---
description: Coding
alwaysApply: false
---
- Use collection expressions for collection initialization
- Non-derived "private" classes and records should be "sealed"
- In tests Use 'Assert.ThrowsExactly' instead of 'Assert.ThrowsException'
- Parameter names should match base declaration and other partial definitions
- Exceptions should be either logged or rethrown but not both
- Exceptions should not be thrown from property getters
- A Route attribute should be added to the controller when a route template is specified at the action level
- "Thread.Sleep" should not be used in tests
- Maintain consistent whitespace formatting with blank lines between logical code blocks
- Cognitive Complexity of methods should not be too high
- Avoid constant arrays as arguments
- Server-side requests should not be vulnerable to traversing attacks
- String literals should not be duplicated
- Value type property used as input in a controller action should be nullable, required or annotated with the JsonRequiredAttribute to avoid under-posting