Merge pull request #4485 from MicrosoftDocs/master

4/19/2019 AM Publish

Author: Taojunshen

.markdownlint.json

@@ -3,8 +3,6 @@
     "MD001": false,
     "MD002": false,
     "MD004": false,
-    "MD005": false,
-    "MD006": false,
     "MD007": false,
     "MD009": false,
     "MD011": false,

.openpublishing.redirection.json

@@ -2040,6 +2040,11 @@
             "redirect_url": "/visualstudio/modeling/create-uml-modeling-projects-and-diagrams",
             "redirect_document_id": false
         },
+        {
+            "source_path": "docs/modeling/nesting-shapes.md",
+            "redirect_url": "/visualstudio/modeling/customizing-presentation-on-the-diagram",
+            "redirect_document_id": false
+        },
         {
             "source_path": "docs/modeling/open-a-uml-model-by-using-the-visual-studio-api.md",
             "redirect_url": "/visualstudio/modeling/create-uml-modeling-projects-and-diagrams",
@@ -2205,10 +2210,10 @@
             "redirect_url": "/visualstudio/port-migrate-and-upgrade-visual-studio-projects",
             "redirect_document_id": false
         },
-        { 
-            "source_path": "docs/porting/port-migrate-upgrade-visual-studio-projects-2019.md", 
-            "redirect_url": "/visualstudio/porting/port-migrate-and-upgrade-visual-studio-projects", 
-            "redirect_document_id": false 
+        {
+            "source_path": "docs/porting/port-migrate-upgrade-visual-studio-projects-2019.md",
+            "redirect_url": "/visualstudio/porting/port-migrate-and-upgrade-visual-studio-projects",
+            "redirect_document_id": false
         },
         {
             "source_path": "docs/profiling/analyze-cpu-usage-in-a-windows-universal-app.md",

docs/code-quality/ca2300-do-not-use-insecure-deserializer-binaryformatter.md

@@ -41,7 +41,7 @@ This rule finds <xref:System.Runtime.Serialization.Formatters.Binary.BinaryForma
   - Protocol Buffers
 - Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed, and design for key rotations.
 - Restrict deserialized types. Implement a custom <xref:System.Runtime.Serialization.SerializationBinder?displayProperty=nameWithType>. Before deserializing with <xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter>, set the <xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Binder> property to an instance of your custom <xref:System.Runtime.Serialization.SerializationBinder>. In the overridden <xref:System.Runtime.Serialization.SerializationBinder.BindToType%2A> method, if the type is unexpected then throw an exception.
- - If you restrict deserialized types, you may want to disable this rule and enable rules [CA2301](ca2301-do-not-call-binaryformatter-deserialize-without-first-setting-binaryformatter-binder.md) and [CA2302](ca2302-ensure-binaryformatter-binder-is-set-before-calling-binaryformatter-deserialize.md). Rules [CA2301](ca2301-do-not-call-binaryformatter-deserialize-without-first-setting-binaryformatter-binder.md) and [CA2302](ca2302-ensure-binaryformatter-binder-is-set-before-calling-binaryformatter-deserialize.md) help to ensure that the <xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Binder> property is always set before deserializing.
+- If you restrict deserialized types, you may want to disable this rule and enable rules [CA2301](ca2301-do-not-call-binaryformatter-deserialize-without-first-setting-binaryformatter-binder.md) and [CA2302](ca2302-ensure-binaryformatter-binder-is-set-before-calling-binaryformatter-deserialize.md). Rules [CA2301](ca2301-do-not-call-binaryformatter-deserialize-without-first-setting-binaryformatter-binder.md) and [CA2302](ca2302-ensure-binaryformatter-binder-is-set-before-calling-binaryformatter-deserialize.md) help to ensure that the <xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Binder> property is always set before deserializing.
 
