
+dotnet_diagnostic.RS1004.severity = none
+dotnet_diagnostic.RS1005.severity = none
+dotnet_diagnostic.RS1006.severity = none
+dotnet_diagnostic.RS1007.severity = none
+dotnet_diagnostic.RS1008.severity = none
+dotnet_diagnostic.RS1009.severity = none
+dotnet_diagnostic.RS1010.severity = none
+dotnet_diagnostic.RS1011.severity = none
+dotnet_diagnostic.RS1012.severity = none
+dotnet_diagnostic.RS1013.severity = none
+dotnet_diagnostic.RS1014.severity = none
diff --git a/Directory.Build.props b/Directory.Build.props
index f9063cef7..fa711a23d 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -68,4 +68,13 @@
<_RunJNIEnvGen Condition=" '$(JIBuildingForNetCoreApp)' == 'True' ">dotnet "$(_JNIEnvGenPath)"
<_RunJNIEnvGen Condition=" '$(JIBuildingForNetCoreApp)' != 'True' ">$(Runtime) "$(_JNIEnvGenPath)"
+
+
+
+
+ all
+ runtime; build; native; contentfiles; analyzers; buildtransitive
+
+
+
diff --git a/src/Java.Interop.Tools.JavaCallableWrappers/Java.Interop.Tools.JavaCallableWrappers.csproj b/src/Java.Interop.Tools.JavaCallableWrappers/Java.Interop.Tools.JavaCallableWrappers.csproj
index 5e0c6e77d..c43f05c4e 100644
--- a/src/Java.Interop.Tools.JavaCallableWrappers/Java.Interop.Tools.JavaCallableWrappers.csproj
+++ b/src/Java.Interop.Tools.JavaCallableWrappers/Java.Interop.Tools.JavaCallableWrappers.csproj
@@ -25,7 +25,7 @@
JavaNativeTypeManager.cs
-
+
NullableAttributes.cs
diff --git a/src/Java.Interop/.editorconfig b/src/Java.Interop/.editorconfig
index 57c8b837e..a6f41a4aa 100644
--- a/src/Java.Interop/.editorconfig
+++ b/src/Java.Interop/.editorconfig
@@ -18,15 +18,12 @@ dotnet_diagnostic.CA2213.severity = error
dotnet_diagnostic.CA2242.severity = error
dotnet_diagnostic.CA2000.severity = error
dotnet_diagnostic.CA2220.severity = error
-dotnet_diagnostic.CA1822.severity = error
dotnet_diagnostic.CA2241.severity = error
dotnet_diagnostic.CA1012.severity = error
dotnet_diagnostic.CA1019.severity = error
dotnet_diagnostic.CA1040.severity = error
dotnet_diagnostic.CA1023.severity = error
dotnet_diagnostic.CA1044.severity = error
-dotnet_diagnostic.CA1021.severity = error
-dotnet_diagnostic.CA1045.severity = error
dotnet_diagnostic.CA1020.severity = error
dotnet_diagnostic.CA1051.severity = error
dotnet_diagnostic.CA1034.severity = error
@@ -67,7 +64,6 @@ dotnet_diagnostic.CA1027.severity = error
dotnet_diagnostic.CA1005.severity = error
dotnet_diagnostic.CA1004.severity = error
dotnet_diagnostic.CA1000.severity = error
-dotnet_diagnostic.CA1002.severity = error
dotnet_diagnostic.CA1006.severity = error
dotnet_diagnostic.CA1010.severity = error
dotnet_diagnostic.CA1007.severity = error
diff --git a/src/Java.Interop/Java.Interop.csproj b/src/Java.Interop/Java.Interop.csproj
index d085be3f4..4da6b7c2d 100644
--- a/src/Java.Interop/Java.Interop.csproj
+++ b/src/Java.Interop/Java.Interop.csproj
@@ -19,7 +19,7 @@
DEBUG;$(DefineConstants)
-
+
@@ -49,10 +49,6 @@
-
- all
- runtime; build; native; contentfiles; analyzers; buildtransitive
-
diff --git a/src/Java.Interop/NullableAttributes.cs b/src/utils/NullableAttributes.cs
similarity index 100%
rename from src/Java.Interop/NullableAttributes.cs
rename to src/utils/NullableAttributes.cs
diff --git a/tests/Xamarin.Android.Tools.ApiXmlAdjuster-Tests/JavaApiTestHelper.cs b/tests/Xamarin.Android.Tools.ApiXmlAdjuster-Tests/JavaApiTestHelper.cs
index 729696459..6345bc5c5 100644
--- a/tests/Xamarin.Android.Tools.ApiXmlAdjuster-Tests/JavaApiTestHelper.cs
+++ b/tests/Xamarin.Android.Tools.ApiXmlAdjuster-Tests/JavaApiTestHelper.cs
@@ -20,7 +20,7 @@ public class JavaApiTestHelper
public static JavaApi GetLoadedApi ()
{
var api = new JavaApi ();
- using (var xr = XmlReader.Create (ApiPath))
+ using (var xr = XmlReader.Create (ApiPath, new XmlReaderSettings { XmlResolver = null }))
api.Load (xr, false);
return api;
}
diff --git a/tools/generator/ApiVersionsProvider.cs b/tools/generator/ApiVersionsProvider.cs
index 46fdda99d..487101482 100644
--- a/tools/generator/ApiVersionsProvider.cs
+++ b/tools/generator/ApiVersionsProvider.cs
@@ -9,7 +9,7 @@ public class ApiVersionsProvider
{
public void Parse (string apiVersionsFilePath)
{
- using (var reader = XmlReader.Create (apiVersionsFilePath))
+ using (var reader = XmlReader.Create (apiVersionsFilePath, new XmlReaderSettings { XmlResolver = null }))
Parse (reader);
}
diff --git a/tools/generator/CodeGenerator.cs b/tools/generator/CodeGenerator.cs
index e492d024f..3213aafed 100644
--- a/tools/generator/CodeGenerator.cs
+++ b/tools/generator/CodeGenerator.cs
@@ -85,7 +85,7 @@ static void Run (CodeGeneratorOptions options, DirectoryAssemblyResolver resolve
string apiXmlFile = filename;
string apiSourceAttr = null;
- using (var xr = XmlReader.Create (filename)) {
+ using (var xr = XmlReader.Create (filename, new XmlReaderSettings { XmlResolver = null })) {
xr.MoveToContent ();
apiSourceAttr = xr.GetAttribute ("api-source");
}