From 6b8ec530da708288b9759503c9e8734ef57783e3 Mon Sep 17 00:00:00 2001
From: g2vinay <5430778+g2vinay@users.noreply.github.com>
Date: Tue, 13 Jan 2026 23:24:57 -0800
Subject: [PATCH] Enable Roslyn analyzers for C# code quality

Add StyleCop.Analyzers and Microsoft.CodeAnalysis.NetAnalyzers with comprehensive rule configuration. Applies globally to all projects via Directory.Build.props.
---
 .editorconfig                       | 155 ++++++++++++++++++++++++++++
 Directory.Build.props               |  18 ++++
 Directory.Packages.props            |   4 +
 StyleCop.ruleset                    | 146 ++++++++++++++++++++++++++
 docs/GlobalSuppressions.cs.template |  68 ++++++++++++
 5 files changed, 391 insertions(+)
 create mode 100644 StyleCop.ruleset
 create mode 100644 docs/GlobalSuppressions.cs.template

diff --git a/.editorconfig b/.editorconfig
index 9c0d816014..7536381b49 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -167,6 +167,161 @@ dotnet_code_quality.ca1802.api_surface = private, internal
 # CA2016: Forward the CancellationToken parameter to methods that take one
 dotnet_diagnostic.CA2016.severity = error
 
+# StyleCop Analyzer Configuration
+dotnet_diagnostic.SA1101.severity = none # Prefix local calls with this
+dotnet_diagnostic.SA1200.severity = none # Using directives should be placed correctly (allow flexibility)
+dotnet_diagnostic.SA1309.severity = none # Field names should not begin with underscore (we use _ prefix)
+dotnet_diagnostic.SA1633.severity = none # File should have header
+dotnet_diagnostic.SA1602.severity = none # Enumeration items should be documented
+dotnet_diagnostic.SA1116.severity = none # Split parameters should start on line after declaration
+dotnet_diagnostic.SA1117.severity = none # Parameters should be on same line or separate lines
+dotnet_diagnostic.SA1600.severity = warning # Elements should be documented
+dotnet_diagnostic.SA1601.severity = warning # Partial elements should be documented
+dotnet_diagnostic.SA1611.severity = warning # Element parameters should be documented
+dotnet_diagnostic.SA1615.severity = warning # Element return value should be documented
+dotnet_diagnostic.SA1618.severity = warning # Generic type parameters should be documented
+
+# Code Analysis Rules - Design
+dotnet_diagnostic.CA1014.severity = none # Mark assemblies with CLSCompliant
+dotnet_diagnostic.CA1017.severity = none # Mark assemblies with ComVisible
+dotnet_diagnostic.CA1031.severity = warning # Do not catch general exception types
+dotnet_diagnostic.CA1034.severity = warning # Nested types should not be visible
+dotnet_diagnostic.CA1040.severity = warning # Avoid empty interfaces
+dotnet_diagnostic.CA1041.severity = warning # Provide ObsoleteAttribute message
+dotnet_diagnostic.CA1043.severity = warning # Use integral or string argument for indexers
+dotnet_diagnostic.CA1044.severity = warning # Properties should not be write only
+dotnet_diagnostic.CA1050.severity = warning # Declare types in namespaces
+dotnet_diagnostic.CA1051.severity = warning # Do not declare visible instance fields
+dotnet_diagnostic.CA1052.severity = warning # Static holder types should be sealed
+dotnet_diagnostic.CA1054.severity = warning # URI parameters should not be strings
+dotnet_diagnostic.CA1055.severity = warning # URI return values should not be strings
+dotnet_diagnostic.CA1056.severity = warning # URI properties should not be strings
+dotnet_diagnostic.CA1058.severity = warning # Types should not extend certain base types
+dotnet_diagnostic.CA1060.severity = warning # Move P/Invokes to NativeMethods class
+dotnet_diagnostic.CA1061.severity = warning # Do not hide base class methods
+dotnet_diagnostic.CA1062.severity = suggestion # Validate arguments of public methods
+dotnet_diagnostic.CA1063.severity = warning # Implement IDisposable correctly
+dotnet_diagnostic.CA1064.severity = warning # Exceptions should be public
