NuGet vulnerability warnings: Warn in non-Release mode, Error in non-Release mode (#17244)

* Initial adjustment of the projects with package vulnerabilities that errored, to change to ignore the four specific Nuget vulnerability warnings in Debug mode (but not Release) as per https://learn.microsoft.com/en-us/nuget/reference/errors-and-warnings/nu1901-nu1904 (NU1901,NU1902,NU1903,NU1904)

* Fixed formatting errors with tests

* No trailing whitespace

* Move NuGet vulnerability warnings error suppression to Directory.Build.props, combine WarningsNotAsErrors and fix minor issues

* Update Umbraco.JsonSchema.csproj

Removed unwanted change

* Update Umbraco.JsonSchema.csproj

Removed unwanted change

* Revert unecessary changes since merge

* Tweak more unecessary changes

* Small tweaks

* Remove space

* Reverted spacing changes

* Remove no longer required warning exclusions

* Reverted unwanted change

* Reversed order

* A few tweaks to reduce warnings in Umbraco.TestData

* More warnings removed as no longer an issue

---------

Co-authored-by: Ronald Barendse <ronald@barend.se>
Co-authored-by: Emma Garland <emma.garland@rocksolidknowledge.com>
Co-authored-by: Jason Elkin <jasonelkin86@gmail.com>

src/Umbraco.Cms.Api.Delivery/Umbraco.Cms.Api.Delivery.csproj

@@ -1,9 +1,8 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <Title>Umbraco CMS - Delivery API</Title>
     <Description>Contains the presentation layer for the Umbraco CMS Delivery API.</Description>
   </PropertyGroup>
-  
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides:
@@ -12,7 +11,6 @@
     -->
     <WarningsNotAsErrors>$(WarningsNotAsErrors),ASP0019,CS0618,CS0612</WarningsNotAsErrors>
   </PropertyGroup>
-  
   <ItemGroup>
     <ProjectReference Include="..\Umbraco.Cms.Api.Common\Umbraco.Cms.Api.Common.csproj" />
     <ProjectReference Include="..\Umbraco.Web.Common\Umbraco.Web.Common.csproj" />

src/Umbraco.Cms.Persistence.SqlServer/Umbraco.Cms.Persistence.SqlServer.csproj

@@ -7,7 +7,7 @@
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides:
-      [SA1405] Debug assret message text
+      [SA1405] Debug assert message text
       [SA1121] resolve hiding inherited members
       [SA1117] remove async or make method synchronous
       [IDE1006] fix naming rule violation

src/Umbraco.Cms.Persistence.Sqlite/Umbraco.Cms.Persistence.Sqlite.csproj

@@ -3,7 +3,7 @@
     <Title>Umbraco CMS - Persistence - SQLite</Title>
     <Description>Adds support for SQLite to Umbraco CMS.</Description>
   </PropertyGroup>
-  
+
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides:
@@ -11,7 +11,6 @@
     -->
     <WarningsNotAsErrors>$(WarningsNotAsErrors),CS0114</WarningsNotAsErrors>
   </PropertyGroup>
-  
   <ItemGroup>
     <PackageReference Include="Microsoft.Data.Sqlite" />
   </ItemGroup>

src/Umbraco.Cms.Targets/Umbraco.Cms.Targets.csproj

@@ -5,7 +5,6 @@
     <IncludeBuildOutput>false</IncludeBuildOutput>
     <IncludeSymbols>false</IncludeSymbols>
   </PropertyGroup>
-  
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides:

src/Umbraco.Core/Umbraco.Core.csproj

@@ -16,7 +16,7 @@
       [CS0618]/[CS0672]/[SYSLIB0051]/[SYSLIB0044]/[SYSLIB0023]/[SYSLIB0003]/[SYSLIB0045] adjust obsolete references
       [CS0067] unused event
       [SA1405] debug provide message text
-      [CS0168]/[CS0169] unused fields/variables
+      [CS0168] and [CS0169] unused fields/variables
       [CS0183] always of type
       [SA1111] adjust parenthesis
       [CA2017] match parameters number

