diff --git a/NuGet.exe b/NuGet.exe
new file mode 100644
index 00000000..7d4cdaef
Binary files /dev/null and b/NuGet.exe differ
diff --git a/README.md b/README.md
index 8e2a18f0..173c9483 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
 [![Build status](https://ci.appveyor.com/api/projects/status/se4ok0surqu73ob7?svg=true)](https://ci.appveyor.com/project/JarLob/security-code-scan)  
 
 ### Downloading
-Official releases are available as nuget packages ([Master](https://www.nuget.org/packages/SecurityCodeScan/) and [VS2017](https://www.nuget.org/packages/SecurityCodeScan.VS2017/) branches) and as Visual Studio extensions ([Master](https://marketplace.visualstudio.com/items?itemName=JaroslavLobacevski.SecurityCodeScan) and [VS2017](https://marketplace.visualstudio.com/items?itemName=JaroslavLobacevski.SecurityCodeScanVS2017) branches).  
+Official releases are available as nuget packages ([VS2015](https://www.nuget.org/packages/SecurityCodeScan/) and [VS2017](https://www.nuget.org/packages/SecurityCodeScan.VS2017/) branches) and as Visual Studio extensions ([VS2015](https://marketplace.visualstudio.com/items?itemName=JaroslavLobacevski.SecurityCodeScan) and [VS2017](https://marketplace.visualstudio.com/items?itemName=JaroslavLobacevski.SecurityCodeScanVS2017) branches).  
 Nightly builds are available from [appveyor](https://ci.appveyor.com/project/JarLob/security-code-scan) (go to `Configuration: Release` -> `Artifacts`).  
 
 ### Building
@@ -19,7 +19,7 @@ msbuild SecurityCodeScan.sln
 ```
 
 ### Contributing
-* All documentation from the [official site](https://security-code-scan.github.io) is open-source and located in the [website](https://github.com/security-code-scan/security-code-scan/tree/master/website) folder. Feel free to modify the markdown files and contribute to it.
+* All documentation from the [official site](https://security-code-scan.github.io) is open-source and located in the [website](https://github.com/security-code-scan/security-code-scan/tree/vs2019/website) folder. Feel free to modify the markdown files and contribute to it.
 * You may customize the behavior of Security Code Scan by creating a local configuration file as described in [ExternalConfigurationFiles section](https://security-code-scan.github.io/#ExternalConfigurationFiles). It is easy to add new vulnerable functions (sinks) that should trigger a warning, define untrusted sources, etc. Once you think you have working configuration file you are welcome to contribute your changes to the main built-in configuration file. Ideally your Pull Request comes with tests that cover the changes.
 * Review the list of available [issues.](https://github.com/security-code-scan/security-code-scan/issues) The general understanding of Roslyn might be handy:
   - [Use Roslyn to Write a Live Code Analyzer for Your API](https://docs.microsoft.com/en-us/archive/msdn-magazine/2014/special-issue/csharp-and-visual-basic-use-roslyn-to-write-a-live-code-analyzer-for-your-api)
diff --git a/SecurityCodeScan.Test/SecurityCodeScan.Test.csproj b/SecurityCodeScan.Test/SecurityCodeScan.Test.csproj
index e9c7810a..db5792bf 100644
--- a/SecurityCodeScan.Test/SecurityCodeScan.Test.csproj
+++ b/SecurityCodeScan.Test/SecurityCodeScan.Test.csproj
@@ -1,8 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.props" Condition="Exists('..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.props')" />
-  <Import Project="..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.props" Condition="Exists('..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.props')" />
-  <Import Project="..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.props" Condition="Exists('..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.props')" />
+  <Import Project="..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.props" Condition="Exists('..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.props')" />
   <Import Project="..\packages\SQLite.3.13.0\build\net45\SQLite.props" Condition="Exists('..\packages\SQLite.3.13.0\build\net45\SQLite.props')" />
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -61,6 +59,9 @@
     <Reference Include="EntityFramework.SqlServer, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL">
       <HintPath>..\packages\EntityFramework.6.2.0\lib\net45\EntityFramework.SqlServer.dll</HintPath>
     </Reference>
+    <Reference Include="Esent.Interop, Version=1.9.4.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\ManagedEsent.1.9.4\lib\net40\Esent.Interop.dll</HintPath>
+    </Reference>
     <Reference Include="fastjson, Version=2.1.0.0, Culture=neutral, PublicKeyToken=6b75a806b86095cd, processorArchitecture=MSIL">
       <HintPath>..\packages\fastJSON.2.1.21\lib\net40\fastjson.dll</HintPath>
     </Reference>
@@ -76,14 +77,15 @@
     <Reference Include="Microsoft.AspNet.Identity.Core, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.Identity.Core.2.2.1\lib\net45\Microsoft.AspNet.Identity.Core.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.Antiforgery, Version=1.1.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.Antiforgery.1.1.3\lib\net451\Microsoft.AspNetCore.Antiforgery.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.Antiforgery, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.Antiforgery.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Antiforgery.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Authentication.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Authentication.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.Abstractions.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Authentication.Core, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Authentication.Core.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.Core.dll</HintPath>
+      <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Authorization, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Authorization.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Authorization.dll</HintPath>
@@ -91,17 +93,17 @@
     <Reference Include="Microsoft.AspNetCore.Authorization.Policy, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Authorization.Policy.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Authorization.Policy.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.Cryptography.Internal, Version=1.1.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.Cryptography.Internal.1.1.3\lib\net451\Microsoft.AspNetCore.Cryptography.Internal.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.Cryptography.Internal, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.Cryptography.Internal.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Cryptography.Internal.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.DataProtection, Version=1.1.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.DataProtection.1.1.3\lib\net451\Microsoft.AspNetCore.DataProtection.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.DataProtection, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.DataProtection.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.DataProtection.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.DataProtection.Abstractions, Version=1.1.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.DataProtection.Abstractions.1.1.3\lib\net451\Microsoft.AspNetCore.DataProtection.Abstractions.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.DataProtection.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.DataProtection.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.DataProtection.Abstractions.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.Diagnostics.Abstractions, Version=1.1.6.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.Diagnostics.Abstractions.1.1.6\lib\netstandard1.0\Microsoft.AspNetCore.Diagnostics.Abstractions.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.Diagnostics.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.Diagnostics.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Diagnostics.Abstractions.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Hosting.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Hosting.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Hosting.Abstractions.dll</HintPath>
@@ -109,11 +111,12 @@
     <Reference Include="Microsoft.AspNetCore.Hosting.Server.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Hosting.Server.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Hosting.Server.Abstractions.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.Html.Abstractions, Version=1.1.2.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.Html.Abstractions.1.1.2\lib\netstandard1.0\Microsoft.AspNetCore.Html.Abstractions.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.Html.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.Html.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Html.Abstractions.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Http, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Http.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Http.dll</HintPath>
+      <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Http.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Http.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Http.Abstractions.dll</HintPath>
@@ -124,35 +127,40 @@
     <Reference Include="Microsoft.AspNetCore.Http.Features, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Http.Features.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Http.Features.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.JsonPatch, Version=1.1.2.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.JsonPatch.1.1.2\lib\net451\Microsoft.AspNetCore.JsonPatch.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.JsonPatch, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.JsonPatch.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.JsonPatch.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Mvc.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Mvc.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Mvc.Abstractions.dll</HintPath>
+      <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Mvc.Core, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Mvc.Core.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Mvc.Core.dll</HintPath>
+      <Private>True</Private>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.Mvc.DataAnnotations, Version=1.1.8.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.Mvc.DataAnnotations.1.1.8\lib\net451\Microsoft.AspNetCore.Mvc.DataAnnotations.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.Mvc.DataAnnotations, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.Mvc.DataAnnotations.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Mvc.DataAnnotations.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.Mvc.Formatters.Json, Version=1.1.8.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.Mvc.Formatters.Json.1.1.8\lib\net451\Microsoft.AspNetCore.Mvc.Formatters.Json.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.Mvc.Formatters.Json, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.Mvc.Formatters.Json.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Mvc.Formatters.Json.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.AspNetCore.Mvc.ViewFeatures, Version=1.1.8.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNetCore.Mvc.ViewFeatures.1.1.8\lib\net451\Microsoft.AspNetCore.Mvc.ViewFeatures.dll</HintPath>
+    <Reference Include="Microsoft.AspNetCore.Mvc.ViewFeatures, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNetCore.Mvc.ViewFeatures.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Mvc.ViewFeatures.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.ResponseCaching.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.ResponseCaching.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.ResponseCaching.Abstractions.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Routing, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Routing.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Routing.dll</HintPath>
+      <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.Routing.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.Routing.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.Routing.Abstractions.dll</HintPath>
+      <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.AspNetCore.WebUtilities, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNetCore.WebUtilities.2.1.0\lib\netstandard2.0\Microsoft.AspNetCore.WebUtilities.dll</HintPath>
+      <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.Bcl.AsyncInterfaces, Version=1.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Bcl.AsyncInterfaces.1.1.1\lib\net461\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
@@ -160,26 +168,26 @@
     <Reference Include="Microsoft.Bcl.HashCode, Version=1.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Bcl.HashCode.1.1.0\lib\net461\Microsoft.Bcl.HashCode.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.CodeAnalysis, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.Common.1.3.2\lib\net45\Microsoft.CodeAnalysis.dll</HintPath>
+    <Reference Include="Microsoft.CodeAnalysis, Version=2.10.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.CodeAnalysis.Common.2.10.0\lib\netstandard1.3\Microsoft.CodeAnalysis.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.CSharp, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.CSharp.1.3.2\lib\net45\Microsoft.CodeAnalysis.CSharp.dll</HintPath>
+    <Reference Include="Microsoft.CodeAnalysis.CSharp, Version=2.10.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.CodeAnalysis.CSharp.2.10.0\lib\netstandard1.3\Microsoft.CodeAnalysis.CSharp.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.CSharp.Workspaces, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.CSharp.Workspaces.1.3.2\lib\net45\Microsoft.CodeAnalysis.CSharp.Workspaces.dll</HintPath>
+    <Reference Include="Microsoft.CodeAnalysis.CSharp.Workspaces, Version=2.10.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.CodeAnalysis.CSharp.Workspaces.2.10.0\lib\netstandard1.3\Microsoft.CodeAnalysis.CSharp.Workspaces.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.VisualBasic, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.VisualBasic.1.3.2\lib\net45\Microsoft.CodeAnalysis.VisualBasic.dll</HintPath>
+    <Reference Include="Microsoft.CodeAnalysis.VisualBasic, Version=2.10.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.CodeAnalysis.VisualBasic.2.10.0\lib\netstandard1.3\Microsoft.CodeAnalysis.VisualBasic.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.VisualBasic.Workspaces, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.VisualBasic.Workspaces.1.3.2\lib\net45\Microsoft.CodeAnalysis.VisualBasic.Workspaces.dll</HintPath>
+    <Reference Include="Microsoft.CodeAnalysis.VisualBasic.Workspaces, Version=2.10.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.CodeAnalysis.VisualBasic.Workspaces.2.10.0\lib\netstandard1.3\Microsoft.CodeAnalysis.VisualBasic.Workspaces.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.Workspaces, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.Workspaces.Common.1.3.2\lib\net45\Microsoft.CodeAnalysis.Workspaces.dll</HintPath>
+    <Reference Include="Microsoft.CodeAnalysis.Workspaces, Version=2.10.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.CodeAnalysis.Workspaces.Common.2.10.0\lib\net46\Microsoft.CodeAnalysis.Workspaces.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.Workspaces.Desktop, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.Workspaces.Common.1.3.2\lib\net45\Microsoft.CodeAnalysis.Workspaces.Desktop.dll</HintPath>
+    <Reference Include="Microsoft.CodeAnalysis.Workspaces.Desktop, Version=2.10.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.CodeAnalysis.Workspaces.Common.2.10.0\lib\net46\Microsoft.CodeAnalysis.Workspaces.Desktop.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Data.Sqlite, Version=1.1.1.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Data.Sqlite.1.1.1\lib\net451\Microsoft.Data.Sqlite.dll</HintPath>
@@ -226,11 +234,11 @@
     <Reference Include="Microsoft.Extensions.Hosting.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Extensions.Hosting.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.Extensions.Hosting.Abstractions.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.Extensions.Localization, Version=1.1.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Extensions.Localization.1.1.3\lib\net451\Microsoft.Extensions.Localization.dll</HintPath>
+    <Reference Include="Microsoft.Extensions.Localization, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Extensions.Localization.2.1.0\lib\netstandard2.0\Microsoft.Extensions.Localization.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.Extensions.Localization.Abstractions, Version=1.1.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Extensions.Localization.Abstractions.1.1.3\lib\netstandard1.0\Microsoft.Extensions.Localization.Abstractions.dll</HintPath>
+    <Reference Include="Microsoft.Extensions.Localization.Abstractions, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Extensions.Localization.Abstractions.2.1.0\lib\netstandard2.0\Microsoft.Extensions.Localization.Abstractions.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Extensions.Logging, Version=3.1.4.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Extensions.Logging.3.1.4\lib\netstandard2.0\Microsoft.Extensions.Logging.dll</HintPath>
@@ -250,8 +258,8 @@
     <Reference Include="Microsoft.Extensions.Primitives, Version=3.1.4.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Extensions.Primitives.3.1.4\lib\netstandard2.0\Microsoft.Extensions.Primitives.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.Extensions.WebEncoders, Version=1.1.2.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Extensions.WebEncoders.1.1.2\lib\netstandard1.0\Microsoft.Extensions.WebEncoders.dll</HintPath>
