Applied many best practices in the code

HotCakeX · Oct 17, 2024 · 2f7960d · 2f7960d
1 parent 5e9e9f0
commit 2f7960d
Show file tree

Hide file tree

Showing 141 changed files with 800 additions and 691 deletions.
diff --git a/Harden-Windows-Security Module/.editorconfig b/Harden-Windows-Security Module/.editorconfig
@@ -285,12 +285,6 @@ dotnet_diagnostic.IDE0004.severity = error
 # IDE0017: Simplify object initialization
 dotnet_diagnostic.IDE0017.severity = error
 
-# IDE0060: Remove unused parameter
-dotnet_diagnostic.IDE0060.severity = error
-
-# IDE0044: Add readonly modifier
-dotnet_diagnostic.IDE0044.severity = error
-
 # IDE0063: Use simple 'using' statement
 dotnet_diagnostic.IDE0063.severity = error
 
@@ -344,3 +338,6 @@ dotnet_diagnostic.CA1839.severity = error
 
 # CA2265: Do not compare Span<T> to 'null' or 'default'
 dotnet_diagnostic.CA2265.severity = error
+
+# CA1507: Use nameof to express symbol names
+dotnet_diagnostic.CA1507.severity = error
diff --git a/README.md b/README.md
@@ -1547,7 +1547,7 @@ This repository uses the simplest possible, yet effective, methods that make it
 > [!TIP]\
 > All files in this repository, including packages like MSIX files attached to releases, are zipped and automatically submitted to VirusTotal for scanning through a [GitHub Action](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/VirusTotal.yml). Find the history of the uploaded files in [my Virus Total profile](https://www.virustotal.com/gui/user/SpyNetGirl).
 
-[![PSScriptAnalyzer](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/powershell.yml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/powershell.yml) [![Repository And Package Scan on Virus Total](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/VirusTotal.yml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/VirusTotal.yml) [![CodeQL Advanced](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/codeql.yml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/codeql.yml) [![Sync to Azure DevOps](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/Sync%20to%20Azure%20DevOps.yaml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/Sync%20to%20Azure%20DevOps.yaml) 
+[![PSScriptAnalyzer](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/powershell.yml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/powershell.yml) [![Repository And Package Scan on Virus Total](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/VirusTotal.yml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/VirusTotal.yml) [![CodeQL Advanced](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/codeql.yml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/codeql.yml) [![Sync to Azure DevOps](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/Sync%20to%20Azure%20DevOps.yaml/badge.svg)](https://github.com/HotCakeX/Harden-Windows-Security/actions/workflows/Sync%20to%20Azure%20DevOps.yaml)
 
 <p align="right"><a href="#readme-top">💡 (back to top)</a></p>
 

diff --git a/WDACConfig/.editorconfig b/WDACConfig/.editorconfig
@@ -31,7 +31,7 @@ dotnet_diagnostic.CA1309.severity = error
 dotnet_diagnostic.CA1311.severity = error
 
 # CA1416: Validate platform compatibility
-dotnet_diagnostic.CA1416.severity = error
+dotnet_diagnostic.CA1416.severity = silent
 
 # CA5384: Do Not Use Digital Signature Algorithm (DSA)
 dotnet_diagnostic.CA5384.severity = error
@@ -275,3 +275,69 @@ dotnet_diagnostic.CA2101.severity = error
 