src/Umbraco.Examine.Lucene/Umbraco.Examine.Lucene.csproj

@@ -5,7 +5,7 @@
     <Description>Adds Examine searching support using Lucene to Umbraco CMS.</Description>
     <RootNamespace>Umbraco.Cms.Infrastructure.Examine</RootNamespace>
   </PropertyGroup>
-  
+
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides:
@@ -22,7 +22,6 @@
     <!-- Take top-level depedendency on System.Security.Cryptography.Xml, because Examine depends on a vulnerable version -->
     <PackageReference Include="System.Security.Cryptography.Xml" />
     <!-- Take top-level depedendency on Lucene.Net.Replicator, because Examine depends on a vulnerable version -->
-    <!-- Take top-level depedendency on Lucene.Net.Replicator-->
     <PackageReference Include="Lucene.Net.Replicator" />
   </ItemGroup>
 

src/Umbraco.Web.Common/Umbraco.Web.Common.csproj

@@ -5,7 +5,6 @@
     <Description>Contains the web assembly needed to run Umbraco CMS.</Description>
     <RootNamespace>Umbraco.Cms.Web.Common</RootNamespace>
   </PropertyGroup>
-  
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides:

src/Umbraco.Web.Website/Umbraco.Web.Website.csproj

@@ -5,19 +5,19 @@
     <Description>Contains the website assembly needed to run the frontend of Umbraco CMS.</Description>
     <RootNamespace>Umbraco.Cms.Web.Website</RootNamespace>
   </PropertyGroup>
-  
+
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides:
       [ASP0019] use IHeaderDictionary.Append or the indexer to append or set headers
       [CS0618] handle member obsolete appropriately
       [SA1401] make fields private
-      [SA1649] update file name, and remove this override
+      [SA1649] update file name
       [IDE1006] fix naming rule violation
     -->
     <WarningsNotAsErrors>$(WarningsNotAsErrors),ASP0019,CS0618,SA1401,SA1649,IDE1006</WarningsNotAsErrors>
   </PropertyGroup>
-  
+
   <ItemGroup>
     <ProjectReference Include="..\Umbraco.Web.Common\Umbraco.Web.Common.csproj" />
   </ItemGroup>

tests/Umbraco.TestData/LoadTestController.cs

@@ -27,12 +27,12 @@ public class LoadTestController : Controller
     private const string FootHtml = @"</body>
 </html>";
 
-    private static readonly Random s_random = new();
+    private static readonly Random _random = new();
-    private static readonly Lock s_locko = new();
+    private static readonly Lock _locko = new();
 
-    private static volatile int s_containerId = -1;
+    private static volatile int _containerId = -1;
 
-    private static readonly string s_headHtml = @"<html>
+    private static readonly string _headHtml = @"<html>
 <head>
   <title>LoadTest</title>
   <style>
@@ -53,7 +53,7 @@ public class LoadTestController : Controller
   </div>
 ";
 
-    private static readonly string s_containerTemplateText = @"
+    private static readonly string _containerTemplateText = @"
 @inherits Umbraco.Cms.Web.Common.Views.UmbracoViewPage
 @inject Umbraco.Cms.Core.Configuration.IUmbracoVersion _umbracoVersion
 @{
@@ -65,7 +65,7 @@ public class LoadTestController : Controller
     var wurl = Context.Request.Query[""u""] == ""1"";
     var missing = contents.Length > 0 && contents[contents.Length - 1].Id - contents[0].Id >= contents.Length;
 }
-" + s_headHtml + @"
+" + _headHtml + @"
 <div class=""block"">
 <span @Html.Raw(missing ? ""style=\""color:red;\"""" : """")>@contents.Length items</span>
 <ul>
@@ -147,14 +147,14 @@ public class LoadTestController : Controller
 
     private IActionResult EnsureInitialize()
     {
-        if (s_containerId > 0)
+        if (_containerId > 0)
         {
             return null;
         }
 
-        lock (s_locko)
+        lock (_locko)
         {
-            if (s_containerId > 0)
+            if (_containerId > 0)
             {
                 return null;
             }
@@ -177,12 +177,12 @@ public class LoadTestController : Controller
                 return ContentHtml("Panic! Container is missing.");
             }
 
-            s_containerId = container.Id;
+            _containerId = container.Id;
             return null;
         }
     }
 