+    <Reference Include="Microsoft.Extensions.WebEncoders, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Extensions.WebEncoders.2.1.0\lib\netstandard2.0\Microsoft.Extensions.WebEncoders.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Net.Http.Headers, Version=2.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Net.Http.Headers.2.1.0\lib\netstandard2.0\Microsoft.Net.Http.Headers.dll</HintPath>
@@ -262,14 +270,11 @@
     <Reference Include="Microsoft.Practices.EnterpriseLibrary.Data, Version=6.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\EnterpriseLibrary.Data.6.0.1304.0\lib\NET45\Microsoft.Practices.EnterpriseLibrary.Data.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.VisualStudio.CodeCoverage.Shim, Version=15.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeCoverage.16.6.1\lib\net45\Microsoft.VisualStudio.CodeCoverage.Shim.dll</HintPath>
-    </Reference>
     <Reference Include="Microsoft.VisualStudio.TestPlatform.TestFramework, Version=14.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\MSTest.TestFramework.2.1.1\lib\net45\Microsoft.VisualStudio.TestPlatform.TestFramework.dll</HintPath>
+      <HintPath>..\packages\MSTest.TestFramework.2.1.0\lib\net45\Microsoft.VisualStudio.TestPlatform.TestFramework.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions, Version=14.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\MSTest.TestFramework.2.1.1\lib\net45\Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll</HintPath>
+      <HintPath>..\packages\MSTest.TestFramework.2.1.0\lib\net45\Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Web.Infrastructure, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Web.Infrastructure.1.0.0.0\lib\net40\Microsoft.Web.Infrastructure.dll</HintPath>
@@ -278,12 +283,23 @@
     <Reference Include="Microsoft.Web.XmlTransform, Version=15.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Web.Xdt.2.1.2\lib\net40\Microsoft.Web.XmlTransform.dll</HintPath>
     </Reference>
+    <Reference Include="Microsoft.Win32.Primitives, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Win32.Primitives.4.3.0\lib\net46\Microsoft.Win32.Primitives.dll</HintPath>
+      <Private>True</Private>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Win32.Registry, Version=4.1.1.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Win32.Registry.4.5.0\lib\net461\Microsoft.Win32.Registry.dll</HintPath>
+    </Reference>
     <Reference Include="Moq, Version=4.5.16.0, Culture=neutral, PublicKeyToken=69f491c39445e920, processorArchitecture=MSIL">
       <HintPath>..\packages\Moq.4.5.16\lib\net45\Moq.dll</HintPath>
       <Private>True</Private>
     </Reference>
-    <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
-      <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll</HintPath>
+    <Reference Include="Newtonsoft.Json, Version=11.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.11.0.2\lib\net45\Newtonsoft.Json.dll</HintPath>
+    </Reference>
+    <Reference Include="Newtonsoft.Json.Bson, Version=1.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.Bson.1.0.1\lib\net45\Newtonsoft.Json.Bson.dll</HintPath>
     </Reference>
     <Reference Include="NHibernate, Version=4.1.0.4000, Culture=neutral, PublicKeyToken=aa95f207798dfdb4, processorArchitecture=MSIL">
       <HintPath>..\packages\NHibernate.4.1.2.4000\lib\net40\NHibernate.dll</HintPath>
@@ -297,8 +313,23 @@
     <Reference Include="ServiceStack.Text, Version=5.0.0.0, Culture=neutral, PublicKeyToken=02c12cbda47e6587, processorArchitecture=MSIL">
       <HintPath>..\packages\ServiceStack.Text.5.0.2\lib\net45\ServiceStack.Text.dll</HintPath>
     </Reference>
+    <Reference Include="SQLitePCLRaw.batteries_green, Version=1.0.0.0, Culture=neutral, PublicKeyToken=a84b7dcfb1391f7f, processorArchitecture=MSIL">
+      <HintPath>..\packages\SQLitePCLRaw.bundle_green.1.1.2\lib\net45\SQLitePCLRaw.batteries_green.dll</HintPath>
+    </Reference>
+    <Reference Include="SQLitePCLRaw.batteries_v2, Version=1.0.0.0, Culture=neutral, PublicKeyToken=8226ea5df37bcae9, processorArchitecture=MSIL">
+      <HintPath>..\packages\SQLitePCLRaw.bundle_green.1.1.2\lib\net45\SQLitePCLRaw.batteries_v2.dll</HintPath>
+    </Reference>
+    <Reference Include="SQLitePCLRaw.core, Version=1.0.0.0, Culture=neutral, PublicKeyToken=1488e028ca7ab535, processorArchitecture=MSIL">
+      <HintPath>..\packages\SQLitePCLRaw.core.1.1.2\lib\net45\SQLitePCLRaw.core.dll</HintPath>
+    </Reference>
+    <Reference Include="SQLitePCLRaw.provider.e_sqlite3, Version=1.0.0.0, Culture=neutral, PublicKeyToken=9c301db686d0bd12, processorArchitecture=MSIL">
+      <HintPath>..\packages\SQLitePCLRaw.provider.e_sqlite3.net45.1.1.2\lib\net45\SQLitePCLRaw.provider.e_sqlite3.dll</HintPath>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Activities" />
+    <Reference Include="System.AppContext, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.AppContext.4.3.0\lib\net46\System.AppContext.dll</HintPath>
+    </Reference>
     <Reference Include="System.Buffers, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Buffers.4.5.1\lib\net461\System.Buffers.dll</HintPath>
     </Reference>
@@ -310,40 +341,63 @@
     </Reference>
     <Reference Include="System.ComponentModel.Composition" />
     <Reference Include="System.ComponentModel.DataAnnotations" />
-    <Reference Include="System.Composition.AttributedModel, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.AttributedModel.dll</HintPath>
-      <Private>True</Private>
+    <Reference Include="System.Composition.AttributedModel, Version=1.0.31.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Composition.AttributedModel.1.0.31\lib\portable-net45+win8+wp8+wpa81\System.Composition.AttributedModel.dll</HintPath>
     </Reference>
-    <Reference Include="System.Composition.Convention, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.Convention.dll</HintPath>
-      <Private>True</Private>
+    <Reference Include="System.Composition.Convention, Version=1.0.31.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Composition.Convention.1.0.31\lib\portable-net45+win8+wp8+wpa81\System.Composition.Convention.dll</HintPath>
     </Reference>
-    <Reference Include="System.Composition.Hosting, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.Hosting.dll</HintPath>
-      <Private>True</Private>
+    <Reference Include="System.Composition.Hosting, Version=1.0.31.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Composition.Hosting.1.0.31\lib\portable-net45+win8+wp8+wpa81\System.Composition.Hosting.dll</HintPath>
     </Reference>
-    <Reference Include="System.Composition.Runtime, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.Runtime.dll</HintPath>
-      <Private>True</Private>
+    <Reference Include="System.Composition.Runtime, Version=1.0.31.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Composition.Runtime.1.0.31\lib\portable-net45+win8+wp8+wpa81\System.Composition.Runtime.dll</HintPath>
     </Reference>
-    <Reference Include="System.Composition.TypedParts, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.TypedParts.dll</HintPath>
-      <Private>True</Private>
+    <Reference Include="System.Composition.TypedParts, Version=1.0.31.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Composition.TypedParts.1.0.31\lib\portable-net45+win8+wp8+wpa81\System.Composition.TypedParts.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Console, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Console.4.3.0\lib\net46\System.Console.dll</HintPath>
     </Reference>
-    <Reference Include="System.Configuration" />
     <Reference Include="System.Core" />
     <Reference Include="System.Data.Linq" />
+    <Reference Include="System.Data.OracleClient" />
     <Reference Include="System.Data.SQLite, Version=1.0.109.0, Culture=neutral, PublicKeyToken=db937bc2d44ff139, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.Data.SQLite.Core.1.0.109.2\lib\net451\System.Data.SQLite.dll</HintPath>
+      <HintPath>..\packages\System.Data.SQLite.Core.1.0.109.2\lib\net46\System.Data.SQLite.dll</HintPath>
     </Reference>
     <Reference Include="System.Diagnostics.DiagnosticSource, Version=4.0.5.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Diagnostics.DiagnosticSource.4.7.1\lib\net46\System.Diagnostics.DiagnosticSource.dll</HintPath>
     </Reference>
+    <Reference Include="System.Diagnostics.FileVersionInfo, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Diagnostics.FileVersionInfo.4.3.0\lib\net46\System.Diagnostics.FileVersionInfo.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Diagnostics.StackTrace, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Diagnostics.StackTrace.4.3.0\lib\net46\System.Diagnostics.StackTrace.dll</HintPath>
+    </Reference>
     <Reference Include="System.DirectoryServices" />
+    <Reference Include="System.Drawing" />
+    <Reference Include="System.Globalization.Calendars, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Globalization.Calendars.4.3.0\lib\net46\System.Globalization.Calendars.dll</HintPath>
+      <Private>True</Private>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="System.Interactive.Async, Version=3.0.0.0, Culture=neutral, PublicKeyToken=94bc3704cddfc263, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Interactive.Async.3.0.0\lib\net45\System.Interactive.Async.dll</HintPath>
     </Reference>
     <Reference Include="System.IO.Compression" />
+    <Reference Include="System.IO.Compression.FileSystem" />
+    <Reference Include="System.IO.Compression.ZipFile, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.IO.Compression.ZipFile.4.3.0\lib\net46\System.IO.Compression.ZipFile.dll</HintPath>
+      <Private>True</Private>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="System.IO.FileSystem, Version=4.0.2.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.IO.FileSystem.4.3.0\lib\net46\System.IO.FileSystem.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="System.IO.FileSystem.Primitives, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.IO.FileSystem.Primitives.4.3.0\lib\net46\System.IO.FileSystem.Primitives.dll</HintPath>
+    </Reference>
     <Reference Include="System.Memory, Version=4.0.1.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Memory.4.5.4\lib\net461\System.Memory.dll</HintPath>
     </Reference>
@@ -351,37 +405,72 @@
     <Reference Include="System.Net" />
     <Reference Include="System.Net.Http" />
     <Reference Include="System.Net.Http.WebRequest" />
+    <Reference Include="System.Net.Sockets, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Net.Sockets.4.3.0\lib\net46\System.Net.Sockets.dll</HintPath>
+      <Private>True</Private>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="System.Numerics" />
     <Reference Include="System.Numerics.Vectors, Version=4.1.4.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Numerics.Vectors.4.5.0\lib\net46\System.Numerics.Vectors.dll</HintPath>
     </Reference>
-    <Reference Include="System.Reflection.Metadata, Version=1.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.Reflection.Metadata.1.3.0\lib\portable-net45+win8\System.Reflection.Metadata.dll</HintPath>
+    <Reference Include="System.Reflection.Metadata, Version=1.4.3.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Reflection.Metadata.1.6.0\lib\netstandard2.0\System.Reflection.Metadata.dll</HintPath>
     </Reference>
     <Reference Include="System.Runtime.CompilerServices.Unsafe, Version=4.0.6.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Runtime.CompilerServices.Unsafe.4.7.1\lib\net461\System.Runtime.CompilerServices.Unsafe.dll</HintPath>
     </Reference>
-    <Reference Include="System.Runtime.InteropServices.RuntimeInformation, Version=4.0.1.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+    <Reference Include="System.Runtime.InteropServices.RuntimeInformation, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Runtime.InteropServices.RuntimeInformation.4.3.0\lib\net45\System.Runtime.InteropServices.RuntimeInformation.dll</HintPath>
     </Reference>
     <Reference Include="System.Runtime.Serialization" />
     <Reference Include="System.Runtime.Serialization.Formatters.Soap" />
     <Reference Include="System.Security" />
+    <Reference Include="System.Security.AccessControl, Version=4.1.1.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.AccessControl.4.5.0\lib\net461\System.Security.AccessControl.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Cryptography.Algorithms, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Cryptography.Algorithms.4.3.0\lib\net46\System.Security.Cryptography.Algorithms.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Cryptography.Encoding, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Cryptography.Encoding.4.3.0\lib\net46\System.Security.Cryptography.Encoding.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Cryptography.Primitives, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Cryptography.Primitives.4.3.0\lib\net46\System.Security.Cryptography.Primitives.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Cryptography.X509Certificates, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Cryptography.X509Certificates.4.3.0\lib\net46\System.Security.Cryptography.X509Certificates.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Cryptography.Xml, Version=4.0.1.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Cryptography.Xml.4.5.0\lib\net461\System.Security.Cryptography.Xml.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Permissions, Version=4.0.1.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Permissions.4.5.0\lib\net461\System.Security.Permissions.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Principal.Windows, Version=4.1.1.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Principal.Windows.4.5.0\lib\net461\System.Security.Principal.Windows.dll</HintPath>
+    </Reference>
+    <Reference Include="System.ServiceProcess" />
+    <Reference Include="System.Text.Encoding.CodePages, Version=4.0.2.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Text.Encoding.CodePages.4.3.0\lib\net46\System.Text.Encoding.CodePages.dll</HintPath>
+    </Reference>
     <Reference Include="System.Text.Encodings.Web, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.Text.Encodings.Web.4.5.0\lib\netstandard1.0\System.Text.Encodings.Web.dll</HintPath>
+      <HintPath>..\packages\System.Text.Encodings.Web.4.5.0\lib\netstandard2.0\System.Text.Encodings.Web.dll</HintPath>
     </Reference>
     <Reference Include="System.Threading.Tasks.Extensions, Version=4.2.0.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Threading.Tasks.Extensions.4.5.4\lib\net461\System.Threading.Tasks.Extensions.dll</HintPath>
     </Reference>
+    <Reference Include="System.Threading.Thread, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Threading.Thread.4.3.0\lib\net46\System.Threading.Thread.dll</HintPath>
+    </Reference>
     <Reference Include="System.Transactions" />
-    <Reference Include="System.ValueTuple, Version=4.0.1.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+    <Reference Include="System.ValueTuple, Version=4.3.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.ValueTuple.4.3.0\lib\netstandard1.0\System.ValueTuple.dll</HintPath>
     </Reference>
     <Reference Include="System.Web" />
     <Reference Include="System.Web.Extensions" />
     <Reference Include="System.Web.Helpers, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.WebPages.3.2.3\lib\net45\System.Web.Helpers.dll</HintPath>
-      <Private>True</Private>
     </Reference>
     <Reference Include="System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.Mvc.5.2.3\lib\net45\System.Web.Mvc.dll</HintPath>
@@ -389,19 +478,15 @@
     </Reference>
     <Reference Include="System.Web.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.Razor.3.2.3\lib\net45\System.Web.Razor.dll</HintPath>
-      <Private>True</Private>
     </Reference>
     <Reference Include="System.Web.WebPages, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.WebPages.3.2.3\lib\net45\System.Web.WebPages.dll</HintPath>
-      <Private>True</Private>
     </Reference>
     <Reference Include="System.Web.WebPages.Deployment, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.WebPages.3.2.3\lib\net45\System.Web.WebPages.Deployment.dll</HintPath>
-      <Private>True</Private>
     </Reference>
     <Reference Include="System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.WebPages.3.2.3\lib\net45\System.Web.WebPages.Razor.dll</HintPath>
-      <Private>True</Private>
     </Reference>
     <Reference Include="System.Workflow.ComponentModel" />
     <Reference Include="System.Xml.Linq" />
@@ -409,6 +494,15 @@
     <Reference Include="Microsoft.CSharp" />
     <Reference Include="System.Data" />
     <Reference Include="System.Xml" />
+    <Reference Include="System.Xml.XmlDocument, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Xml.XmlDocument.4.3.0\lib\net46\System.Xml.XmlDocument.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Xml.XPath, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Xml.XPath.4.3.0\lib\net46\System.Xml.XPath.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Xml.XPath.XDocument, Version=4.3.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Xml.XPath.XDocument.4.3.0\lib\net46\System.Xml.XPath.XDocument.dll</HintPath>
+    </Reference>
   </ItemGroup>
   <ItemGroup>
     <Compile Include="Helpers\CsToVbConverter.cs" />
@@ -432,7 +526,6 @@
     <Compile Include="Tests\Taint\LdapInjectionAnalyzerTest.cs" />
