Scanning SQL Strings in C# Class files

Template for a good new topic, formatted with Markdown:

  • ALM used: TFS2017
  • CI system used: TFS2017
  • Scanner command used when applicable: just standard Prep/Build/Publish using dotnet to call the DLL
  • Languages of the repository: C#

Are there any additional steps/configuration needed to be done in order to scan SQL Strings inside of our C# Class files? If we add the CS extension to the T-SQL parameters then it produces an error than it cant determine the file.



Welcome to the community!

There’s no functionality to detect SQL inside other file types and run SQL rules on it. There are a few rules about SQL that run on C# files, but you’re not going to get a full T-SQL analysis.