diff --git a/ide_rules/.cursor/rules/codeguard-0-api-web-services.mdc b/ide_rules/.cursor/rules/codeguard-0-api-web-services.mdc index cf0755f..ff2faec 100644 --- a/ide_rules/.cursor/rules/codeguard-0-api-web-services.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-api-web-services.mdc @@ -1,6 +1,5 @@ --- -description: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, - SSRF +description: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, SSRF globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-authentication-mfa.mdc b/ide_rules/.cursor/rules/codeguard-0-authentication-mfa.mdc index 50eab9c..34c52b3 100644 --- a/ide_rules/.cursor/rules/codeguard-0-authentication-mfa.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-authentication-mfa.mdc @@ -1,6 +1,5 @@ --- -description: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, - recovery, tokens) +description: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, recovery, tokens) globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-authorization-access-control.mdc b/ide_rules/.cursor/rules/codeguard-0-authorization-access-control.mdc index 981311c..aa1b5a2 100644 --- a/ide_rules/.cursor/rules/codeguard-0-authorization-access-control.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-authorization-access-control.mdc @@ -1,6 +1,5 @@ --- -description: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, - transaction auth) +description: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, transaction auth) globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.yaml,**/*.yml version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-client-side-web-security.mdc b/ide_rules/.cursor/rules/codeguard-0-client-side-web-security.mdc index cc3c731..01ecf08 100644 --- a/ide_rules/.cursor/rules/codeguard-0-client-side-web-security.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-client-side-web-security.mdc @@ -1,6 +1,5 @@ --- -description: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, - third-party JS) +description: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, third-party JS) globs: **/*.c,**/*.h,**/*.htm,**/*.html,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ts,**/*.tsx,**/*.v version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-cloud-orchestration-kubernetes.mdc b/ide_rules/.cursor/rules/codeguard-0-cloud-orchestration-kubernetes.mdc index 311a1f9..107fe9e 100644 --- a/ide_rules/.cursor/rules/codeguard-0-cloud-orchestration-kubernetes.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-cloud-orchestration-kubernetes.mdc @@ -1,6 +1,5 @@ --- -description: Kubernetes hardening (RBAC, admission policies, network policies, secrets, - supply chain) +description: Kubernetes hardening (RBAC, admission policies, network policies, secrets, supply chain) globs: **/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-data-storage.mdc b/ide_rules/.cursor/rules/codeguard-0-data-storage.mdc index f7947c8..3ec704e 100644 --- a/ide_rules/.cursor/rules/codeguard-0-data-storage.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-data-storage.mdc @@ -1,6 +1,5 @@ --- -description: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, - backups, auditing) +description: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, backups, auditing) globs: **/*.c,**/*.ddl,**/*.dml,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.sql,**/*.yaml,**/*.yml version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-devops-ci-cd-containers.mdc b/ide_rules/.cursor/rules/codeguard-0-devops-ci-cd-containers.mdc index d073e86..4e40a47 100644 --- a/ide_rules/.cursor/rules/codeguard-0-devops-ci-cd-containers.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-devops-ci-cd-containers.mdc @@ -1,6 +1,5 @@ --- -description: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s - images, virtual patching, toolchain) +description: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s images, virtual patching, toolchain) globs: **/*.bash,**/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.sh,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml,Dockerfile*,docker-compose* version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-file-handling-and-uploads.mdc b/ide_rules/.cursor/rules/codeguard-0-file-handling-and-uploads.mdc index 535d1cc..a601195 100644 --- a/ide_rules/.cursor/rules/codeguard-0-file-handling-and-uploads.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-file-handling-and-uploads.mdc @@ -1,6 +1,5 @@ --- -description: Secure file handling & uploads (validation, storage isolation, scanning, - safe delivery) +description: Secure file handling & uploads (validation, storage isolation, scanning, safe delivery) globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-framework-and-languages.mdc b/ide_rules/.cursor/rules/codeguard-0-framework-and-languages.mdc index d4d805c..0b6bd62 100644 --- a/ide_rules/.cursor/rules/codeguard-0-framework-and-languages.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-framework-and-languages.mdc @@ -1,6 +1,5 @@ --- -description: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, - .NET, Java/JAAS, Node.js, PHP config) +description: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, .NET, Java/JAAS, Node.js, PHP config) globs: **/*.c,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-input-validation-injection.mdc b/ide_rules/.cursor/rules/codeguard-0-input-validation-injection.mdc index b261420..a15cda1 100644 --- a/ide_rules/.cursor/rules/codeguard-0-input-validation-injection.