dotnet · gewarren · Oct 3, 2025 · Sep 25, 2025 · Sep 30, 2025 · Sep 30, 2025
@@ -30,8 +30,8 @@ There are several possible reasons for this warning:
 
 - A new object is created but never used.
 - A method that creates and returns a new string is called and the new string is never used.
-- A COM or P/Invoke method that returns a `HRESULT` or error code that's never used.
-- A language-integrated query (LINQ) method that returns a result that's never used.
+- A COM or P/Invoke method returns a `HRESULT` or error code that's never used.
+- A language-integrated query (LINQ) method returns a result that's never used.
 
 ## Rule description
 
@@ -110,33 +110,22 @@ dotnet_code_quality.CA1806.additional_use_results_methods = M:MyNamespace.MyType
 The following example shows a class that ignores the result of calling <xref:System.String.Trim%2A?displayProperty=nameWithType>.
 
 :::code language="csharp" source="snippets/csharp/all-rules/ca1806.cs" id="snippet1":::
-
 :::code language="vb" source="snippets/vb/all-rules/ca1806-do-not-ignore-method-results_1.vb" id="snippet1":::
 
-## Example 2
-
-The following example fixes the [Example 1](#example-1) violation by assigning the result of <xref:System.String.Trim%2A?displayProperty=nameWithType> back to the variable it was called on.
+The following example fixes the violation by assigning the result of <xref:System.String.Trim%2A?displayProperty=nameWithType> back to the variable it was called on.
 
 :::code language="csharp" source="snippets/csharp/all-rules/ca1806.cs" id="snippet2":::
-
 :::code language="vb" source="snippets/vb/all-rules/ca1806-do-not-ignore-method-results_1.vb" id="snippet2":::
 
-## Example 3
+## Example 2
 
-The following example shows a method that does not use an object that it creates.
+The following example shows a method that doesn't use an object that it creates.
 
 > [!NOTE]
 > This violation cannot be reproduced in Visual Basic.
 
 :::code language="csharp" source="snippets/csharp/all-rules/ca1806.cs" id="snippet3":::
 
-## Example 4
-
-The following example fixes the [Example 3](#example-3) violation by removing the unnecessary creation of an object.
+The following example fixes the violation by removing the unnecessary creation of an object.
 
 :::code language="csharp" source="snippets/csharp/all-rules/ca1806.cs" id="snippet4":::
-
-<!-- Examples don't exist for the following...
-The following example shows a method that ignores the error code that the native method GetShortPathName returns.
-The following example fixes the previous violation by checking the error code and throwing an exception when the call fails.
--->
@@ -36,7 +36,7 @@ Violations of this rule can be caused by:
 
 ## Rule description
 
-The <xref:System.IDisposable.Dispose%2A?displayProperty=nameWithType> method lets users release resources at any time before the object becoming available for garbage collection. If the <xref:System.IDisposable.Dispose%2A?displayProperty=nameWithType> method is called, it frees resources of the object. This makes finalization unnecessary. <xref:System.IDisposable.Dispose%2A?displayProperty=nameWithType> should call <xref:System.GC.SuppressFinalize%2A?displayProperty=nameWithType> so the garbage collector doesn't call the finalizer of the object.
+The <xref:System.IDisposable.Dispose%2A?displayProperty=nameWithType> method lets users release resources at any time before the object becomes available for garbage collection. If the <xref:System.IDisposable.Dispose%2A?displayProperty=nameWithType> method is called, it frees resources of the object. This makes finalization unnecessary. <xref:System.IDisposable.Dispose%2A?displayProperty=nameWithType> should call <xref:System.GC.SuppressFinalize%2A?displayProperty=nameWithType> so the garbage collector doesn't call the finalizer of the object.
 
 To prevent derived types with finalizers from having to reimplement <xref:System.IDisposable> and to call it, unsealed types without finalizers should still call <xref:System.GC.SuppressFinalize%2A?displayProperty=nameWithType>.
 

@@ -1,7 +1,7 @@
 ---
 title: "CA2100: Review SQL queries for security vulnerabilities (code analysis)"
 description: "Learn about code analysis rule CA2100: Review SQL queries for security vulnerabilities"
-ms.date: 11/04/2016
+ms.date: 09/24/2025
 f1_keywords:
 - Review SQL queries for security vulnerabilities
 - ReviewSqlQueriesForSecurityVulnerabilities
@@ -37,7 +37,7 @@ This rule assumes that any string whose value can't be determined at compile tim
 - Use a parameterized command string.
 - Validate the user input for both type and content before you build the command string.
 
-The following .NET types implement the <xref:System.Data.IDbCommand.CommandText%2A> property or provide constructors that set the property by using a string argument.
+The following .NET types implement the <xref:System.Data.IDbCommand.CommandText%2A> property or provide constructors that set the property by using a string argument:
 
 - <xref:System.Data.Odbc.OdbcCommand?displayProperty=fullName> and <xref:System.Data.Odbc.OdbcDataAdapter?displayProperty=fullName>
 - <xref:System.Data.OleDb.OleDbCommand?displayProperty=fullName> and <xref:System.Data.OleDb.OleDbDataAdapter?displayProperty=fullName>
@@ -64,7 +64,7 @@ To fix a violation of this rule, use a parameterized query.
 
