chore(deps): update dependency microsoft.codeanalysis.netanalyzers to v9

.github/workflows/semgrep.yml

@@ -10,5 +10,6 @@ on:
 jobs:
   call-workflow-semgrep:
     permissions:
+      contents: read
       security-events: write
     uses: gsoft-inc/wl-reusable-workflows/.github/workflows/reusable-semgrep-workflow.yml@main

Build.ps1

@@ -38,7 +38,7 @@ Process {
 
     # Push to a NuGet feed if the environment variables are set
     if (($null -ne $env:NUGET_SOURCE ) -and ($null -ne $env:NUGET_API_KEY)) {
-      Exec { & dotnet nuget push "$nupkgsPath" -s $env:NUGET_SOURCE -k $env:NUGET_API_KEY }
+      Exec { & dotnet nuget push "$nupkgsPath" -s $env:NUGET_SOURCE -k $env:NUGET_API_KEY --skip-duplicate }
     }
   }
   finally {

Directory.Build.props

@@ -5,6 +5,6 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Workleap.DotNet.CodingStandards" Version="0.6.0" />
+    <PackageReference Include="Workleap.DotNet.CodingStandards" Version="0.7.0" />
   </ItemGroup>
-</Project>
+</Project>

Workleap.DotNet.CodingStandards.nuspec

@@ -14,7 +14,7 @@
     <repository type="git" url="$RepositoryUrl$" commit="$RepositoryCommit$" branch="$RepositoryBranch$" />
     <dependencies>
       <dependency id="Microsoft.CodeAnalysis.BannedApiAnalyzers" version="3.3.4" />
-      <dependency id="Microsoft.CodeAnalysis.NetAnalyzers" version="8.0.0" />
+      <dependency id="Microsoft.CodeAnalysis.NetAnalyzers" version="9.0.0" />
       <dependency id="StyleCop.Analyzers" version="1.2.0-beta.556" />
     </dependencies>
   </metadata>

src/build/Workleap.DotNet.CodingStandards.props

@@ -9,6 +9,9 @@
     <IncludeSymbols Condition="'$(IncludeSymbols)' == ''">true</IncludeSymbols>
     <SymbolPackageFormat Condition="'$(SymbolPackageFormat)' == ''">snupkg</SymbolPackageFormat>
 
+    <!-- Prevent warning when the .NET SDK version and the Microsoft.CodeAnalysis.NetAnalyzers version mismatch -->
+    <_SkipUpgradeNetAnalyzersNuGetWarning>true</_SkipUpgradeNetAnalyzersNuGetWarning>
+
     <!-- https://learn.microsoft.com/en-us/nuget/release-notes/nuget-5.5#summary-whats-new-in-55 -->
     <RestoreUseStaticGraphEvaluation Condition="'$(RestoreUseStaticGraphEvaluation)' == ''">true</RestoreUseStaticGraphEvaluation>
 

src/files/analyzers/Analyzer.Microsoft.CodeAnalysis.NetAnalyzers.editorconfig

@@ -395,6 +395,16 @@ dotnet_diagnostic.CA1512.severity = warning
 # Enabled: True, Severity: suggestion
 dotnet_diagnostic.CA1513.severity = warning
 
+# CA1514: Avoid redundant length argument
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1514
+# Enabled: True, Severity: suggestion
+dotnet_diagnostic.CA1514.severity = suggestion
+
+# CA1515: Consider making public types internal
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1515
+# Enabled: False, Severity: warning
+dotnet_diagnostic.CA1515.severity = none
+
 # CA1700: Do not name enum values 'Reserved'
 # Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1700
 # Enabled: False, Severity: warning
@@ -781,6 +791,16 @@ dotnet_diagnostic.CA1869.severity = warning
 # Enabled: True, Severity: suggestion
 dotnet_diagnostic.CA1870.severity = warning
 
+# CA1871: Do not pass a nullable struct to 'ArgumentNullException.ThrowIfNull'
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1871
+# Enabled: True, Severity: suggestion
+dotnet_diagnostic.CA1871.severity = suggestion
+
+# CA1872: Prefer 'Convert.ToHexString' and 'Convert.ToHexStringLower' over call chains based on 'BitConverter.ToString'
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1872
+# Enabled: True, Severity: suggestion
+dotnet_diagnostic.CA1872.severity = suggestion
+
 # CA2000: Dispose objects before losing scope
 # Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000
 # Enabled: False, Severity: warning
@@ -864,6 +884,11 @@ dotnet_diagnostic.CA2020.severity = warning
 # Enabled: True, Severity: warning
 dotnet_diagnostic.CA2021.severity = warning
 
+# CA2022: Avoid inexact read with 'Stream.Read'
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2022
+# Enabled: True, Severity: warning
+dotnet_diagnostic.CA2022.severity = warning
+
 # CA2100: Review SQL queries for security vulnerabilities
 # Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2100
 # Enabled: False, Severity: warning
@@ -1091,6 +1116,26 @@ dotnet_diagnostic.CA2260.severity = warning
 # Enabled: True, Severity: warning
 dotnet_diagnostic.CA2261.severity = warning
 
+# CA2262: Set 'MaxResponseHeadersLength' properly
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2262
+# Enabled: True, Severity: suggestion
+dotnet_diagnostic.CA2262.severity = suggestion
+
+# CA2263: Prefer generic overload when type is known
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2263
+# Enabled: True, Severity: suggestion
+dotnet_diagnostic.CA2263.severity = suggestion
+
+# CA2264: Do not pass a non-nullable value to 'ArgumentNullException.ThrowIfNull'
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2264
+# Enabled: True, Severity: warning
+dotnet_diagnostic.CA2264.severity = warning
+
+# CA2265: Do not compare Span<T> to 'null' or 'default'
+# Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2265
+# Enabled: True, Severity: warning
+dotnet_diagnostic.CA2265.severity = warning
+
 # CA2300: Do not use insecure deserializer BinaryFormatter
 # Help link: https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300
 # Enabled: False, Severity: warning

tests/Workleap.DotNet.CodingStandards.Tests/Workleap.DotNet.CodingStandards.Tests.csproj

@@ -8,7 +8,7 @@
 
   <ItemGroup>
     <PackageReference Include="CliWrap" Version="3.6.7" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
     <PackageReference Include="xunit" Version="2.9.2" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
       <PrivateAssets>all</PrivateAssets>

tools/ConfigurationFilesGenerator/ConfigurationFilesGenerator.csproj

@@ -8,12 +8,12 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Meziantou.Framework.FullPath" Version="1.0.13" />
+    <PackageReference Include="Meziantou.Framework.FullPath" Version="1.0.14" />
     <PackageReference Include="Microsoft.CodeAnalysis.Common" Version="4.11.0" />
     <PackageReference Include="Microsoft.CodeAnalysis.CSharp.Workspaces" Version="4.11.0" />
     <PackageReference Include="Microsoft.CodeAnalysis.VisualBasic" Version="4.11.0" />
     <PackageReference Include="Microsoft.CodeAnalysis.VisualBasic.Workspaces" Version="4.11.0" />
-    <PackageReference Include="NuGet.Protocol" Version="6.11.1" />
+    <PackageReference Include="NuGet.Protocol" Version="6.12.1" />
   </ItemGroup>
 
 </Project>