     <Compile Include="Tests\Taint\SqlInjectionAnalyzerTest.cs" />
     <Compile Include="Tests\Taint\TaintAnalyzerSanitizerTest.cs" />
-    <Compile Include="Tests\Taint\TaintTransferInterpolationTest.cs" />
     <Compile Include="Tests\Taint\TaintTransferTest.cs" />
     <Compile Include="Tests\Taint\UnsafeDeserializationTests.cs" />
     <Compile Include="Tests\UnsafeDeserializationAnalyzerTests.cs" />
@@ -471,38 +564,41 @@
     <None Include="packages.config">
       <SubType>Designer</SubType>
     </None>
+    <None Include="Tests\Config\AuditMode.yml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
   </ItemGroup>
   <ItemGroup>
-    <ProjectReference Include="..\SecurityCodeScan\SecurityCodeScan.csproj">
-      <Project>{D7034F4A-4741-4493-8E1E-0A6D3BE9734E}</Project>
-      <Name>SecurityCodeScan</Name>
-    </ProjectReference>
+    <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
   </ItemGroup>
   <ItemGroup>
-    <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
+    <Analyzer Include="..\packages\Microsoft.CodeAnalysis.Analyzers.2.6.1\analyzers\dotnet\cs\Microsoft.CodeAnalysis.Analyzers.dll" />
+    <Analyzer Include="..\packages\Microsoft.CodeAnalysis.Analyzers.2.6.1\analyzers\dotnet\cs\Microsoft.CodeAnalysis.CSharp.Analyzers.dll" />
   </ItemGroup>
   <ItemGroup>
-    <Analyzer Include="..\packages\Microsoft.CodeAnalysis.Analyzers.1.1.0\analyzers\dotnet\cs\Microsoft.CodeAnalysis.Analyzers.dll" />
-    <Analyzer Include="..\packages\Microsoft.CodeAnalysis.Analyzers.1.1.0\analyzers\dotnet\cs\Microsoft.CodeAnalysis.CSharp.Analyzers.dll" />
+    <ProjectReference Include="..\SecurityCodeScan\SecurityCodeScan.csproj">
+      <Project>{d7034f4a-4741-4493-8e1e-0a6d3be9734e}</Project>
+      <Name>SecurityCodeScan</Name>
+    </ProjectReference>
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
     <PropertyGroup>
       <ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them.  For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
     </PropertyGroup>
-    <Error Condition="!Exists('..\packages\System.Data.SQLite.Core.1.0.109.2\build\net451\System.Data.SQLite.Core.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\System.Data.SQLite.Core.1.0.109.2\build\net451\System.Data.SQLite.Core.targets'))" />
+    <Error Condition="!Exists('..\packages\System.Data.SQLite.Core.1.0.109.2\build\net46\System.Data.SQLite.Core.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\System.Data.SQLite.Core.1.0.109.2\build\net46\System.Data.SQLite.Core.targets'))" />
     <Error Condition="!Exists('..\packages\SQLite.3.13.0\build\net45\SQLite.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\SQLite.3.13.0\build\net45\SQLite.props'))" />
-    <Error Condition="!Exists('..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.props'))" />
-    <Error Condition="!Exists('..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.targets'))" />
-    <Error Condition="!Exists('..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.props'))" />
-    <Error Condition="!Exists('..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.targets'))" />
-    <Error Condition="!Exists('..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.props'))" />
-    <Error Condition="!Exists('..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.targets'))" />
+    <Error Condition="!Exists('..\packages\SQLitePCLRaw.lib.e_sqlite3.v110_xp.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.v110_xp.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\SQLitePCLRaw.lib.e_sqlite3.v110_xp.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.v110_xp.targets'))" />
+    <Error Condition="!Exists('..\packages\SQLitePCLRaw.lib.e_sqlite3.osx.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.osx.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\SQLitePCLRaw.lib.e_sqlite3.osx.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.osx.targets'))" />
+    <Error Condition="!Exists('..\packages\SQLitePCLRaw.lib.e_sqlite3.linux.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.linux.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\SQLitePCLRaw.lib.e_sqlite3.linux.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.linux.targets'))" />
+    <Error Condition="!Exists('..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.props'))" />
+    <Error Condition="!Exists('..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.targets'))" />
   </Target>
-  <Import Project="..\packages\System.Data.SQLite.Core.1.0.109.2\build\net451\System.Data.SQLite.Core.targets" Condition="Exists('..\packages\System.Data.SQLite.Core.1.0.109.2\build\net451\System.Data.SQLite.Core.targets')" />
-  <Import Project="..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.targets" Condition="Exists('..\packages\MSTest.TestAdapter.2.1.1\build\net45\MSTest.TestAdapter.targets')" />
-  <Import Project="..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.targets" Condition="Exists('..\packages\Microsoft.CodeCoverage.16.6.1\build\netstandard1.0\Microsoft.CodeCoverage.targets')" />
-  <Import Project="..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.targets" Condition="Exists('..\packages\Microsoft.NET.Test.Sdk.16.6.1\build\net40\Microsoft.NET.Test.Sdk.targets')" />
+  <Import Project="..\packages\System.Data.SQLite.Core.1.0.109.2\build\net46\System.Data.SQLite.Core.targets" Condition="Exists('..\packages\System.Data.SQLite.Core.1.0.109.2\build\net46\System.Data.SQLite.Core.targets')" />
+  <Import Project="..\packages\SQLitePCLRaw.lib.e_sqlite3.v110_xp.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.v110_xp.targets" Condition="Exists('..\packages\SQLitePCLRaw.lib.e_sqlite3.v110_xp.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.v110_xp.targets')" />
+  <Import Project="..\packages\SQLitePCLRaw.lib.e_sqlite3.osx.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.osx.targets" Condition="Exists('..\packages\SQLitePCLRaw.lib.e_sqlite3.osx.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.osx.targets')" />
+  <Import Project="..\packages\SQLitePCLRaw.lib.e_sqlite3.linux.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.linux.targets" Condition="Exists('..\packages\SQLitePCLRaw.lib.e_sqlite3.linux.1.1.2\build\SQLitePCLRaw.lib.e_sqlite3.linux.targets')" />
+  <Import Project="..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.targets" Condition="Exists('..\packages\MSTest.TestAdapter.2.1.0\build\net45\MSTest.TestAdapter.targets')" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
   <Target Name="BeforeBuild">
diff --git a/SecurityCodeScan.Test/Tests/Audit/AuditTest.cs b/SecurityCodeScan.Test/Tests/Audit/AuditTest.cs
index ef3608d3..83abff15 100644
--- a/SecurityCodeScan.Test/Tests/Audit/AuditTest.cs
+++ b/SecurityCodeScan.Test/Tests/Audit/AuditTest.cs
@@ -8,7 +8,7 @@ namespace SecurityCodeScan.Test.Audit
 {
     public sealed class AuditTest
     {
-        private const string ConfigPath = @"Config\AuditMode.yml";
+        private const string ConfigPath = @"Tests\Config\AuditMode.yml";
 
         // Multi-thread safe initialization, guaranteed to be called only once
         private static readonly Lazy<Task<AnalyzerOptions>> Config = new Lazy<Task<AnalyzerOptions>>(async () =>
diff --git a/SecurityCodeScan.Test/Tests/Audit/CsrfTokenAnalyzerAuditTest.cs b/SecurityCodeScan.Test/Tests/Audit/CsrfTokenAnalyzerAuditTest.cs
index 6e062db4..0b581308 100644
--- a/SecurityCodeScan.Test/Tests/Audit/CsrfTokenAnalyzerAuditTest.cs
+++ b/SecurityCodeScan.Test/Tests/Audit/CsrfTokenAnalyzerAuditTest.cs
@@ -74,6 +74,7 @@ public async Task CsrfValidateAntiForgeryTokenFromBodyApiController()
 
 namespace VulnerableApp
 {{
+    [ApiController]
     public class TestController : Controller
     {{
         [HttpPost]
@@ -87,6 +88,7 @@ public virtual void ControllerMethod([FromBody]string input) {{
 Imports {Namespace}
 
 Namespace VulnerableApp
+    <ApiController>
     Public Class TestController
         Inherits Controller
 
@@ -97,12 +99,12 @@ End Class
 End Namespace
 ";
 
-            await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(9, 29)
+            await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(10, 29)
                                                              .WithMessage(ExpectedFromBodyMessage),
                                          Options)
                 .ConfigureAwait(false);
 
-            await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(9, 32)
+            await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(10, 32)
                                                                        .WithMessage(ExpectedFromBodyMessage),
                                               Options)
                 .ConfigureAwait(false);
diff --git a/SecurityCodeScan/Config/AuditMode.yml b/SecurityCodeScan.Test/Tests/Config/AuditMode.yml
similarity index 100%
rename from SecurityCodeScan/Config/AuditMode.yml
rename to SecurityCodeScan.Test/Tests/Config/AuditMode.yml
diff --git a/SecurityCodeScan.Test/Tests/CsrfTokenAnalyzerTest.cs b/SecurityCodeScan.Test/Tests/CsrfTokenAnalyzerTest.cs
index 86215562..e010b6c5 100644
--- a/SecurityCodeScan.Test/Tests/CsrfTokenAnalyzerTest.cs
+++ b/SecurityCodeScan.Test/Tests/CsrfTokenAnalyzerTest.cs
@@ -734,7 +734,6 @@ public class CoreCsrfTokenAnalyzerTest : CoreCsrfTokenAnalyzerBaseTest
         private const string ExpectedMessage = "Controller method is vulnerable to CSRF";
 
         [TestMethod]
-        [Ignore("No ApiController before ASP.NET Core 2.1")]
         public async Task CsrfValidateAntiForgeryTokenApiControllerDefault()
         {
             var cSharpTest = $@"
@@ -779,6 +778,7 @@ public async Task CsrfValidateAntiForgeryTokenFromBody()
 
 namespace VulnerableApp
 {{
+    [ApiController]
     public class TestController : Controller
     {{
         [HttpPost]
@@ -792,6 +792,7 @@ public virtual void ControllerMethod([FromBody]string input) {{
 Imports {Namespace}
 
 Namespace VulnerableApp
+    <ApiController>
     Public Class TestController
         Inherits Controller
 
@@ -857,6 +858,7 @@ public async Task CsrfValidateAntiForgeryTokenFromForm()
 
 namespace VulnerableApp
 {{
+    [ApiController]
     public class TestController : Controller
     {{
         [HttpPost]
@@ -870,6 +872,7 @@ public virtual void ControllerMethod([FromForm]string input) {{
 Imports {Namespace}
 
 Namespace VulnerableApp
+    <ApiController>
     Public Class TestController
         Inherits Controller
 
@@ -880,8 +883,8 @@ End Class
 End Namespace
 ";
 
-            await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(9, 29).WithMessage(ExpectedMessage)).ConfigureAwait(false);
-            await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(9, 32).WithMessage(ExpectedMessage)).ConfigureAwait(false);
+            await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(10, 29).WithMessage(ExpectedMessage)).ConfigureAwait(false);
+            await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(10, 32).WithMessage(ExpectedMessage)).ConfigureAwait(false);
         }
 
         [TestMethod]
diff --git a/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerControlFlowTest.cs b/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerControlFlowTest.cs
index 148ad31c..f38ab39d 100644
--- a/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerControlFlowTest.cs
+++ b/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerControlFlowTest.cs
@@ -532,11 +532,72 @@ public void Foo(object o)
             await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
         }
 
+        [TestCategory("Detect")]
+        [TestMethod]
+        public async Task PatternMatchingSwitch()
+        {
+            var cSharpTest = @"
+using System;
+using System.Data.SqlClient;
+using System.Web.Mvc;
+
+namespace sample
+{
+    class Test : Controller
+    {
+        public void Foo(object o)
+        {
+            switch(o)
+            {
+            case String s:
+                new SqlCommand(s);
+                break;
+            }
+        }
+    }
+}
+";
+
+            await VerifyCSharpDiagnostic(cSharpTest, Expected).ConfigureAwait(false);
+        }
+
+        [TestCategory("Detect")]
+        [TestMethod]
+        public async Task PatternMatchingSwitch2()
+        {
+            var cSharpTest = @"
+using System;
+using System.Data.SqlClient;
+using System.Web.Mvc;
+
+namespace sample
+{
+    class Test : Controller
+    {
+        public void Foo(object o)
+        {
+            string x = null;
+            switch(o)
+            {
+            case String s:
+                x = s;
+                break;
+            }
+            new SqlCommand(x);
+        }
+    }
+}
+";
+
+            await VerifyCSharpDiagnostic(cSharpTest, Expected).ConfigureAwait(false);
+        }
+
         [TestCategory("Safe")]
         [TestMethod]
         public async Task Cast()
         {
             var cSharpTest = @"
+using System;
 using System.Data.SqlClient;
 using System.Web.Mvc;
 
@@ -549,6 +610,14 @@ public void Foo()
             new SqlCommand((string)null);
             new SqlCommand(null as string);
             new SqlCommand(default(string));
+
+            object o = null;
+            switch(o)
+            {
+            case String s:
+                new SqlCommand(s);
+                break;
+            }
         }
     }
 }
diff --git a/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerSanitizerTest.cs b/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerSanitizerTest.cs
index 2fe8cc57..a68111fd 100644
--- a/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerSanitizerTest.cs
+++ b/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerSanitizerTest.cs
@@ -31,6 +31,8 @@ protected override IEnumerable<DiagnosticAnalyzer> GetDiagnosticAnalyzers(string
                                                      .Location),
             MetadataReference.CreateFromFile(Assembly.Load("System.IO, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
                                                      .Location),
+            MetadataReference.CreateFromFile(Assembly.Load("netstandard, Version=2.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51")
+                                                     .Location),
             MetadataReference.CreateFromFile(typeof(System.DirectoryServices.DirectorySearcher).Assembly.Location),
             MetadataReference.CreateFromFile(typeof(Microsoft.Security.Application.Encoder).Assembly.Location),
             MetadataReference.CreateFromFile(typeof(Microsoft.AspNetCore.Http.HttpResponse).Assembly.Location),
diff --git a/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerTest.cs b/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerTest.cs
index 2628b4d6..72c6ea48 100644
--- a/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerTest.cs
+++ b/SecurityCodeScan.Test/Tests/Taint/TaintAnalyzerTest.cs
@@ -1796,7 +1796,6 @@ void Foo()
         [DataRow("new String('x', 3)",        "stringConst")]
         [DataRow("new System.String('x', 3)", "stringConst")]
         [DataTestMethod]
-        [Ignore("add C# 7.0 support")]
         public async Task VariableConcatenationPropertyExpressionBodyGetCSharp(string initializer, string accessor)
         {
             var cSharpTest = $@"
@@ -1825,6 +1824,8 @@ void Foo()
             await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
             var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
             await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
+
+            // AFAIK expression body are not supported in VB
         }
 
         [TestCategory("Safe")]
@@ -3350,6 +3351,55 @@ End Module
             await VerifyVisualBasicDiagnostic(vbTest).ConfigureAwait(false);
         }
 
+        [TestMethod]
+        [TestCategory("Detect")]
+        public async Task UsingDiscards()
+        {
+            var cSharpTest = @"
+class Test
+{
+    public void Foo(string userInput)
+    {
+        _ = this.Get(userInput, out var yourstring);
+        Sink(yourstring);
+    }
+
+    private bool Get(string input, out string yourstring)
+    {
+        yourstring = input;
+        return false;
+    }
+
+    private void Sink(string input)
+    {
+    }
+}
+";
+
+            var testConfig = @"
+TaintEntryPoints:
+  Test:
+    ClassName: Test
+
+Behavior:
+  123:
+    ClassName: Test
+    Name: Get
+    Method:
+      1:
+        TaintFromArguments: [0]
+
+  MyKey:
+    ClassName: Test
+    Name: Sink
+    Method:
+      InjectableArguments: [SCS0026: 0]
+";
+
+            var optionsWithProjectConfig = ConfigurationTest.CreateAnalyzersOptionsWithConfig(testConfig);
+            await VerifyCSharpDiagnostic(cSharpTest, Expected, optionsWithProjectConfig).ConfigureAwait(false);
+        }
+
         [TestMethod]
         [TestCategory("Detect")]
         public async Task ExtensionMethodWithPostCondition()
diff --git a/SecurityCodeScan.Test/Tests/XssPreventionAnalyzerTest.cs b/SecurityCodeScan.Test/Tests/XssPreventionAnalyzerTest.cs
index 053a0d9c..90b0dcb8 100644
--- a/SecurityCodeScan.Test/Tests/XssPreventionAnalyzerTest.cs
+++ b/SecurityCodeScan.Test/Tests/XssPreventionAnalyzerTest.cs
@@ -35,6 +35,8 @@ protected override IEnumerable<DiagnosticAnalyzer> GetDiagnosticAnalyzers(string
             MetadataReference.CreateFromFile(typeof(HtmlEncoder).Assembly.Location),
             MetadataReference.CreateFromFile(Assembly.Load("System.Runtime, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
                                                      .Location),
+            MetadataReference.CreateFromFile(Assembly.Load("netstandard, Version=2.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51")