 ## When to suppress warnings
 
-It is safe to suppress a warning from this rule if the command text does not contain any user input.
+It's safe to suppress a warning from this rule if the command text does not contain any user input.
 
 ## Suppress a warning
 

@@ -67,7 +67,6 @@ For more information, see [How to suppress code analysis warnings](../suppress-w
 The following example shows two types: one that violates the rule and one that satisfies the rule.
 
 :::code language="csharp" source="snippets/csharp/all-rules/ca2235.cs" id="snippet1":::
-
 :::code language="vb" source="snippets/vb/all-rules/ca2235-mark-all-non-serializable-fields_1.vb":::
 
 ## Remarks

@@ -17,3 +17,6 @@ dotnet_diagnostic.CA1822.severity = none
 
 # CA2200: Rethrow to preserve stack details
 dotnet_diagnostic.CA2200.severity = suggestion
+
+# CA2100
+dotnet_diagnostic.CA2100.severity = warning
@@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 
 namespace ca1001
 {
@@ -8,7 +8,7 @@ public class MutableItems
     {
         // CA1002: Change 'List<string>' in 'MutableItems.Items' to
         // use 'Collection<T>', 'ReadOnlyCollection<T>' or 'KeyedCollection<K,V>'.
-        public List<string> Items { get; } = new List<string>();
+        public List<string> Items { get; } = [];
 
         public void Add(string item)
         {
@@ -19,7 +19,7 @@ public void Add(string item)
     // This class satisfies the rule.
     public class ReadOnlyItems
     {
-        private readonly List<string> _items = new List<string>();
+        private readonly List<string> _items = [];
 
         public IReadOnlyCollection<string> Items => _items.AsReadOnly();
 

@@ -92,7 +92,7 @@ public DateTime GetScheduleTime()
         // Time-consuming method that is called by GetCustomerHistory.
         Appointment[] LoadHistoryFromDB(long customerID)
         {
-            ArrayList records = new ArrayList();
+            ArrayList records = [];
             // Load from database.
             return (Appointment[])records.ToArray();
         }

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.IO;
 
 namespace ca1031
@@ -7,14 +7,14 @@ namespace ca1031
     // Creates two violations of the rule.
     public class GenericExceptionsCaught
     {
-        FileStream? inStream;
-        FileStream? outStream;
+        private readonly FileStream? _inStream;
+        private readonly FileStream? _outStream;
 
         public GenericExceptionsCaught(string inFile, string outFile)
         {
             try
             {
-                inStream = File.Open(inFile, FileMode.Open);
+                _inStream = File.Open(inFile, FileMode.Open);
             }
             catch (SystemException)
             {
@@ -23,7 +23,7 @@ public GenericExceptionsCaught(string inFile, string outFile)
 
             try
             {
-                outStream = File.Open(outFile, FileMode.Open);
+                _outStream = File.Open(outFile, FileMode.Open);
             }
             catch
             {
@@ -34,28 +34,28 @@ public GenericExceptionsCaught(string inFile, string outFile)
 
     public class GenericExceptionsCaughtFixed
     {
-        FileStream? inStream;
-        FileStream outStream;
+        private readonly FileStream? _inStream;
+        private readonly FileStream _outStream;
 
         public GenericExceptionsCaughtFixed(string inFile, string outFile)
         {
             try
             {
-                inStream = File.Open(inFile, FileMode.Open);
+                _inStream = File.Open(inFile, FileMode.Open);
             }
 
             // Fix the first violation by catching a specific exception.
             catch (FileNotFoundException)
             {
                 Console.WriteLine($"Unable to open {inFile}.");
-            };
+            }
 
             // For functionally equivalent code, also catch 
             // remaining exceptions that may be thrown by File.Open
 
             try
             {
-                outStream = File.Open(outFile, FileMode.Open);
+                _outStream = File.Open(outFile, FileMode.Open);
             }
 
             // Fix the second violation by rethrowing the generic 

@@ -1,5 +1,4 @@
 using System;
-using System.Runtime.Serialization;
 
 namespace ca1032
 {

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Globalization;
 
 //<snippet1>
@@ -99,11 +99,11 @@ public override int GetHashCode()
     }
     public static bool operator <(RatingInformation left, RatingInformation right)
     {
-        return (Compare(left, right) < 0);
+        return Compare(left, right) < 0;
     }
     public static bool operator >(RatingInformation left, RatingInformation right)
     {
-        return (Compare(left, right) > 0);
+        return Compare(left, right) > 0;
     }
 }
 //</snippet1>

@@ -1,4 +1,4 @@
-using System;
+using System;
 
 namespace ca1045
 {
@@ -26,11 +26,12 @@ public class BadRefAndOut
         public static bool ReplyInformation(TypeOfFeedback input,
            out string reply, ref Actions action)
         {
-            bool returnReply = false;
-            string replyText = "Your feedback has been forwarded " +
-                               "to the product manager.";
+            string replyText = """
+                Your feedback has been forwarded to the product manager.
+                """;
 
