adding code project for Resolve GH Issues

ChrisHowd · ChrisHowd · commit c28c874c5abd · 2025-10-28T10:01:22.000-07:00
diff --git a/DownloadableCodeProjects/standalone-lab-projects/ghsecurity-resolve-gh-issues/ContosoShopEasy/ContosoShopEasy.csproj b/DownloadableCodeProjects/standalone-lab-projects/ghsecurity-resolve-gh-issues/ContosoShopEasy/ContosoShopEasy.csproj
@@ -0,0 +1,10 @@
+﻿<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net9.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+</Project>
diff --git a/DownloadableCodeProjects/standalone-lab-projects/ghsecurity-resolve-gh-issues/ContosoShopEasy/Program.cs b/DownloadableCodeProjects/standalone-lab-projects/ghsecurity-resolve-gh-issues/ContosoShopEasy/Program.cs
@@ -0,0 +1,2 @@
+﻿// See https://aka.ms/new-console-template for more information
+Console.WriteLine("Hello, World!");
diff --git a/DownloadableCodeProjects/standalone-lab-projects/ghsecurity-resolve-gh-issues/readme.txt b/DownloadableCodeProjects/standalone-lab-projects/ghsecurity-resolve-gh-issues/readme.txt
@@ -0,0 +1,7 @@
+The code project should be a small "real-world" code project that contains security vulnerabilities relevant to the app domain (either eCommerce or data processing). 
+
+Code projects should use sample data and console outputs to observe behaviors before and after resolving issues.
+
+Issues: the issues focus on code patterns and logic flaws (e.g., injection, weak cryptography, improper data handling).
+
+Important: the code security issues can't include any secrets or credentials that would trigger automated GitHub secret scanning alerts. GH secret scanning is covered separately.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+// See https://aka.ms/new-console-template for more information`
	`2`	`+Console.WriteLine("Hello, World!");`