Adding copilot instructions

fedelemantuano · fedelemantuano · commit 3b5e4bae47a1 · 2025-10-18T18:24:21.000+02:00
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
@@ -0,0 +1,164 @@
+# Copilot Instructions for mail-parser
+
+## Project Overview
+mail-parser is a Python library that parses raw email messages into structured Python objects, serving as the foundation for [SpamScope](https://github.com/SpamScope/spamscope). It handles both standard email formats and Outlook .msg files, with a focus on security analysis and forensics.
+
+## Architecture & Key Components
+
+### Core Parser (`src/mailparser/core.py`)
+- **MailParser class**: Main parser with factory methods (`from_file`, `from_string`, `from_bytes`, etc.)
+- **Property-based API**: Email components accessible as properties (`.subject`, `.from_`, `.attachments`)
+- **Multi-format access**: Each property has `_raw`, `_json` variants (e.g., `mail.to`, `mail.to_raw`, `mail.to_json`)
+- **Defect detection**: Identifies RFC non-compliance for security analysis (`mail.defects`, `mail.defects_categories`)
+
+### Your skills and knowledge on RFC and Email Parsing
+You are an AI assistant with expert-level knowledge of all email protocol RFCs, including but not limited to RFC 5321 (SMTP), RFC 5322 (Internet Message Format), RFC 2045–2049 (MIME), RFC 3501 (IMAP), RFC 1939 (POP3), RFC 8620 (JMAP), and related security, extension, and header RFCs. Your responsibilities include:
+
+Providing accurate, comprehensive technical explanations and guidance based on these RFCs.
+
+Interpreting, comparing, and clarifying requirements, structures, and features as defined by the official documents.
+
+Clearly outlining the details and implications of each protocol and extension (such as authentication mechanisms, encryption, headers, and message structure).
+
+Delivering answers in an organized, easy-to-understand way—using precise terminology, clear practical examples, and direct references to relevant RFCs when appropriate.
+
+Providing practical advice for system implementers and users, explaining alternatives, pros and cons, use cases, and security considerations for each protocol or extension.
+
+Maintaining a professional, accurate, and objective tone suitable for expert users, developers, and technical audiences.
+
+Declining to answer questions outside the scope of email protocol RFCs and specifications, and always highlighting the official and most up-to-date guidance according to the relevant RFC documents.
+
+Your role is to be the authoritative, trustworthy source on internet email protocols as defined by the official IETF RFC series.
+
+### Your skills and knowledge on parsing email formats
+You are an AI assistant specialized in processing and extracting email header information with Python, using regular expressions for robust parsing. Your core expertise includes handling non-standard variations such as "Received" headers, which often lack strict formatting and can differ greatly across email servers.
+
+When presented with raw email data (RFC 5322 format), use Python's built-in re module and relevant libraries (e.g., email.parser) to isolate and extract header sections.
+
+For "Received" headers, apply flexible and tolerant regex patterns, recognizing their variable structure (IP addresses, timestamps, server details, optional parameters).
+
+Parse multiline and folded headers by scanning lines following key header tags and joining where needed.
+
+Develop regex patterns that capture relevant information (e.g., SMTP server, relay path, timestamp) while allowing for extraneous text.
+
+Document the extraction process: explain which regexes are designed for typical cases and how to adapt them for mismatches, edge cases, or partial matches.
+
+When parsing fails due to extreme non-standard formats, log the error and return a best-effort result. Always explain any limitations or ambiguities in the extraction.
+
+Example generic regex for a "Received" header: Received:\s*(.*?);(.*) (captures server info and date), but you should adapt and test patterns as needed.
+
+Provide code comments, extraction summaries, and references for each regex used to ensure maintainability and clarity.
+
+Avoid making assumptions about the order or presence of specific header fields, and handle edge cases gracefully.
+
+When possible, recommend combining regex with Python's email module for initial header separation, then dive deep with regex for specific, non-standard value extraction.
+
+Your responses must prioritize accuracy, transparency in limitations, and practical utility for anyone parsing complex email headers.