 # IL2026: Members annotated with 'RequiresUnreferencedCodeAttribute' require dynamic access otherwise can break functionality when trimming application code
 dotnet_diagnostic.IL2026.severity = error
+
+# IDE0305: Simplify collection initialization
+dotnet_diagnostic.IDE0305.severity = error
+
+# IDE0004: Remove Unnecessary Cast
+dotnet_diagnostic.IDE0004.severity = error
+
+# IDE0017: Simplify object initialization
+dotnet_diagnostic.IDE0017.severity = error
+
+# IDE0063: Use simple 'using' statement
+dotnet_diagnostic.IDE0063.severity = error
+
+# CA1001: Types that own disposable fields should be disposable
+dotnet_diagnostic.CA1001.severity = error
+
+# CA1831: Use AsSpan or AsMemory instead of Range-based indexers when appropriate
+dotnet_diagnostic.CA1831.severity = error
+
+# CA5382: Use Secure Cookies In ASP.NET Core
+dotnet_diagnostic.CA5382.severity = error
+
+# CA1063: Implement IDisposable Correctly
+dotnet_diagnostic.CA1063.severity = error
+
+# CA1852: Seal internal types
+dotnet_diagnostic.CA1852.severity = error
+
+# CA2011: Avoid infinite recursion
+dotnet_diagnostic.CA2011.severity = error
+
+# CA2015: Do not define finalizers for types derived from MemoryManager<T>
+dotnet_diagnostic.CA2015.severity = error
+
+# CA2017: Parameter count mismatch
+dotnet_diagnostic.CA2017.severity = error
+
+# CA5397: Do not use deprecated SslProtocols values
+dotnet_diagnostic.CA5397.severity = error
+
+# CA5394: Do not use insecure randomness
+dotnet_diagnostic.CA5394.severity = error
+
+# CA2207: Initialize value type static fields inline
+dotnet_diagnostic.CA2207.severity = error
+
+# CA2219: Do not raise exceptions in finally clauses
+dotnet_diagnostic.CA2219.severity = error
+
+# CA2259: 'ThreadStatic' only affects static fields
+dotnet_diagnostic.CA2259.severity = error
+
+# CA5371: Use XmlReader for 'XmlSchema.Read()'
+dotnet_diagnostic.CA5371.severity = error
+
+# CA5364: Do Not Use Deprecated Security Protocols
+dotnet_diagnostic.CA5364.severity = error
+
+# CA1839: Use 'Environment.ProcessPath'
+dotnet_diagnostic.CA1839.severity = error
+
+# CA2265: Do not compare Span<T> to 'null' or 'default'
+dotnet_diagnostic.CA2265.severity = error
+
+# CA1507: Use nameof to express symbol names
+dotnet_diagnostic.CA1507.severity = error
diff --git a/WDACConfig/Utilities/Hashes.csv b/WDACConfig/Utilities/Hashes.csv
@@ -53,7 +53,6 @@
 "XMLOps\Remove-UnreferencedFileRuleRefs.psm1","Remove-UnreferencedFileRuleRefs.psm1","796FBE2B74EE4BDF8C9C7B3960DE85D67D1C5D407739EC8FC604A697C96938B1CC3B66010262FE5B48B2B0648CA52D7FD8A5E21166EF41B01A8D1963A03F0162",
 "C#\ArgumentCompleters\ArgumentCompleterAttribute.cs","ArgumentCompleterAttribute.cs","B88EC477DC0EA32D701F86E6C1F0A11236F8D644133E969653C8E1A1A0E6BBEF88EAD2E35AE455FABB74203A2C27EFAAEB614F24D2119FA9BC1045EC6A79CC9E",
 "C#\ArgumentCompleters\BasePolicyNamez.cs","BasePolicyNamez.cs","732044E59CA6287F9F3B3CBF4278C71E1BE4EA910116C18C09419507682A9BD3F42AB388E22B6428FECA3CB4F247826EE9802DBDEADA510349B4896DAD103DC8",
-"C#\ArgumentCompleters\RuleOptionsx.cs","RuleOptionsx.cs","E2C200DC83FB7791ADD97848FC792FBC45E369B3AC54D8DACD63386A57F9D7050482E7FD7BA4F00C35B9ED9B44A12E8CA8E3B56183A11B0009029AE09D2E0E6C",
 "C#\Shared Logics\AllCertificatesGrabber.cs","AllCertificatesGrabber.cs","F55C696401877DBF35F0753C31BB47937CC174945D25FC1A91C617C3CA9317C57110EE8BB8E7C4F0F9B76A27F50F0235D7B0E5715912648AB9EF8AED24B71237",
 "C#\Shared Logics\CertCNz.cs","CertCNz.cs","8769157D63762A0AED599C09F78AEB3D25AFC382259809A060A3AD174EDACF7FAF93A2F0CB2D88DF2FC7ADEEBEB93556E78406BCB0424B895CF227A90D89CF53",
 "C#\Shared Logics\CertificateHelper.cs","CertificateHelper.cs","3FD96DC69FFFD1CDF5961F62F486E9120853E3160B3680F8FAC683A0DD1634A96FD9A20EBBEC4323406CD755D5470A5C66E350D6066F40BCC23B0EC41C92F48E",

diff --git a/WDACConfig/WDACConfig Module Files/C#/ArgumentCompleters/ArgumentCompleterAttribute.cs b/WDACConfig/WDACConfig Module Files/C#/ArgumentCompleters/ArgumentCompleterAttribute.cs
@@ -17,7 +17,7 @@ namespace WDACConfig.ArgCompleter
     /// <summary>
     /// Opens File picker GUI so that user can select any files
     /// </summary>
-    public class AnyFilePathsPicker : IArgumentCompleter
+    public sealed class AnyFilePathsPicker : IArgumentCompleter
     {
         // Method to complete the argument with file path selection
         public IEnumerable<CompletionResult> CompleteArgument(
@@ -53,7 +53,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use AnyFilePathsPicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class AnyFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class AnyFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with AnyFilePathsPicker
         public AnyFilePathsPickerAttribute() : base(typeof(AnyFilePathsPicker)) { }
@@ -68,7 +68,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens File picker GUI so that user can select a .xml file
     /// </summary>
-    public class XmlFilePathsPicker : IArgumentCompleter
+    public sealed class XmlFilePathsPicker : IArgumentCompleter
     {
         // Directory to initialize the file dialog
         private readonly string initialDirectory = WDACConfig.GlobalVars.UserConfigDir;
@@ -114,7 +114,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use XmlFilePathsPicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class XmlFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class XmlFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with XmlFilePathsPicker
         public XmlFilePathsPickerAttribute() : base(typeof(XmlFilePathsPicker)) { }
@@ -129,7 +129,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens Folder picker GUI so that user can select folders to be processed
     /// </summary>
-    public class FolderPicker : IArgumentCompleter
+    public sealed class FolderPicker : IArgumentCompleter
     {
         // Method to complete the argument with folder path selection
         public IEnumerable<CompletionResult> CompleteArgument(
@@ -165,7 +165,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use FolderPicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class FolderPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class FolderPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with FolderPicker
         public FolderPickerAttribute() : base(typeof(FolderPicker)) { }
@@ -180,7 +180,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens File picker GUI so that user can select multiple .xml files
     /// </summary>
-    public class XmlFileMultiSelectPicker : IArgumentCompleter
+    public sealed class XmlFileMultiSelectPicker : IArgumentCompleter
     {
         // Directory to initialize the file dialog
         private readonly string initialDirectory = WDACConfig.GlobalVars.UserConfigDir;
@@ -228,7 +228,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use XmlFileMultiSelectPicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class XmlFileMultiSelectPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class XmlFileMultiSelectPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with XmlFileMultiSelectPicker
         public XmlFileMultiSelectPickerAttribute() : base(typeof(XmlFileMultiSelectPicker)) { }
@@ -243,7 +243,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens File picker GUI so that user can select multiple files
     /// </summary>
-    public class MultipleAnyFilePathsPicker : IArgumentCompleter
+    public sealed class MultipleAnyFilePathsPicker : IArgumentCompleter
     {
         // Method to complete the argument with multiple file path selection
         public IEnumerable<CompletionResult> CompleteArgument(
@@ -284,7 +284,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use MultipleAnyFilePathsPicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class MultipleAnyFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class MultipleAnyFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with MultipleAnyFilePathsPicker
         public MultipleAnyFilePathsPickerAttribute() : base(typeof(MultipleAnyFilePathsPicker)) { }
@@ -299,7 +299,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens File picker GUI so that user can select an .exe file
     /// </summary>
-    public class ExeFilePathsPicker : IArgumentCompleter
+    public sealed class ExeFilePathsPicker : IArgumentCompleter
     {
         // Directory to initialize the file dialog
         private readonly string initialDirectory = WDACConfig.GlobalVars.UserConfigDir;
@@ -345,7 +345,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use ExeFilePathsPicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class ExeFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class ExeFilePathsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with ExeFilePathsPicker
         public ExeFilePathsPickerAttribute() : base(typeof(ExeFilePathsPicker)) { }
@@ -360,7 +360,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens File picker GUI so that user can select a single .cer file
     /// </summary>
-    public class SingleCerFilePicker : IArgumentCompleter
+    public sealed class SingleCerFilePicker : IArgumentCompleter
     {
         // Directory to initialize the file dialog
         private readonly string initialDirectory = WDACConfig.GlobalVars.UserConfigDir;
@@ -408,7 +408,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use SingleCerFilePicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class SingleCerFilePickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class SingleCerFilePickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with SingleCerFilePicker
         public SingleCerFilePickerAttribute() : base(typeof(SingleCerFilePicker)) { }
@@ -423,7 +423,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens File picker GUI so that user can select multiple .cer files
     /// </summary>
-    public class MultipleCerFilePicker : IArgumentCompleter
+    public sealed class MultipleCerFilePicker : IArgumentCompleter
     {
         // Directory to initialize the file dialog
         private readonly string initialDirectory = WDACConfig.GlobalVars.UserConfigDir;
@@ -471,7 +471,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use MultipleCerFilePicker as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class MultipleCerFilePickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class MultipleCerFilePickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with MultipleCerFilePicker
         public MultipleCerFilePickerAttribute() : base(typeof(MultipleCerFilePicker)) { }
@@ -486,7 +486,7 @@ public IArgumentCompleter Create()
     /// <summary>
     /// Opens Folder picker GUI so that user can select a folder, and returns the selected path with quotes and a wildcard character at the end
     /// </summary>
-    public class FolderPickerWithWildcard : IArgumentCompleter
+    public sealed class FolderPickerWithWildcard : IArgumentCompleter
     {
         // Method to complete the argument with folder path selection, adding a wildcard character
         public IEnumerable<CompletionResult> CompleteArgument(
@@ -522,7 +522,7 @@ public IEnumerable<CompletionResult> CompleteArgument(
 