-    private IActionResult ContentHtml(string s) => Content(s_headHtml + s + FootHtml, "text/html");
+    private IActionResult ContentHtml(string s) => Content(_headHtml + s + FootHtml, "text/html");
 
     public IActionResult Install()
     {
@@ -205,7 +205,7 @@ public class LoadTestController : Controller
         var containerTemplate = ImportTemplate(
             "LoadTestContainer",
             "LoadTestContainer",
-            s_containerTemplateText);
+            _containerTemplateText);
 
         var containerType = new ContentType(_shortStringHelper, -1)
         {
@@ -276,7 +276,7 @@ public class LoadTestController : Controller
         for (var i = 0; i < n; i++)
         {
             var name = Guid.NewGuid().ToString("N").ToUpper() + "-" + (restart ? "R" : "X") + "-" + o;
-            var content = _contentService.Create(name, s_containerId, ContentAlias);
+            var content = _contentService.Create(name, _containerId, ContentAlias);
             content.SetValue("origin", o);
             _contentService.Save(content);
             _contentService.Publish(content, content.AvailableCultures.ToArray());
@@ -294,9 +294,9 @@ public class LoadTestController : Controller
 
     private static int GetRandom(int minValue, int maxValue)
     {
-        lock (s_locko)
+        lock (_locko)
         {
-            return s_random.Next(minValue, maxValue);
+            return _random.Next(minValue, maxValue);
         }
     }
 
@@ -354,7 +354,7 @@ public class LoadTestController : Controller
         var pos = currentName.IndexOf('-');
         if (pos > 0)
         {
-            currentName = currentName.Substring(0, pos);
+            currentName = currentName[..pos];
         }
 
         var text = new StringBuilder();

tests/Umbraco.TestData/Umbraco.TestData.csproj

@@ -3,10 +3,8 @@
     <!--
       TODO: Fix and remove overrides:
       [CS0618] handle member obsolete appropriately
-      [IDE1006] fix naming rule violation
-      [IDE0057] simplify substring
     -->
-    <WarningsNotAsErrors>$(WarningsNotAsErrors),CS0618,IDE1006,IDE0057</WarningsNotAsErrors>
+    <WarningsNotAsErrors>$(WarningsNotAsErrors),CS0618</WarningsNotAsErrors>
   </PropertyGroup>
   
   <ItemGroup>

tests/Umbraco.Tests.Benchmarks/Umbraco.Tests.Benchmarks.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <OutputType>Exe</OutputType>
     <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
@@ -10,11 +10,9 @@
     <!--
       TODO: Fix and remove overrides:
       [SYSLIB0021] API supports obsolete serialization
-      [IDE0060] removed unused parameters
       [CS0618] update obsolete references
-      [CS0649] field not assigned too
     -->
-    <WarningsNotAsErrors>$(WarningsNotAsErrors),SYSLIB0021,IDE0060,CS0618,CS0649</WarningsNotAsErrors>
+    <WarningsNotAsErrors>$(WarningsNotAsErrors),SYSLIB0021,CS0618</WarningsNotAsErrors>
   </PropertyGroup>
   
   <ItemGroup>

tests/Umbraco.Tests.Common/Builders/Extensions/BuilderExtensions.cs

@@ -232,7 +232,11 @@ public static class BuilderExtensions
         return builder;
     }
 
-    public static T WithPropertyValues<T>(this T builder, object propertyValues, string? culture = null, string? segment = null)
+    public static T WithPropertyValues<T>(
+        this T builder,
+        object propertyValues,
+        string? culture = null,
+        string? segment = null)
         where T : IWithPropertyValues
     {
         builder.PropertyValues = propertyValues;

tests/Umbraco.Tests.Common/Builders/MediaTypeEditingBuilder.cs

@@ -41,7 +41,9 @@ public class MediaTypeEditingBuilder : ContentTypeEditingBaseBuilder<MediaTypeEd
             .Build();
     }
 
-    public static MediaTypeCreateModel CreateBasicFolderMediaType(string alias = "basicFolder", string name = "BasicFolder")
+    public static MediaTypeCreateModel CreateBasicFolderMediaType(
+        string alias = "basicFolder",
+        string name = "BasicFolder")
     {
         var builder = new MediaTypeEditingBuilder();
         return (MediaTypeCreateModel)builder

tests/Umbraco.Tests.Common/Umbraco.Tests.Common.csproj

@@ -7,7 +7,7 @@
     <IsPackable>true</IsPackable>
     <EnablePackageValidation>$(BaseEnablePackageValidation)</EnablePackageValidation>
   </PropertyGroup>
-  
+
   <PropertyGroup>
     <!--
       TODO: Fix and remove overrides: