Do a regression testing for all Cursor rules based on XML (#165)

* Updated design
* Updating the rules
* Update examples

Author: jabrena

.cursor/rules/110-java-maven-best-practices.mdc

@@ -1,6 +1,6 @@
 ---
-description: Maven Best Practices
-globs: pom.xml
+description:
+globs:
 alwaysApply: false
 ---
 # Maven Best Practices
@@ -11,7 +11,34 @@ You are a Senior software engineer with extensive experience in Java software de
 
 ## Goal
 
-Update the pom.xml based on the following rules about Maven best practices.
+Analyze `pom.xml` files to identify Maven best practices improvement opportunities and present actionable alternatives to the user. When you encounter Maven POM files:
+
+1. **Analyze** the POM for Maven best practices issues using the principles and examples below
+2. **Identify** the most impactful improvements (dependency management, plugin configuration, build profiles, version management)
+3. **Present** 2-3 concrete solution options with pros/cons for each issue found
+4. **Ask** the user which improvement they'd like to implement
+5. **Wait** for user choice before making any changes
+
+**Example interaction:**
+```
+🔍 I found 3 Maven best practices improvements in this POM:
+
+1. **CRITICAL: Hardcoded Dependency Versions**
+- Problem: Dependencies have hardcoded versions scattered throughout the POM
+- Solutions: A) Move to properties section B) Use dependencyManagement C) Import BOM files
+
+2. **MAINTAINABILITY: Missing Plugin Version Management**
+- Problem: Maven plugins lack explicit version declarations
+- Solutions: A) Add pluginManagement section B) Define plugin versions in properties C) Use parent POM approach
+
+3. **ORGANIZATION: Inconsistent POM Structure**
+- Problem: Elements are not in logical order, affecting readability
+- Solutions: A) Reorganize sections B) Add descriptive comments C) Use consistent naming conventions
+
+Which would you like to implement? (1A, 1B, 1C, 2A, 2B, 2C, 3A, 3B, 3C, or 'show more details')
+```
+
+Focus on being consultative rather than prescriptive - analyze, propose, ask, then implement based on user choice.
 
 ## Examples
 
@@ -587,8 +614,12 @@ Description: Define all dependency and plugin versions in the `<properties>` sec
 
 ## Output Format
 
-- Update the file pom.xml if something is not correct
+- Analyze Maven POM files for best practices violations and improvement opportunities
+- Present structured analysis with prioritized improvement recommendations
+- Provide multiple solution options with clear pros/cons for each issue
+- Wait for user selection before implementing any changes
+- When implementing, apply only the chosen solution without adding unrequested plugins or dependencies
 
 ## Safeguards
 
-- verify changes with the command: `mvn validate`
+- verify changes with the command: `mvn validate` or `./mvnw validate`

.cursor/rules/111-java-maven-deps-and-plugins.mdc

@@ -1,6 +1,6 @@
 ---
-description: Update pom.xml to add Maven dependencies & plugins
-globs: pom.xml
+description:
+globs:
 alwaysApply: false
 ---
 # Update pom.xml to add Maven dependencies & plugins
@@ -48,7 +48,7 @@ This rule provides a comprehensive, conversational approach to updating Maven po
 
 4. **Verify installation**: Check that the following files were created:
    - `mvnw` (executable script for Unix/Mac)
-   - `mvnw.cmd` (batch script for Windows) 
+   - `mvnw.cmd` (batch script for Windows)
    - `.mvn/wrapper/maven-wrapper.properties`
    - `.mvn/wrapper/maven-wrapper.jar`
 
@@ -149,7 +149,7 @@ After getting answers, implement the configuration following this order:
 
 #### Implementation Approach:
 1. **Ask about code quality dependencies**: Follow the questions in the template file
-2. **Add only selected dependencies**: Don't include dependencies the user doesn't need  
+2. **Add only selected dependencies**: Don't include dependencies the user doesn't need
 3. **Configure with appropriate scope**: Use `provided` scope for compile-time only dependencies
 