+                                                     .Location),
             MetadataReference.CreateFromFile(typeof(HttpResponse).Assembly.Location),
             MetadataReference.CreateFromFile(typeof(Microsoft.EntityFrameworkCore.DbContext).Assembly.Location),
             MetadataReference.CreateFromFile(typeof(Microsoft.Security.Application.Encoder).Assembly.Location),
@@ -53,6 +55,25 @@ protected override IEnumerable<DiagnosticAnalyzer> GetDiagnosticAnalyzers(string
             Severity = DiagnosticSeverity.Warning
         };
 
+        [TestCategory("Detect")]
+        [TestMethod]
+        public async Task XssFromCSharpExpressionBody()
+        {
+            const string cSharpTest = @"
+using System.Web;
+
+class Vulnerable
+{
+    public static HttpResponse Response = null;
+    public static HttpRequest  Request  = null;
+
+    public static void Run()
+    => Response.Write(Request.Params[0]);
+}
+";
+            await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(10, 23)).ConfigureAwait(false);
+        }
+
         [DataRow("Sink((from x in new SampleContext().TestProp where x == \"aaa\" select x).SingleOrDefault())", true)]
         [DataRow("Sink((from x in new SampleContext().TestField where x == \"aaa\" select x).SingleOrDefault())", true)]
         [DataTestMethod]
@@ -231,6 +252,26 @@ End Namespace
             await VerifyVisualBasicDiagnostic(visualBasicTest, Expected).ConfigureAwait(false);
         }
 
+        [TestCategory("Detect")]
+        [TestMethod]
+        public async Task UnencodedInputDataExpression()
+        {
+            const string cSharpTest = @"
+using Microsoft.AspNetCore.Mvc;
+
+namespace VulnerableApp
+{
+    public class TestController : Controller
+    {
+        [HttpGet(""{inputData}"")]
+        public string Get(string inputData) => ""value "" + inputData;
+    }
+}
+            ";
+
+            await VerifyCSharpDiagnostic(cSharpTest, Expected).ConfigureAwait(false);
+        }
+
         [TestCategory("Detect")]
         [TestMethod]
         public async Task UnencodedInputData2()
diff --git a/SecurityCodeScan.Test/app.config b/SecurityCodeScan.Test/app.config
index 6237944f..a24d9e87 100644
--- a/SecurityCodeScan.Test/app.config
+++ b/SecurityCodeScan.Test/app.config
@@ -1,109 +1,122 @@
 <?xml version="1.0" encoding="utf-8"?>
 <configuration>
   <configSections>
-    <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
+    
     <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
-  </configSections>
+  <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 --></configSections>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Extensions.DependencyInjection.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
+        <assemblyIdentity name="System.Collections.Immutable" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.2.5.0" newVersion="1.2.5.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Extensions.ObjectPool" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="System.IO.FileSystem" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.AspNetCore.Http.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="System.IO.FileSystem.Primitives" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Extensions.Logging.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
+        <assemblyIdentity name="System.Security.Cryptography.Primitives" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Extensions.Options" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
+        <assemblyIdentity name="System.Xml.XPath.XDocument" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Net.Http.Headers" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="Microsoft.CodeAnalysis" publicKeyToken="31bf3856ad364e35" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Extensions.Primitives" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
+        <assemblyIdentity name="System.Reflection.Metadata" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.AspNetCore.Http.Features" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="System.Threading.Thread" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.AspNetCore.WebUtilities" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="Microsoft.CodeAnalysis.Workspaces" publicKeyToken="31bf3856ad364e35" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.AspNetCore.Hosting.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="System.Composition.AttributedModel" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Diagnostics.DiagnosticSource" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.0.5.0" newVersion="4.0.5.0" />
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.AspNetCore.Mvc.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="Microsoft.CodeAnalysis" publicKeyToken="31bf3856ad364e35" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.AspNetCore.Mvc.Core" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="Microsoft.CodeAnalysis.CSharp" publicKeyToken="31bf3856ad364e35" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.AspNetCore.Routing.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.1.0.0" newVersion="2.1.0.0" />
+        <assemblyIdentity name="System.Reflection.Metadata" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="System.Diagnostics.DiagnosticSource" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-4.0.5.0" newVersion="4.0.5.0" />
+        <assemblyIdentity name="Microsoft.CodeAnalysis.Workspaces" publicKeyToken="31bf3856ad364e35" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="System.Collections.Immutable" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-1.2.5.0" newVersion="1.2.5.0" />
+        <assemblyIdentity name="Microsoft.CodeAnalysis.VisualBasic" publicKeyToken="31bf3856ad364e35" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.CodeAnalysis" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-1.3.1.0" newVersion="1.3.1.0" />
+        <assemblyIdentity name="Microsoft.Extensions.DependencyInjection.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.CodeAnalysis.CSharp" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-1.3.1.0" newVersion="1.3.1.0" />
+        <assemblyIdentity name="Microsoft.Extensions.ObjectPool" publicKeyToken="adb9793829ddae60" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="System.Reflection.Metadata" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-1.3.0.0" newVersion="1.3.0.0" />
+        <assemblyIdentity name="Microsoft.AspNetCore.Http.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.CodeAnalysis.Workspaces" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-1.3.1.0" newVersion="1.3.1.0" />
+        <assemblyIdentity name="Microsoft.Extensions.Logging.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.CodeAnalysis.VisualBasic" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-1.3.1.0" newVersion="1.3.1.0" />
+        <assemblyIdentity name="Microsoft.Extensions.Options" publicKeyToken="adb9793829ddae60" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Extensions.Configuration.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
+        <assemblyIdentity name="Microsoft.Net.Http.Headers" publicKeyToken="adb9793829ddae60" culture="neutral" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Extensions.Primitives" publicKeyToken="adb9793829ddae60" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.AspNetCore.Http.Features" publicKeyToken="adb9793829ddae60" culture="neutral" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.AspNetCore.Hosting.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
+      </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Buffers" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.EntityFrameworkCore" publicKeyToken="adb9793829ddae60" culture="neutral" />
+        <assemblyIdentity name="Microsoft.Extensions.DependencyInjection" publicKeyToken="adb9793829ddae60" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Extensions.DependencyInjection" publicKeyToken="adb9793829ddae60" culture="neutral" />
+        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-11.0.0.0" newVersion="11.0.0.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.ComponentModel.Annotations" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.2.1.0" newVersion="4.2.1.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Extensions.Configuration.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.EntityFrameworkCore" publicKeyToken="adb9793829ddae60" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
       </dependentAssembly>
       <dependentAssembly>
@@ -118,16 +131,11 @@
         <assemblyIdentity name="Microsoft.Extensions.Caching.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-3.1.4.0" newVersion="3.1.4.0" />
       </dependentAssembly>
-      <dependentAssembly>
-        <assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1" />
-      </dependentAssembly>
-      <dependentAssembly>
-        <assemblyIdentity name="System.ComponentModel.Annotations" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-4.2.1.0" newVersion="4.2.1.0" />
-      </dependentAssembly>
     </assemblyBinding>
   </runtime>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
+  </startup>
   <entityFramework>
     <defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
       <parameters>
@@ -138,4 +146,4 @@
       <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
     </providers>
   </entityFramework>
-<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" /></startup></configuration>
+</configuration>
\ No newline at end of file
diff --git a/SecurityCodeScan.Test/packages.config b/SecurityCodeScan.Test/packages.config
index 96f5fe7a..3b8e1368 100644
--- a/SecurityCodeScan.Test/packages.config
+++ b/SecurityCodeScan.Test/packages.config
@@ -1,57 +1,57 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
-  <package id="AntiXSS" version="4.3.0" targetFramework="net452" />
-  <package id="CassandraCSharpDriver" version="3.0.9" targetFramework="net452" />
-  <package id="Castle.Core" version="3.3.3" targetFramework="net452" />
-  <package id="EnterpriseLibrary.Common" version="6.0.1304.0" targetFramework="net452" />
-  <package id="EnterpriseLibrary.Data" version="6.0.1304.0" targetFramework="net452" />
-  <package id="EntityFramework" version="6.2.0" targetFramework="net452" />
-  <package id="fastJSON" version="2.1.21" targetFramework="net452" />
-  <package id="Iesi.Collections" version="4.0.0.4000" targetFramework="net452" />
-  <package id="lz4net" version="1.0.5.93" targetFramework="net452" />
-  <package id="Microsoft.AspNet.Identity.Core" version="2.2.1" targetFramework="net452" />
-  <package id="Microsoft.AspNet.Mvc" version="5.2.3" targetFramework="net452" />
-  <package id="Microsoft.AspNet.Razor" version="3.2.3" targetFramework="net452" />
-  <package id="Microsoft.AspNet.WebPages" version="3.2.3" targetFramework="net452" />
-  <package id="Microsoft.AspNetCore.Antiforgery" version="1.1.3" targetFramework="net452" />
+  <package id="AntiXSS" version="4.3.0" targetFramework="net461" />
+  <package id="CassandraCSharpDriver" version="3.0.9" targetFramework="net461" />
+  <package id="Castle.Core" version="3.3.3" targetFramework="net46" />
+  <package id="EnterpriseLibrary.Common" version="6.0.1304.0" targetFramework="net461" />
+  <package id="EnterpriseLibrary.Data" version="6.0.1304.0" targetFramework="net461" />
+  <package id="EntityFramework" version="6.2.0" targetFramework="net461" />
+  <package id="fastJSON" version="2.1.21" targetFramework="net461" />
+  <package id="Iesi.Collections" version="4.0.0.4000" targetFramework="net461" />
+  <package id="lz4net" version="1.0.5.93" targetFramework="net461" />
+  <package id="ManagedEsent" version="1.9.4" targetFramework="net46" />
+  <package id="Microsoft.AspNet.Identity.Core" version="2.2.1" targetFramework="net461" />
+  <package id="Microsoft.AspNet.Mvc" version="5.2.3" targetFramework="net46" />
+  <package id="Microsoft.AspNet.Razor" version="3.2.3" targetFramework="net461" />
+  <package id="Microsoft.AspNet.WebPages" version="3.2.3" targetFramework="net461" />
+  <package id="Microsoft.AspNetCore.Antiforgery" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Authentication.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Authentication.Core" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Authorization" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Authorization.Policy" version="2.1.0" targetFramework="net461" />
-  <package id="Microsoft.AspNetCore.Cryptography.Internal" version="1.1.3" targetFramework="net452" />
-  <package id="Microsoft.AspNetCore.DataProtection" version="1.1.3" targetFramework="net452" />
-  <package id="Microsoft.AspNetCore.DataProtection.Abstractions" version="1.1.3" targetFramework="net452" />
-  <package id="Microsoft.AspNetCore.Diagnostics.Abstractions" version="1.1.6" targetFramework="net452" />
+  <package id="Microsoft.AspNetCore.Cryptography.Internal" version="2.1.0" targetFramework="net461" />
+  <package id="Microsoft.AspNetCore.DataProtection" version="2.1.0" targetFramework="net461" />
+  <package id="Microsoft.AspNetCore.DataProtection.Abstractions" version="2.1.0" targetFramework="net461" />
+  <package id="Microsoft.AspNetCore.Diagnostics.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Hosting.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Hosting.Server.Abstractions" version="2.1.0" targetFramework="net461" />
-  <package id="Microsoft.AspNetCore.Html.Abstractions" version="1.1.2" targetFramework="net452" />
+  <package id="Microsoft.AspNetCore.Html.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Http" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Http.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Http.Extensions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Http.Features" version="2.1.0" targetFramework="net461" />
-  <package id="Microsoft.AspNetCore.JsonPatch" version="1.1.2" targetFramework="net452" />
+  <package id="Microsoft.AspNetCore.JsonPatch" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Mvc.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Mvc.Core" version="2.1.0" targetFramework="net461" />
-  <package id="Microsoft.AspNetCore.Mvc.DataAnnotations" version="1.1.8" targetFramework="net452" />
-  <package id="Microsoft.AspNetCore.Mvc.Formatters.Json" version="1.1.8" targetFramework="net452" />
-  <package id="Microsoft.AspNetCore.Mvc.ViewFeatures" version="1.1.8" targetFramework="net452" />
+  <package id="Microsoft.AspNetCore.Mvc.DataAnnotations" version="2.1.0" targetFramework="net461" />
+  <package id="Microsoft.AspNetCore.Mvc.Formatters.Json" version="2.1.0" targetFramework="net461" />
+  <package id="Microsoft.AspNetCore.Mvc.ViewFeatures" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.ResponseCaching.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Routing" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.Routing.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.AspNetCore.WebUtilities" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.Bcl.AsyncInterfaces" version="1.1.1" targetFramework="net461" />
   <package id="Microsoft.Bcl.HashCode" version="1.1.0" targetFramework="net461" />
-  <package id="Microsoft.CodeAnalysis.Analyzers" version="1.1.0" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.Common" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.CSharp" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.CSharp.Workspaces" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.VisualBasic" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.VisualBasic.Workspaces" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.Workspaces.Common" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeCoverage" version="16.6.1" targetFramework="net452" />
-  <package id="Microsoft.Composition" version="1.0.27" targetFramework="net452" />
-  <package id="Microsoft.CSharp" version="4.3.0" targetFramework="net452" />
-  <package id="Microsoft.Data.Sqlite" version="1.1.1" targetFramework="net452" />
+  <package id="Microsoft.CodeAnalysis.Analyzers" version="2.6.1" targetFramework="net46" developmentDependency="true" />
+  <package id="Microsoft.CodeAnalysis.Common" version="2.10.0" targetFramework="net461" />
+  <package id="Microsoft.CodeAnalysis.CSharp" version="2.10.0" targetFramework="net461" />
+  <package id="Microsoft.CodeAnalysis.CSharp.Workspaces" version="2.10.0" targetFramework="net461" />
+  <package id="Microsoft.CodeAnalysis.VisualBasic" version="2.10.0" targetFramework="net461" />
+  <package id="Microsoft.CodeAnalysis.VisualBasic.Workspaces" version="2.10.0" targetFramework="net461" />
+  <package id="Microsoft.CodeAnalysis.Workspaces.Common" version="2.10.0" targetFramework="net461" />
+  <package id="Microsoft.Composition" version="1.0.27" targetFramework="net46" />
+  <package id="Microsoft.CSharp" version="4.5.0" targetFramework="net461" />
+  <package id="Microsoft.Data.Sqlite" version="1.1.1" targetFramework="net461" />
   <package id="Microsoft.DotNet.PlatformAbstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.EntityFrameworkCore" version="3.1.4" targetFramework="net461" />
   <package id="Microsoft.EntityFrameworkCore.Abstractions" version="3.1.4" targetFramework="net461" />
@@ -67,74 +67,113 @@
   <package id="Microsoft.Extensions.DependencyModel" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.FileProviders.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.Hosting.Abstractions" version="2.1.0" targetFramework="net461" />
-  <package id="Microsoft.Extensions.Localization" version="1.1.3" targetFramework="net452" />
-  <package id="Microsoft.Extensions.Localization.Abstractions" version="1.1.3" targetFramework="net452" />
