Align repo with TemplateDotNetLibrary and run agent cleanups

[Copilot]

Pull Request

Description

Runs all GitHub agents against the repository to align with the TemplateDotNetLibrary template and perform automated cleanups.

Repo consistency alignment:

• Updated .editorconfig (stricter brace rules, simplified config), .gitignore, .cspell.json, .yamllint.yaml
• Replaced .markdownlint.json with .markdownlint-cli2.jsonc
• Added .versionmark.yaml, build.sh/bat, lint.sh/bat
• Updated CI workflows (build.yaml, build_on_push.yaml, release.yaml) to match template patterns
• Upgraded buildmark to 0.3.0, added versionmark tool
• Added SBOM configuration (GenerateSBOM, Microsoft.Sbom.Targets) to project file

CI workflow alignment with template:

• codeql job: Added leading comment, fetch-depth: 0 on checkout, reordered steps (CodeQL init before dotnet setup), removed build-mode: manual, cleaned up inline permission comments, renamed upload step to Upload CodeQL SARIF
• build-docs job: Renamed to Build Documents, added leading comment, restructured with section comments (=== CHECKOUT AND DOWNLOAD ARTIFACTS ===, === INSTALL DEPENDENCIES ===, === GENERATE MARKDOWN REPORTS ===, === GENERATE HTML DOCUMENTS WITH PANDOC ===, === GENERATE PDF DOCUMENTS WITH WEASYPRINT ===, === UPLOAD ARTIFACTS ===), grouped steps by type, switched from pwsh to bash shell, added --pdf-variant pdf/a-3u to all Weasyprint steps
• Renamed documents artifact from documentation to documents in both build.yaml and release.yaml

Code style (IDE0011):

• Applied braces to all if/else/foreach statements across source and test files to comply with the new csharp_prefer_braces = true:warning + TreatWarningsAsErrors

Framework-specific test references:

• Restored net8.0@, net9.0@, net10.0@ prefixed test references in requirements.yaml — these work correctly because dotnet test --logger "trx;LogFilePrefix=..." on multi-target projects generates per-framework TRX files (e.g., ubuntu-latest_net8.0_*.trx) which reqstream matches against

Documentation:

• Converted inline links to reference-style in CONTRIBUTING.md, SECURITY.md, docs/guide/guide.md
• Fixed incorrect API examples in guide (removed non-existent methods, corrected SpdxSnippet field names)

Tests:

• Renamed validation tests from Bad* → Invalid* for naming consistency
• Added edge case test for SpdxReferenceCategoryExtensions (153 → 154 tests)

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Code quality improvement

Related Issues

Pre-Submission Checklist

Before submitting this pull request, ensure you have completed the following:

Build and Test

• Code builds successfully: dotnet build --configuration Release
• All unit tests pass: dotnet test --configuration Release
• Code produces zero warnings

Code Quality

• Code formatting is correct: dotnet format --verify-no-changes
• New code has appropriate XML documentation comments
• Static analyzer warnings have been addressed

Quality Checks

Please run the following checks before submitting:

• Spell checker passes: cspell "**/*.{md,cs}"
• Markdown linter passes: markdownlint "**/*.md"
• YAML linter passes: yamllint .

Testing

• Added unit tests for new functionality
• Updated existing tests if behavior changed
• All tests follow the AAA (Arrange, Act, Assert) pattern
• Test coverage is maintained or improved

Documentation

• Updated README.md (if applicable)
• Updated ARCHITECTURE.md (if applicable)
• Added code examples for new features (if applicable)
• Updated requirements.yaml (if applicable)

Additional Notes

• reqstream --enforce passes with framework-specific test references validated against TRX output from multi-target test runs
• 154 tests pass across net8.0, net9.0, and net10.0

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[Malcolmnixon]

Can you check for consistency on this file against the template - I think there should be comments in front of the jobs.

[Copilot]

Fixed in a51032d. Added the leading comment matching the template pattern (# Runs CodeQL security and quality analysis, gathering results to include in the code quality report.). Also aligned the job with template: added fetch-depth: 0 on checkout, moved Initialize CodeQL before Setup dotnet, removed build-mode: manual, cleaned up inline permission comments, and renamed Upload SARIF to Upload CodeQL SARIF.

[Malcolmnixon]

Can you check for consistency against the template for this job - both in leading comments, display name, artifacts, and comments breaking the order of operations into discrete sections for maintenance.

[Copilot]

Fixed in a51032d. Restructured the build-docs job to match the template pattern:

• Added leading comment describing the job purpose
• Renamed to Build Documents (matching template)
• Added section comments (=== CHECKOUT AND DOWNLOAD ARTIFACTS ===, === INSTALL DEPENDENCIES ===, === GENERATE MARKDOWN REPORTS ===, === GENERATE HTML DOCUMENTS WITH PANDOC ===, === GENERATE PDF DOCUMENTS WITH WEASYPRINT ===, === UPLOAD ARTIFACTS ===)
• Grouped all markdown reports, then HTML generation, then PDF generation (matching template order)
• Switched from pwsh to bash shell to match template
• Renamed artifact from documentation to documents
• Added --pdf-variant pdf/a-3u to all Weasyprint steps

[Malcolmnixon]

Check for consistency against the template for the documentation/documents artifact.

[Copilot]

Fixed in a51032d. Changed the artifact name from documentation to documents in both build.yaml (upload) and release.yaml (download) to match the template.