Merging Develop to Main

ide_rules/.github/instructions/codeguard-0-additional-cryptography.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml
+applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml'
 title: Additional Cryptography guidance
 version: 1.0.0
 ---

ide_rules/.github/instructions/codeguard-0-api-web-services.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml
+applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml'
 title: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z,
   SSRF
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-authentication-mfa.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx
+applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx'
 title: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, recovery,
   tokens)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-authorization-access-control.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.yaml,**/*.yml
+applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.yaml,**/*.yml'
 title: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, transaction
   auth)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-client-side-web-security.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.h,**/*.htm,**/*.html,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ts,**/*.tsx,**/*.v
+applyTo: '**/*.c,**/*.h,**/*.htm,**/*.html,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ts,**/*.tsx,**/*.v'
 title: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, third-party
   JS)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-cloud-orchestration-kubernetes.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml
+applyTo: '**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml'
 title: Kubernetes hardening (RBAC, admission policies, network policies, secrets,
   supply chain)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-data-storage.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.ddl,**/*.dml,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.sql,**/*.yaml,**/*.yml
+applyTo: '**/*.c,**/*.ddl,**/*.dml,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.sql,**/*.yaml,**/*.yml'
 title: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, backups,
   auditing)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-devops-ci-cd-containers.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.bash,**/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.sh,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml,Dockerfile*,docker-compose*
+applyTo: '**/*.bash,**/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.sh,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml,Dockerfile*,docker-compose*'
 title: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s images,
   virtual patching, toolchain)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-file-handling-and-uploads.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx
+applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx'
 title: Secure file handling & uploads (validation, storage isolation, scanning, safe
   delivery)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-framework-and-languages.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml
+applyTo: '**/*.c,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml'
 title: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, .NET,
   Java/JAAS, Node.js, PHP config)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-iac-security.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.bash,**/*.c,**/*.d,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.rb,**/*.sh,**/*.yaml,**/*.yml
+applyTo: '**/*.bash,**/*.c,**/*.d,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.rb,**/*.sh,**/*.yaml,**/*.yml'
 title: Infrastructure as Code Security
 version: 1.0.0
 ---

ide_rules/.github/instructions/codeguard-0-input-validation-injection.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.bash,**/*.c,**/*.ddl,**/*.dml,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ps1,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.sh,**/*.sql,**/*.ts,**/*.tsx
+applyTo: '**/*.bash,**/*.c,**/*.ddl,**/*.dml,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ps1,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.sh,**/*.sql,**/*.ts,**/*.tsx'
 title: Input validation and injection defense (SQL/LDAP/OS), parameterization, prototype
   pollution
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-logging.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml
+applyTo: '**/*.c,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml'
 title: Logging & monitoring (structured telemetry, redaction, integrity, detection
   & alerting)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-mobile-apps.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.pl,**/*.pm,**/*.swift,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt
+applyTo: '**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.pl,**/*.pm,**/*.swift,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt'
 title: 'Mobile app security (iOS/Android): storage, transport, code integrity, biometrics,
   permissions'
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-privacy-data-protection.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.js,**/*.jsx,**/*.m,**/*.mjs,**/*.yaml,**/*.yml
+applyTo: '**/*.js,**/*.jsx,**/*.m,**/*.mjs,**/*.yaml,**/*.yml'
 title: Privacy & data protection (minimization, classification, encryption, rights,
   transparency)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-session-management-and-cookies.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx
+applyTo: '**/*.c,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx'
 title: Session management and secure cookies (rotation, fixation, timeouts, theft
   detection)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-supply-chain-security.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml,Dockerfile*,docker-compose*
+applyTo: '**/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml,Dockerfile*,docker-compose*'
 title: Dependency & supply chain security (pinning, SBOM, provenance, integrity, private
   registries)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-0-xml-and-serialization.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*.c,**/*.go,**/*.h,**/*.java,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt
+applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt'
 title: XML security and safe deserialization (DTD/XXE hardening, schema validation,
   no unsafe native deserialization)
 version: 1.0.0

ide_rules/.github/instructions/codeguard-1-crypto-algorithms.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*
+applyTo: '**/*'
 title: Cryptographic Security Guidelines
 version: 1.0.0
 ---

ide_rules/.github/instructions/codeguard-1-digital-certificates.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*
+applyTo: '**/*'
 title: Certificate Best Practices
 version: 1.0.0
 ---

ide_rules/.github/instructions/codeguard-1-hardcoded-credentials.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*
+applyTo: '**/*'
 title: No Hardcoded Credentials
 version: 1.0.0
 ---

ide_rules/.github/instructions/codeguard-1-safe-c-functions.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: **/*
+applyTo: '**/*'
 title: Safe C Functions and Memory and String Safety Guidelines
 version: 1.0.0
 ---

src/formats/copilot.py

@@ -47,7 +47,7 @@ def generate(self, rule: ProcessedRule, globs: str) -> str:
         yaml_lines = []
 
         # Add applyTo (Copilot's equivalent of globs)
-        yaml_lines.append(f"applyTo: {globs}")
+        yaml_lines.append(f"applyTo: '{globs}'")
 
         # Add title
         title = self._format_yaml_field("title", rule.description)