+  <package id="Microsoft.Extensions.Localization" version="2.1.0" targetFramework="net461" />
+  <package id="Microsoft.Extensions.Localization.Abstractions" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.Logging" version="3.1.4" targetFramework="net461" />
   <package id="Microsoft.Extensions.Logging.Abstractions" version="3.1.4" targetFramework="net461" />
   <package id="Microsoft.Extensions.ObjectPool" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.Options" version="3.1.4" targetFramework="net461" />
-  <package id="Microsoft.Extensions.PlatformAbstractions" version="1.1.0" targetFramework="net452" />
+  <package id="Microsoft.Extensions.PlatformAbstractions" version="1.1.0" targetFramework="net46" />
   <package id="Microsoft.Extensions.Primitives" version="3.1.4" targetFramework="net461" />
-  <package id="Microsoft.Extensions.WebEncoders" version="1.1.2" targetFramework="net452" />
+  <package id="Microsoft.Extensions.WebEncoders" version="2.1.0" targetFramework="net461" />
   <package id="Microsoft.Net.Http.Headers" version="2.1.0" targetFramework="net461" />
-  <package id="Microsoft.NET.Test.Sdk" version="16.6.1" targetFramework="net452" />
-  <package id="Microsoft.NETCore.Platforms" version="1.1.0" targetFramework="net452" />
-  <package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net452" />
-  <package id="Microsoft.Web.Xdt" version="2.1.2" targetFramework="net452" />
-  <package id="Moq" version="4.5.16" targetFramework="net452" />
-  <package id="MSTest.TestAdapter" version="2.1.1" targetFramework="net452" />
-  <package id="MSTest.TestFramework" version="2.1.1" targetFramework="net452" />
-  <package id="NETStandard.Library" version="1.6.1" targetFramework="net452" />
-  <package id="Newtonsoft.Json" version="9.0.1" targetFramework="net452" />
-  <package id="NHibernate" version="4.1.2.4000" targetFramework="net452" />
-  <package id="Npgsql" version="3.0.8" targetFramework="net452" />
-  <package id="Remotion.Linq" version="2.1.1" targetFramework="net452" />
-  <package id="ServiceStack.Text" version="5.0.2" targetFramework="net452" />
-  <package id="SQLite" version="3.13.0" targetFramework="net452" />
+  <package id="Microsoft.NETCore.Platforms" version="1.1.0" targetFramework="net46" />
+  <package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net46" />
+  <package id="Microsoft.Web.Xdt" version="2.1.2" targetFramework="net461" />
+  <package id="Microsoft.Win32.Primitives" version="4.3.0" targetFramework="net461" />
+  <package id="Microsoft.Win32.Registry" version="4.5.0" targetFramework="net461" />
+  <package id="Moq" version="4.5.16" targetFramework="net46" />
+  <package id="MSTest.TestAdapter" version="2.1.0" targetFramework="net461" />
+  <package id="MSTest.TestFramework" version="2.1.0" targetFramework="net461" />
+  <package id="NETStandard.Library" version="1.6.1" targetFramework="net46" />
+  <package id="Newtonsoft.Json" version="11.0.2" targetFramework="net461" />
+  <package id="Newtonsoft.Json.Bson" version="1.0.1" targetFramework="net461" />
+  <package id="NHibernate" version="4.1.2.4000" targetFramework="net461" />
+  <package id="Npgsql" version="3.0.8" targetFramework="net461" />
+  <package id="Remotion.Linq" version="2.1.1" targetFramework="net461" />
+  <package id="ServiceStack.Text" version="5.0.2" targetFramework="net461" />
+  <package id="SQLite" version="3.13.0" targetFramework="net461" />
+  <package id="SQLitePCLRaw.bundle_green" version="1.1.2" targetFramework="net461" />
+  <package id="SQLitePCLRaw.core" version="1.1.2" targetFramework="net461" />
+  <package id="SQLitePCLRaw.lib.e_sqlite3.linux" version="1.1.2" targetFramework="net461" />
+  <package id="SQLitePCLRaw.lib.e_sqlite3.osx" version="1.1.2" targetFramework="net461" />
+  <package id="SQLitePCLRaw.lib.e_sqlite3.v110_xp" version="1.1.2" targetFramework="net461" />
+  <package id="SQLitePCLRaw.provider.e_sqlite3.net45" version="1.1.2" targetFramework="net461" />
+  <package id="System.AppContext" version="4.3.0" targetFramework="net46" />
   <package id="System.Buffers" version="4.5.1" targetFramework="net461" />
-  <package id="System.Collections" version="4.3.0" targetFramework="net452" />
-  <package id="System.Collections.Concurrent" version="4.3.0" targetFramework="net452" />
+  <package id="System.Collections" version="4.3.0" targetFramework="net46" />
+  <package id="System.Collections.Concurrent" version="4.3.0" targetFramework="net46" />
   <package id="System.Collections.Immutable" version="1.7.1" targetFramework="net461" />
-  <package id="System.ComponentModel" version="4.3.0" targetFramework="net452" />
+  <package id="System.ComponentModel" version="4.3.0" targetFramework="net46" />
   <package id="System.ComponentModel.Annotations" version="4.7.0" targetFramework="net461" />
-  <package id="System.Data.SQLite.Core" version="1.0.109.2" targetFramework="net452" requireReinstallation="true" />
-  <package id="System.Diagnostics.Contracts" version="4.3.0" targetFramework="net452" />
-  <package id="System.Diagnostics.Debug" version="4.3.0" targetFramework="net452" />
+  <package id="System.Composition" version="1.0.31" targetFramework="net46" />
+  <package id="System.Composition.AttributedModel" version="1.0.31" targetFramework="net46" />
+  <package id="System.Composition.Convention" version="1.0.31" targetFramework="net46" />
+  <package id="System.Composition.Hosting" version="1.0.31" targetFramework="net46" />
+  <package id="System.Composition.Runtime" version="1.0.31" targetFramework="net46" />
+  <package id="System.Composition.TypedParts" version="1.0.31" targetFramework="net46" />
+  <package id="System.Console" version="4.3.0" targetFramework="net46" />
+  <package id="System.Data.SQLite.Core" version="1.0.109.2" targetFramework="net461" />
+  <package id="System.Diagnostics.Contracts" version="4.3.0" targetFramework="net46" />
+  <package id="System.Diagnostics.Debug" version="4.3.0" targetFramework="net46" />
   <package id="System.Diagnostics.DiagnosticSource" version="4.7.1" targetFramework="net461" />
-  <package id="System.Diagnostics.Tools" version="4.3.0" targetFramework="net452" />
-  <package id="System.Diagnostics.Tracing" version="4.3.0" targetFramework="net452" />
-  <package id="System.Globalization" version="4.3.0" targetFramework="net452" />
-  <package id="System.Interactive.Async" version="3.0.0" targetFramework="net452" />
-  <package id="System.IO" version="4.3.0" targetFramework="net452" />
-  <package id="System.IO.Compression" version="4.3.0" targetFramework="net452" requireReinstallation="true" />
-  <package id="System.Linq" version="4.3.0" targetFramework="net452" />
-  <package id="System.Linq.Expressions" version="4.3.0" targetFramework="net452" />
-  <package id="System.Linq.Queryable" version="4.0.1" targetFramework="net452" />
+  <package id="System.Diagnostics.FileVersionInfo" version="4.3.0" targetFramework="net46" />
+  <package id="System.Diagnostics.StackTrace" version="4.3.0" targetFramework="net46" />
+  <package id="System.Diagnostics.Tools" version="4.3.0" targetFramework="net46" />
+  <package id="System.Diagnostics.Tracing" version="4.3.0" targetFramework="net46" />
+  <package id="System.Dynamic.Runtime" version="4.3.0" targetFramework="net46" />
+  <package id="System.Globalization" version="4.3.0" targetFramework="net46" />
+  <package id="System.Globalization.Calendars" version="4.3.0" targetFramework="net461" />
+  <package id="System.Interactive.Async" version="3.0.0" targetFramework="net461" />
+  <package id="System.IO" version="4.3.0" targetFramework="net46" />
+  <package id="System.IO.Compression" version="4.3.0" targetFramework="net46" requireReinstallation="true" />
+  <package id="System.IO.Compression.ZipFile" version="4.3.0" targetFramework="net461" />
+  <package id="System.IO.FileSystem" version="4.3.0" targetFramework="net461" />
+  <package id="System.IO.FileSystem.Primitives" version="4.3.0" targetFramework="net46" />
+  <package id="System.Linq" version="4.3.0" targetFramework="net46" />
+  <package id="System.Linq.Expressions" version="4.3.0" targetFramework="net46" />
+  <package id="System.Linq.Queryable" version="4.0.1" targetFramework="net461" />
   <package id="System.Memory" version="4.5.4" targetFramework="net461" />
-  <package id="System.Net.Http" version="4.3.0" targetFramework="net452" requireReinstallation="true" />
-  <package id="System.Net.Primitives" version="4.3.0" targetFramework="net452" />
+  <package id="System.Net.Http" version="4.3.0" targetFramework="net46" requireReinstallation="true" />
+  <package id="System.Net.Primitives" version="4.3.0" targetFramework="net46" />
+  <package id="System.Net.Sockets" version="4.3.0" targetFramework="net461" />
   <package id="System.Numerics.Vectors" version="4.5.0" targetFramework="net461" />
-  <package id="System.ObjectModel" version="4.3.0" targetFramework="net452" />
-  <package id="System.Reflection" version="4.3.0" targetFramework="net452" />
-  <package id="System.Reflection.Extensions" version="4.3.0" targetFramework="net452" />
-  <package id="System.Reflection.Metadata" version="1.3.0" targetFramework="net461" />
-  <package id="System.Reflection.Primitives" version="4.3.0" targetFramework="net452" />
-  <package id="System.Resources.ResourceManager" version="4.3.0" targetFramework="net452" />
-  <package id="System.Runtime" version="4.3.0" targetFramework="net452" />
+  <package id="System.ObjectModel" version="4.3.0" targetFramework="net46" />
+  <package id="System.Reflection" version="4.3.0" targetFramework="net46" />
+  <package id="System.Reflection.Extensions" version="4.3.0" targetFramework="net46" />
+  <package id="System.Reflection.Metadata" version="1.6.0" targetFramework="net461" />
+  <package id="System.Reflection.Primitives" version="4.3.0" targetFramework="net46" />
+  <package id="System.Resources.ResourceManager" version="4.3.0" targetFramework="net46" />
+  <package id="System.Runtime" version="4.3.0" targetFramework="net46" />
   <package id="System.Runtime.CompilerServices.Unsafe" version="4.7.1" targetFramework="net461" />
-  <package id="System.Runtime.Extensions" version="4.3.0" targetFramework="net452" />
-  <package id="System.Runtime.InteropServices" version="4.3.0" targetFramework="net452" />
-  <package id="System.Runtime.InteropServices.RuntimeInformation" version="4.3.0" targetFramework="net452" />
-  <package id="System.Runtime.Numerics" version="4.3.0" targetFramework="net452" />
-  <package id="System.Text.Encoding" version="4.3.0" targetFramework="net452" />
-  <package id="System.Text.Encoding.Extensions" version="4.3.0" targetFramework="net452" />
-  <package id="System.Text.Encodings.Web" version="4.5.0" targetFramework="net452" requireReinstallation="true" />
-  <package id="System.Text.RegularExpressions" version="4.3.0" targetFramework="net452" />
-  <package id="System.Threading" version="4.3.0" targetFramework="net452" />
-  <package id="System.Threading.Tasks" version="4.3.0" targetFramework="net452" />
+  <package id="System.Runtime.Extensions" version="4.3.0" targetFramework="net46" />
+  <package id="System.Runtime.Handles" version="4.3.0" targetFramework="net461" />
+  <package id="System.Runtime.InteropServices" version="4.3.0" targetFramework="net46" />
+  <package id="System.Runtime.InteropServices.RuntimeInformation" version="4.3.0" targetFramework="net46" />
+  <package id="System.Runtime.Numerics" version="4.3.0" targetFramework="net46" />
+  <package id="System.Security.AccessControl" version="4.5.0" targetFramework="net461" />
+  <package id="System.Security.Cryptography.Algorithms" version="4.3.0" targetFramework="net46" requireReinstallation="true" />
+  <package id="System.Security.Cryptography.Encoding" version="4.3.0" targetFramework="net46" />
+  <package id="System.Security.Cryptography.Primitives" version="4.3.0" targetFramework="net46" />
+  <package id="System.Security.Cryptography.X509Certificates" version="4.3.0" targetFramework="net46" requireReinstallation="true" />
+  <package id="System.Security.Cryptography.Xml" version="4.5.0" targetFramework="net461" />
+  <package id="System.Security.Permissions" version="4.5.0" targetFramework="net461" />
+  <package id="System.Security.Principal.Windows" version="4.5.0" targetFramework="net461" />
+  <package id="System.Text.Encoding" version="4.3.0" targetFramework="net46" />
+  <package id="System.Text.Encoding.CodePages" version="4.3.0" targetFramework="net461" />
+  <package id="System.Text.Encoding.Extensions" version="4.3.0" targetFramework="net46" />
+  <package id="System.Text.Encodings.Web" version="4.5.0" targetFramework="net461" />
+  <package id="System.Text.RegularExpressions" version="4.3.0" targetFramework="net46" />
+  <package id="System.Threading" version="4.3.0" targetFramework="net46" />
+  <package id="System.Threading.Tasks" version="4.3.0" targetFramework="net46" />
   <package id="System.Threading.Tasks.Extensions" version="4.5.4" targetFramework="net461" />
-  <package id="System.Threading.Timer" version="4.3.0" targetFramework="net452" />
-  <package id="System.ValueTuple" version="4.3.0" targetFramework="net452" />
-  <package id="System.Xml.ReaderWriter" version="4.3.0" targetFramework="net452" requireReinstallation="true" />
-  <package id="System.Xml.XDocument" version="4.3.0" targetFramework="net452" />
+  <package id="System.Threading.Tasks.Parallel" version="4.3.0" targetFramework="net46" />
+  <package id="System.Threading.Thread" version="4.3.0" targetFramework="net46" />
+  <package id="System.Threading.Timer" version="4.3.0" targetFramework="net46" />
+  <package id="System.ValueTuple" version="4.3.0" targetFramework="net46" />
+  <package id="System.Xml.ReaderWriter" version="4.3.0" targetFramework="net46" requireReinstallation="true" />
+  <package id="System.Xml.XDocument" version="4.3.0" targetFramework="net46" />
+  <package id="System.Xml.XmlDocument" version="4.3.0" targetFramework="net46" />
+  <package id="System.Xml.XPath" version="4.3.0" targetFramework="net46" />
+  <package id="System.Xml.XPath.XDocument" version="4.3.0" targetFramework="net46" />
 </packages>
\ No newline at end of file
diff --git a/SecurityCodeScan.Vsix/SecurityCodeScan.Vsix.csproj b/SecurityCodeScan.Vsix/SecurityCodeScan.Vsix.csproj
index 392df315..b3bcdd85 100644
--- a/SecurityCodeScan.Vsix/SecurityCodeScan.Vsix.csproj
+++ b/SecurityCodeScan.Vsix/SecurityCodeScan.Vsix.csproj
@@ -8,6 +8,7 @@
     <UpgradeBackupLocation>
     </UpgradeBackupLocation>
     <OldToolsVersion>14.0</OldToolsVersion>
+    <TargetFrameworkProfile />
   </PropertyGroup>
   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
   <PropertyGroup>
@@ -19,8 +20,7 @@
     <OutputType>Library</OutputType>
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>SecurityCodeScan.Vsix</RootNamespace>
-    <AssemblyName>SecurityCodeScan.Vsix</AssemblyName>
-    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>
+    <AssemblyName>SecurityCodeScan.VS2017.Vsix</AssemblyName>
     <GeneratePkgDefFile>false</GeneratePkgDefFile>
     <IncludeAssemblyInVSIXContainer>false</IncludeAssemblyInVSIXContainer>
     <IncludeDebugSymbolsInVSIXContainer>false</IncludeDebugSymbolsInVSIXContainer>
@@ -28,6 +28,7 @@
     <CopyBuildOutputToOutputDirectory>false</CopyBuildOutputToOutputDirectory>
     <CopyOutputSymbolsToOutputDirectory>false</CopyOutputSymbolsToOutputDirectory>
     <VSSDKTargetPlatformRegRootSuffix>Roslyn</VSSDKTargetPlatformRegRootSuffix>
+    <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
@@ -57,7 +58,6 @@
     <None Include="app.config" />
     <None Include="marketplace.md" />
     <None Include="marketplace.json" />
-    <None Include="packages.config" />
     <None Include="$(IntermediateOutputPath)source.extension.vsixmanifest" />
     <AdditionalFiles Include="source.extension.vsixmanifest">
       <SubType>Designer</SubType>
@@ -71,6 +71,10 @@
     </ProjectReference>
   </ItemGroup>
   <ItemGroup>
+    <Content Include="..\SecurityCodeScan\bin\$(Configuration)\netstandard1.3\YamlDotNet.dll">
+      <Link>YamlDotNet.dll</Link>
+      <IncludeInVSIX>true</IncludeInVSIX>
+    </Content>
     <Content Include="icon.png">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
       <IncludeInVSIX>true</IncludeInVSIX>
diff --git a/SecurityCodeScan.Vsix/marketplace.json b/SecurityCodeScan.Vsix/marketplace.json
index 5b237ff7..fa2c7b50 100644
--- a/SecurityCodeScan.Vsix/marketplace.json
+++ b/SecurityCodeScan.Vsix/marketplace.json
@@ -2,7 +2,7 @@
   "$schema": "http://json.schemastore.org/vsix-publish",
   "categories": [ "Security", "Coding" ],
   "identity": {
-    "internalName": "SecurityCodeScan",
+    "internalName": "SecurityCodeScanVS2017",
     "tags": [
       ".NET",
       "Analysis",
diff --git a/SecurityCodeScan.Vsix/marketplace.md b/SecurityCodeScan.Vsix/marketplace.md
index 329198ec..ad161ea8 100644
--- a/SecurityCodeScan.Vsix/marketplace.md
+++ b/SecurityCodeScan.Vsix/marketplace.md
@@ -1,4 +1,6 @@
-# Security static code analyzer for .NET
+**_This extension is legacy and is no longer maintained, please use [SecurityCodeScan VS2019](https://marketplace.visualstudio.com/items?itemName=JaroslavLobacevski.SecurityCodeScanVS2019) instead._**
+
+# Security static code analyzer for .NET
 [Website](https://security-code-scan.github.io)
 
 * Detects various [security vulnerability patterns](https://security-code-scan.github.io/#rules): SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.
@@ -9,6 +11,6 @@
 
 * Continuous Integration (CI) through [MSBuild](https://msdn.microsoft.com/en-us/library/dd393574.aspx). For Unix CI runners please use [VS2017 nuget package](https://www.nuget.org/packages/SecurityCodeScan.VS2017).
