CodeQL for ModelCompiler #143
opcfoundation-orgAnnotations
6 errors and 12 warnings
|
Analyze (csharp)
Assets file '/home/runner/work/UA-ModelCompiler/UA-ModelCompiler/Opc.Ua.ModelCompiler/obj/project.assets.json' doesn't have a target for '.NETFramework,Version=v8.0'. Ensure that restore has run and that you have included 'net80' in the TargetFrameworks for your project.
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Org.BouncyCastle/CertificateBuilder.cs#L55
'CertificateBuilder' does not implement inherited abstract member 'CertificateBuilderBase.CreateForECDsa(X509SignatureGenerator)'
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Org.BouncyCastle/CertificateBuilder.cs#L55
'CertificateBuilder' does not implement inherited abstract member 'CertificateBuilderBase.SetECDsaPublicKey(byte[])'
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Org.BouncyCastle/CertificateBuilder.cs#L55
'CertificateBuilder' does not implement inherited abstract member 'CertificateBuilderBase.CreateForECDsa()'
|
|
Analyze (csharp)
Assets file '/home/runner/work/UA-ModelCompiler/UA-ModelCompiler/Tests/DemoModel/obj/project.assets.json' doesn't have a target for '.NETFramework,Version=v8.0'. Ensure that restore has run and that you have included 'net80' in the TargetFrameworks for your project.
|
|
Analyze (csharp)
We were unable to automatically build your code. Please replace the call to the autobuild action with your custom build steps. Encountered a fatal error while running "/opt/hostedtoolcache/CodeQL/2.17.1/x64/codeql/csharp/tools/autobuild.sh". Exit code was 1 and last log line was: Error: Could not auto-detect a suitable build method. See the logs for more details.
|
|
Analyze (csharp)
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, github/codeql-action/init@v2, actions/setup-dotnet@v3, github/codeql-action/autobuild@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Analyze (csharp)
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/X509Crl/CrlReason.cs#L53
Mark enums with FlagsAttribute (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Extensions/X509AuthorityKeyIdentifierExtension.cs#L66
In externally visible method 'X509AuthorityKeyIdentifierExtension.X509AuthorityKeyIdentifierExtension(AsnEncodedData encodedExtension, bool critical)', validate parameter 'encodedExtension' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Extensions/X509CrlNumberExtension.cs#L60
In externally visible method 'X509CrlNumberExtension.X509CrlNumberExtension(AsnEncodedData encodedExtension, bool critical)', validate parameter 'encodedExtension' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Extensions/X509SubjectAltNameExtension.cs#L88
In externally visible method 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(AsnEncodedData encodedExtension, bool critical)', validate parameter 'encodedExtension' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Extensions/X509SubjectAltNameExtension.cs#L116
Change the type of parameter 'applicationUri' of method 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(string, IEnumerable<string>)' from 'string' to 'System.Uri', or provide an overload to 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(string, IEnumerable<string>)' that allows 'applicationUri' to be passed as a 'System.Uri' object (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Extensions/X509SubjectAltNameExtension.cs#L121
In externally visible method 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(string applicationUri, IEnumerable<string> domainNames)', validate parameter 'domainNames' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/Extensions/X509Extensions.cs#L52
In externally visible method 'T X509Extensions.FindExtension<T>(X509Certificate2 certificate)', validate parameter 'certificate' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/X509Crl/X509Crl.cs#L70
In externally visible method 'X509CRL.X509CRL(IX509CRL crl)', validate parameter 'crl' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/X509Crl/X509Crl.cs#L176
Modify 'VerifySignature' to catch a more specific allowed exception type, or rethrow the exception (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1031)
|
|
Analyze (csharp):
Stack/Libraries/Opc.Ua.Security.Certificates/PEM/PEMReader.cs#L84
Use recommended dispose pattern to ensure that object created by 'RSA.Create()' is disposed on all paths. If possible, wrap the creation within a 'using' statement or a 'using' declaration. Otherwise, use a try-finally pattern, with a dedicated local variable declared before the try region and an unconditional Dispose invocation on non-null value in the 'finally' region, say 'x?.Dispose()'. If the object is explicitly disposed within the try region or the dispose ownership is transfered to another object or method, assign 'null' to the local variable just after such an operation to prevent double dispose in 'finally'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000)
|