 ## When to suppress warnings
 

docs/code-quality/code-analysis-warnings-for-managed-code-by-checkid.md

@@ -1,6 +1,6 @@
 ---
 title: Code Analysis Warnings for Managed Code by CheckId
-ms.date: 11/04/2016
+ms.date: 04/18/2019
 ms.topic: reference
 f1_keywords:
   - "CA1000"
@@ -160,6 +160,7 @@ f1_keywords:
   - "CA2003"
   - "CA2004"
   - "CA2006"
+  - "CA2007"
   - "CA2100"
   - "CA2101"
   - "CA2102"
@@ -305,7 +306,7 @@ The following table lists Code Analysis warnings for managed code by the CheckId
 | CA1041 | [CA1041: Provide ObsoleteAttribute message](../code-quality/ca1041-provide-obsoleteattribute-message.md) | A type or member is marked by using a System.ObsoleteAttribute attribute that does not have its ObsoleteAttribute.Message property specified. When a type or member that is marked by using ObsoleteAttribute is compiled, the Message property of the attribute is displayed. This gives the user information about the obsolete type or member. |
 | CA1043 | [CA1043: Use integral or string argument for indexers](../code-quality/ca1043-use-integral-or-string-argument-for-indexers.md) | Indexers (that is, indexed properties) should use integral or string types for the index. These types are typically used for indexing data structures and they increase the usability of the library. Use of the Object type should be restricted to those cases where the specific integral or string type cannot be specified at design time. |
 | CA1044 | [CA1044: Properties should not be write only](../code-quality/ca1044-properties-should-not-be-write-only.md) | Although it is acceptable and often necessary to have a read-only property, the design guidelines prohibit the use of write-only properties. This is because letting a user set a value, and then preventing the user from viewing that value, does not provide any security. Also, without read access, the state of shared objects cannot be viewed, which limits their usefulness. |
-| CA1045 |[CA1045: Do not pass types by reference](../code-quality/ca1045-do-not-pass-types-by-reference.md) | Passing types by reference (using out or ref) requires experience with pointers, understanding how value types and reference types differ, and handling methods that have multiple return values. Library architects who design for a general audience should not expect users to master working with out or ref parameters. |
+| CA1045 |[CA1045: Do not pass types by reference](../code-quality/ca1045-do-not-pass-types-by-reference.md) | Passing types by reference (using out or ref) requires experience with pointers, understanding how value types and reference types differ, and handling methods that have multiple return values. Library architects who design for a general audience should not expect users to master working with `out` or `ref` parameters. |
 | CA1046 | [CA1046: Do not overload operator equals on reference types](../code-quality/ca1046-do-not-overload-operator-equals-on-reference-types.md) | For reference types, the default implementation of the equality operator is almost always correct. By default, two references are equal only if they point to the same object. |
 | CA1047 |[CA1047: Do not declare protected members in sealed types](../code-quality/ca1047-do-not-declare-protected-members-in-sealed-types.md) | Types declare protected members so that inheriting types can access or override the member. By definition, sealed types cannot be inherited, which means that protected methods on sealed types cannot be called. |
 | CA1048 | [CA1048: Do not declare virtual members in sealed types](../code-quality/ca1048-do-not-declare-virtual-members-in-sealed-types.md) | Types declare methods as virtual so that inheriting types can override the implementation of the virtual method. By definition, a sealed type cannot be inherited. This makes a virtual method on a sealed type meaningless. |
@@ -327,7 +328,7 @@ The following table lists Code Analysis warnings for managed code by the CheckId
 | CA1064 | [CA1064: Exceptions should be public](../code-quality/ca1064-exceptions-should-be-public.md) | An internal exception is visible only inside its own internal scope. After the exception falls outside the internal scope, only the base exception can be used to catch the exception. If the internal exception is inherited from <xref:System.Exception>, <xref:System.SystemException>, or <xref:System.ApplicationException>, the external code will not have sufficient information to know what to do with the exception. |
 | CA1065 | [CA1065: Do not raise exceptions in unexpected locations](../code-quality/ca1065-do-not-raise-exceptions-in-unexpected-locations.md) | A method that is not expected to throw exceptions throws an exception. |
 | CA1300 | [CA1300: Specify MessageBoxOptions](../code-quality/ca1300-specify-messageboxoptions.md) | To correctly display a message box for cultures that use a right-to-left reading order, the RightAlign and RtlReading members of the MessageBoxOptions enumeration must be passed to the Show method. |
-| CA1301 | [CA1301: Avoid duplicate accelerators](../code-quality/ca1301-avoid-duplicate-accelerators.md) | An access key, also known as an accelerator, enables keyboard access to a control by using the ALT key. When multiple controls have duplicate access keys, the behavior of the access key is not well defined. |
+| CA1301 | [CA1301: Avoid duplicate accelerators](../code-quality/ca1301-avoid-duplicate-accelerators.md) | An access key, also known as an accelerator, enables keyboard access to a control by using the ALT key. When multiple controls have duplicate access keys, the behavior of the access key is not well-defined. |
 | CA1302 | [CA1302: Do not hardcode locale specific strings](../code-quality/ca1302-do-not-hardcode-locale-specific-strings.md) | The System.Environment.SpecialFolder enumeration contains members that refer to special system folders. The locations of these folders can have different values on different operating systems; the user can change some of the locations; and the locations are localized. The Environment.GetFolderPath method returns the locations that are associated with the Environment.SpecialFolder enumeration, localized and appropriate for the currently running computer. |