+dotnet_diagnostic.CA1065.severity = warning # Do not raise exceptions in unexpected locations
+dotnet_diagnostic.CA1066.severity = warning # Implement IEquatable when overriding Equals
+dotnet_diagnostic.CA1067.severity = warning # Override Equals when implementing IEquatable
+dotnet_diagnostic.CA1068.severity = warning # CancellationToken parameters must come last
+
+# Code Analysis Rules - Globalization
+dotnet_diagnostic.CA1303.severity = none # Do not pass literals as localized parameters
+dotnet_diagnostic.CA1304.severity = warning # Specify CultureInfo
+dotnet_diagnostic.CA1305.severity = warning # Specify IFormatProvider
+dotnet_diagnostic.CA1307.severity = warning # Specify StringComparison for clarity
+dotnet_diagnostic.CA1308.severity = warning # Normalize strings to uppercase
+dotnet_diagnostic.CA1309.severity = warning # Use ordinal StringComparison
+dotnet_diagnostic.CA1310.severity = warning # Specify StringComparison for correctness
+
+# Code Analysis Rules - Naming
+dotnet_diagnostic.CA1707.severity = none # Identifiers should not contain underscores (allow for test methods)
+dotnet_diagnostic.CA1708.severity = warning # Identifiers should differ by more than case
+dotnet_diagnostic.CA1710.severity = warning # Identifiers should have correct suffix
+dotnet_diagnostic.CA1711.severity = warning # Identifiers should not have incorrect suffix
+dotnet_diagnostic.CA1712.severity = warning # Do not prefix enum values with type name
+dotnet_diagnostic.CA1713.severity = warning # Events should not have before or after prefix
+dotnet_diagnostic.CA1714.severity = warning # Flags enums should have plural names
+dotnet_diagnostic.CA1715.severity = warning # Identifiers should have correct prefix
+dotnet_diagnostic.CA1716.severity = warning # Identifiers should not match keywords
+dotnet_diagnostic.CA1717.severity = warning # Only FlagsAttribute enums should have plural names
+dotnet_diagnostic.CA1720.severity = warning # Identifiers should not contain type names
+dotnet_diagnostic.CA1721.severity = warning # Property names should not match get methods
+dotnet_diagnostic.CA1724.severity = warning # Type names should not match namespaces
+dotnet_diagnostic.CA1725.severity = warning # Parameter names should match base declaration
+
+# Code Analysis Rules - Performance
+dotnet_diagnostic.CA1805.severity = warning # Do not initialize unnecessarily
+dotnet_diagnostic.CA1806.severity = warning # Do not ignore method results
+dotnet_diagnostic.CA1810.severity = warning # Initialize reference type static fields inline
+dotnet_diagnostic.CA1812.severity = warning # Avoid uninstantiated internal classes
+dotnet_diagnostic.CA1813.severity = warning # Avoid unsealed attributes
+dotnet_diagnostic.CA1814.severity = warning # Prefer jagged arrays over multidimensional
+dotnet_diagnostic.CA1815.severity = warning # Override equals and operator equals on value types
+dotnet_diagnostic.CA1816.severity = warning # Call GC.SuppressFinalize correctly
+dotnet_diagnostic.CA1819.severity = warning # Properties should not return arrays
+dotnet_diagnostic.CA1820.severity = warning # Test for empty strings using string length
+dotnet_diagnostic.CA1821.severity = warning # Remove empty finalizers
+dotnet_diagnostic.CA1822.severity = suggestion # Mark members as static
+dotnet_diagnostic.CA1823.severity = warning # Avoid unused private fields
+dotnet_diagnostic.CA1824.severity = warning # Mark assemblies with NeutralResourcesLanguageAttribute
+dotnet_diagnostic.CA1825.severity = warning # Avoid zero-length array allocations
+
+# Code Analysis Rules - Reliability
+dotnet_diagnostic.CA2000.severity = warning # Dispose objects before losing scope
+dotnet_diagnostic.CA2002.severity = warning # Do not lock on objects with weak identity
+dotnet_diagnostic.CA2007.severity = none # Do not directly await a Task (library code pattern)
+dotnet_diagnostic.CA2008.severity = warning # Do not create tasks without passing a TaskScheduler