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-input-validation-injection.mdc @@ -1,6 +1,5 @@ --- -description: Input validation and injection defense (SQL/LDAP/OS), parameterization, - prototype pollution +description: Input validation and injection defense (SQL/LDAP/OS), parameterization, prototype pollution globs: **/*.bash,**/*.c,**/*.ddl,**/*.dml,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ps1,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.sh,**/*.sql,**/*.ts,**/*.tsx version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-logging.mdc b/ide_rules/.cursor/rules/codeguard-0-logging.mdc index 872d3ed..445e658 100644 --- a/ide_rules/.cursor/rules/codeguard-0-logging.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-logging.mdc @@ -1,6 +1,5 @@ --- -description: Logging & monitoring (structured telemetry, redaction, integrity, detection - & alerting) +description: Logging & monitoring (structured telemetry, redaction, integrity, detection & alerting) globs: **/*.c,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-mobile-apps.mdc b/ide_rules/.cursor/rules/codeguard-0-mobile-apps.mdc index 28839b5..d601c3e 100644 --- a/ide_rules/.cursor/rules/codeguard-0-mobile-apps.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-mobile-apps.mdc @@ -1,6 +1,5 @@ --- -description: 'Mobile app security (iOS/Android): storage, transport, code integrity, - biometrics, permissions' +description: 'Mobile app security (iOS/Android): storage, transport, code integrity, biometrics, permissions' globs: **/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.pl,**/*.pm,**/*.swift,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-privacy-data-protection.mdc b/ide_rules/.cursor/rules/codeguard-0-privacy-data-protection.mdc index fb3a376..56d1d5a 100644 --- a/ide_rules/.cursor/rules/codeguard-0-privacy-data-protection.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-privacy-data-protection.mdc @@ -1,6 +1,5 @@ --- -description: Privacy & data protection (minimization, classification, encryption, - rights, transparency) +description: Privacy & data protection (minimization, classification, encryption, rights, transparency) globs: **/*.js,**/*.jsx,**/*.m,**/*.mjs,**/*.yaml,**/*.yml version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-session-management-and-cookies.mdc b/ide_rules/.cursor/rules/codeguard-0-session-management-and-cookies.mdc index 608bead..868c1b7 100644 --- a/ide_rules/.cursor/rules/codeguard-0-session-management-and-cookies.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-session-management-and-cookies.mdc @@ -1,6 +1,5 @@ --- -description: Session management and secure cookies (rotation, fixation, timeouts, - theft detection) +description: Session management and secure cookies (rotation, fixation, timeouts, theft detection) globs: **/*.c,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-supply-chain-security.mdc b/ide_rules/.cursor/rules/codeguard-0-supply-chain-security.mdc index 429fca8..7bf2c18 100644 --- a/ide_rules/.cursor/rules/codeguard-0-supply-chain-security.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-supply-chain-security.mdc @@ -1,6 +1,5 @@ --- -description: Dependency & supply chain security (pinning, SBOM, provenance, integrity, - private registries) +description: Dependency & supply chain security (pinning, SBOM, provenance, integrity, private registries) globs: **/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml,Dockerfile*,docker-compose* version: 1.0.0 --- diff --git a/ide_rules/.cursor/rules/codeguard-0-xml-and-serialization.mdc b/ide_rules/.cursor/rules/codeguard-0-xml-and-serialization.mdc index 46768e9..136ccaf 100644 --- a/ide_rules/.cursor/rules/codeguard-0-xml-and-serialization.mdc +++ b/ide_rules/.cursor/rules/codeguard-0-xml-and-serialization.mdc @@ -1,6 +1,5 @@ --- -description: XML security and safe deserialization (DTD/XXE hardening, schema validation, - no unsafe native deserialization) +description: XML security and safe deserialization (DTD/XXE hardening, schema validation, no unsafe native deserialization) globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-additional-cryptography.instructions.md b/ide_rules/.github/instructions/codeguard-0-additional-cryptography.instructions.md index c4cf5d8..c0508cc 100644 --- a/ide_rules/.github/instructions/codeguard-0-additional-cryptography.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-additional-cryptography.instructions.md @@ -1,6 +1,6 @@ --- applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml' -title: Additional Cryptography guidance +description: Additional Cryptography guidance version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-api-web-services.instructions.md b/ide_rules/.github/instructions/codeguard-0-api-web-services.instructions.md index b8d30f2..9e42c6c 100644 --- a/ide_rules/.github/instructions/codeguard-0-api-web-services.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-api-web-services.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml' -title: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, - SSRF +description: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, SSRF version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-authentication-mfa.instructions.md b/ide_rules/.github/instructions/codeguard-0-authentication-mfa.instructions.md index f0ddae9..5b024bb 100644 --- a/ide_rules/.github/instructions/codeguard-0-authentication-mfa.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-authentication-mfa.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx' -title: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, recovery, - tokens) +description: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, recovery, tokens) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-authorization-access-control.instructions.md b/ide_rules/.github/instructions/codeguard-0-authorization-access-control.instructions.md index 94ad6b0..aa0615c 100644 --- a/ide_rules/.github/instructions/codeguard-0-authorization-access-control.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-authorization-access-control.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.yaml,**/*.yml' -title: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, transaction - auth) +description: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, transaction auth) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-client-side-web-security.instructions.md b/ide_rules/.github/instructions/codeguard-0-client-side-web-security.instructions.md index 850f1e8..69eede5 100644 --- a/ide_rules/.github/instructions/codeguard-0-client-side-web-security.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-client-side-web-security.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.h,**/*.htm,**/*.html,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ts,**/*.tsx,**/*.v' -title: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, third-party - JS) +description: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, third-party JS) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-cloud-orchestration-kubernetes.instructions.md b/ide_rules/.github/instructions/codeguard-0-cloud-orchestration-kubernetes.instructions.md index a997301..5f82912 100644 --- a/ide_rules/.github/instructions/codeguard-0-cloud-orchestration-kubernetes.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-cloud-orchestration-kubernetes.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml' -title: Kubernetes hardening (RBAC, admission policies, network policies, secrets, - supply chain) +description: Kubernetes hardening (RBAC, admission policies, network policies, secrets, supply chain) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-data-storage.instructions.md b/ide_rules/.github/instructions/codeguard-0-data-storage.instructions.md index 0f45313..e92f7bd 100644 --- a/ide_rules/.github/instructions/codeguard-0-data-storage.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-data-storage.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.ddl,**/*.dml,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.sql,**/*.yaml,**/*.yml' -title: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, backups, - auditing) +description: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, backups, auditing) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-devops-ci-cd-containers.instructions.md b/ide_rules/.github/instructions/codeguard-0-devops-ci-cd-containers.instructions.md index 44e4c4d..de380d9 100644 --- a/ide_rules/.github/instructions/codeguard-0-devops-ci-cd-containers.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-devops-ci-cd-containers.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.bash,**/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.sh,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml,Dockerfile*,docker-compose*' -title: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s images, - virtual patching, toolchain) +description: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s images, virtual patching, toolchain) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-file-handling-and-uploads.instructions.md b/ide_rules/.github/instructions/codeguard-0-file-handling-and-uploads.instructions.md index 258d87d..7a6ef7a 100644 --- a/ide_rules/.github/instructions/codeguard-0-file-handling-and-uploads.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-file-handling-and-uploads.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx' -title: Secure file handling & uploads (validation, storage isolation, scanning, safe - delivery) +description: Secure file handling & uploads (validation, storage isolation, scanning, safe delivery) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-framework-and-languages.instructions.md b/ide_rules/.github/instructions/codeguard-0-framework-and-languages.instructions.md index 2f168ab..e0a7fcc 100644 --- a/ide_rules/.github/instructions/codeguard-0-framework-and-languages.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-framework-and-languages.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml' -title: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, .NET, - Java/JAAS, Node.js, PHP config) +description: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, .NET, Java/JAAS, Node.js, PHP config) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-iac-security.instructions.md b/ide_rules/.github/instructions/codeguard-0-iac-security.instructions.md index cd377fd..4586e30 100644 --- a/ide_rules/.github/instructions/codeguard-0-iac-security.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-iac-security.instructions.md @@ -1,6 +1,6 @@ --- applyTo: '**/*.bash,**/*.c,**/*.d,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.rb,**/*.sh,**/*.yaml,**/*.yml' -title: Infrastructure as Code Security +description: Infrastructure as Code Security version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-input-validation-injection.instructions.md b/ide_rules/.github/instructions/codeguard-0-input-validation-injection.instructions.md index 8736f75..44d946b 100644 --- a/ide_rules/.github/instructions/codeguard-0-input-validation-injection.