Training
Module
Guide to Secure .NET Development with OWASP Top 10 - Training
Evaluate security risks that come with insecure application development patterns and practices
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
If you're migrating an app to .NET 7, the breaking changes listed here might affect you. Changes are grouped by technology area, such as ASP.NET Core or Windows Forms.
This article indicates whether each breaking change is binary compatible or source compatible:
Title | Binary compatible | Source compatible |
---|---|---|
System.diagnostics entry in app.config | ❌ | ✔️ |
Title | Binary compatible | Source compatible |
---|---|---|
Decrypting EnvelopedCms doesn't double unwrap | ❌ | ✔️ |
Dynamic X509ChainPolicy verification time | ❌ | ✔️ |
X500DistinguishedName parsing of friendly names | ❌ | ✔️ |
Title | Binary compatible | Source compatible |
---|---|---|
All assemblies trimmed by default | ✔️ | ❌ |
Multi-level lookup is disabled | ❌ | ✔️ |
x86 host path on 64-bit Windows | ✔️ | ✔️ |
TrimmerDefaultAction is deprecated | ✔️ | ❌ |
Title | Binary compatible | Source compatible |
---|---|---|
Binding config to dictionary extends values | ✔️ | ✔️ |
ContentRootPath for apps launched by Windows Shell | ❌ | ✔️ |
Environment variable prefixes | ❌ | ✔️ |
Title | Binary compatible | Source compatible |
---|---|---|
Globalization APIs use ICU libraries on Windows Server | ❌ | ✔️ |
Title | Binary compatible | Source compatible |
---|---|---|
RuntimeInformation.OSArchitecture under emulation | ❌ | ✔️ |
Title | Binary compatible | Source compatible |
---|---|---|
Constructors accept base interface instead of concrete type | ❌ | ✔️ |
Flow direction helper methods removed | ❌ | ❌ |
New UpdateBackground parameter | ❌ | ✔️ |
ScrollToRequest property renamed | ❌ | ❌ |
Some Windows APIs are removed | ❌ | ❌ |
Title | Binary compatible | Source compatible |
---|---|---|
AllowRenegotiation default is false | ❌ | ❌ |
Custom ping payloads on Linux | ❌ | ✔️ |
Socket.End methods don't throw ObjectDisposedException | ❌ | ✔️ |
Title | Binary compatible | Source compatible |
---|---|---|
DataContractSerializer retains sign when deserializing -0 | ❌ | ✔️ |
Deserialize Version type with leading or trailing whitespace | ❌ | ✔️ |
JsonSerializerOptions copy constructor includes JsonSerializerContext | ❌ | ✔️ |
Polymorphic serialization for object types | ❌ | ✔️ |
System.Text.Json source generator fallback | ❌ | ✔️ |
Title | Binary compatible | Source compatible |
---|---|---|
Obsoletions and warnings | ✔️ | ❌ |
Some APIs throw ArgumentNullException | ❌ | ✔️ |
Title | Binary compatible | Source compatible | Backwards compatible |
---|---|---|---|
Restored drag-and-drop operations behavior on text editors | ✔️ | ✔️ | ❌ |
Title | Binary compatible | Source compatible |
---|---|---|
XmlSecureResolver is obsolete | ❌ | ❌ |
.NET feedback
.NET is an open source project. Select a link to provide feedback:
Training
Module
Guide to Secure .NET Development with OWASP Top 10 - Training
Evaluate security risks that come with insecure application development patterns and practices