 | CA1303 | [CA1303: Do not pass literals as localized parameters](../code-quality/ca1303-do-not-pass-literals-as-localized-parameters.md) | An externally visible method passes a string literal as a parameter to a constructor or method in the .NET Framework class library, and that string should be localizable. |
 | CA1304 | [CA1304: Specify CultureInfo](../code-quality/ca1304-specify-cultureinfo.md) | A method or constructor calls a member that has an overload that accepts a System.Globalization.CultureInfo parameter, and the method or constructor does not call the overload that takes the CultureInfo parameter. When a CultureInfo or System.IFormatProvider object is not supplied, the default value that is supplied by the overloaded member might not have the effect that you want in all locales. |
@@ -401,7 +402,7 @@ The following table lists Code Analysis warnings for managed code by the CheckId
 | CA1821 | [CA1821: Remove empty finalizers](../code-quality/ca1821-remove-empty-finalizers.md) | Whenever you can, avoid finalizers because of the additional performance overhead that is involved in tracking object lifetime. An empty finalizer incurs added overhead and delivers no benefit. |
 | CA1822 |[CA1822: Mark members as static](../code-quality/ca1822-mark-members-as-static.md) | Members that do not access instance data or call instance methods can be marked as static (Shared in [!INCLUDE[vbprvb](../code-quality/includes/vbprvb_md.md)]). After you mark the methods as static, the compiler will emit nonvirtual call sites to these members. This can give you a measurable performance gain for performance-sensitive code. |
 | CA1823 | [CA1823: Avoid unused private fields](../code-quality/ca1823-avoid-unused-private-fields.md) | Private fields were detected that do not appear to be accessed in the assembly. |
-| CA1824 |[CA1824: Mark assemblies with NeutralResourcesLanguageAttribute](../code-quality/ca1824-mark-assemblies-with-neutralresourceslanguageattribute.md) | The NeutralResourcesLanguage attribute informs the ResourceManager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. |
+| CA1824 |[CA1824: Mark assemblies with NeutralResourcesLanguageAttribute](../code-quality/ca1824-mark-assemblies-with-neutralresourceslanguageattribute.md) | The NeutralResourcesLanguage attribute informs the resource manager of the language that was used to display the resources of a neutral culture for an assembly. This improves lookup performance for the first resource that you load and can reduce your working set. |
 | CA1900 | [CA1900: Value type fields should be portable](../code-quality/ca1900-value-type-fields-should-be-portable.md) | This rule checks that structures that are declared by using explicit layout will align correctly when marshaled to unmanaged code on 64-bit operating systems. |
 | CA1901 | [CA1901: P/Invoke declarations should be portable](../code-quality/ca1901-p-invoke-declarations-should-be-portable.md) | This rule evaluates the size of each parameter and the return value of a P/Invoke, and verifies that the size of the parameter is correct when marshaled to unmanaged code on 32-bit and 64-bit operating systems. |
 | CA1903 | [CA1903: Use only API from targeted framework](../code-quality/ca1903-use-only-api-from-targeted-framework.md) | A member or type is using a member or type that was introduced in a service pack that was not included together with the targeted framework of the project. |
@@ -411,6 +412,7 @@ The following table lists Code Analysis warnings for managed code by the CheckId
 | CA2003 |[CA2003: Do not treat fibers as threads](../code-quality/ca2003-do-not-treat-fibers-as-threads.md) | A managed thread is being treated as a [!INCLUDE[TLA2#tla_win32](../code-quality/includes/tla2sharptla_win32_md.md)] thread. |
 | CA2004 | [CA2004: Remove calls to GC.KeepAlive](../code-quality/ca2004-remove-calls-to-gc-keepalive.md) | If you convert to SafeHandle usage, remove all calls to GC.KeepAlive (object). In this case, classes should not have to call GC.KeepAlive. This assumes they do not have a finalizer but rely on SafeHandle to finalize the OS handle for them. |
 | CA2006 | [CA2006: Use SafeHandle to encapsulate native resources](../code-quality/ca2006-use-safehandle-to-encapsulate-native-resources.md) | Use of IntPtr in managed code might indicate a potential security and reliability problem. All uses of IntPtr must be reviewed to determine whether use of a SafeHandle, or similar technology, is required in its place. |
+| CA2007 | [CA2007: Do not directly await a Task](ca2007-do-not-directly-await-task.md) | An asynchronous method [awaits](/dotnet/csharp/language-reference/keywords/await) a <xref:System.Threading.Tasks.Task> directly. When an asynchronous method awaits a <xref:System.Threading.Tasks.Task> directly, continuation occurs in the same thread that created the task. This behavior can be costly in terms of performance and can result in a deadlock on the UI thread. Consider calling <xref:System.Threading.Tasks.Task.ConfigureAwait(System.Boolean)?displayProperty=nameWithType> to signal your intention for continuation. |
 | CA2100 | [CA2100: Review SQL queries for security vulnerabilities](../code-quality/ca2100-review-sql-queries-for-security-vulnerabilities.md) | A method sets the System.Data.IDbCommand.CommandText property by using a string that is built from a string argument to the method. This rule assumes that the string argument contains user input. A SQL command string that is built from user input is vulnerable to SQL injection attacks. |
 | CA2101 |[CA2101: Specify marshaling for P/Invoke string arguments](../code-quality/ca2101-specify-marshaling-for-p-invoke-string-arguments.md) | A platform invoke member allows partially trusted callers, has a string parameter, and does not explicitly marshal the string. This can cause a potential security vulnerability. |
 | CA2102 | [CA2102: Catch non-CLSCompliant exceptions in general handlers](../code-quality/ca2102-catch-non-clscompliant-exceptions-in-general-handlers.md) | A member in an assembly that is not marked by using the RuntimeCompatibilityAttribute or is marked RuntimeCompatibility(WrapNonExceptionThrows = false) contains a catch block that handles System.Exception and does not contain an immediately following general catch block. |