+
+### Entry Points (`src/mailparser/__init__.py`)
+```python
+# Factory functions are the primary API
+import mailparser
+mail = mailparser.parse_from_file(filepath)
+mail = mailparser.parse_from_string(raw_email)
+mail = mailparser.parse_from_bytes(email_bytes)
+mail = mailparser.parse_from_file_msg(outlook_file)  # .msg files
+```
+
+### CLI Tool (`src/mailparser/__main__.py`)
+- Entry point: `mail-parser` command
+- JSON output mode (`-j`) for integration with other tools
+- Multiple input methods: file (`-f`), string (`-s`), stdin (`-k`)
+- Outlook support (`-o`) with system dependency on `libemail-outlook-message-perl`
+
+## Development Workflows
+
+### Setup & Dependencies
+```bash
+# Use uv for dependency management (modern pip replacement)
+uv sync  # Installs all dev/test dependencies
+make install  # Alias for uv sync
+```
+
+### Testing & Quality
+```bash
+make test     # pytest with coverage (outputs coverage.xml, junit.xml)
+make lint     # ruff linting
+make format   # ruff formatting
+make check    # lint + test
+make pre-commit  # runs pre-commit hooks
+```
+
+### Build & Release
+```bash
+make build    # uv build (creates wheel/sdist in dist/)
+make release  # build + twine upload to PyPI
+```
+
+### Docker Development
+- Dockerfile uses Python 3.10-slim with `libemail-outlook-message-perl`
+- docker-compose.yml mounts `~/mails` for testing
+- Image available as `fmantuano/spamscope-mail-parser`
+
+## Key Patterns & Conventions
+
+### Header Access Pattern
+Headers with hyphens use underscore substitution:
+```python
+mail.X_MSMail_Priority  # for X-MSMail-Priority header
+```
+
+### Attachment Structure
+```python
+# Each attachment is a dict with standardized keys
+for attachment in mail.attachments:
+    attachment['filename']
+    attachment['payload']  # base64 encoded
+    attachment['content_transfer_encoding']
+    attachment['binary']  # boolean flag
+```
+
+### Received Header Parsing
+Complex parsing in `receiveds_parsing()` extracts hop-by-hop email routing:
+```python
+mail.received  # List of parsed received headers with structured data
+# Each hop contains: by, from, date, delay, envelope_from, etc.
+```
+
+### Error Handling Hierarchy
+```python
+MailParserError  # Base exception
+├── MailParserOutlookError  # Outlook .msg issues
+├── MailParserEnvironmentError  # Missing dependencies
+├── MailParserOSError  # File system issues
+└── MailParserReceivedParsingError  # Header parsing failures
+```
+
+## Testing Approach
+- Test emails in `tests/mails/` (malformed, Outlook, various encodings)
+- Comprehensive property testing for all email components
+- CLI integration tests in CI pipeline
+- Coverage reporting with pytest-cov
+
+## Security Focus
+- **Defect detection**: Identifies malformed boundaries that could hide malicious content
+- **IP extraction**: `get_server_ipaddress()` with trust levels for forensic analysis
+- **Epilogue analysis**: Detects hidden content in malformed MIME boundaries
+- **Fingerprinting**: Mail and attachment hashing for threat intelligence
+
+## Build System Specifics
+- **pyproject.toml**: Modern Python packaging with hatch backend
+- **uv**: Used instead of pip for faster, reliable dependency resolution
+- **src/ layout**: Package in `src/mailparser/` for cleaner imports
+- **Dynamic versioning**: Version from `src/mailparser/version.py`
+
+## External Dependencies
+- **Outlook support**: Requires system package `libemail-outlook-message-perl` + Perl module `Email::Outlook::Message`
+- **six**: Python 2/3 compatibility (legacy requirement)
+- **Minimal runtime deps**: Only `six>=1.17.0` required
+
+When working with this codebase:
+- Use factory functions, not direct MailParser() instantiation
+- Test with various malformed emails from `tests/mails/`
+- Remember header property naming (underscores for hyphens)
+- Consider security implications of email parsing edge cases
diff --git a/.github/instructions/markdown.instructions.md b/.github/instructions/markdown.instructions.md
@@ -0,0 +1,52 @@
+---
+description: 'Documentation and content creation standards'
+applyTo: '**/*.md'
+---
+
+## Markdown Content Rules
+
+The following markdown content rules are enforced in the validators:
+
+1. **Headings**: Use appropriate heading levels (H2, H3, etc.) to structure your content. Do not use an H1 heading, as this will be generated based on the title.
+2. **Lists**: Use bullet points or numbered lists for lists. Ensure proper indentation and spacing.
+3. **Code Blocks**: Use fenced code blocks for code snippets. Specify the language for syntax highlighting.
+4. **Links**: Use proper markdown syntax for links. Ensure that links are valid and accessible.
+5. **Images**: Use proper markdown syntax for images. Include alt text for accessibility.