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-input-validation-injection.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.bash,**/*.c,**/*.ddl,**/*.dml,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ps1,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.sh,**/*.sql,**/*.ts,**/*.tsx' -title: Input validation and injection defense (SQL/LDAP/OS), parameterization, prototype - pollution +description: Input validation and injection defense (SQL/LDAP/OS), parameterization, prototype pollution version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-logging.instructions.md b/ide_rules/.github/instructions/codeguard-0-logging.instructions.md index 46fc614..e5dbf9c 100644 --- a/ide_rules/.github/instructions/codeguard-0-logging.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-logging.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml' -title: Logging & monitoring (structured telemetry, redaction, integrity, detection - & alerting) +description: Logging & monitoring (structured telemetry, redaction, integrity, detection & alerting) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-mobile-apps.instructions.md b/ide_rules/.github/instructions/codeguard-0-mobile-apps.instructions.md index a87e5e4..61c3ca7 100644 --- a/ide_rules/.github/instructions/codeguard-0-mobile-apps.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-mobile-apps.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.pl,**/*.pm,**/*.swift,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt' -title: 'Mobile app security (iOS/Android): storage, transport, code integrity, biometrics, - permissions' +description: 'Mobile app security (iOS/Android): storage, transport, code integrity, biometrics, permissions' version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-privacy-data-protection.instructions.md b/ide_rules/.github/instructions/codeguard-0-privacy-data-protection.instructions.md index defb1df..5d509f6 100644 --- a/ide_rules/.github/instructions/codeguard-0-privacy-data-protection.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-privacy-data-protection.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.js,**/*.jsx,**/*.m,**/*.mjs,**/*.yaml,**/*.yml' -title: Privacy & data protection (minimization, classification, encryption, rights, - transparency) +description: Privacy & data protection (minimization, classification, encryption, rights, transparency) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-session-management-and-cookies.instructions.md b/ide_rules/.github/instructions/codeguard-0-session-management-and-cookies.instructions.md index f915bd7..2c369a2 100644 --- a/ide_rules/.github/instructions/codeguard-0-session-management-and-cookies.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-session-management-and-cookies.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx' -title: Session management and secure cookies (rotation, fixation, timeouts, theft - detection) +description: Session management and secure cookies (rotation, fixation, timeouts, theft detection) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-supply-chain-security.instructions.md b/ide_rules/.github/instructions/codeguard-0-supply-chain-security.instructions.md index fc00a9c..73b230d 100644 --- a/ide_rules/.github/instructions/codeguard-0-supply-chain-security.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-supply-chain-security.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml,Dockerfile*,docker-compose*' -title: Dependency & supply chain security (pinning, SBOM, provenance, integrity, private - registries) +description: Dependency & supply chain security (pinning, SBOM, provenance, integrity, private registries) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-0-xml-and-serialization.instructions.md b/ide_rules/.github/instructions/codeguard-0-xml-and-serialization.instructions.md index 65707c7..71ac9e2 100644 --- a/ide_rules/.github/instructions/codeguard-0-xml-and-serialization.instructions.md +++ b/ide_rules/.github/instructions/codeguard-0-xml-and-serialization.instructions.md @@ -1,7 +1,6 @@ --- applyTo: '**/*.c,**/*.go,**/*.h,**/*.java,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt' -title: XML security and safe deserialization (DTD/XXE hardening, schema validation, - no unsafe native deserialization) +description: XML security and safe deserialization (DTD/XXE hardening, schema validation, no unsafe native deserialization) version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-1-crypto-algorithms.instructions.md b/ide_rules/.github/instructions/codeguard-1-crypto-algorithms.instructions.md index 5052d2c..69d6b0c 100644 --- a/ide_rules/.github/instructions/codeguard-1-crypto-algorithms.instructions.md +++ b/ide_rules/.github/instructions/codeguard-1-crypto-algorithms.instructions.md @@ -1,6 +1,6 @@ --- applyTo: '**/*' -title: Cryptographic Security Guidelines +description: Cryptographic Security Guidelines version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-1-digital-certificates.instructions.md b/ide_rules/.github/instructions/codeguard-1-digital-certificates.instructions.md index c9a98b5..ef2337b 100644 --- a/ide_rules/.github/instructions/codeguard-1-digital-certificates.instructions.md +++ b/ide_rules/.github/instructions/codeguard-1-digital-certificates.instructions.md @@ -1,6 +1,6 @@ --- applyTo: '**/*' -title: Certificate Best Practices +description: Certificate Best Practices version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-1-hardcoded-credentials.instructions.md b/ide_rules/.github/instructions/codeguard-1-hardcoded-credentials.instructions.md index a0e688a..099579f 100644 --- a/ide_rules/.github/instructions/codeguard-1-hardcoded-credentials.instructions.md +++ b/ide_rules/.github/instructions/codeguard-1-hardcoded-credentials.instructions.md @@ -1,6 +1,6 @@ --- applyTo: '**/*' -title: No Hardcoded Credentials +description: No Hardcoded Credentials version: 1.0.0 --- diff --git a/ide_rules/.github/instructions/codeguard-1-safe-c-functions.instructions.md b/ide_rules/.github/instructions/codeguard-1-safe-c-functions.instructions.md index f0a7908..fcb6305 100644 --- a/ide_rules/.github/instructions/codeguard-1-safe-c-functions.instructions.md +++ b/ide_rules/.github/instructions/codeguard-1-safe-c-functions.instructions.md @@ -1,6 +1,6 @@ --- applyTo: '**/*' -title: Safe C Functions and Memory and String Safety Guidelines +description: Safe C Functions and Memory and String Safety Guidelines version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-api-web-services.md b/ide_rules/.windsurf/rules/codeguard-0-api-web-services.md index d69f548..1177b93 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-api-web-services.md +++ b/ide_rules/.windsurf/rules/codeguard-0-api-web-services.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml -title: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, - SSRF +title: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, SSRF version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-authentication-mfa.md b/ide_rules/.windsurf/rules/codeguard-0-authentication-mfa.md index 26a477b..2b4589c 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-authentication-mfa.md +++ b/ide_rules/.windsurf/rules/codeguard-0-authentication-mfa.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.swift,**/*.ts,**/*.tsx -title: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, recovery, - tokens) +title: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, recovery, tokens) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-authorization-access-control.md b/ide_rules/.windsurf/rules/codeguard-0-authorization-access-control.md index 1182f1b..b3decfe 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-authorization-access-control.md +++ b/ide_rules/.windsurf/rules/codeguard-0-authorization-access-control.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.yaml,**/*.yml -title: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, transaction - auth) +title: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, transaction auth) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-client-side-web-security.md b/ide_rules/.windsurf/rules/codeguard-0-client-side-web-security.md index 22b5dd8..f6e7fb3 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-client-side-web-security.md +++ b/ide_rules/.windsurf/rules/codeguard-0-client-side-web-security.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.h,**/*.htm,**/*.html,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ts,**/*.tsx,**/*.v -title: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, third-party - JS) +title: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, third-party JS) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-cloud-orchestration-kubernetes.md b/ide_rules/.windsurf/rules/codeguard-0-cloud-orchestration-kubernetes.md index 9f0bb44..f9d1860 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-cloud-orchestration-kubernetes.md +++ b/ide_rules/.windsurf/rules/codeguard-0-cloud-orchestration-kubernetes.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml -title: Kubernetes hardening (RBAC, admission policies, network policies, secrets, - supply chain) +title: Kubernetes hardening (RBAC, admission policies, network policies, secrets, supply chain) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-data-storage.md b/ide_rules/.windsurf/rules/codeguard-0-data-storage.md index f124559..e06dd4d 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-data-storage.md +++ b/ide_rules/.windsurf/rules/codeguard-0-data-storage.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.ddl,**/*.dml,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.sql,**/*.yaml,**/*.yml -title: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, backups, - auditing) +title: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, backups, auditing) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-devops-ci-cd-containers.md b/ide_rules/.windsurf/rules/codeguard-0-devops-ci-cd-containers.md index 07ef927..1fc864b 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-devops-ci-cd-containers.md +++ b/ide_rules/.windsurf/rules/codeguard-0-devops-ci-cd-containers.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.bash,**/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.ps1,**/*.sh,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml,Dockerfile*,docker-compose* -title: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s images, - virtual patching, toolchain) +title: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s images, virtual patching, toolchain) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-file-handling-and-uploads.md b/ide_rules/.windsurf/rules/codeguard-0-file-handling-and-uploads.md index 17ee3fd..9a61f44 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-file-handling-and-uploads.md +++ b/ide_rules/.windsurf/rules/codeguard-0-file-handling-and-uploads.