 ### 2.3 Build Plugins Section (Conditional)
@@ -162,7 +162,7 @@ After getting answers, implement the configuration following this order:
 
 **Core Plugins** (ask if user wants enhanced enforcement):
 - **maven-compiler-plugin**: Enhanced with Error Prone and NullAway analysis
-- **maven-enforcer-plugin**: With dependency convergence and circular dependency checks  
+- **maven-enforcer-plugin**: With dependency convergence and circular dependency checks
 - **maven-surefire-plugin**: For unit testing with proper configuration
 
 **Feature-Based Plugins** (add only if selected):
@@ -190,7 +190,7 @@ After getting answers, implement the configuration following this order:
 
 **Available Profiles** (add only if features selected):
 - `jacoco`: Code coverage analysis
-- `pitest`: Mutation testing  
+- `pitest`: Mutation testing
 - `security`: OWASP dependency security scanning
 - `find-bugs`: Static analysis with SpotBugs and PMD
 

.cursor/rules/112-java-maven-documentation.mdc

@@ -1,6 +1,6 @@
 ---
-description: Create README-DEV.md with information about how to use the Maven project
-globs: pom.xml
+description:
+globs:
 alwaysApply: false
 ---
 # Create README-DEV.md with information about how to use the Maven project

.cursor/rules/121-java-object-oriented-design.mdc

@@ -11,7 +11,33 @@ You are a Senior software engineer with extensive experience in Java software de
 
 ## Goal
 
-Apply comprehensive guidelines for robust Java object-oriented design and refactoring. Follow core principles like SOLID, DRY, and YAGNI, implement best practices for class and interface design including favoring composition over inheritance and designing for immutability. Master encapsulation, inheritance, and polymorphism, and identify and refactor common object-oriented design code smells such as God Classes, Feature Envy, and Data Clumps to promote maintainable, flexible, and understandable code.
+Analyze Java code to identify object-oriented design improvement opportunities and present actionable alternatives to the user. When you encounter Java code:
+
+1. **Analyze** the code for OOD issues using the principles and examples below
+2. **Identify** the most impactful improvements (SOLID violations, code smells, design patterns)
+3. **Present** 2-3 concrete solution options with pros/cons for each issue found
+4. **Ask** the user which improvement they'd like to implement
+5. **Wait** for user choice before making any changes
+
+**Example interaction:**
+```
+🔍 I found 3 object-oriented design improvements in this code:
+
+1. **CRITICAL: Single Responsibility Principle Violation**
+- Problem: UserService handles data, persistence, and notifications
+- Solutions: A) Split into separate services B) Extract repositories C) Use mediator pattern
+
+2. **DESIGN: Feature Envy in calculateTotal()**
+- Problem: Method uses more Order data than Item data
+- Solutions: A) Move to Order class B) Create Calculator utility C) Use visitor pattern
+
+3. **QUALITY: Public fields break encapsulation**
+- Solutions: A) Add getters/setters B) Use records C) Apply builder pattern
+
+Which would you like to implement? (1A, 1B, 1C, 2A, 2B, 2C, 3A, 3B, 3C, or 'show more details')
+```
+
+Focus on being consultative rather than prescriptive - analyze, propose, ask, then implement based on user choice.
 
 ### Implementing These Principles
 
@@ -2471,4 +2497,7 @@ public class FileManager {
 
 - Apply object-oriented design principles to improve code quality and maintainability
 - Refactor code to follow SOLID principles and eliminate design smells
-- Verify code changes compile and pass tests
+
+## Safeguards
+
+- Verify code changes compile and pass tests: `mvn clean verify` or `./mvnw clean verify`

.cursor/rules/122-java-type-design.mdc

@@ -13,7 +13,36 @@ You are a Senior software engineer with extensive experience in Java software de
 
 Type design thinking in Java applies typography principles to code structure and organization. Just as typography creates readable, accessible text, thoughtful type design in Java produces maintainable, comprehensible code.
 