+dotnet_diagnostic.CA2009.severity = warning # Do not call ToImmutableCollection on an ImmutableCollection value
+dotnet_diagnostic.CA2011.severity = warning # Do not assign property within its setter
+dotnet_diagnostic.CA2012.severity = warning # Use ValueTasks correctly
+dotnet_diagnostic.CA2013.severity = warning # Do not use ReferenceEquals with value types
+dotnet_diagnostic.CA2014.severity = warning # Do not use stackalloc in loops
+dotnet_diagnostic.CA2015.severity = warning # Do not define finalizers for types derived from MemoryManager<T>
+
+# Code Analysis Rules - Security
+dotnet_diagnostic.CA2100.severity = warning # Review SQL queries for security vulnerabilities
+dotnet_diagnostic.CA2109.severity = warning # Review visible event handlers
+dotnet_diagnostic.CA2119.severity = warning # Seal methods that satisfy private interfaces
+dotnet_diagnostic.CA2153.severity = warning # Avoid handling Corrupted State Exceptions
+
+# Code Analysis Rules - Usage
+dotnet_diagnostic.CA2200.severity = warning # Rethrow to preserve stack details
+dotnet_diagnostic.CA2201.severity = warning # Do not raise reserved exception types
+dotnet_diagnostic.CA2207.severity = warning # Initialize value type static fields inline
+dotnet_diagnostic.CA2208.severity = warning # Instantiate argument exceptions correctly
+dotnet_diagnostic.CA2211.severity = warning # Non-constant fields should not be visible
+dotnet_diagnostic.CA2213.severity = warning # Disposable fields should be disposed
+dotnet_diagnostic.CA2214.severity = warning # Do not call overridable methods in constructors
+dotnet_diagnostic.CA2215.severity = warning # Dispose methods should call base class dispose
+dotnet_diagnostic.CA2216.severity = warning # Disposable types should declare finalizer
+dotnet_diagnostic.CA2217.severity = warning # Do not mark enums with FlagsAttribute
+dotnet_diagnostic.CA2218.severity = warning # Override GetHashCode on overriding Equals
+dotnet_diagnostic.CA2219.severity = warning # Do not raise exceptions in exception clauses
+dotnet_diagnostic.CA2224.severity = warning # Override Equals on overloading operator equals
+dotnet_diagnostic.CA2225.severity = warning # Operator overloads have named alternates
+dotnet_diagnostic.CA2226.severity = warning # Operators should have symmetrical overloads
+dotnet_diagnostic.CA2227.severity = warning # Collection properties should be read only
+dotnet_diagnostic.CA2229.severity = warning # Implement serialization constructors
+dotnet_diagnostic.CA2231.severity = warning # Overload operator equals on overriding ValueType.Equals
+dotnet_diagnostic.CA2234.severity = warning # Pass System.Uri objects instead of strings
+dotnet_diagnostic.CA2235.severity = warning # Mark all non-serializable fields
+dotnet_diagnostic.CA2237.severity = warning # Mark ISerializable types with SerializableAttribute
+dotnet_diagnostic.CA2241.severity = warning # Provide correct arguments to formatting methods
+dotnet_diagnostic.CA2242.severity = warning # Test for NaN correctly
+dotnet_diagnostic.CA2243.severity = warning # Attribute string literals should parse correctly
+dotnet_diagnostic.CA2244.severity = warning # Do not duplicate indexed element initializations
+dotnet_diagnostic.CA2245.severity = warning # Do not assign a property to itself
+dotnet_diagnostic.CA2246.severity = warning # Do not assign a symbol and its member in the same statement
+dotnet_diagnostic.CA2247.severity = warning # Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum
+dotnet_diagnostic.CA2248.severity = warning # Provide correct enum argument to Enum.HasFlag
+dotnet_diagnostic.CA2249.severity = warning # Consider using String.Contains instead of String.IndexOf
+
+# IDE Suggestions
+dotnet_diagnostic.IDE0001.severity = warning # Simplify name
+dotnet_diagnostic.IDE0002.severity = warning # Simplify member access
+dotnet_diagnostic.IDE0003.severity = warning # Remove this or Me qualification
+dotnet_diagnostic.IDE0004.severity = warning # Remove unnecessary cast
