Bump SonarAnalyzer.CSharp from 9.21.0.86780 to 9.23.1.88495

[dependabot]

Bumps SonarAnalyzer.CSharp from 9.21.0.86780 to 9.23.1.88495.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

9.23.1

Bug Fixes

• 8984 - Fix StackOverflow in CfgAllPathValidator.AreAllSuccessorsValid
• 8991 - [C#, VB.NET] Fix TypeInitializationException in SymbolStartAnalysisContextWrapper

False Positive

• 8532 - [C#, VB.NET] Fix S1144 FP: Do not raise on serializable members

9.23

Hello everyone! This release comes with two new rules for ASP.NET, false positive fixes, and other improvements.

A big thank you to @​Corniel for their external contribution with #8898!

New Rules

• 8872 - [C#] New rule S6934: You should specify the RouteAttribute when an HttpMethodAttribute is specified at an action level
• 8870 - [C#, VB.NET] New rule S6931: ASP.NET controller actions should not have a route template starting with "/"

False Positives

• 8898 - [C#] Fix S3993 FP: Allow abstract attributes not to decorate Attribute usage
• 8510 - [C#] Fix S3878 FP: When the input array is a collection expression with the spread operator
• 8260 - [C#] Fix S1117 FP: Field/property instances are not accessible from static methods
• 7709 - [C#] Fix S2094 FP: Marker interface not detected when using records
• 6633 - [C#] Fix S2857 FP: Rule is not checking SQL keywords in const interpolated string

Other improvements and fixes

• 8935 - [C#] Rule S6602: Improve the logging message when recommending for Array.Find
• 7999 - [C#] Fix S1125 codefix: Do not add ! when transforming x == false.

9.22

New Rules

• 8869 - [C#, VB.NET] New rule S6930: Backslash should be avoided in route templates
• 8844 - [C#] New rule S3416: Loggers should be named for their enclosing types
• 8840 - [C#] New rule S6675: Trace.WriteLineIf should not be used with TraceSwitch levels
• 8847 - [C#] New rule S2139: Exceptions should be either logged or rethrown but not both
• 8845 - [C#] New rule S6664: Too many logging calls within a code block
• 8843 - [C#] New rule S6672: Generic logger injection should match enclosing type
• 8842 - [C#] New rule S6669: Logger field names should comply with a naming convention
• 8841 - [C#] New rule S6670: Trace.Write and Trace.WriteLine should not be used
• 8769 - [C#] New rule S6673: Log message template placeholders should be in the right order
• 8846 - [C#] New rule S1312: Logger fields should be private static readonly [Non-SonarWay]

False Positive

• 7088 - [C#, VB.NET] Fix S2589 FP: When local is assigned in for loop
• 8264 - [C#, VB.NET] Fix S2583 FP: Code wrongly considered unreachable
• 8891 - [C#] Fix S2629 FP: Allow concatenation of constants

Commits

• 8bf565e Update RSPEC before 9.23.1 release (#9003)
• 5cef53f Bump version to 9.23.1 (#9000)
• 3b39e73 Fix StackOverflow in CfgAllPathValidator.AreAllSuccessorsValid (#8984)
• ae1601a Fix S1144 FP: Ignore Serializable members (#8936)
• af1b44f Reproducer for #8988 S1172 FP: Don't report on partial method parameters (#8989)
• 6f9fee8 Fix TypeInitializationException in SymbolStartAnalysisContextWrapper (#8991)
• 1fb5367 S6934: Add FP repro for #8985 (#8987)
• 7823e0d Bump version to 9.24 (#8981)
• 4d28640 Fix S6934 FP + FN: Inherited Route and HttpMethod attributes are not consider...
• 9478382 Update RSPEC before 9.23 release (#8976)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)