fix: resolve security group processing bug and add repo config files

.commitlintrc.yaml

@@ -0,0 +1,130 @@
+---
+# Commitlint configuration
+# https://commitlint.js.org/
+#
+# Enforces Conventional Commits format:
+#   <type>(<scope>): <subject>
+#
+# Examples:
+#   feat(vpc): add subnet discovery command
+#   fix(shell): correct context prompt rendering
+#   docs(readme): update installation instructions
+#   refactor(core): extract base handler class
+#   test(vpn): add tunnel status tests
+
+extends:
+  - "@commitlint/config-conventional"
+
+rules:
+  # Type must be one of the allowed values
+  type-enum:
+    - 2
+    - always
+    - - feat      # New feature
+      - fix       # Bug fix
+      - docs      # Documentation changes
+      - style     # Code style (formatting, semicolons, etc.)
+      - refactor  # Code refactoring (no feature or fix)
+      - perf      # Performance improvement
+      - test      # Add or update tests
+      - build     # Build system or dependencies
+      - ci        # CI/CD configuration
+      - chore     # Maintenance tasks
+      - revert    # Revert a commit
+
+  # Type must be lowercase
+  type-case:
+    - 2
+    - always
+    - lower-case
+
+  # Type is required
+  type-empty:
+    - 2
+    - never
+
+  # Scope should be lowercase
+  scope-case:
+    - 2
+    - always
+    - lower-case
+
+  # Scope is optional but encouraged
+  scope-empty:
+    - 0
+    - never
+
+  # Common scopes for this project
+  scope-enum:
+    - 1
+    - always
+    - - vpc          # VPC-related commands
+      - tgw          # Transit Gateway commands
+      - firewall     # Network Firewall commands
+      - vpn          # VPN commands
+      - elb          # Load balancer commands
+      - ec2          # EC2 instance commands
+      - cloudwan     # Cloud WAN commands
+      - shell        # Shell framework
+      - core         # Core utilities
+      - cli          # CLI interface
+      - handlers     # Command handlers
+      - models       # Data models
+      - modules      # AWS service modules
+      - traceroute   # Traceroute functionality
+      - cache        # Caching system
+      - graph        # Command graph
+      - config       # Configuration
+      - tests        # Test infrastructure
+      - docs         # Documentation
+      - deps         # Dependencies
+      - ci           # CI/CD
+
+  # Subject must not be empty
+  subject-empty:
+    - 2
+    - never
+
+  # Subject should be lowercase
+  subject-case:
+    - 2
+    - always
+    - - lower-case
+      - sentence-case
+
+  # Subject should not end with period
+  subject-full-stop:
+    - 2
+    - never
+    - "."
+
+  # Header max length (type + scope + subject)
+  header-max-length:
+    - 2
+    - always
+    - 72
+
+  # Body max line length
+  body-max-line-length:
+    - 2
+    - always
+    - 100
+
+  # Footer max line length
+  footer-max-line-length:
+    - 2
+    - always
+    - 100
+
+  # Body should be separated from subject by blank line
+  body-leading-blank:
+    - 2
+    - always
+
+  # Footer should be separated from body by blank line
+  footer-leading-blank:
+    - 2
+    - always
+
+# Help message displayed on failure
+helpUrl: "https://www.conventionalcommits.org/"

.editorconfig

@@ -0,0 +1,78 @@
+# EditorConfig - https://editorconfig.org
+# Helps maintain consistent coding styles across different editors
+
+root = true
+
+# Default settings for all files
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 4
+
+# Python files
+[*.py]
+indent_size = 4
+max_line_length = 120
+
+# Python type stubs
+[*.pyi]
+indent_size = 4
+max_line_length = 120
+
+# YAML files
+[*.{yaml,yml}]
+indent_size = 2
+
+# JSON files
+[*.json]
+indent_size = 2
+
+# TOML files
+[*.toml]
+indent_size = 4
+
+# Markdown files
+[*.md]
+trim_trailing_whitespace = false
+max_line_length = 120
+
+# Shell scripts
+[*.{sh,bash,zsh}]
+indent_size = 2
+shell_variant = bash
+
+# Makefile (requires tabs)
+[Makefile]
+indent_style = tab
+indent_size = 4
+
+[makefile]
+indent_style = tab
+indent_size = 4
+
+# Git configuration
+[.git*]
+indent_size = 4
+
+# GitHub Actions
+[.github/workflows/*.{yaml,yml}]
+indent_size = 2
+
+# Pre-commit config
+[.pre-commit-config.yaml]
+indent_size = 2
+
+# Documentation
+[docs/**]
+indent_size = 2
+
+# Test files
+[tests/**/*.py]
+indent_size = 4
+
+# Schema files
+[schemas/*.json]
+indent_size = 2

