Skip to content

Add System.Security.Cryptography Copilot instructions#131006

Open
PranavSenthilnathan wants to merge 4 commits into
dotnet:mainfrom
PranavSenthilnathan:pranavsenthilnathan-add-ssc-instructions
Open

Add System.Security.Cryptography Copilot instructions#131006
PranavSenthilnathan wants to merge 4 commits into
dotnet:mainfrom
PranavSenthilnathan:pranavsenthilnathan-add-ssc-instructions

Conversation

@PranavSenthilnathan

Copy link
Copy Markdown
Member

Adds path-specific GitHub Copilot guidance for System.Security.Cryptography, covering established code style, correctness, sensitive-data handling, constant-time comparisons, and test skipping conventions.

Documentation-only change; no build or tests were run.

Note

This pull request description was generated by GitHub Copilot.

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot-Session: 42bda83a-f457-4dcc-a426-e12aa6e4d47e
Copilot AI review requested due to automatic review settings July 17, 2026 23:54
@azure-pipelines

Copy link
Copy Markdown
Azure Pipelines:
Successfully started running 1 pipeline(s).
15 pipeline(s) were filtered out due to trigger conditions.
There may be pipelines that require an authorized user to comment /azp run to run.

@dotnet-policy-service

Copy link
Copy Markdown
Contributor

Tagging subscribers to this area: @bartonjs, @vcsjones, @dotnet/area-system-security
See info in area-owners.md if you want to be subscribed.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new folder-scoped GitHub Copilot instruction file for src/libraries/System.Security.Cryptography/** to guide generated contributions toward established crypto coding and testing patterns.

Changes:

  • Introduces System.Security.Cryptography-specific guidance covering code style, correctness checks for Try* APIs, and sensitive-data handling.
  • Adds security recommendations around constant-time comparisons and buffer clearing/returning.
  • Adds test-skipping guidance intended to reduce noisy skips (but needs adjustment to match existing patterns/semantics).

Comment thread .github/instructions/system-security-cryptography.instructions.md Outdated

## Tests

- Avoid throwing `SkipTestException`, which creates noisy test output. Prefer `[ConditionalFact]` or `[ConditionalTheory]` with a condition; when that is not possible, return early from the test.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hopefully these comments go away with the new instructions.

PranavSenthilnathan and others added 3 commits July 17, 2026 17:00
Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot-Session: 42bda83a-f457-4dcc-a426-e12aa6e4d47e
Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot-Session: 42bda83a-f457-4dcc-a426-e12aa6e4d47e
Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot-Session: 42bda83a-f457-4dcc-a426-e12aa6e4d47e
Copilot AI review requested due to automatic review settings July 18, 2026 00:09

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.

Comments suppressed due to low confidence (1)

.github/instructions/system-security-cryptography.instructions.md:24

  • Returning early from an xUnit test reports the test as passed, not skipped, so this guidance can hide missing coverage. Also, System.Security.Cryptography tests already use SkipTestException widely (e.g., CryptoConfigTests.cs:158 and SkipTestException.ThrowUnless(...) in ECDsaCngImportExportTests.cs:56), so advising against it unconditionally doesn’t match established practice. Suggest: prefer [ConditionalFact]/[ConditionalTheory] when possible, otherwise use SkipTestException so the test is reported as skipped.
- Avoid throwing `SkipTestException`, which creates noisy test output. Prefer `[ConditionalFact]` or `[ConditionalTheory]` with a condition; when that is not possible, return early from the test.

Comment thread .github/instructions/system-security-cryptography.instructions.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants