Remove examples that show insecure practices (#10435)

Author: gewarren

includes/forms-auth-warning.md

@@ -0,0 +1,2 @@
+> [!WARNING]
+> Storing user credentials in the `credentials` section is **insecure**. Instead, use [Azure Key Vault](/azure/key-vault/general/overview).

includes/ropc-warning.md

@@ -0,0 +1,2 @@
+> [!WARNING]
+> Microsoft does not recommend providing your user name and password directly, because it's an insecure pattern. Where possible, use more secure authentication flows, such as [Managed Identities for Azure resources](/sql/connect/ado-net/sql/azure-active-directory-authentication#using-managed-identity-authentication), or [Windows authentication](/sql/relational-databases/security/choose-an-authentication-mode#connecting-through-windows-authentication) for SQL Server.

snippets/csharp/VS_Snippets_ADO.NET/Classic WebData SqlCommand.ExecuteReader Example/CS/Project.csproj

@@ -2,11 +2,11 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
-  
+
   <ItemGroup>
-    <PackageReference Include="System.Data.SqlClient" Version="4.8.3" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
   </ItemGroup>
-  
+
 </Project>

snippets/csharp/VS_Snippets_ADO.NET/Classic WebData SqlCommand.ExecuteReader2/CS/Project.csproj

@@ -1,12 +1,12 @@
 <Project Sdk="Microsoft.NET.Sdk">
-  
+
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
-  
+
   <ItemGroup>
-    <PackageReference Include="System.Data.SqlClient" Version="4.8.3" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
   </ItemGroup>
-  
+
 </Project>

snippets/csharp/VS_Snippets_ADO.NET/Classic WebData SqlConnection.BeginTransaction Example/CS/Project.csproj

@@ -2,11 +2,11 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="System.Data.SqlClient" Version="4.8.3" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
   </ItemGroup>
 
-</Project>
+</Project>

snippets/csharp/VS_Snippets_ADO.NET/Classic WebData SqlConnection.BeginTransaction2 Example/CS/Project.csproj

@@ -2,11 +2,11 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="System.Data.SqlClient" Version="4.8.3" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
   </ItemGroup>
 
-</Project>
+</Project>

snippets/csharp/VS_Snippets_ADO.NET/Classic WebData SqlConnection.BeginTransaction3 Example/CS/Project.csproj

@@ -2,11 +2,11 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="System.Data.SqlClient" Version="4.8.3" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
   </ItemGroup>
 
-</Project>
+</Project>

snippets/csharp/VS_Snippets_ADO.NET/Classic WebData SqlDataReader.Read Example/CS/SqlDataReader.Read.csproj

@@ -2,12 +2,11 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net6.0</TargetFramework>
-    <Nullable>enable</Nullable>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="System.Data.SqlClient" Version="4.8.3" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
   </ItemGroup>
 
 </Project>

snippets/csharp/VS_Snippets_ADO.NET/DataWorks SqlConnectionStringBuilder.Remove/CS/Project.csproj

@@ -0,0 +1,12 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
+  </ItemGroup>
+
+</Project>

snippets/csharp/VS_Snippets_ADO.NET/DataWorks SqlConnectionStringBuilder.Remove/CS/source.cs

@@ -10,38 +10,29 @@ static void Main()
         try
         {
             string connectString =
-                "Data Source=(local);User ID=ab;Password= a1Pass@@11;" +
+                "Data Source=(local);User ID=ab;Password=myPassw0rd;" +
                 "Initial Catalog=AdventureWorks";
 
-            SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString);
-            Console.WriteLine("Original: " + builder.ConnectionString);
+            SqlConnectionStringBuilder builder = new(connectString);
+            Console.WriteLine($"Original: {builder.ConnectionString}");
 
-            // Use the Remove method
-            // in order to reset the user ID and password back to their
-            // default (empty string) values.
+            // Remove the User ID and Password.
             builder.Remove("User ID");
             builder.Remove("Password");
 
-            // Turn on integrated security:
+            // Enable integrated security.
             builder.IntegratedSecurity = true;
 
-            Console.WriteLine("Modified: " + builder.ConnectionString);
-
-            using (SqlConnection
-                       connection = new SqlConnection(builder.ConnectionString))
-            {
-                connection.Open();
-                // Now use the open connection.
-                Console.WriteLine("Database = " + connection.Database);
-            }
+            Console.WriteLine($"Modified: {builder.ConnectionString}");
         }
         catch (Exception ex)
         {
             Console.WriteLine(ex.Message);
         }
-
-        Console.WriteLine("Press any key to finish.");
-        Console.ReadLine();
     }
 }
+/* This code example produces the following output:
+ * Original: Data Source=(local);Initial Catalog=AdventureWorks;User ID=ab;Password=myPassw0rd
+ * Modified: Data Source=(local);Initial Catalog=AdventureWorks;Integrated Security=True
+ */
 // </Snippet1>