+6. **Tables**: Use markdown tables for tabular data. Ensure proper formatting and alignment.
+7. **Line Length**: Limit line length to 400 characters for readability.
+8. **Whitespace**: Use appropriate whitespace to separate sections and improve readability.
+9. **Front Matter**: Include YAML front matter at the beginning of the file with required metadata fields.
+
+## Formatting and Structure
+
+Follow these guidelines for formatting and structuring your markdown content:
+
+- **Headings**: Use `##` for H2 and `###` for H3. Ensure that headings are used in a hierarchical manner. Recommend restructuring if content includes H4, and more strongly recommend for H5.
+- **Lists**: Use `-` for bullet points and `1.` for numbered lists. Indent nested lists with two spaces.
+- **Code Blocks**: Use triple backticks (`) to create fenced code blocks. Specify the language after the opening backticks for syntax highlighting (e.g., `csharp).
+- **Links**: Use `[link text](URL)` for links. Ensure that the link text is descriptive and the URL is valid.
+- **Images**: Use `![alt text](image URL)` for images. Include a brief description of the image in the alt text.
+- **Tables**: Use `|` to create tables. Ensure that columns are properly aligned and headers are included.
+- **Line Length**: Break lines at 80 characters to improve readability. Use soft line breaks for long paragraphs.
+- **Whitespace**: Use blank lines to separate sections and improve readability. Avoid excessive whitespace.
+
+## Validation Requirements
+
+Ensure compliance with the following validation requirements:
+
+- **Front Matter**: Include the following fields in the YAML front matter:
+
+  - `post_title`: The title of the post.
+  - `author1`: The primary author of the post.
+  - `post_slug`: The URL slug for the post.
+  - `microsoft_alias`: The Microsoft alias of the author.
+  - `featured_image`: The URL of the featured image.
+  - `categories`: The categories for the post. These categories must be from the list in /categories.txt.
+  - `tags`: The tags for the post.
+  - `ai_note`: Indicate if AI was used in the creation of the post.
+  - `summary`: A brief summary of the post. Recommend a summary based on the content when possible.
+  - `post_date`: The publication date of the post.
+
+- **Content Rules**: Ensure that the content follows the markdown content rules specified above.
+- **Formatting**: Ensure that the content is properly formatted and structured according to the guidelines.
+- **Validation**: Run the validation tools to check for compliance with the rules and guidelines.
diff --git a/.github/instructions/python.instructions.md b/.github/instructions/python.instructions.md
@@ -0,0 +1,56 @@
+---
+description: 'Python coding conventions and guidelines'
+applyTo: '**/*.py'
+---
+
+# Python Coding Conventions
+
+## Python Instructions
+
+- Write clear and concise comments for each function.
+- Ensure functions have descriptive names and include type hints.
+- Provide docstrings following PEP 257 conventions.
+- Use the `typing` module for type annotations (e.g., `List[str]`, `Dict[str, int]`).
+- Break down complex functions into smaller, more manageable functions.
+
+## General Instructions
+
+- Always prioritize readability and clarity.
+- For algorithm-related code, include explanations of the approach used.
+- Write code with good maintainability practices, including comments on why certain design decisions were made.
+- Handle edge cases and write clear exception handling.
+- For libraries or external dependencies, mention their usage and purpose in comments.
+- Use consistent naming conventions and follow language-specific best practices.
+- Write concise, efficient, and idiomatic code that is also easily understandable.
+
+## Code Style and Formatting
+
+- Follow the **PEP 8** style guide for Python.
+- Maintain proper indentation (use 4 spaces for each level of indentation).
+- Ensure lines do not exceed 79 characters.
+- Place function and class docstrings immediately after the `def` or `class` keyword.
+- Use blank lines to separate functions, classes, and code blocks where appropriate.
+
+## Edge Cases and Testing
+
+- Always include test cases for critical paths of the application.
+- Account for common edge cases like empty inputs, invalid data types, and large datasets.
+- Include comments for edge cases and the expected behavior in those cases.
+- Write unit tests for functions and document them with docstrings explaining the test cases.
+
+## Example of Proper Documentation
+
+```python
+def calculate_area(radius: float) -> float:
+    """
+    Calculate the area of a circle given the radius.
+    
+    Parameters:
+    radius (float): The radius of the circle.
+    
+    Returns:
+    float: The area of the circle, calculated as π * radius^2.
+    """
+    import math
+    return math.pi * radius ** 2
+```