+dotnet_diagnostic.IDE0005.severity = warning # Remove unnecessary import
+dotnet_diagnostic.IDE0011.severity = warning # Add braces
+dotnet_diagnostic.IDE0035.severity = warning # Remove unreachable code
+dotnet_diagnostic.IDE0040.severity = warning # Add accessibility modifiers
+dotnet_diagnostic.IDE0051.severity = warning # Remove unused private member
+dotnet_diagnostic.IDE0052.severity = warning # Remove unread private member
+dotnet_diagnostic.IDE0055.severity = warning # Fix formatting
+dotnet_diagnostic.IDE0058.severity = none # Expression value is never used (allow discarding)
+dotnet_diagnostic.IDE0059.severity = warning # Unnecessary assignment of a value
+dotnet_diagnostic.IDE0060.severity = warning # Remove unused parameter
+dotnet_diagnostic.IDE0070.severity = warning # Use System.HashCode.Combine
+dotnet_diagnostic.IDE0071.severity = warning # Simplify interpolation
+dotnet_diagnostic.IDE0072.severity = warning # Add missing cases to switch expression
+dotnet_diagnostic.IDE0073.severity = none # File header (handled by templates)
+dotnet_diagnostic.IDE0080.severity = warning # Remove unnecessary suppression operator
+dotnet_diagnostic.IDE0100.severity = warning # Remove unnecessary equality operator
+dotnet_diagnostic.IDE0110.severity = warning # Remove unnecessary discard
+
 # Xml project files
 [*.{csproj,vcxproj,vcxproj.filters,proj,nativeproj,locproj}]
 indent_size = 2
diff --git a/Directory.Build.props b/Directory.Build.props
index c2a9281a5b..5825f09714 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -13,6 +13,12 @@
     <!-- Identify Server Projects -->
     <_RelativeProjectDir>$([System.IO.Path]::GetFullPath('$(MSBuildProjectDirectory)').Replace($([System.IO.Path]::GetFullPath('$(RepoRoot)')), ''))</_RelativeProjectDir>
     <IsServerProject Condition="'$(IsServerProject)' == '' and $(_RelativeProjectDir.StartsWith('servers')) and $(_RelativeProjectDir.EndsWith('src'))">true</IsServerProject>
+    
+    <!-- Code Analysis Settings -->
+    <EnableNETAnalyzers>true</EnableNETAnalyzers>
+    <AnalysisLevel>latest</AnalysisLevel>
+    <AnalysisMode>All</AnalysisMode>
+    <EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(BuildNative)' == 'true'">
@@ -59,4 +65,16 @@
     <Copyright>© Microsoft Corporation. All rights reserved.</Copyright>
     <RepositoryUrl>https://github.com/microsoft/mcp</RepositoryUrl>
   </PropertyGroup>
+
+  <!-- Roslyn Analyzers - Apply to all projects -->
+  <ItemGroup>
+    <PackageReference Include="StyleCop.Analyzers" PrivateAssets="All" />
+    <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" PrivateAssets="All" />
+  </ItemGroup>
+
+  <!-- Additional configuration for StyleCop -->
+  <PropertyGroup>
+    <CodeAnalysisRuleSet>$(MSBuildThisFileDirectory)StyleCop.ruleset</CodeAnalysisRuleSet>
+  </PropertyGroup>
+
 </Project>
diff --git a/Directory.Packages.props b/Directory.Packages.props
index 2a0e27828e..c8debad4ba 100644
--- a/Directory.Packages.props
+++ b/Directory.Packages.props
@@ -102,5 +102,9 @@
     <PackageVersion Include="xunit.v3.extensibility.core" Version="2.0.2" />
     <PackageVersion Include="xunit.runner.visualstudio" Version="3.1.0" />
     <PackageVersion Include="coverlet.collector" Version="6.0.4" />
+    <!-- Roslyn Analyzers for code quality and style enforcement -->
+    <PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.556" />
+    <PackageVersion Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="10.0.100" />
+    <PackageVersion Include="Microsoft.CodeAnalysis.PublicApiAnalyzers" Version="3.3.4" />
   </ItemGroup>
 </Project>
diff --git a/StyleCop.ruleset b/StyleCop.ruleset
new file mode 100644
index 0000000000..d7184963c9
--- /dev/null
+++ b/StyleCop.ruleset
@@ -0,0 +1,146 @@
+<?xml version="1.0" encoding="utf-8"?>
+<RuleSet Name="Microsoft MCP Analyzer Rules" Description="Code analysis rules for Microsoft MCP projects." ToolsVersion="16.0">