     // Attribute to use FolderPickerWithWildcard as an argument completer
     [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class FolderPickerWithWildcardAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
+    public sealed class FolderPickerWithWildcardAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
     {
         // Constructor initializing the base class with FolderPickerWithWildcard
         public FolderPickerWithWildcardAttribute() : base(typeof(FolderPickerWithWildcard)) { }
@@ -533,53 +533,5 @@ public IArgumentCompleter Create()
             return new FolderPickerWithWildcard();
         }
     }
-
-    /// <summary>
-    /// This argument completer suggests rule options that are not already selected on the command line by *any* other parameter
-    /// It currently doesn't make a distinction between the RulesToAdd/RulesToRemove parameters and other parameters.
-    /// </summary>
-    public class RuleOptionsPicker : IArgumentCompleter
-    {
-        // Method to complete the argument with rule options that are not already selected
-        public IEnumerable<CompletionResult> CompleteArgument(
-            string commandName,
-            string parameterName,
-            string wordToComplete,
-            CommandAst commandAst,
-            IDictionary fakeBoundParameters)
-        {
-            // Find all string constants in the AST
-            var existingValues = commandAst.FindAll(
-                ast => ast is StringConstantExpressionAst,
-                false
-            ).OfType<StringConstantExpressionAst>()
-            .Select(ast => ast.Value)
-            .ToHashSet(StringComparer.OrdinalIgnoreCase);
-
-            // Get all valid rule options
-            var validOptions = new WDACConfig.RuleOptionsx().GetValidValues();
-
-            // Filter out the options that are already selected
-            var suggestions = validOptions
-                .Where(option => !existingValues.Contains(option, StringComparer.OrdinalIgnoreCase))
-                .Select(option => new CompletionResult($"'{option}'"));
-
-            return suggestions;
-        }
-    }
-
-    // Attribute to use RuleOptionsPicker as an argument completer
-    [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
-    public class RuleOptionsPickerAttribute : ArgumentCompleterAttribute, IArgumentCompleterFactory
-    {
-        // Constructor initializing the base class with RuleOptionsPicker
-        public RuleOptionsPickerAttribute() : base(typeof(RuleOptionsPicker)) { }
-
-        // Create method to return an instance of RuleOptionsPicker
-        public IArgumentCompleter Create()
-        {
-            return new RuleOptionsPicker();
-        }
-    }
-
+
 }
diff --git a/WDACConfig/WDACConfig Module Files/C#/ArgumentCompleters/BasePolicyNamez.cs b/WDACConfig/WDACConfig Module Files/C#/ArgumentCompleters/BasePolicyNamez.cs
@@ -1,11 +1,12 @@
 using System;
 using System.Collections.Generic;
+using System.Management.Automation;
 
 #nullable enable
 
 namespace WDACConfig
 {
-    public class BasePolicyNamez : IValidateSetValuesGenerator
+    public sealed class BasePolicyNamez : IValidateSetValuesGenerator
     {
         // Argument tab auto-completion and ValidateSet for Non-System Policy names
         public string[] GetValidValues()
@@ -22,11 +23,11 @@ public string[] GetValidValues()
                         BasePolicyNames.Add(policy.FriendlyName);
                     }
                 }
-                return BasePolicyNames.ToArray();
+                return [.. BasePolicyNames];
             }
             else
             {
-                return Array.Empty<string>();
+                return [];
             }
         }
     }