@@ -70,14 +70,13 @@ When generating or reviewing code, Claude follows this 3-step workflow:
7070
7171### Rule Categories
7272
73- ** Always-Apply Rules** (4 critical rules checked on every code operation):
73+ ** Always-Apply Rules** (3 critical rules checked on every code operation):
7474- ` codeguard-1-hardcoded-credentials ` - Never hardcode secrets or credentials
7575- ` codeguard-1-crypto-algorithms ` - Use modern cryptographic algorithms
7676- ` codeguard-1-digital-certificates ` - Validate certificate security
77- - ` codeguard-1-safe-c-functions ` - Replace unsafe C/C++ functions
7877
79- ** Context-Specific Rules** (18 rules applied based on technology and features):
80- - Input validation, authentication, authorization, APIs, data storage, privacy, logging, cryptography, file handling, serialization, supply chain, DevOps, cloud, Kubernetes, IaC, frameworks, and mobile security
78+ ** Context-Specific Rules** (19 rules applied based on technology and features):
79+ - Input validation, authentication, authorization, APIs, data storage, privacy, logging, cryptography, file handling, serialization, supply chain, DevOps, cloud, Kubernetes, IaC, frameworks, mobile security, and memory safety (C/C++)
8180
8281## Usage Examples
8382
@@ -155,7 +154,7 @@ For organizations, deploy CodeGuard to all developers automatically:
155154
156155The plugin includes 22 comprehensive security rules organized into two categories:
157156
158- ### Always-Apply Rules (4 rules)
157+ ### Always-Apply Rules (3 rules)
159158
160159These critical rules are checked on ** every** code operation:
161160
@@ -164,9 +163,8 @@ These critical rules are checked on **every** code operation:
164163| ` codeguard-1-hardcoded-credentials ` | Prevent secrets, passwords, API keys, tokens in source code |
165164| ` codeguard-1-crypto-algorithms ` | Ban weak algorithms (MD5, SHA-1, DES); use modern alternatives |
166165| ` codeguard-1-digital-certificates ` | Validate certificate expiration, key strength, signature algorithms |
167- | ` codeguard-1-safe-c-functions ` | Replace unsafe C/C++ functions (gets, strcpy, strcat, sprintf) |
168166
169- ### Context-Specific Rules (18 rules)
167+ ### Context-Specific Rules (19 rules)
170168
171169These rules apply based on the programming language, framework, or feature being implemented. Claude automatically selects relevant rules based on context:
172170
@@ -182,6 +180,7 @@ These rules apply based on the programming language, framework, or feature being
182180| ** Files & Serialization** | ` codeguard-0-file-handling-and-uploads ` , ` codeguard-0-xml-and-serialization ` |
183181| ** Infrastructure** | ` codeguard-0-supply-chain-security ` , ` codeguard-0-devops-ci-cd-containers ` , ` codeguard-0-cloud-orchestration-kubernetes ` , ` codeguard-0-iac-security ` |
184182| ** Platforms** | ` codeguard-0-framework-and-languages ` , ` codeguard-0-mobile-apps ` |
183+ | ** Memory Safety (C/C++)** | ` codeguard-0-safe-c-functions ` |
185184
186185> ** Note:** Each rule file contains detailed guidance, checklists, and examples. Claude references these automatically based on the code context.
187186
@@ -385,6 +384,11 @@ Found an issue with the plugin or want to improve it?
385384
386385## Version History
387386
387+ ### Version 1.0.1
388+ - Changed ` codeguard-1-safe-c-functions ` from always-apply to ` codeguard-0-safe-c-functions ` context-specific rule (C/C++ only)
389+ - Updated rule counts: 3 always-apply rules, 19 context-specific rules
390+ - Fixed GitHub Copilot instructions to use ` description ` field instead of ` title `
391+
388392### Version 1.0.0
389393- Initial release
390394- 22 comprehensive security rules
0 commit comments