 
-* Works with Visual Studio 2015 or higher. Visual Studio [Community](https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx), Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.
+* Works with Visual Studio 2017 or higher. Visual Studio [Community](https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx), Professional and Enterprise editions are supported. Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too.
 
-* [Open Source](https://github.com/security-code-scan/security-code-scan)
\ No newline at end of file
+* [Open Source](https://github.com/security-code-scan/security-code-scan)
diff --git a/SecurityCodeScan.Vsix/packages.config b/SecurityCodeScan.Vsix/packages.config
deleted file mode 100644
index cc862a6e..00000000
--- a/SecurityCodeScan.Vsix/packages.config
+++ /dev/null
@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<packages>
-
-</packages>
\ No newline at end of file
diff --git a/SecurityCodeScan.Vsix/source.extension.vsixmanifest b/SecurityCodeScan.Vsix/source.extension.vsixmanifest
index 7b116f2b..a9f6a519 100644
--- a/SecurityCodeScan.Vsix/source.extension.vsixmanifest
+++ b/SecurityCodeScan.Vsix/source.extension.vsixmanifest
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="utf-8"?>
 <PackageManifest Version="2.0.0" xmlns="http://schemas.microsoft.com/developer/vsx-schema/2011" xmlns:d="http://schemas.microsoft.com/developer/vsx-schema-design/2011">
     <Metadata>
-        <Identity Id="EA274E2A-E5EB-433B-9847-4CD27BE874EF" Version="$version$" Language="en-US" Publisher="JaroslavLobacevski"/>
-        <DisplayName>Security Code Scan</DisplayName>
+        <Identity Id="955196A7-ACBF-4F6B-820B-51B8507CE853" Version="$version$" Language="en-US" Publisher="Jaroslav Lobačevski"/>
+        <DisplayName>Security Code Scan (for VS2017 and newer)</DisplayName>
         <Description xml:space="preserve">Security static code analyzer for .NET</Description>
         <MoreInfo>https://security-code-scan.github.io</MoreInfo>
         <License>LICENSE-LGPL.txt</License>
@@ -13,9 +13,9 @@
         <Tags>SecurityCodeScan;Security.Code.Scan;Security Code Scan;Static Code Analysis;Security;Vulnerability;Analyzer;Analyzers;.NET;Roslyn;OWASP;Injection;XSS;CSRF;XXE;SQLi</Tags>
     </Metadata>
     <Installation>
-        <InstallationTarget Version="[14.0,17.0)" Id="Microsoft.VisualStudio.Pro" />
-        <InstallationTarget Version="[14.0,17.0)" Id="Microsoft.VisualStudio.Community" />
-        <InstallationTarget Version="[14.0,17.0)" Id="Microsoft.VisualStudio.Enterprise" />
+        <InstallationTarget Version="[15.0,17.0)" Id="Microsoft.VisualStudio.Pro" />
+        <InstallationTarget Version="[15.0,17.0)" Id="Microsoft.VisualStudio.Community" />
+        <InstallationTarget Version="[15.0,17.0)" Id="Microsoft.VisualStudio.Enterprise" />
     </Installation>
     <Dependencies>
         <Dependency Id="Microsoft.Framework.NDP" DisplayName="Microsoft .NET Framework" d:Source="Manual" Version="[4.5,)" />
@@ -25,6 +25,6 @@
         <Asset Type="Microsoft.VisualStudio.Analyzer" d:Source="Project" d:ProjectName="SecurityCodeScan" Path="|SecurityCodeScan|"/>
     </Assets>
     <Prerequisites>
-        <Prerequisite Id="Microsoft.VisualStudio.Component.CoreEditor" Version="[14.0,)" DisplayName="Visual Studio core editor" />
+        <Prerequisite Id="Microsoft.VisualStudio.Component.CoreEditor" Version="[15.0,)" DisplayName="Visual Studio core editor" />
     </Prerequisites>
 </PackageManifest>
diff --git a/SecurityCodeScan.sln b/SecurityCodeScan.sln
index 079d4403..16ceda8d 100644
--- a/SecurityCodeScan.sln
+++ b/SecurityCodeScan.sln
@@ -31,4 +31,8 @@ Global
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		EnterpriseLibraryConfigurationToolBinariesPathV6 = packages\EnterpriseLibrary.Common.6.0.1304.0\lib\NET45;packages\EnterpriseLibrary.Data.6.0.1304.0\lib\NET45
+		SolutionGuid = {4890F503-884C-48F5-982B-41C1DB7472F5}
+	EndGlobalSection
 EndGlobal
diff --git a/SecurityCodeScan/Analyzers/Analyzers.cs b/SecurityCodeScan/Analyzers/Analyzers.cs
index e9ac99e5..63f4d13c 100644
--- a/SecurityCodeScan/Analyzers/Analyzers.cs
+++ b/SecurityCodeScan/Analyzers/Analyzers.cs
@@ -3,6 +3,7 @@
 using System.Collections.Immutable;
 using System.Diagnostics;
 using System.Linq;
+using System.Reflection;
 using Microsoft.CodeAnalysis;
 using Microsoft.CodeAnalysis.Diagnostics;
 using SecurityCodeScan.Analyzers.Taint;
@@ -52,7 +53,7 @@ internal Analyzers(IEnumerable<SecurityAnalyzer> analyzers)
         {
             foreach (var analyzer in analyzers)
             {
-                if (!analyzer.GetType().GetCustomAttributes(typeof(SecurityAnalyzerAttribute), false).Any())
+                if (!analyzer.GetType().GetTypeInfo().GetCustomAttributes(typeof(SecurityAnalyzerAttribute), false).Any())
                     throw new Exception("Analyzer is derived from SecurityAnalyzer, but doesn't have 'SecurityAnalyzer' attribute.");
             }
             Workers = new Lazy<List<SecurityAnalyzer>>(() => new List<SecurityAnalyzer>(analyzers));
@@ -61,7 +62,7 @@ internal Analyzers(IEnumerable<SecurityAnalyzer> analyzers)
 
         internal Analyzers(SecurityAnalyzer analyzer)
         {
-            if (!analyzer.GetType().GetCustomAttributes(typeof(SecurityAnalyzerAttribute), false).Any())
+            if (!analyzer.GetType().GetTypeInfo().GetCustomAttributes(typeof(SecurityAnalyzerAttribute), false).Any())
                 throw new Exception("Analyzer is derived from SecurityAnalyzer, but doesn't have 'SecurityAnalyzer' attribute.");
 
             Workers = new Lazy<List<SecurityAnalyzer>>(() => new List<SecurityAnalyzer> { analyzer });
@@ -72,12 +73,12 @@ internal List<SecurityAnalyzer> InitWorkers<T>(string language) where T : TaintA
         {
             var workers = new List<SecurityAnalyzer>();
             var taintExtensions = new List<T>();
-            var types           = GetType().Assembly.DefinedTypes;
+            var types           = GetType().GetTypeInfo().Assembly.DefinedTypes;
             foreach (var type in types)
             {
-                if (!type.IsAbstract && typeof(T).IsAssignableFrom(type))
+                if (!type.IsAbstract && typeof(T).GetTypeInfo().IsAssignableFrom(type))
                 {
-                    taintExtensions.Add((T)Activator.CreateInstance(type));
+                    taintExtensions.Add((T)Activator.CreateInstance(type.AsType()));
                 }
             }
 
@@ -92,13 +93,13 @@ internal List<SecurityAnalyzer> InitWorkers<T>(string language) where T : TaintA
                 {
                     if (attribute.Languages.Contains(language))
                     {
-                        if (typeof(TaintAnalyzer<T>).IsAssignableFrom(type))
+                        if (typeof(TaintAnalyzer<T>).GetTypeInfo().IsAssignableFrom(type))
                         {
-                            workers.Add((SecurityAnalyzer)Activator.CreateInstance(type, taintExtensions.ToArray()));
+                            workers.Add((SecurityAnalyzer)Activator.CreateInstance(type.AsType(), taintExtensions.ToArray()));
                         }
                         else
                         {
-                            workers.Add((SecurityAnalyzer)Activator.CreateInstance(type));
+                            workers.Add((SecurityAnalyzer)Activator.CreateInstance(type.AsType()));
                         }
                         break;
                     }
diff --git a/SecurityCodeScan/Analyzers/CompilationAnalyzer.cs b/SecurityCodeScan/Analyzers/CompilationAnalyzer.cs
index e95b0346..57cc3002 100644
--- a/SecurityCodeScan/Analyzers/CompilationAnalyzer.cs
+++ b/SecurityCodeScan/Analyzers/CompilationAnalyzer.cs
@@ -15,4 +15,16 @@ public void OnCompilationAction(CompilationAnalysisContext ctx)
             ctx.ReportDiagnostic(Diagnostic.Create(Rule, Location.None));
         }
     }
+
+    internal class DeprecationAnalyzer
+    {
+        public const string DiagnosticId = "SCS9999";
+
+        public static readonly DiagnosticDescriptor Rule = LocaleUtil.GetDescriptor(DiagnosticId);
+
+        public void OnCompilationAction(CompilationAnalysisContext ctx)
+        {
+            ctx.ReportDiagnostic(Diagnostic.Create(Rule, Location.None));
+        }
+    }
 }
diff --git a/SecurityCodeScan/Analyzers/SecurityAnalysisContext.cs b/SecurityCodeScan/Analyzers/SecurityAnalysisContext.cs
index a72961e8..56dee35e 100644
--- a/SecurityCodeScan/Analyzers/SecurityAnalysisContext.cs
+++ b/SecurityCodeScan/Analyzers/SecurityAnalysisContext.cs
@@ -36,6 +36,7 @@ public void Initialize(AnalysisContext analysisContext, IEnumerable<SecurityAnal
         }
 
         private readonly CompilationAnalyzer FinalAnalyzer = new CompilationAnalyzer();
+        private readonly DeprecationAnalyzer DeprecationAnalyzer = new DeprecationAnalyzer();
 
         private readonly List<Action<CompilationStartAnalysisContext, Configuration>> OnCompilationStartActions = new List<Action<CompilationStartAnalysisContext, Configuration>>();
 
@@ -65,6 +66,8 @@ private void OnCompilationAction(CompilationAnalysisContext context)
                 action(context);
             }
 
+            DeprecationAnalyzer.OnCompilationAction(context);
+
             if (ProjectConfiguration.ReportAnalysisCompletion)
                 FinalAnalyzer.OnCompilationAction(context);
         }
diff --git a/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/CSharpCodeEvaluation.cs b/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/CSharpCodeEvaluation.cs
index 918bc35d..811b2b37 100644
--- a/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/CSharpCodeEvaluation.cs
+++ b/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/CSharpCodeEvaluation.cs
@@ -116,10 +116,21 @@ private VariableState VisitMethodDeclaration(BaseMethodDeclarationSyntax node, E
                 }
             }
 
-            if (node.Body == null)
-                return new VariableState(node, VariableTaint.Unknown);
+            if(node.ExpressionBody != null)
+            {
+                var expressionState = VisitExpression(node.ExpressionBody.Expression, state);
+                foreach (var ext in Extensions)
+                {
+                    ext.VisitArrowExpressionClause(node.ExpressionBody, state, expressionState, ProjectConfiguration);
+                }
+
+                return expressionState;
+            }
+
+            if (node.Body != null)
+                return VisitBlock(node.Body, state);
 
-            return VisitBlock(node.Body, state);
+            return new VariableState(node, VariableTaint.Unknown);
         }
 
         private VariableState VisitForEach(ForEachStatementSyntax node, ExecutionState state)
@@ -137,6 +148,10 @@ private VariableState VisitNode(SyntaxNode node, ExecutionState state)
         {
             switch (node)
             {
+                case SingleVariableDesignationSyntax singleVariableDesignationSyntax:
+                    var varState = new VariableState(singleVariableDesignationSyntax, VariableTaint.Unknown);
+                    state.AddNewValue(ResolveIdentifier(singleVariableDesignationSyntax.Identifier), varState);
+                    return varState;
                 case PrefixUnaryExpressionSyntax prefixUnaryExpression:
                     return VisitNode(prefixUnaryExpression.Operand, state);
                 case LocalDeclarationStatementSyntax declarationStatementSyntax:
@@ -361,6 +376,29 @@ private VariableState VisitFromClause(FromClauseSyntax fromClauseSyntax, Executi
             return fromClauseState;
         }
 
+        private VariableState VisitSwitchSection(SwitchSectionSyntax switchSectionSyntax, ExecutionState state, VariableState switchStatementVarState)
+        {
+            if (switchSectionSyntax.Labels.Any(x => x is CasePatternSwitchLabelSyntax))
+            {
+                var caseState = new ExecutionState(state);
+                foreach (var switchLabelSyntax in switchSectionSyntax.Labels)
+                {
+                    if (switchLabelSyntax is CasePatternSwitchLabelSyntax casePatternSwitchLabel &&
+                        casePatternSwitchLabel.Pattern is DeclarationPatternSyntax declarationPattern &&
+                        declarationPattern.Designation is SingleVariableDesignationSyntax singleVariableDesignation)
+                    {
+                        caseState.AddNewValue(ResolveIdentifier(singleVariableDesignation.Identifier), switchStatementVarState);
+                    }
+                }
+
+                var caseStateVariable = VisitStatements(switchSectionSyntax.Statements, caseState, new VariableState(switchSectionSyntax, VariableTaint.Unset));
+                state.Replace(caseState);
+                return caseStateVariable;
+            }
+
+            return VisitStatements(switchSectionSyntax.Statements, state, new VariableState(switchSectionSyntax, VariableTaint.Unset));
+        }
+
         private VariableState VisitSwitch(SwitchStatementSyntax switchStatementSyntax, ExecutionState state)
         {
             var exprVarState = VisitExpression(switchStatementSyntax.Expression, state);
@@ -368,14 +406,14 @@ private VariableState VisitSwitch(SwitchStatementSyntax switchStatementSyntax, E
                 return exprVarState;
 
             var firstCaseState  = new ExecutionState(state);
-            var sectionVarState = VisitNode(switchStatementSyntax.Sections[0], firstCaseState);
+            var sectionVarState = VisitSwitchSection(switchStatementSyntax.Sections[0], firstCaseState, exprVarState);
             exprVarState.MergeTaint(sectionVarState.Taint);
 
             for (var i = 1; i < switchStatementSyntax.Sections.Count; i++)
             {
                 var section   = switchStatementSyntax.Sections[i];
                 var caseState = new ExecutionState(state);
-                sectionVarState = VisitNode(section, caseState);
+                sectionVarState = VisitSwitchSection(section, caseState, exprVarState);