+  <Rules AnalyzerId="StyleCop.Analyzers" RuleNamespace="StyleCop.Analyzers">
+    <!-- Documentation Rules -->
+    <Rule Id="SA1600" Action="Warning" /> <!-- Elements should be documented -->
+    <Rule Id="SA1601" Action="Warning" /> <!-- Partial elements should be documented -->
+    <Rule Id="SA1602" Action="None" /> <!-- Enumeration items should be documented (disabled for internal enums) -->
+    <Rule Id="SA1633" Action="None" /> <!-- File should have header (handled by file templates) -->
+    
+    <!-- Layout Rules -->
+    <Rule Id="SA1500" Action="Warning" /> <!-- Braces for multi-line statements should not share line -->
+    <Rule Id="SA1501" Action="Warning" /> <!-- Statement should not be on a single line -->
+    <Rule Id="SA1502" Action="Warning" /> <!-- Element should not be on a single line -->
+    
+    <!-- Naming Rules -->
+    <Rule Id="SA1300" Action="Warning" /> <!-- Element should begin with upper-case letter -->
+    <Rule Id="SA1303" Action="Warning" /> <!-- Const field names should begin with upper-case letter -->
+    <Rule Id="SA1304" Action="Warning" /> <!-- Non-private readonly fields should begin with upper-case letter -->
+    <Rule Id="SA1306" Action="Warning" /> <!-- Field names should begin with lower-case letter -->
+    <Rule Id="SA1307" Action="Warning" /> <!-- Accessible fields should begin with upper-case letter -->
+    <Rule Id="SA1308" Action="Warning" /> <!-- Variable names should not be prefixed -->
+    <Rule Id="SA1309" Action="None" /> <!-- Field names should not begin with underscore (allow _ for private fields) -->
+    <Rule Id="SA1310" Action="Warning" /> <!-- Field names should not contain underscore -->
+    <Rule Id="SA1311" Action="Warning" /> <!-- Static readonly fields should begin with upper-case letter -->
+    
+    <!-- Ordering Rules -->
+    <Rule Id="SA1200" Action="None" /> <!-- Using directives should be placed correctly (handled by .editorconfig) -->
+    <Rule Id="SA1201" Action="Warning" /> <!-- Elements should appear in the correct order -->
+    <Rule Id="SA1202" Action="Warning" /> <!-- Elements should be ordered by access -->
+    <Rule Id="SA1203" Action="Warning" /> <!-- Constants should appear before fields -->
+    <Rule Id="SA1204" Action="Warning" /> <!-- Static elements should appear before instance elements -->
+    
+    <!-- Readability Rules -->
+    <Rule Id="SA1101" Action="None" /> <!-- Prefix local calls with this (optional) -->
+    <Rule Id="SA1116" Action="None" /> <!-- Split parameters should start on line after declaration (allow flexibility) -->
+    <Rule Id="SA1117" Action="None" /> <!-- Parameters should be on same line or separate lines (allow flexibility) -->
+    <Rule Id="SA1120" Action="Warning" /> <!-- Comments should contain text -->
+    <Rule Id="SA1121" Action="Warning" /> <!-- Use built-in type alias -->
+    <Rule Id="SA1122" Action="Warning" /> <!-- Use string.Empty for empty strings -->
+    <Rule Id="SA1124" Action="Warning" /> <!-- Do not use regions -->
+    <Rule Id="SA1133" Action="Warning" /> <!-- Do not combine attributes -->
+    <Rule Id="SA1134" Action="Warning" /> <!-- Attributes should not share line -->
+    
+    <!-- Spacing Rules -->
+    <Rule Id="SA1000" Action="Warning" /> <!-- Keywords should be spaced correctly -->
+    <Rule Id="SA1001" Action="Warning" /> <!-- Commas should be spaced correctly -->
+    <Rule Id="SA1002" Action="Warning" /> <!-- Semicolons should be spaced correctly -->
+  </Rules>
+  
+  <Rules AnalyzerId="Microsoft.CodeAnalysis.NetAnalyzers" RuleNamespace="Microsoft.CodeAnalysis.NetAnalyzers">
+    <!-- Design Rules -->
+    <Rule Id="CA1000" Action="Warning" /> <!-- Do not declare static members on generic types -->
+    <Rule Id="CA1001" Action="Warning" /> <!-- Types that own disposable fields should be disposable -->
+    <Rule Id="CA1010" Action="Warning" /> <!-- Generic interface should also be implemented -->