docs/code-quality/cpp-core-guidelines-warnings.md

@@ -78,17 +78,17 @@ The C++ Core Guidelines are there to help you write better and safer code. Howev
 
 As new rules are added to the C++ Core Guidelines Checker, the number of warnings that are produced for pre-existing code may increase. You can use predefined rule sets to filter which kinds of rules to enable. As of Visual Studio 2017 version 15.3, the supported rule sets are:
 
-  - **Owner Pointer Rules** enforce [resource-management checks related to owner\<T> from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#r-resource-management).
+- **Owner Pointer Rules** enforce [resource-management checks related to owner\<T> from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#r-resource-management).
 
-  - **Const Rules** enforce [const-related checks from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#con-constants-and-immutability).
+- **Const Rules** enforce [const-related checks from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#con-constants-and-immutability).
 
-  - **Raw Pointer Rules** enforce [resource-management checks related to raw pointers from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#r-resource-management).
+- **Raw Pointer Rules** enforce [resource-management checks related to raw pointers from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#r-resource-management).
 
-  - **Unique Pointer Rules** enforce [resource-management checks related to types with unique pointer semantics from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#r-resource-management).
+- **Unique Pointer Rules** enforce [resource-management checks related to types with unique pointer semantics from the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#r-resource-management).
 
-  - **Bounds Rules** enforce the [Bounds profile of the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#probounds-bounds-safety-profile).
+- **Bounds Rules** enforce the [Bounds profile of the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#probounds-bounds-safety-profile).
 
-  - **Type Rules** enforce the [Type profile of the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#prosafety-type-safety-profile).
+- **Type Rules** enforce the [Type profile of the C++ Core Guidelines](http://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#prosafety-type-safety-profile).
 
 You can choose to limit warnings to just one or a few of the groups. The **Native Minimum** and **Native Recommended** rule sets include C++ Core Check rules in addition to other PREfast checks. To see the available rule sets, open the Project Properties dialog, select **Code Analysis\General**, open the dropdown in the **Rule Sets** combo-box, and pick **Choose multiple rule sets**. For more information about using Rule Sets in Visual Studio, see [Using Rule Sets to Group Code Analysis Rules](using-rule-sets-to-group-code-analysis-rules.md).