                 exprVarState.MergeTaint(sectionVarState.Taint);
                 firstCaseState.Merge(caseState);
             }
@@ -489,6 +527,8 @@ private VariableState VisitExpression(ExpressionSyntax expression, ExecutionStat
         {
             switch (expression)
             {
+                case DeclarationExpressionSyntax declarationExpressionSyntax:
+                    return VisitNode(declarationExpressionSyntax.Designation, state);
                 case ParenthesizedExpressionSyntax parenthesizedExpressionSyntax:
                     return VisitExpression(parenthesizedExpressionSyntax.Expression, state);
                 case InvocationExpressionSyntax invocationExpressionSyntax:
@@ -1216,41 +1256,44 @@ private VariableState ResolveVariableState(ExpressionSyntax expression,
                 if (prop.IsVirtual || prop.IsOverride || prop.IsAbstract)
                     return new VariableState(expression, VariableTaint.Unknown);
 
-                var getMtd = prop.GetMethod;
-                if (getMtd == null)
-                {
-                    return new VariableState(expression, VariableTaint.Unknown);
-                }
+                    var getMtd = prop.GetMethod;
+                    if(getMtd == null)
+                    {
+                        return new VariableState(expression, VariableTaint.Unknown);
+                    }
 
-                var decls = getMtd.DeclaringSyntaxReferences;
-                if (decls.Length != 1)
-                {
-                    // partial methods can't return anything, so something weird is going on
-                    return new VariableState(expression, VariableTaint.Unknown);
-                }
+                    var decls = getMtd.DeclaringSyntaxReferences;
+                    if(decls.Length != 1)
+                    {
+                        // partial methods can't return anything, so something weird is going on
+                        return new VariableState(expression, VariableTaint.Unknown);
+                    }
 
-                var syntaxNode = (CSharpSyntaxNode)decls[0].GetSyntax();
-                if (syntaxNode == null)
-                    return new VariableState(expression, VariableTaint.Unknown);
+                    var syntaxNode = (CSharpSyntaxNode)decls[0].GetSyntax();
+                    if (syntaxNode == null)
+                        return new VariableState(expression, VariableTaint.Unknown);
 
-                if (!semanticModel.Compilation.ContainsSyntaxTree(syntaxNode.SyntaxTree))
-                    return new VariableState(expression, VariableTaint.Unknown);
+                    if (!semanticModel.Compilation.ContainsSyntaxTree(syntaxNode.SyntaxTree))
+                        return new VariableState(expression, VariableTaint.Unknown);
 
-                var possiblyOtherSemanticModel = semanticModel.Compilation.GetSemanticModel(syntaxNode.SyntaxTree);
-                if (syntaxNode is ArrowExpressionClauseSyntax arrowExpressionClauseSyntax)
-                    return ResolveVariableState(arrowExpressionClauseSyntax, expression, possiblyOtherSemanticModel, ref visited);
+                    var possiblyOtherSemanticModel = semanticModel.Compilation.GetSemanticModel(syntaxNode.SyntaxTree);
+                    if (syntaxNode is ArrowExpressionClauseSyntax arrowExpressionClauseSyntax)
+                        return ResolveVariableState(arrowExpressionClauseSyntax, expression, possiblyOtherSemanticModel, ref visited);
 
-                if (syntaxNode is AccessorDeclarationSyntax accessorDecl)
-                {
-                    if (accessorDecl.Body != null)
+                    if(syntaxNode is AccessorDeclarationSyntax accessorDecl)
                     {
-                        var accessFlow = possiblyOtherSemanticModel.AnalyzeControlFlow(accessorDecl.Body);
-                        if (accessFlow.Succeeded && AllReturnConstant(accessFlow.ExitPoints, possiblyOtherSemanticModel, visited))
-                            return new VariableState(expression, VariableTaint.Constant);
-                    }
+                        if (accessorDecl.ExpressionBody != null)
+                            return ResolveVariableState(accessorDecl.ExpressionBody, expression, possiblyOtherSemanticModel, ref visited);
 
-                    return new VariableState(expression, VariableTaint.Unknown);
-                }
+                        if (accessorDecl.Body != null)
+                        {
+                            var accessFlow = possiblyOtherSemanticModel.AnalyzeControlFlow(accessorDecl.Body);
+                            if (accessFlow.Succeeded && AllReturnConstant(accessFlow.ExitPoints, possiblyOtherSemanticModel, visited))
+                                return new VariableState(expression, VariableTaint.Constant);
+                        }
+
+                        return new VariableState(expression, VariableTaint.Unknown);
+                    }
 
                 if (!(syntaxNode is StatementSyntax statementSyntax))
                     return new VariableState(expression, VariableTaint.Unknown);
diff --git a/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/VbCodeEvaluation.cs b/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/VbCodeEvaluation.cs
index 2f94fe6d..646b1605 100644
--- a/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/VbCodeEvaluation.cs
+++ b/SecurityCodeScan/Analyzers/Taint/CodeEvaluation/VbCodeEvaluation.cs
@@ -1199,16 +1199,34 @@ private VariableState ResolveVariableState(ExpressionSyntax          expression,
                     if (prop.IsVirtual || prop.IsOverride || prop.IsAbstract)
                         return new VariableState(expression, VariableTaint.Unknown);
 
-                    // TODO: Use public API
-                    var syntaxNodeProperty = prop.GetMethod.GetType().GetTypeInfo().BaseType.GetTypeInfo().GetDeclaredProperty("Syntax");
-                    var syntaxNode         = (VisualBasicSyntaxNode)syntaxNodeProperty?.GetValue(prop.GetMethod);
+                    var getMtd = prop.GetMethod;
+                    if(getMtd == null)
+                    {
+                        return new VariableState(expression, VariableTaint.Unknown);
+                    }
+
+                    var decls = getMtd.DeclaringSyntaxReferences;
+                    if(decls.Length != 1)
+                    {
+                        // partial methods can't return anything, so something weird is going on
+                        return new VariableState(expression, VariableTaint.Unknown);
+                    }
+
+                    var syntaxNode = (VisualBasicSyntaxNode)decls[0].GetSyntax();
                     if (syntaxNode == null)
                         return new VariableState(expression, VariableTaint.Unknown);
 
+                    if (!semanticModel.Compilation.ContainsSyntaxTree(syntaxNode.SyntaxTree))
+                        return new VariableState(expression, VariableTaint.Unknown);
+
                     var possiblyOtherSemanticModel = semanticModel.Compilation.GetSemanticModel(syntaxNode.SyntaxTree);
 
-                    if (!(syntaxNode is AccessorBlockSyntax accessorBlockSyntax) || accessorBlockSyntax.Statements.Count  <= 0)
+                    if (!(syntaxNode is AccessorStatementSyntax accessorStatementSyntax) ||
+                        !(accessorStatementSyntax.Parent is AccessorBlockSyntax accessorBlockSyntax)  ||
+                        accessorBlockSyntax.Statements.Count <= 0)
+                    {
                         return new VariableState(expression, VariableTaint.Unknown);
+                    }
 
                     var flow = possiblyOtherSemanticModel.AnalyzeControlFlow(accessorBlockSyntax.Statements.First(),
                                                                              accessorBlockSyntax.Statements.Last());
diff --git a/SecurityCodeScan/Config/Configuration.cs b/SecurityCodeScan/Config/Configuration.cs
index ddee3722..8dfdf966 100644
--- a/SecurityCodeScan/Config/Configuration.cs
+++ b/SecurityCodeScan/Config/Configuration.cs
@@ -159,7 +159,7 @@ public Configuration(ConfigData configData) : this()
 
         private readonly LinkedList<CsrfNamedGroup>                         _CsrfGroupsList; // ensure groups are exposed in the same order they were added
         private readonly Dictionary<string, LinkedListNode<CsrfNamedGroup>> _CsrfGroups;
-        public IReadOnlyCollection<CsrfNamedGroup> CsrfGoups => (IReadOnlyCollection<CsrfNamedGroup>)_CsrfGroupsList;
+        public IReadOnlyCollection<CsrfNamedGroup> CsrfGoups => _CsrfGroupsList;
 
         public void MergeWith(ConfigData config)
         {
diff --git a/SecurityCodeScan/Config/ConfigurationManager.cs b/SecurityCodeScan/Config/ConfigurationManager.cs
index 56fbaf47..bdf492c1 100644
--- a/SecurityCodeScan/Config/ConfigurationManager.cs
+++ b/SecurityCodeScan/Config/ConfigurationManager.cs
@@ -4,6 +4,7 @@
 using System.IO;
 using System.Reflection;
 using System.Text;
+using System.Runtime.InteropServices;
 using Microsoft.CodeAnalysis;
 using YamlDotNet.RepresentationModel;
 using YamlDotNet.Serialization;
@@ -21,7 +22,29 @@ internal class ConfigurationReader
         private string UserConfigFile => UserConfigFileCached.Value;
 
         private static readonly Lazy<string> UserConfigFileCached =
-            new Lazy<string>(() => Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), UserConfigName));
+            new Lazy<string>(() =>
+                             {
+                                 // todo: use Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) once on netstandard 2.0
+                                 string path;
+                                 if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
+                                 {
+                                     path = Environment.GetEnvironmentVariable("LocalAppData");
+                                 }
+                                 else
+                                 {
+                                     string home = Environment.GetEnvironmentVariable("HOME");
+                                     // "$XDG_DATA_HOME defines the base directory relative to which user specific data files should be stored."
+                                     // "If $XDG_DATA_HOME is either not set or empty, a default equal to $HOME/.local/share should be used."
+                                     path = Environment.GetEnvironmentVariable("XDG_DATA_HOME");
+
+                                     if (string.IsNullOrEmpty(path) || path[0] != '/')
+                                     {
+                                         path = Path.Combine(home, ".local", "share");
+                                     }
+                                 }
+
+                                 return Path.Combine(path, UserConfigName);
+                             });
 
         private static readonly Version ConfigVersion = new Version(2,1);
 
@@ -59,7 +82,7 @@ public virtual ConfigData GetUserConfiguration()
             if (!File.Exists(filePath))
                 return null;
 
-            using (var reader = new StreamReader(filePath))
+            using (var reader = File.OpenText (filePath))
             {
                 return DeserializeAndValidate<ConfigData>(reader);
             }
diff --git a/SecurityCodeScan/Config/CsrfNamedGroup.cs b/SecurityCodeScan/Config/CsrfNamedGroup.cs
index 8c8f7481..83334045 100644
--- a/SecurityCodeScan/Config/CsrfNamedGroup.cs
+++ b/SecurityCodeScan/Config/CsrfNamedGroup.cs
@@ -11,23 +11,11 @@ internal class CsrfAttributeCondition
     {
         public static readonly CsrfAttributeCondition TRUE = new CsrfAttributeCondition();
 
-        public struct Pair
-        {
-            public Pair(object parameterIndexOrPropertyName, object expectedValue)
-            {
-                ParameterIndexOrPropertyName = parameterIndexOrPropertyName;
-                ExpectedValue = expectedValue;
-            }
-
-            public readonly object ParameterIndexOrPropertyName;
-            public readonly object ExpectedValue;
-        }
-
-        public readonly List<Pair> MustMatch;
+        public readonly List<(object ParameterIndexOrPropertyName, object ExpectedValue)> MustMatch;
 
         public CsrfAttributeCondition()
         {
-            MustMatch = new List<Pair>();
+            MustMatch = new List<(object ParameterIndexOrPropertyName, object ExpectedValue)>();
         }
 
         public static void AddCsrfAttributes(Dictionary<string, List<CsrfAttributeCondition>> destination, IEnumerable<CsrfAttributeData> source)
@@ -92,11 +80,11 @@ private static CsrfAttributeCondition CreateCsrfAttributeCondition(Dictionary<ob
                 object key = idx != null ? (object)idx.Value : arg;
 
                 if (int.TryParse(conditionValue, out var intVal))
-                    ret.MustMatch.Add(new CsrfAttributeCondition.Pair(key, intVal));
+                    ret.MustMatch.Add((key, intVal));
                 else if (bool.TryParse(conditionValue, out var boolVal))
-                    ret.MustMatch.Add(new CsrfAttributeCondition.Pair(key, boolVal));
+                    ret.MustMatch.Add((key, boolVal));
                 else
-                    ret.MustMatch.Add(new CsrfAttributeCondition.Pair(key, conditionValue));
+                    ret.MustMatch.Add((key, conditionValue));
             }
 
             return ret;
diff --git a/SecurityCodeScan/Config/Messages.yml b/SecurityCodeScan/Config/Messages.yml
index 70f5ce0d..99074afa 100644
--- a/SecurityCodeScan/Config/Messages.yml
+++ b/SecurityCodeScan/Config/Messages.yml
@@ -15,6 +15,10 @@ SCS0000:
   title: "Compilation analysis completed."
   description: This a fake warning you may enable in configuration just to have a proof in a log that analyzer did run.
 
+SCS9999:
+  title: "This package is legacy and is no longer maintained."
+  description: Please use SecurityCodeScan.VS2019 NuGet instead.