+    <Rule Id="CA1012" Action="Warning" /> <!-- Abstract types should not have public constructors -->
+    <Rule Id="CA1014" Action="None" /> <!-- Mark assemblies with CLSCompliant (optional for internal code) -->
+    <Rule Id="CA1016" Action="Warning" /> <!-- Mark assemblies with assembly version -->
+    <Rule Id="CA1017" Action="None" /> <!-- Mark assemblies with ComVisible (not needed for .NET Core) -->
+    <Rule Id="CA1018" Action="Warning" /> <!-- Mark attributes with AttributeUsageAttribute -->
+    
+    <!-- Globalization Rules -->
+    <Rule Id="CA1303" Action="None" /> <!-- Do not pass literals as localized parameters (disabled for now) -->
+    <Rule Id="CA1304" Action="Warning" /> <!-- Specify CultureInfo -->
+    <Rule Id="CA1305" Action="Warning" /> <!-- Specify IFormatProvider -->
+    <Rule Id="CA1307" Action="Warning" /> <!-- Specify StringComparison for clarity -->
+    <Rule Id="CA1308" Action="Warning" /> <!-- Normalize strings to uppercase -->
+    <Rule Id="CA1309" Action="Warning" /> <!-- Use ordinal string comparison -->
+    
+    <!-- Naming Rules -->
+    <Rule Id="CA1707" Action="None" /> <!-- Identifiers should not contain underscores (allow for test methods) -->
+    <Rule Id="CA1710" Action="Warning" /> <!-- Identifiers should have correct suffix -->
+    <Rule Id="CA1711" Action="Warning" /> <!-- Identifiers should not have incorrect suffix -->
+    <Rule Id="CA1712" Action="Warning" /> <!-- Do not prefix enum values with type name -->
+    <Rule Id="CA1715" Action="Warning" /> <!-- Identifiers should have correct prefix -->
+    <Rule Id="CA1716" Action="Warning" /> <!-- Identifiers should not match keywords -->
+    <Rule Id="CA1720" Action="Warning" /> <!-- Identifiers should not contain type names -->
+    <Rule Id="CA1721" Action="Warning" /> <!-- Property names should not match get methods -->
+    <Rule Id="CA1724" Action="Warning" /> <!-- Type names should not match namespaces -->
+    
+    <!-- Performance Rules -->
+    <Rule Id="CA1805" Action="Warning" /> <!-- Do not initialize unnecessarily -->
+    <Rule Id="CA1806" Action="Warning" /> <!-- Do not ignore method results -->
+    <Rule Id="CA1810" Action="Warning" /> <!-- Initialize reference type static fields inline -->
+    <Rule Id="CA1812" Action="Warning" /> <!-- Avoid uninstantiated internal classes -->
+    <Rule Id="CA1813" Action="Warning" /> <!-- Avoid unsealed attributes -->
+    <Rule Id="CA1814" Action="Warning" /> <!-- Prefer jagged arrays over multidimensional -->
+    <Rule Id="CA1815" Action="Warning" /> <!-- Override equals and operator equals on value types -->
+    <Rule Id="CA1819" Action="Warning" /> <!-- Properties should not return arrays -->
+    <Rule Id="CA1820" Action="Warning" /> <!-- Test for empty strings using string length -->
+    <Rule Id="CA1821" Action="Warning" /> <!-- Remove empty finalizers -->
+    <Rule Id="CA1822" Action="Warning" /> <!-- Mark members as static -->
+    <Rule Id="CA1823" Action="Warning" /> <!-- Avoid unused private fields -->
+    <Rule Id="CA1824" Action="Warning" /> <!-- Mark assemblies with NeutralResourcesLanguageAttribute -->
+    <Rule Id="CA1825" Action="Warning" /> <!-- Avoid zero-length array allocations -->
+    
+    <!-- Reliability Rules -->
+    <Rule Id="CA2000" Action="Warning" /> <!-- Dispose objects before losing scope -->
+    <Rule Id="CA2002" Action="Warning" /> <!-- Do not lock on objects with weak identity -->
+    <Rule Id="CA2007" Action="None" /> <!-- Do not directly await a Task (allow in library code) -->
+    <Rule Id="CA2008" Action="Warning" /> <!-- Do not create tasks without passing a TaskScheduler -->
+    <Rule Id="CA2009" Action="Warning" /> <!-- Do not call ToImmutableCollection on an ImmutableCollection value -->
+    <Rule Id="CA2011" Action="Warning" /> <!-- Do not assign property within its setter -->
+    <Rule Id="CA2012" Action="Warning" /> <!-- Use ValueTasks correctly -->