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx -title: Secure file handling & uploads (validation, storage isolation, scanning, safe - delivery) +title: Secure file handling & uploads (validation, storage isolation, scanning, safe delivery) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-framework-and-languages.md b/ide_rules/.windsurf/rules/codeguard-0-framework-and-languages.md index 904081a..9436b15 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-framework-and-languages.md +++ b/ide_rules/.windsurf/rules/codeguard-0-framework-and-languages.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.h,**/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt,**/*.yaml,**/*.yml -title: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, .NET, - Java/JAAS, Node.js, PHP config) +title: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, .NET, Java/JAAS, Node.js, PHP config) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-input-validation-injection.md b/ide_rules/.windsurf/rules/codeguard-0-input-validation-injection.md index 6ed0a45..7ae5c68 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-input-validation-injection.md +++ b/ide_rules/.windsurf/rules/codeguard-0-input-validation-injection.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.bash,**/*.c,**/*.ddl,**/*.dml,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.ps1,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.sh,**/*.sql,**/*.ts,**/*.tsx -title: Input validation and injection defense (SQL/LDAP/OS), parameterization, prototype - pollution +title: Input validation and injection defense (SQL/LDAP/OS), parameterization, prototype pollution version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-logging.md b/ide_rules/.windsurf/rules/codeguard-0-logging.md index 87e3173..3736083 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-logging.md +++ b/ide_rules/.windsurf/rules/codeguard-0-logging.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.h,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml -title: Logging & monitoring (structured telemetry, redaction, integrity, detection - & alerting) +title: Logging & monitoring (structured telemetry, redaction, integrity, detection & alerting) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-mobile-apps.md b/ide_rules/.windsurf/rules/codeguard-0-mobile-apps.md index 1bdd39b..f9e4588 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-mobile-apps.md +++ b/ide_rules/.windsurf/rules/codeguard-0-mobile-apps.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.java,**/*.js,**/*.jsx,**/*.kt,**/*.kts,**/*.m,**/*.mjs,**/*.pl,**/*.pm,**/*.swift,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt -title: 'Mobile app security (iOS/Android): storage, transport, code integrity, biometrics, - permissions' +title: 'Mobile app security (iOS/Android): storage, transport, code integrity, biometrics, permissions' version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-privacy-data-protection.md b/ide_rules/.windsurf/rules/codeguard-0-privacy-data-protection.md index fcae615..6501af7 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-privacy-data-protection.md +++ b/ide_rules/.windsurf/rules/codeguard-0-privacy-data-protection.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.js,**/*.jsx,**/*.m,**/*.mjs,**/*.yaml,**/*.yml -title: Privacy & data protection (minimization, classification, encryption, rights, - transparency) +title: Privacy & data protection (minimization, classification, encryption, rights, transparency) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-session-management-and-cookies.md b/ide_rules/.windsurf/rules/codeguard-0-session-management-and-cookies.md index 4d3ae3e..1700ceb 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-session-management-and-cookies.md +++ b/ide_rules/.windsurf/rules/codeguard-0-session-management-and-cookies.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.go,**/*.h,**/*.htm,**/*.html,**/*.java,**/*.js,**/*.jsx,**/*.mjs,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.ts,**/*.tsx -title: Session management and secure cookies (rotation, fixation, timeouts, theft - detection) +title: Session management and secure cookies (rotation, fixation, timeouts, theft detection) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-supply-chain-security.md b/ide_rules/.windsurf/rules/codeguard-0-supply-chain-security.md index 3884a32..65a88e8 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-supply-chain-security.md +++ b/ide_rules/.windsurf/rules/codeguard-0-supply-chain-security.