+
 # Injections
 
 SCS0001:
diff --git a/SecurityCodeScan/Diagnostic.nuspec b/SecurityCodeScan/Diagnostic.nuspec
index 5b2d3f03..b9790123 100644
--- a/SecurityCodeScan/Diagnostic.nuspec
+++ b/SecurityCodeScan/Diagnostic.nuspec
@@ -1,9 +1,9 @@
 <?xml version="1.0"?>
 <package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd">
   <metadata minClientVersion="2.8">
-    <id>SecurityCodeScan</id>
+    <id>SecurityCodeScan.VS2017</id>
     <version>$version$</version>
-    <title>Security Code Scan</title>
+    <title>Security Code Scan (for VS2017 and newer)</title>
     <authors>Jaroslav Lobačevski, Philippe Arteau</authors>
     <owners>Jaroslav Lobačevski</owners>
     <licenseUrl>https://opensource.org/licenses/lgpl-3.0.html</licenseUrl>
@@ -21,7 +21,7 @@
   </metadata>
   <!-- The convention for analyzers is to put language agnostic dlls in analyzers\portable50 and language specific analyzers in either analyzers\portable50\cs or analyzers\portable50\vb -->
   <files>
-    <file src="SecurityCodeScan.dll" target="analyzers\dotnet" />
+    <file src="SecurityCodeScan.VS2017.dll" target="analyzers\dotnet" />
     <file src="YamlDotNet.dll" target="analyzers\dotnet" />
     <file src="tools\*.ps1" target="tools\" />
   </files>
diff --git a/SecurityCodeScan/Properties/AssemblyInfo.cs b/SecurityCodeScan/Properties/AssemblyInfo.cs
index 1c8cd384..1ab627b9 100644
--- a/SecurityCodeScan/Properties/AssemblyInfo.cs
+++ b/SecurityCodeScan/Properties/AssemblyInfo.cs
@@ -6,7 +6,7 @@
 // General Information about an assembly is controlled through the following 
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
-[assembly: AssemblyTitle("Security Code Scan")]
+[assembly: AssemblyTitle("Security Code Scan (VS2017 and newer)")]
 [assembly: AssemblyDescription("Security static code analyzer for .NET")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("https://github.com/security-code-scan/security-code-scan")]
diff --git a/SecurityCodeScan/SecurityCodeScan.csproj b/SecurityCodeScan/SecurityCodeScan.csproj
index 68936159..5b03fc4b 100644
--- a/SecurityCodeScan/SecurityCodeScan.csproj
+++ b/SecurityCodeScan/SecurityCodeScan.csproj
@@ -1,193 +1,66 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+<Project Sdk="Microsoft.NET.Sdk">
+
   <PropertyGroup>
-    <MinimumVisualStudioVersion>11.0</MinimumVisualStudioVersion>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProjectGuid>{D7034F4A-4741-4493-8E1E-0A6D3BE9734E}</ProjectGuid>
-    <OutputType>Library</OutputType>
-    <AppDesignerFolder>Properties</AppDesignerFolder>
-    <RootNamespace>SecurityCodeScan</RootNamespace>
-    <AssemblyName>SecurityCodeScan</AssemblyName>
-    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>
-    <NuGetPackageImportStamp>
-    </NuGetPackageImportStamp>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <DebugSymbols>true</DebugSymbols>
-    <DebugType>full</DebugType>
-    <Optimize>false</Optimize>
-    <OutputPath>bin\Debug\</OutputPath>
-    <DefineConstants>DEBUG;TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-    <LangVersion>default</LangVersion>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <DebugType>pdbonly</DebugType>
-    <Optimize>true</Optimize>
-    <OutputPath>bin\Release\</OutputPath>
-    <DefineConstants>TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-    <LangVersion>default</LangVersion>
+    <TargetFramework>netstandard1.3</TargetFramework>
+    <IncludeBuildOutput>false</IncludeBuildOutput>
+    <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
+    <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
   </PropertyGroup>
+  
   <PropertyGroup>
-    <SignAssembly>false</SignAssembly>
+    <AssemblyName>SecurityCodeScan.VS2017</AssemblyName>
   </PropertyGroup>
+  
   <ItemGroup>
-    <Compile Include="Analyzers\Analyzers.cs" />
-    <Compile Include="Analyzers\CompilationAnalyzer.cs" />
-    <Compile Include="Analyzers\CsrfTokenAnalyzer.cs" />
-    <Compile Include="Analyzers\HtmlValidateRequestAnalyzer.cs" />
-    <Compile Include="Analyzers\IExternalFileAnalyzer.cs" />
-    <Compile Include="Analyzers\InsecureCookieAnalyzer.cs" />
-    <Compile Include="Analyzers\RequestValidationAnalyzer.cs" />
-    <Compile Include="Analyzers\OutputCacheAnnotationAnalyzer.cs" />
-    <Compile Include="Analyzers\SecurityAnalysisContext.cs" />
-    <Compile Include="Analyzers\SecurityAnalyzer.cs" />
-    <Compile Include="Analyzers\Taint\CodeEvaluation\CSharpCodeEvaluation.cs" />
-    <Compile Include="Analyzers\Taint\CodeEvaluation\TaintAnalyzerExtension.cs" />
-    <Compile Include="Analyzers\UnknownPasswordApiAnalyzer.cs" />
-    <Compile Include="Analyzers\UnsafeDeserializationAnalyzer.cs" />
-    <Compile Include="Analyzers\Utils\AnalyzerUtil.cs" />
-    <Compile Include="Analyzers\DebugAnalyzer.cs" />
-    <Compile Include="Analyzers\Taint\ExecutionState.cs" />
-    <Compile Include="Analyzers\Taint\MethodBehavior.cs" />
-    <Compile Include="Analyzers\Taint\MethodBehaviorHelper.cs" />
-    <Compile Include="Analyzers\Taint\TaintAnalyzer.cs" />
-    <Compile Include="Analyzers\Taint\VariableState.cs" />
-    <Compile Include="Analyzers\Taint\VariableTaint.cs" />
-    <Compile Include="Analyzers\Locale\LocaleUtil.cs" />
-    <Compile Include="Analyzers\Utils\CodeFixUtil.cs" />
-    <Compile Include="Analyzers\Utils\CompilationExtensions.cs" />
-    <Compile Include="Analyzers\Utils\CSharpSyntaxNodeHelper.cs" />
-    <Compile Include="Analyzers\Utils\ISymbolExtensions.cs" />
-    <Compile Include="Analyzers\Utils\ITypeSymbolExtensions.cs" />
-    <Compile Include="Analyzers\Utils\ObjectExtensions.cs" />
-    <Compile Include="Analyzers\Utils\SGLogging.cs" />
-    <Compile Include="Analyzers\Locale\YamlResourceManager.cs" />
-    <Compile Include="Analyzers\Taint\CodeEvaluation\VbCodeEvaluation.cs" />
-    <Compile Include="Analyzers\Utils\SyntaxNodeHelper.cs" />
-    <Compile Include="Analyzers\Utils\VBSyntaxNodeHelper.cs" />
-    <Compile Include="Analyzers\WeakCertificateValidationAnalyzer.cs" />
-    <Compile Include="Analyzers\WeakCipherAnalyzer.cs" />
-    <Compile Include="Analyzers\WeakCipherModeAnalyzer.cs" />
-    <Compile Include="Analyzers\WeakHashingAnalyzer.cs" />
-    <Compile Include="Analyzers\WeakPasswordValidatorPropertyAnalyzer.cs" />
-    <Compile Include="Analyzers\WeakRandomAnalyzer.cs" />
-    <Compile Include="Analyzers\WebConfigAnalyzer.cs" />
-    <Compile Include="Analyzers\XxeAnalyzer.cs" />
-    <Compile Include="Analyzers\XxeAnalyzerCSharp.cs" />
-    <Compile Include="Analyzers\XxeAnalyzerVBasic.cs" />
-    <Compile Include="Config\ConfigurationManager.cs" />
-    <Compile Include="Config\Configuration.cs" />
-    <Compile Include="Config\CsrfNamedGroup.cs" />
-    <Compile Include="Empty.Designer.cs">
-      <AutoGen>True</AutoGen>
-      <DesignTime>True</DesignTime>
-      <DependentUpon>Empty.resx</DependentUpon>
-    </Compile>
-    <Compile Include="Properties\AssemblyInfo.cs" />
-    <Compile Include="Analyzers\XssPreventionAnalyzer.cs" />
+    <None Remove="Config\Main.yml" />
+    <None Remove="Config\Messages.yml" />
   </ItemGroup>
+  
   <ItemGroup>
-    <EmbeddedResource Include="Empty.resx">
-      <Generator>ResXFileCodeGenerator</Generator>
-      <LastGenOutput>Empty.Designer.cs</LastGenOutput>
-      <SubType>Designer</SubType>
-    </EmbeddedResource>
+    <EmbeddedResource Include="Config\Main.yml" />
+    <EmbeddedResource Include="Config\Messages.yml" />
   </ItemGroup>
+  
   <ItemGroup>
-    <EmbeddedResource Include="Config\Main.yml" />
-    <None Include="app.config" />
-    <None Include="Config\AuditMode.yml">
-      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
-    </None>
-    <None Include="Diagnostic.nuspec">
-      <SubType>Designer</SubType>
+    <PackageReference Include="Microsoft.CodeAnalysis.Analyzers" Version="2.6.1">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="Microsoft.CodeAnalysis.Common" Version="2.10.0" />
+    <PackageReference Include="Microsoft.CodeAnalysis.CSharp" Version="2.10.0" />
+    <PackageReference Include="Microsoft.CodeAnalysis.VisualBasic" Version="2.10.0" />
+    <PackageReference Include="MSBuild.AssemblyVersion" Version="1.3.0">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="YamlDotNet" Version="8.1.1" />
+    <PackageReference Update="NETStandard.Library" PrivateAssets="all" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Compile Update="Empty.Designer.cs" DesignTime="True" AutoGen="True" DependentUpon="Empty.resx" />
+    <EmbeddedResource Update="Empty.resx" Generator="ResXFileCodeGenerator" LastGenOutput="Empty.Designer.cs" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <None Update="Diagnostic.nuspec">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
-    <EmbeddedResource Include="Config\Messages.yml" />
-    <None Include="packages.config">
-      <SubType>Designer</SubType>
-    </None>
-    <None Include="tools\install.ps1">
+    <None Update="tools\install.ps1">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
-    <None Include="tools\uninstall.ps1">
+    <None Update="tools\uninstall.ps1">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>
-  <ItemGroup>
-    <Reference Include="Microsoft.CodeAnalysis, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.Common.1.3.2\lib\net45\Microsoft.CodeAnalysis.dll</HintPath>
-    </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.CSharp, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.CSharp.1.3.2\lib\net45\Microsoft.CodeAnalysis.CSharp.dll</HintPath>
-    </Reference>
-    <Reference Include="Microsoft.CodeAnalysis.VisualBasic, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.CodeAnalysis.VisualBasic.1.3.2\lib\net45\Microsoft.CodeAnalysis.VisualBasic.dll</HintPath>
-    </Reference>
-    <Reference Include="System" />
-    <Reference Include="System.Collections.Immutable, Version=1.1.37.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.Collections.Immutable.1.1.37\lib\dotnet\System.Collections.Immutable.dll</HintPath>
-    </Reference>
-    <Reference Include="System.Composition.AttributedModel, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.AttributedModel.dll</HintPath>
-      <Private>False</Private>
-    </Reference>
-    <Reference Include="System.Composition.Convention, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.Convention.dll</HintPath>
-      <Private>False</Private>
-    </Reference>
-    <Reference Include="System.Composition.Hosting, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.Hosting.dll</HintPath>
-      <Private>False</Private>
-    </Reference>
-    <Reference Include="System.Composition.Runtime, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.Runtime.dll</HintPath>
-      <Private>False</Private>
-    </Reference>
-    <Reference Include="System.Composition.TypedParts, Version=1.0.27.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Composition.1.0.27\lib\portable-net45+win8+wp8+wpa81\System.Composition.TypedParts.dll</HintPath>
-      <Private>False</Private>
-    </Reference>
-    <Reference Include="System.Reflection.Metadata, Version=1.2.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.Reflection.Metadata.1.2.0\lib\portable-net45+win8\System.Reflection.Metadata.dll</HintPath>
-    </Reference>
-    <Reference Include="System.Xml" />
-    <Reference Include="System.Xml.Linq" />
-    <Reference Include="YamlDotNet, Version=8.0.0.0, Culture=neutral, PublicKeyToken=ec19458f3c15af5e, processorArchitecture=MSIL">
-      <HintPath>..\packages\YamlDotNet.8.1.1\lib\net45\YamlDotNet.dll</HintPath>
-    </Reference>
-  </ItemGroup>
-  <ItemGroup>
-    <Analyzer Include="..\packages\Microsoft.CodeAnalysis.Analyzers.1.1.0\analyzers\dotnet\cs\Microsoft.CodeAnalysis.Analyzers.dll" />
-    <Analyzer Include="..\packages\Microsoft.CodeAnalysis.Analyzers.1.1.0\analyzers\dotnet\cs\Microsoft.CodeAnalysis.CSharp.Analyzers.dll" />
-  </ItemGroup>
-  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <Target Name="AfterBuild">
+
+  <Target Name="CustomAfterBuild" AfterTargets="Build">
     <GetAssemblyIdentity AssemblyFiles="$(OutDir)\$(AssemblyName).dll">
       <Output TaskParameter="Assemblies" ItemName="AnalyzerAssemblyInfo" />
     </GetAssemblyIdentity>
-    <Exec Command="&quot;$(SolutionDir)packages\NuGet.CommandLine.2.8.6\tools\NuGet.exe&quot; pack Diagnostic.nuspec -NoPackageAnalysis -Version %(AnalyzerAssemblyInfo.Version) -OutputDirectory ." WorkingDirectory="$(OutDir)" LogStandardErrorAsError="true" ConsoleToMSBuild="true">
+    <Exec Command="$(SolutionDir)nuget.exe pack Diagnostic.nuspec -NoPackageAnalysis -Version %(AnalyzerAssemblyInfo.Version) -OutputDirectory ." WorkingDirectory="$(OutDir)" LogStandardErrorAsError="true" ConsoleToMSBuild="true">
       <Output TaskParameter="ConsoleOutput" PropertyName="OutputOfExec" />
     </Exec>
   </Target>
-  <Import Project="..\packages\MSBuild.AssemblyVersion.1.3.0\build\MSBuild.AssemblyVersion.targets" Condition="Exists('..\packages\MSBuild.AssemblyVersion.1.3.0\build\MSBuild.AssemblyVersion.targets')" />
-  <Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
-    <PropertyGroup>
-      <ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them.  For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
-    </PropertyGroup>
-    <Error Condition="!Exists('..\packages\MSBuild.AssemblyVersion.1.3.0\build\MSBuild.AssemblyVersion.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\MSBuild.AssemblyVersion.1.3.0\build\MSBuild.AssemblyVersion.targets'))" />
-  </Target>
-  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
-       Other similar extension points exist, see Microsoft.Common.targets.
-  <Target Name="BeforeBuild">
-  </Target>
-  <Target Name="AfterBuild">
-  </Target>
-  -->
-</Project>
\ No newline at end of file
+
+</Project>
diff --git a/SecurityCodeScan/packages.config b/SecurityCodeScan/packages.config
deleted file mode 100644
index 036a9d52..00000000
--- a/SecurityCodeScan/packages.config
+++ /dev/null
@@ -1,21 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<packages>
-  <package id="Microsoft.CodeAnalysis.Analyzers" version="1.1.0" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.Common" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.CSharp" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.CodeAnalysis.VisualBasic" version="1.3.2" targetFramework="net452" />
-  <package id="Microsoft.Composition" version="1.0.27" targetFramework="portable45-net45+win8" />
-  <package id="MSBuild.AssemblyVersion" version="1.3.0" targetFramework="net452" developmentDependency="true" />
-  <package id="NuGet.CommandLine" version="2.8.6" targetFramework="net452" developmentDependency="true" />
-  <package id="System.Collections" version="4.0.0" targetFramework="net452" />
-  <package id="System.Collections.Immutable" version="1.1.37" targetFramework="net452" />
-  <package id="System.Diagnostics.Debug" version="4.0.0" targetFramework="net452" />
-  <package id="System.Globalization" version="4.0.0" targetFramework="net452" />
-  <package id="System.Linq" version="4.0.0" targetFramework="net452" />
-  <package id="System.Reflection.Metadata" version="1.2.0" targetFramework="net452" />
-  <package id="System.Resources.ResourceManager" version="4.0.0" targetFramework="net452" />
-  <package id="System.Runtime" version="4.0.0" targetFramework="net452" />
-  <package id="System.Runtime.Extensions" version="4.0.0" targetFramework="net452" />
-  <package id="System.Threading" version="4.0.0" targetFramework="net452" />
-  <package id="YamlDotNet" version="8.1.1" targetFramework="net452" />
-</packages>
\ No newline at end of file
diff --git a/SecurityCodeScan/tools/install.ps1 b/SecurityCodeScan/tools/install.ps1
index 8178834f..9e3fbbf4 100644
--- a/SecurityCodeScan/tools/install.ps1
+++ b/SecurityCodeScan/tools/install.ps1
@@ -1,13 +1,22 @@
 param($installPath, $toolsPath, $package, $project)
 
-$analyzersPaths = Join-Path (Join-Path (Split-Path -Path $toolsPath -Parent) "analyzers" ) * -Resolve
+if($project.Object.SupportsPackageDependencyResolution)
+{
+    if($project.Object.SupportsPackageDependencyResolution())
+    {
+        # Do not install analyzers via install.ps1, instead let the project system handle it.
+        return
+    }
+}
+
+$analyzersPaths = Join-Path (Join-Path (Split-Path -Path $toolsPath -Parent) "analyzers") * -Resolve
 
 foreach($analyzersPath in $analyzersPaths)
 {
-    # Install the language agnostic analyzers.
     if (Test-Path $analyzersPath)
     {
-        foreach ($analyzerFilePath in Get-ChildItem $analyzersPath -Filter *.dll)
+        # Install the language agnostic analyzers.
+        foreach ($analyzerFilePath in Get-ChildItem -Path "$analyzersPath\*.dll" -Exclude *.resources.dll)
         {
             if($project.Object.AnalyzerReferences)
             {
@@ -38,7 +47,7 @@ foreach($analyzersPath in $analyzersPaths)
     $languageAnalyzersPath = join-path $analyzersPath $languageFolder
     if (Test-Path $languageAnalyzersPath)
     {
-        foreach ($analyzerFilePath in Get-ChildItem $languageAnalyzersPath -Filter *.dll)
+        foreach ($analyzerFilePath in Get-ChildItem -Path "$languageAnalyzersPath\*.dll" -Exclude *.resources.dll)
         {
             if($project.Object.AnalyzerReferences)
             {
diff --git a/SecurityCodeScan/tools/uninstall.ps1 b/SecurityCodeScan/tools/uninstall.ps1
index 9130bcb5..e9a81a0a 100644
--- a/SecurityCodeScan/tools/uninstall.ps1
+++ b/SecurityCodeScan/tools/uninstall.ps1
@@ -1,13 +1,22 @@
 param($installPath, $toolsPath, $package, $project)
 
-$analyzersPaths = Join-Path (Join-Path (Split-Path -Path $toolsPath -Parent) "analyzers" ) * -Resolve
+if($project.Object.SupportsPackageDependencyResolution)
+{
+    if($project.Object.SupportsPackageDependencyResolution())
+    {
+        # Do not uninstall analyzers via uninstall.ps1, instead let the project system handle it.
+        return
+    }
+}
+
+$analyzersPaths = Join-Path (Join-Path (Split-Path -Path $toolsPath -Parent) "analyzers") * -Resolve
 
 foreach($analyzersPath in $analyzersPaths)
 {
     # Uninstall the language agnostic analyzers.
     if (Test-Path $analyzersPath)
     {
-        foreach ($analyzerFilePath in Get-ChildItem $analyzersPath -Filter *.dll)
+        foreach ($analyzerFilePath in Get-ChildItem -Path "$analyzersPath\*.dll" -Exclude *.resources.dll)
         {
             if($project.Object.AnalyzerReferences)
             {
@@ -38,7 +47,7 @@ foreach($analyzersPath in $analyzersPaths)
     $languageAnalyzersPath = join-path $analyzersPath $languageFolder
     if (Test-Path $languageAnalyzersPath)
     {
-        foreach ($analyzerFilePath in Get-ChildItem $languageAnalyzersPath -Filter *.dll)
+        foreach ($analyzerFilePath in Get-ChildItem -Path "$languageAnalyzersPath\*.dll" -Exclude *.resources.dll)
         {
             if($project.Object.AnalyzerReferences)
             {
@@ -53,4 +62,4 @@ foreach($analyzersPath in $analyzersPaths)
             }
         }
     }
-}
\ No newline at end of file
+}   
\ No newline at end of file