+    <Rule Id="CA2013" Action="Warning" /> <!-- Do not use ReferenceEquals with value types -->
+    <Rule Id="CA2014" Action="Warning" /> <!-- Do not use stackalloc in loops -->
+    <Rule Id="CA2015" Action="Warning" /> <!-- Do not define finalizers for types derived from MemoryManager<T> -->
+    <Rule Id="CA2016" Action="Warning" /> <!-- Forward the CancellationToken parameter to methods that take one -->
+    
+    <!-- Security Rules -->
+    <Rule Id="CA2100" Action="Warning" /> <!-- Review SQL queries for security vulnerabilities -->
+    <Rule Id="CA2109" Action="Warning" /> <!-- Review visible event handlers -->
+    <Rule Id="CA2119" Action="Warning" /> <!-- Seal methods that satisfy private interfaces -->
+    <Rule Id="CA2153" Action="Warning" /> <!-- Do not catch corrupted state exceptions -->
+    
+    <!-- Usage Rules -->
+    <Rule Id="CA2200" Action="Warning" /> <!-- Rethrow to preserve stack details -->
+    <Rule Id="CA2201" Action="Warning" /> <!-- Do not raise reserved exception types -->
+    <Rule Id="CA2207" Action="Warning" /> <!-- Initialize value type static fields inline -->
+    <Rule Id="CA2208" Action="Warning" /> <!-- Instantiate argument exceptions correctly -->
+    <Rule Id="CA2211" Action="Warning" /> <!-- Non-constant fields should not be visible -->
+    <Rule Id="CA2213" Action="Warning" /> <!-- Disposable fields should be disposed -->
+    <Rule Id="CA2214" Action="Warning" /> <!-- Do not call overridable methods in constructors -->
+    <Rule Id="CA2215" Action="Warning" /> <!-- Dispose methods should call base class dispose -->
+    <Rule Id="CA2216" Action="Warning" /> <!-- Disposable types should declare finalizer -->
+    <Rule Id="CA2217" Action="Warning" /> <!-- Do not mark enums with FlagsAttribute -->
+    <Rule Id="CA2218" Action="Warning" /> <!-- Override GetHashCode on overriding Equals -->
+    <Rule Id="CA2219" Action="Warning" /> <!-- Do not raise exceptions in exception clauses -->
+    <Rule Id="CA2225" Action="Warning" /> <!-- Operator overloads have named alternates -->
+    <Rule Id="CA2226" Action="Warning" /> <!-- Operators should have symmetrical overloads -->
+    <Rule Id="CA2227" Action="Warning" /> <!-- Collection properties should be read only -->
+    <Rule Id="CA2229" Action="Warning" /> <!-- Implement serialization constructors -->
+    <Rule Id="CA2231" Action="Warning" /> <!-- Overload operator equals on overriding ValueType.Equals -->
+    <Rule Id="CA2234" Action="Warning" /> <!-- Pass System.Uri objects instead of strings -->
+    <Rule Id="CA2235" Action="Warning" /> <!-- Mark all non-serializable fields -->
+    <Rule Id="CA2237" Action="Warning" /> <!-- Mark ISerializable types with SerializableAttribute -->
+    <Rule Id="CA2241" Action="Warning" /> <!-- Provide correct arguments to formatting methods -->
+    <Rule Id="CA2242" Action="Warning" /> <!-- Test for NaN correctly -->
+    <Rule Id="CA2243" Action="Warning" /> <!-- Attribute string literals should parse correctly -->
+    <Rule Id="CA2244" Action="Warning" /> <!-- Do not duplicate indexed element initializations -->
+    <Rule Id="CA2245" Action="Warning" /> <!-- Do not assign a property to itself -->
+    <Rule Id="CA2246" Action="Warning" /> <!-- Do not assign a symbol and its member in the same statement -->
+    <Rule Id="CA2247" Action="Warning" /> <!-- Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum -->
+    <Rule Id="CA2248" Action="Warning" /> <!-- Provide correct enum argument to Enum.HasFlag -->
+    <Rule Id="CA2249" Action="Warning" /> <!-- Consider using String.Contains instead of String.IndexOf -->
+  </Rules>
+</RuleSet>
diff --git a/docs/GlobalSuppressions.cs.template b/docs/GlobalSuppressions.cs.template
new file mode 100644
index 0000000000..7f9bf9274d
--- /dev/null
+++ b/docs/GlobalSuppressions.cs.template
@@ -0,0 +1,68 @@
+// This file is used by Code Analysis to maintain SuppressMessage
+// attributes that are applied to this project.
