Embed Backdoor Rules

[vamsipolavarapu-msft]

Copilot generated

This pull request refactors the DetectBackdoorTool to improve how backdoor detection rules are loaded and used, transitioning from loading rules from the file system to using embedded resources. This makes rule management more robust and simplifies deployment. Additionally, the detection workflow and result display logic have been modernized for clarity and maintainability.

Backdoor rule loading and resource management:

• All backdoor detection rule JSON files in Resources\BackdoorRules are now included as embedded resources in the Shared.CLI.csproj file, replacing previous content-only inclusion. This allows the application to load rules directly from the assembly rather than the file system.
• The legacy RULE_DIRECTORY property and related filesystem-based rule loading logic have been removed from DetectBackdoorTool, and replaced with a new LoadEmbeddedRules() method that loads all embedded rule files at runtime.

Detection workflow and result display improvements:

• The main RunAsync method now validates targets, loads embedded rules, and processes each target (package URL, directory, or file) with improved error handling and logging.
• Detection results are now displayed in a clearer format, showing the number of matches per target and providing improved output for each match, including trimmed file paths and excerpted code lines.
• Legacy detection and result display logic have been removed in favor of the new workflow, streamlining the codebase and improving maintainability.

[gfs]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).