-            reply = String.Empty;
+            reply = string.Empty;
+            bool returnReply;
             switch (input)
             {
                 case TypeOfFeedback.Complaint:
@@ -59,64 +60,52 @@ public static bool ReplyInformation(TypeOfFeedback input,
 
     public class ReplyData
     {
-        string reply;
-        Actions action;
-        bool returnReply;
+        bool _returnReply;
 
         // Constructors.
         public ReplyData()
         {
-            this.reply = String.Empty;
-            this.action = Actions.Discard;
-            this.returnReply = false;
+            Reply = string.Empty;
+            Action = Actions.Discard;
+            _returnReply = false;
         }
 
         public ReplyData(Actions action, string reply, bool returnReply)
         {
-            this.reply = reply;
-            this.action = action;
-            this.returnReply = returnReply;
+            Reply = reply;
+            Action = action;
+            _returnReply = returnReply;
         }
 
         // Properties.
-        public string Reply { get { return reply; } }
-        public Actions Action { get { return action; } }
+        public string Reply { get; }
+        public Actions Action { get; }
 
         public override string ToString()
         {
-            return String.Format("Reply: {0} Action: {1} return? {2}",
-               reply, action.ToString(), returnReply.ToString());
+            return string.Format("Reply: {0} Action: {1} return? {2}",
+               Reply, Action.ToString(), _returnReply.ToString());
         }
     }
 
     public class RedesignedRefAndOut
     {
         public static ReplyData ReplyInformation(TypeOfFeedback input)
         {
-            ReplyData answer;
             string replyText = "Your feedback has been forwarded " +
                "to the product manager.";
-
-            switch (input)
+            ReplyData answer = input switch
             {
-                case TypeOfFeedback.Complaint:
-                case TypeOfFeedback.Praise:
-                    answer = new ReplyData(
-                       Actions.ForwardToManagement,
-                       "Thank you. " + replyText,
-                       true);
-                    break;
-                case TypeOfFeedback.Suggestion:
-                    answer = new ReplyData(
-                       Actions.ForwardToDeveloper,
-                       replyText,
-                       true);
-                    break;
-                case TypeOfFeedback.Incomprehensible:
-                default:
-                    answer = new ReplyData();
-                    break;
-            }
+                TypeOfFeedback.Complaint or TypeOfFeedback.Praise => new ReplyData(
+                                       Actions.ForwardToManagement,
+                                       "Thank you. " + replyText,
+                                       true),
+                TypeOfFeedback.Suggestion => new ReplyData(
+                                       Actions.ForwardToDeveloper,
+                                       replyText,
+                                       true),
+                _ => new ReplyData(),
+            };
             return answer;
         }
     }
@@ -139,7 +128,7 @@ static void UseTheComplicatedClass()
             bool[] disposition = new bool[5];
             int i = 0;
 
-            foreach (TypeOfFeedback t in Enum.GetValues(typeof(TypeOfFeedback)))
+            foreach (TypeOfFeedback t in Enum.GetValues<TypeOfFeedback>())
             {
                 // The call to the library.
                 disposition[i] = BadRefAndOut.ReplyInformation(
@@ -153,7 +142,7 @@ static void UseTheSimplifiedClass()
         {
             ReplyData[] answer = new ReplyData[5];
             int i = 0;
-            foreach (TypeOfFeedback t in Enum.GetValues(typeof(TypeOfFeedback)))
+            foreach (TypeOfFeedback t in Enum.GetValues<TypeOfFeedback>())
             {
                 // The call to the library.
                 answer[i] = RedesignedRefAndOut.ReplyInformation(t);

@@ -1,4 +1,4 @@
-using System;
+using System;
 
 namespace ca1046
 {
@@ -24,8 +24,8 @@ public class ReferenceTypeEquality
     {
         public static void Main1046()
         {
-            MyReferenceType a = new MyReferenceType(2, 2);
-            MyReferenceType b = new MyReferenceType(2, 2);
+            MyReferenceType a = new(2, 2);
+            MyReferenceType b = new(2, 2);
             MyReferenceType c = a;
 
             Console.WriteLine($"a = new {a} and b = new {b} are equal? {(a.Equals(b) ? "Yes" : "No")}");

@@ -30,10 +30,10 @@ public class MainHolder
     {
         public static void Main1050()
         {
-            Test t1 = new Test();
+            Test t1 = new();
             Console.WriteLine(t1.ToString());
 
-            ca1050.Test t2 = new ca1050.Test();
+            ca1050.Test t2 = new();
             Console.WriteLine(t2.ToString());
         }
     }

@@ -9,13 +9,7 @@ public class BadPublicInstanceFields
 
     public class GoodPublicInstanceFields
     {
-        private int instanceData = 32;
-
-        public int InstanceData
-        {
-            get { return instanceData; }
-            set { instanceData = value; }
-        }
+        public int InstanceData { get; set; } = 32;
     }
     //</snippet1>
 }