+// Project-level suppressions either have no target or are given
+// a specific target and scoped to a namespace, type, member, etc.
+//
+// To add a suppression to this project:
+// 1. Copy this file to your project root as "GlobalSuppressions.cs"
+// 2. Add suppression attributes using one of the patterns below
+// 3. Document WHY the suppression is needed in the Justification parameter
+//
+// IMPORTANT: Use suppressions sparingly. Only suppress warnings when:
+// - The rule doesn't apply to your specific context
+// - You have a legitimate reason that cannot be fixed by code changes
+// - The warning is a false positive
+//
+// Always provide a clear justification explaining why the suppression is needed.
+
+using System.Diagnostics.CodeAnalysis;
+
+// Example: Suppress a specific rule for the entire assembly
+// [assembly: SuppressMessage("Category", "RuleId:RuleName", Justification = "Explanation here")]
+
+// Example: Suppress CA1014 (Mark assemblies with CLSCompliant) for the entire assembly
+// [assembly: SuppressMessage("Design", "CA1014:Mark assemblies with CLSCompliant", 
+//     Justification = "This assembly is not intended for CLS-compliant consumption")]
+
+// Example: Suppress CA1303 (Do not pass literals as localized parameters) for specific namespace
+// [assembly: SuppressMessage("Globalization", "CA1303:Do not pass literals as localized parameters", 
+//     Scope = "namespace", 
+//     Target = "~N:YourNamespace", 
+//     Justification = "This namespace does not require localization")]
+
+// Example: Suppress CA1031 (Do not catch general exception types) for a specific type
+// [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", 
+//     Scope = "type", 
+//     Target = "~T:YourNamespace.YourClass", 
+//     Justification = "Top-level exception handler requires catching all exceptions")]
+
+// Example: Suppress CA1062 (Validate arguments of public methods) for a specific member
+// [assembly: SuppressMessage("Design", "CA1062:Validate arguments of public methods", 
+//     Scope = "member", 
+//     Target = "~M:YourNamespace.YourClass.YourMethod(System.String)", 
+//     Justification = "Argument validation is performed by caller")]
+
+// Example: Suppress StyleCop SA1600 (Elements should be documented) for internal types
+// [assembly: SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1600:Elements should be documented", 
+//     Scope = "type", 
+//     Target = "~T:YourNamespace.InternalHelperClass", 
+//     Justification = "Internal implementation detail, documentation not required")]
+
+// Common suppressions you might need:
+
+// Suppress documentation requirements for test projects
+// [assembly: SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1600:Elements should be documented", 
+//     Justification = "Test methods do not require XML documentation")]
+
+// Suppress async suffix requirements for test methods
+// [assembly: SuppressMessage("Naming", "VSTHRD200:Use Async suffix for async methods", 
+//     Scope = "namespaceanddescendants", 
+//     Target = "~N:YourNamespace.Tests", 
+//     Justification = "Test method names follow different conventions")]
+
+// For more information on suppression attributes:
+// https://learn.microsoft.com/dotnet/fundamentals/code-analysis/suppress-warnings
+//
+// Target syntax reference:
+// https://github.com/dotnet/roslyn/blob/main/docs/analyzers/Rule%20Suppression%20Attributes.md
+