feat(rate-limiting): Implement core rate limiting functionality with configuration, decision-making, metrics, middleware, and service registration

- Add RateLimitConfig for configuration management with YAML binding support.
- Introduce RateLimitDecision to encapsulate the result of rate limit checks.
- Implement RateLimitMetrics for OpenTelemetry metrics tracking.
- Create RateLimitMiddleware for enforcing rate limits on incoming requests.
- Develop RateLimitService to orchestrate instance and environment rate limit checks.
- Add RateLimitServiceCollectionExtensions for dependency injection registration.

datasets/reachability/ground-truth/basic/gt-0002/main.c

@@ -0,0 +1,22 @@
+// gt-0002: Two-hop call chain to vulnerable sink
+// Expected: REACHABLE (tier: executed)
+// Vulnerability: CWE-134 (Format String)
+
+#include <stdio.h>
+#include <string.h>
+
+void format_message(const char *user_input, char *output) {
+    // Vulnerable: format string from user input
+    sprintf(output, user_input);  // SINK: CWE-134
+}
+
+int main(int argc, char *argv[]) {
+    char buffer[256];
+    
+    if (argc > 1) {
+        format_message(argv[1], buffer);
+        printf("Result: %s\n", buffer);
+    }
+    
+    return 0;
+}