by Serge Baranovsky
This CodeIt.Right rule update includes fixes as well as 3 new security rules.
- Do not declare read only mutable reference types (Security)
- Seal methods that satisfy private interfaces (Security)
- Secure GetObjectData overrides (Security)
These rules are included with the default profile and you will only need to follow the wizard to merge them into your custom profiles.
- Rule “Do not override operator equals on reference types” incorrectly triggered violation for the “Equals” method. Now this rules only reports violation for the operator “==” override.
- Fixed “If the type is a generic type, CIR adds the apostrophe-count string to the class name for the deserialization constructor”
- Fixed “If there is no explicit default parameterless constructor, adding the deserialization constructor causes errors in all derived classes that called the parameterless constructor”
As a reminder, this set of rules is distributed using the Rule AutoUpdate feature which triggers 15 minutes after you start Visual Studio. If you turned the feature off, you can manually start the update wizard from the CodeIt.Right/Help & Support/Update Rules menu.