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.dockerfile,**/*.js,**/*.jsx,**/*.mjs,**/*.yaml,**/*.yml,Dockerfile*,docker-compose* -title: Dependency & supply chain security (pinning, SBOM, provenance, integrity, private - registries) +title: Dependency & supply chain security (pinning, SBOM, provenance, integrity, private registries) version: 1.0.0 --- diff --git a/ide_rules/.windsurf/rules/codeguard-0-xml-and-serialization.md b/ide_rules/.windsurf/rules/codeguard-0-xml-and-serialization.md index 3a652a7..7ae8c0b 100644 --- a/ide_rules/.windsurf/rules/codeguard-0-xml-and-serialization.md +++ b/ide_rules/.windsurf/rules/codeguard-0-xml-and-serialization.md @@ -1,8 +1,7 @@ --- trigger: glob globs: **/*.c,**/*.go,**/*.h,**/*.java,**/*.php,**/*.py,**/*.pyi,**/*.pyx,**/*.rb,**/*.wsdl,**/*.xml,**/*.xsd,**/*.xslt -title: XML security and safe deserialization (DTD/XXE hardening, schema validation, - no unsafe native deserialization) +title: XML security and safe deserialization (DTD/XXE hardening, schema validation, no unsafe native deserialization) version: 1.0.0 --- diff --git a/skills/software-security/rules/codeguard-0-api-web-services.md b/skills/software-security/rules/codeguard-0-api-web-services.md index 7e8a188..73ed291 100644 --- a/skills/software-security/rules/codeguard-0-api-web-services.md +++ b/skills/software-security/rules/codeguard-0-api-web-services.md @@ -1,6 +1,5 @@ --- -description: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, - SSRF +description: API & Web services security (REST/GraphQL/SOAP), schema validation, authn/z, SSRF languages: - c - go diff --git a/skills/software-security/rules/codeguard-0-authentication-mfa.md b/skills/software-security/rules/codeguard-0-authentication-mfa.md index 53201bf..9be5d6c 100644 --- a/skills/software-security/rules/codeguard-0-authentication-mfa.md +++ b/skills/software-security/rules/codeguard-0-authentication-mfa.md @@ -1,6 +1,5 @@ --- -description: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, - recovery, tokens) +description: Authentication and MFA best practices (passwords, MFA, OAuth/OIDC, SAML, recovery, tokens) languages: - c - go diff --git a/skills/software-security/rules/codeguard-0-authorization-access-control.md b/skills/software-security/rules/codeguard-0-authorization-access-control.md index 9fee91d..828ce1a 100644 --- a/skills/software-security/rules/codeguard-0-authorization-access-control.md +++ b/skills/software-security/rules/codeguard-0-authorization-access-control.md @@ -1,6 +1,5 @@ --- -description: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, - transaction auth) +description: Authorization and access control (RBAC/ABAC/ReBAC, IDOR, mass assignment, transaction auth) languages: - c - go diff --git a/skills/software-security/rules/codeguard-0-client-side-web-security.md b/skills/software-security/rules/codeguard-0-client-side-web-security.md index b49a5bf..207566f 100644 --- a/skills/software-security/rules/codeguard-0-client-side-web-security.md +++ b/skills/software-security/rules/codeguard-0-client-side-web-security.md @@ -1,6 +1,5 @@ --- -description: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, - third-party JS) +description: Client-side web security (XSS/DOM XSS, CSP, CSRF, clickjacking, XS-Leaks, third-party JS) languages: - c - html diff --git a/skills/software-security/rules/codeguard-0-cloud-orchestration-kubernetes.md b/skills/software-security/rules/codeguard-0-cloud-orchestration-kubernetes.md index 4527de4..4e45e1b 100644 --- a/skills/software-security/rules/codeguard-0-cloud-orchestration-kubernetes.md +++ b/skills/software-security/rules/codeguard-0-cloud-orchestration-kubernetes.md @@ -1,6 +1,5 @@ --- -description: Kubernetes hardening (RBAC, admission policies, network policies, secrets, - supply chain) +description: Kubernetes hardening (RBAC, admission policies, network policies, secrets, supply chain) languages: - javascript - yaml diff --git a/skills/software-security/rules/codeguard-0-data-storage.md b/skills/software-security/rules/codeguard-0-data-storage.md index 4df19cc..24bcb24 100644 --- a/skills/software-security/rules/codeguard-0-data-storage.md +++ b/skills/software-security/rules/codeguard-0-data-storage.md @@ -1,6 +1,5 @@ --- -description: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, - backups, auditing) +description: Data & storage security (DB isolation, TLS, least privilege, RLS/CLS, backups, auditing) languages: - c - javascript diff --git a/skills/software-security/rules/codeguard-0-devops-ci-cd-containers.md b/skills/software-security/rules/codeguard-0-devops-ci-cd-containers.md index 01cf39d..205dcff 100644 --- a/skills/software-security/rules/codeguard-0-devops-ci-cd-containers.md +++ b/skills/software-security/rules/codeguard-0-devops-ci-cd-containers.md @@ -1,6 +1,5 @@ --- -description: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s - images, virtual patching, toolchain) +description: DevOps, CI/CD, and containers (pipeline hardening, artifacts, Docker/K8s images, virtual patching, toolchain) languages: - docker - javascript diff --git a/skills/software-security/rules/codeguard-0-file-handling-and-uploads.md b/skills/software-security/rules/codeguard-0-file-handling-and-uploads.md index 3c6277c..0f5f781 100644 --- a/skills/software-security/rules/codeguard-0-file-handling-and-uploads.md +++ b/skills/software-security/rules/codeguard-0-file-handling-and-uploads.md @@ -1,6 +1,5 @@ --- -description: Secure file handling & uploads (validation, storage isolation, scanning, - safe delivery) +description: Secure file handling & uploads (validation, storage isolation, scanning, safe delivery) languages: - c - go diff --git a/skills/software-security/rules/codeguard-0-framework-and-languages.md b/skills/software-security/rules/codeguard-0-framework-and-languages.md index f004909..fb170eb 100644 --- a/skills/software-security/rules/codeguard-0-framework-and-languages.md +++ b/skills/software-security/rules/codeguard-0-framework-and-languages.md @@ -1,6 +1,5 @@ --- -description: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, - .NET, Java/JAAS, Node.js, PHP config) +description: Framework & language security guides (Django/DRF, Laravel/Symfony/Rails, .NET, Java/JAAS, Node.js, PHP config) languages: - c - java diff --git a/skills/software-security/rules/codeguard-0-input-validation-injection.md b/skills/software-security/rules/codeguard-0-input-validation-injection.md index 016badb..b7d0f5c 100644 --- a/skills/software-security/rules/codeguard-0-input-validation-injection.md +++ b/skills/software-security/rules/codeguard-0-input-validation-injection.md @@ -1,6 +1,5 @@ --- -description: Input validation and injection defense (SQL/LDAP/OS), parameterization, - prototype pollution +description: Input validation and injection defense (SQL/LDAP/OS), parameterization, prototype pollution languages: - c - go diff --git a/skills/software-security/rules/codeguard-0-logging.md b/skills/software-security/rules/codeguard-0-logging.md index 48322e5..aca7ccf 100644 --- a/skills/software-security/rules/codeguard-0-logging.md +++ b/skills/software-security/rules/codeguard-0-logging.md @@ -1,6 +1,5 @@ --- -description: Logging & monitoring (structured telemetry, redaction, integrity, detection - & alerting) +description: Logging & monitoring (structured telemetry, redaction, integrity, detection & alerting) languages: - c - javascript diff --git a/skills/software-security/rules/codeguard-0-mobile-apps.md b/skills/software-security/rules/codeguard-0-mobile-apps.md index b100ca2..aacc06b 100644 --- a/skills/software-security/rules/codeguard-0-mobile-apps.md +++ b/skills/software-security/rules/codeguard-0-mobile-apps.md @@ -1,6 +1,5 @@ --- -description: 'Mobile app security (iOS/Android): storage, transport, code integrity, - biometrics, permissions' +description: 'Mobile app security (iOS/Android): storage, transport, code integrity, biometrics, permissions' languages: - java - javascript diff --git a/skills/software-security/rules/codeguard-0-privacy-data-protection.md b/skills/software-security/rules/codeguard-0-privacy-data-protection.md index dd2cf2e..fc9a18b 100644 --- a/skills/software-security/rules/codeguard-0-privacy-data-protection.md +++ b/skills/software-security/rules/codeguard-0-privacy-data-protection.md @@ -1,6 +1,5 @@ --- -description: Privacy & data protection (minimization, classification, encryption, - rights, transparency) +description: Privacy & data protection (minimization, classification, encryption, rights, transparency) languages: - javascript - matlab diff --git a/skills/software-security/rules/codeguard-0-session-management-and-cookies.md b/skills/software-security/rules/codeguard-0-session-management-and-cookies.md index 34f4905..aee07ec 100644 --- a/skills/software-security/rules/codeguard-0-session-management-and-cookies.md +++ b/skills/software-security/rules/codeguard-0-session-management-and-cookies.md @@ -1,6 +1,5 @@ --- -description: Session management and secure cookies (rotation, fixation, timeouts, - theft detection) +description: Session management and secure cookies (rotation, fixation, timeouts, theft detection) languages: - c - go diff --git a/skills/software-security/rules/codeguard-0-supply-chain-security.md b/skills/software-security/rules/codeguard-0-supply-chain-security.md index cd87ea4..604c4e6 100644 --- a/skills/software-security/rules/codeguard-0-supply-chain-security.md +++ b/skills/software-security/rules/codeguard-0-supply-chain-security.md @@ -1,6 +1,5 @@ --- -description: Dependency & supply chain security (pinning, SBOM, provenance, integrity, - private registries) +description: Dependency & supply chain security (pinning, SBOM, provenance, integrity, private registries) languages: - docker - javascript diff --git a/skills/software-security/rules/codeguard-0-xml-and-serialization.md b/skills/software-security/rules/codeguard-0-xml-and-serialization.md index bb187ef..055c065 100644 --- a/skills/software-security/rules/codeguard-0-xml-and-serialization.md +++ b/skills/software-security/rules/codeguard-0-xml-and-serialization.md @@ -1,6 +1,5 @@ --- -description: XML security and safe deserialization (DTD/XXE hardening, schema validation, - no unsafe native deserialization) +description: XML security and safe deserialization (DTD/XXE hardening, schema validation, no unsafe native deserialization) languages: - c - go diff --git a/src/formats/base.py b/src/formats/base.py index 1cc65f5..478b103 100644 --- a/src/formats/base.py +++ b/src/formats/base.py @@ -136,10 +136,11 @@ def _format_yaml_field(self, field_name: str, value: str) -> str: Properly formatted YAML string, or empty string if value is empty """ if value and value.strip(): - yaml_dump = yaml.dump( + yaml_dump = yaml.safe_dump( {field_name: value}, default_flow_style=False, allow_unicode=True, + width=float("inf") ) return yaml_dump.strip() return "" diff --git a/src/formats/copilot.py b/src/formats/copilot.py index 067bb62..801db2b 100644 --- a/src/formats/copilot.py +++ b/src/formats/copilot.py @@ -49,10 +49,10 @@ def generate(self, rule: ProcessedRule, globs: str) -> str: # Add applyTo (Copilot's equivalent of globs) yaml_lines.append(f"applyTo: '{globs}'") - # Add title - title = self._format_yaml_field("title", rule.description) - if title: - yaml_lines.append(title) + # Add description + description = self._format_yaml_field("description", rule.description) + if description: + yaml_lines.append(description) # Add version yaml_lines.append(f"version: {self.version}")