feat(rate-limiting): Implement core rate limiting functionality with configuration, decision-making, metrics, middleware, and service registration

- Add RateLimitConfig for configuration management with YAML binding support. - Introduce RateLimitDecision to encapsulate the result of rate limit checks. - Implement RateLimitMetrics for OpenTelemetry metrics tracking. - Create RateLimitMiddleware for enforcing rate limits on incoming requests. - Develop RateLimitService to orchestrate instance and environment rate limit checks. - Add RateLimitServiceCollectionExtensions for dependency injection registration.
2025-12-17 18:02:37 +02:00
parent 394b57f6bf
commit 8bbfe4d2d2
211 changed files with 47179 additions and 1590 deletions
--- a/datasets/reachability/ground-truth/unreachable/gt-0013/main.c
+++ b/datasets/reachability/ground-truth/unreachable/gt-0013/main.c
@@ -0,0 +1,27 @@
+// gt-0013: Ifdef-excluded code path
+// Expected: UNREACHABLE (tier: imported)
+// Vulnerability: CWE-78 (OS Command Injection)
+// Compile with: gcc -DPRODUCTION main.c (LEGACY_SHELL not defined)
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define PRODUCTION
+
+void process_command(const char *cmd) {
+#ifdef LEGACY_SHELL
+    // This code is excluded when LEGACY_SHELL is not defined
+    system(cmd);  // SINK: CWE-78 (but unreachable - ifdef excluded)
+#else
+    // Safe path: just print, don't execute
+    printf("Would execute: %s\n", cmd);
+#endif
+}
+
+int main(int argc, char *argv[]) {
+    if (argc > 1) {
+        process_command(argv[1]);
+    }
+    return 0;
+}