.gitattributes

@@ -0,0 +1,84 @@
+# Auto detect text files and perform LF normalization
+* text=auto
+
+# Source code - always LF
+*.py text eol=lf diff=python
+*.pyx text eol=lf diff=python
+*.pyi text eol=lf diff=python
+
+# Shell scripts - always LF
+*.sh text eol=lf diff=bash
+*.bash text eol=lf diff=bash
+*.zsh text eol=lf
+
+# Configuration files
+*.json text eol=lf diff=json
+*.yaml text eol=lf
+*.yml text eol=lf
+*.toml text eol=lf
+*.cfg text eol=lf
+*.ini text eol=lf
+*.conf text eol=lf
+
+# Documentation
+*.md text eol=lf diff=markdown
+*.txt text eol=lf
+*.rst text eol=lf
+LICENSE text eol=lf
+CHANGELOG text eol=lf
+AUTHORS text eol=lf
+
+# Web assets
+*.html text eol=lf diff=html
+*.css text eol=lf
+*.js text eol=lf
+*.ts text eol=lf
+
+# Data files
+*.csv text eol=lf
+*.xml text eol=lf
+
+# Binary files - do not modify
+*.png binary
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.ico binary
+*.svg binary
+*.woff binary
+*.woff2 binary
+*.ttf binary
+*.eot binary
+*.pdf binary
+*.zip binary
+*.tar.gz binary
+*.tgz binary
+*.gz binary
+
+# Database files
+*.db binary
+*.sqlite binary
+*.sqlite3 binary
+
+# Generated files - do not diff
+uv.lock -diff linguist-generated=true
+*.lock -diff linguist-generated=true
+
+# Secrets baseline - always LF
+.secrets.baseline text eol=lf
+
+# Exclude from language statistics
+docs/* linguist-documentation
+tests/* linguist-vendored=false
+schemas/*.json linguist-generated=true
+
+# Export-ignore (not included in archives)
+.github export-ignore
+.gitattributes export-ignore
+.gitignore export-ignore
+.pre-commit-config.yaml export-ignore
+.editorconfig export-ignore
+.markdownlint.yaml export-ignore
+.commitlintrc.yaml export-ignore
+.secrets.baseline export-ignore
+tests/ export-ignore

.github/CODEOWNERS

@@ -0,0 +1,8 @@
+# CODEOWNERS file
+# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
+#
+# Each line is a file pattern followed by one or more owners.
+# Order matters: later patterns override earlier ones.
+# Owners are notified when matching files are changed.
+#
+# Update the GitHub username below to match the repository owner/maintainer.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,77 @@
+# Pull Request
+
+## Summary
+
+<!-- Provide a brief description of what this PR does -->
+
+## Type of Change
+
+<!-- Check all that apply -->
+
+- [ ] 🐛 Bug fix (non-breaking change that fixes an issue)
+- [ ] ✨ New feature (non-breaking change that adds functionality)
+- [ ] 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] 📚 Documentation update
+- [ ] 🔧 Configuration change
+- [ ] ♻️ Refactoring (no functional changes)
+- [ ] 🧪 Test update
+- [ ] 🏗️ Build/CI change
+
+## Changes
+
+<!-- List the key changes in bullet points -->
+
+-
+-
+-
+
+## Related Issues
+
+<!-- Link any related issues using "Fixes #123" or "Refs #123" -->
+
+## Testing
+
+<!-- Describe how you tested your changes -->
+
+- [ ] Unit tests pass (`pytest tests/`)
+- [ ] Integration tests pass (if applicable)
+- [ ] Manual testing performed
+- [ ] Pre-commit hooks pass (`pre-commit run --all-files`)
+
+### Test Commands Run
+
+```bash
+# Example:
+pytest tests/ -v
+pre-commit run --all-files
+```
+
+## Screenshots/Recordings
+
+<!-- If applicable, add screenshots or recordings to help explain your changes -->
+
+## Checklist
+
+<!-- Check all that apply -->
+
+- [ ] My code follows the project's coding standards
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have updated the documentation (if applicable)
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published
+
+## Security Considerations
+
+<!-- Check all that apply -->
+
+- [ ] No hardcoded secrets or credentials
+- [ ] No sensitive data logged or exposed
+- [ ] Input validation added where appropriate
+- [ ] AWS credentials handled securely
+
+## Additional Notes
+
+<!-- Any additional information that reviewers should know -->