-### Implementing These Principles
+Analyze Java code to identify type design improvement opportunities and present actionable alternatives to the user. When you encounter Java code:
+
+1. **Analyze** the code for type design issues using the principles and examples below
+2. **Identify** the most impactful improvements (primitive obsession, type hierarchy problems, naming inconsistencies, missing type safety)
+3. **Present** 2-3 concrete solution options with pros/cons for each issue found
+4. **Ask** the user which improvement they'd like to implement
+5. **Wait** for user choice before making any changes
+
+**Example interaction:**
+```
+🔍 I found 3 type design improvements in this code:
+
+1. **CRITICAL: Primitive Obsession with String IDs**
+- Problem: Using String for CustomerID and OrderID creates type confusion
+- Solutions: A) Create type-safe wrapper classes B) Use records for ID types C) Apply builder pattern with validation
+
+2. **DESIGN: Inconsistent Naming Patterns**
+- Problem: PaymentProcessor vs ShipCalc vs TaxSystem naming inconsistency
+- Solutions: A) Standardize to *Service pattern B) Use *Calculator pattern C) Apply *Provider pattern
+
+3. **SAFETY: Missing BigDecimal for Financial Calculations**
+- Problem: Using double for monetary calculations causes precision issues
+- Solutions: A) Convert to BigDecimal with rounding B) Create Money type wrapper C) Use financial calculation utilities
+
+Which would you like to implement? (1A, 1B, 1C, 2A, 2B, 2C, 3A, 3B, 3C, or 'show more details')
+```
+
+Focus on being consultative rather than prescriptive - analyze, propose, ask, then implement based on user choice.
+
+### Core Type Design Principles
 
 1.  **Start with domain modeling**: Sketch your type system before coding.
 2.  **Create a type style guide**: Document naming conventions and patterns.
@@ -859,4 +888,7 @@ class BadProductService {
 - Use generics to create flexible and reusable components
 - Establish clear type hierarchies and consistent naming conventions
 - Use BigDecimal for precision-sensitive calculations
-- Verify code changes compile and pass tests
+
+## Safeguards
+
+- Verify code changes compile and pass tests: `mvn clean verify` or `./mvnw clean verify`

.cursor/rules/123-java-general-guidelines.mdc

@@ -11,7 +11,38 @@ You are a Senior software engineer with extensive experience in Java software de
 
 ## Goal
 
-This document outlines general Java coding guidelines covering fundamental aspects such as naming conventions for packages, classes, methods, variables, and constants; code formatting rules including indentation, line length, brace style, and whitespace usage; standards for organizing import statements; best practices for Javadoc documentation; and comprehensive error and exception handling with a strong focus on security, including avoiding sensitive information exposure, catching specific exceptions, and secure resource management.
+Analyze Java code to identify general coding guideline violations and present actionable alternatives to the user. When you encounter Java code:
+
+1. **Analyze** the code for guideline violations using the principles and examples below
+2. **Identify** the most impactful improvements (naming, formatting, imports, documentation, error handling)
+3. **Present** 2-3 concrete solution options with pros/cons for each issue found
+4. **Ask** the user which improvement they'd like to implement
+5. **Wait** for user choice before making any changes
+
+**Example interaction:**
+```
+🔍 I found 4 Java guideline improvements in this code:
+
+1. **CRITICAL: Naming Convention Violations**
+- Problem: Class uses snake_case, variables use Hungarian notation
+- Solutions: A) Apply standard Java naming B) Refactor with IDE tools C) Gradual migration approach
+
+2. **FORMATTING: Inconsistent Code Style**
+- Problem: Mixed brace styles, missing spaces, poor indentation
+- Solutions: A) Apply Google Java Style B) Use Checkstyle configuration C) Manual formatting cleanup
+
+3. **IMPORTS: Disorganized and Inefficient**
+- Problem: Wildcard imports, mixed ordering, missing grouping
+- Solutions: A) Organize by package groups B) Remove wildcards C) Use IDE auto-organization
+
+4. **DOCUMENTATION: Missing Javadoc**
+- Problem: Public APIs lack documentation, no @param/@return tags
+- Solutions: A) Add comprehensive Javadoc B) Generate skeleton docs C) Document critical methods first
+
+Which would you like to implement? (1A, 1B, 1C, 2A, 2B, 2C, 3A, 3B, 3C, 4A, 4B, 4C, or 'show more details')
+```
+
+Focus on being consultative rather than prescriptive - analyze, propose, ask, then implement based on user choice.
 
 ### Implementing These Principles
 
@@ -334,3 +365,7 @@ public class UnsafeFileProcessor {
 - Apply the Java general guidelines to improve code quality and maintainability
 - Follow naming conventions, formatting rules, and documentation standards
 - Implement comprehensive error handling with security considerations
+
+## Safeguards
+
+- Verify code changes compile and pass tests: `mvn clean verify` or `./mvnw clean verify`

.cursor/rules/124-java-secure-coding.mdc

@@ -11,7 +11,34 @@ You are a Senior software engineer with extensive experience in Java software de
 
 ## Goal
 
-Apply secure coding practices to Java code to prevent common vulnerabilities and enhance application security.
+Analyze Java code to identify security vulnerabilities and present actionable alternatives to the user. When you encounter Java code:
+
+1. **Analyze** the code for security issues using the principles and examples below
+2. **Identify** the most critical vulnerabilities (injection flaws, weak cryptography, information disclosure, etc.)
+3. **Present** 2-3 concrete solution options with pros/cons for each issue found
+4. **Ask** the user which improvement they'd like to implement
+5. **Wait** for user choice before making any changes
+
+**Example interaction:**
+```
+🔒 I found 3 security vulnerabilities in this code:
+
+1. **CRITICAL: SQL Injection Vulnerability**
+- Problem: User input directly concatenated into SQL query
+- Solutions: A) Use PreparedStatement B) Use JPA/Hibernate C) Add input validation layer
+
+2. **HIGH: Weak Password Hashing**
+- Problem: Using MD5 for password storage without salt
+- Solutions: A) Switch to BCrypt B) Use Argon2 C) Implement PBKDF2 with salt
+
+3. **MEDIUM: Information Disclosure in Exception Handling**
+- Problem: Stack traces exposed to users
+- Solutions: A) Generic error messages B) Centralized exception handler C) Separate logging
+
+Which would you like to implement? (1A, 1B, 1C, 2A, 2B, 2C, 3A, 3B, 3C, or 'show more details')
+```
+
+Focus on being consultative rather than prescriptive - analyze, propose, ask, then implement based on user choice.
 
 This document provides essential Java secure coding guidelines, focusing on five key areas: validating all untrusted inputs to prevent attacks like injection and path traversal; protecting against injection attacks (e.g., SQL injection) by using parameterized queries or prepared statements; minimizing the attack surface by adhering to the principle of least privilege and reducing exposure; employing strong, current cryptographic algorithms for hashing, encryption, and digital signatures while avoiding deprecated ones; and handling exceptions securely by avoiding the exposure of sensitive information in error messages to users and logging detailed, non-sensitive diagnostic information for developers.
 
@@ -632,3 +659,7 @@ public class InsecureExceptionHandler {
     }
 }
 ```
+
+## Safeguards
+
+- Verify code changes compile and pass tests: `mvn clean verify` or `./mvnw clean verify`

.cursor/rules/125-java-concurrency.mdc

@@ -11,6 +11,35 @@ You are a Senior software engineer with extensive experience in Java software de
 
 ## Goal
 
+Analyze Java code to identify concurrency improvement opportunities and present actionable alternatives to the user. When you encounter Java code:
+
+1. **Analyze** the code for concurrency issues using the principles and examples below
+2. **Identify** the most impactful improvements (thread safety violations, performance issues, modern alternatives)
+3. **Present** 2-3 concrete solution options with pros/cons for each issue found
+4. **Ask** the user which improvement they'd like to implement
+5. **Wait** for user choice before making any changes
+
+**Example interaction:**
+```
+🔍 I found 3 concurrency improvements in this code:
+
+1. **CRITICAL: Thread Safety Violation**
+- Problem: HashMap accessed by multiple threads without synchronization
+- Solutions: A) Use ConcurrentHashMap B) Add synchronization C) Use lock-free atomic operations
+
+2. **PERFORMANCE: Blocking Operations in Virtual Threads**
+- Problem: Using synchronized blocks that can pin virtual threads
+- Solutions: A) Replace with ReentrantLock B) Use concurrent collections C) Redesign with async patterns
+
+3. **MODERN: ThreadLocal with Virtual Threads**
+- Problem: ThreadLocal doesn't work well with virtual threads
+- Solutions: A) Use ScopedValue B) Pass context explicitly C) Use structured concurrency
+
+Which would you like to implement? (1A, 1B, 1C, 2A, 2B, 2C, 3A, 3B, 3C, or 'show more details')
+```
+
+Focus on being consultative rather than prescriptive - analyze, propose, ask, then implement based on user choice.
+
 Effective Java concurrency relies on understanding thread safety fundamentals, using `java.util.concurrent` utilities, and managing thread pools with `ExecutorService`. Key practices include implementing concurrent design patterns like Producer-Consumer, leveraging `CompletableFuture` for asynchronous tasks, and ensuring thread safety through immutability and safe publication. Performance aspects like lock contention and memory consistency must be considered. Thorough testing, including stress tests and thread dump analysis, is crucial. Modern Java offers virtual threads for enhanced scalability, structured concurrency for simplified task management, and scoped values for safer thread-shared data as alternatives to thread-locals.
 
 ### Implementing These Principles
@@ -1651,3 +1680,7 @@ class BadScopedValueUsage {
     }
 }
 ```
+
+## Safeguards
+
+- Verify code changes compile and pass tests: `mvn clean verify` or `./mvnw clean verify`

.cursor/rules/126-java-logging.mdc

@@ -11,7 +11,34 @@ You are a Senior software engineer with extensive experience in Java software de
 
 ## Goal
 
-Effective Java logging involves selecting a standard framework (SLF4J with Logback/Log4j2), using appropriate log levels (ERROR, WARN, INFO, DEBUG, TRACE), and adhering to core practices like parameterized logging, proper exception handling, and avoiding sensitive data exposure. Configuration should be environment-specific with clear output formats. Security is paramount: mask sensitive data, control log access, and ensure secure transmission. Implement centralized log aggregation, monitoring, and alerting for proactive issue detection. Finally, logging behavior and its impact should be validated through comprehensive testing.
+Analyze Java code to identify logging improvement opportunities and present actionable alternatives to the user. When you encounter Java code:
+
+1. **Analyze** the code for logging issues using the principles and examples below
+2. **Identify** the most impactful improvements (framework selection, log levels, security, performance, monitoring)
+3. **Present** 2-3 concrete solution options with pros/cons for each issue found
+4. **Ask** the user which improvement they'd like to implement
+5. **Wait** for user choice before making any changes
+
+**Example interaction:**
+```
+🔍 I found 3 logging improvements in this code:
+
+1. **CRITICAL: Security Risk - Sensitive Data Exposure**
+- Problem: Credit card numbers and passwords logged in plain text
+- Solutions: A) Implement data masking B) Use structured logging with filters C) Remove sensitive logging entirely
+
+2. **PERFORMANCE: String Concatenation in Logging**
+- Problem: Using + operator instead of parameterized logging
+- Solutions: A) Convert to SLF4J placeholders B) Add guard clauses C) Use lazy evaluation
+
+3. **MAINTAINABILITY: Inconsistent Log Levels**
+- Problem: Business events logged as DEBUG, errors as INFO
+- Solutions: A) Standardize level usage B) Create logging guidelines C) Use different loggers by category
+
+Which would you like to implement? (1A, 1B, 1C, 2A, 2B, 2C, 3A, 3B, 3C, or 'show more details')
+```
+
+Focus on being consultative rather than prescriptive - analyze, propose, ask, then implement based on user choice.
 
 ### Implementing These Principles
 
@@ -1383,3 +1410,7 @@ public class UntestableLogging {
     }
 }
 ```
+
+## Safeguards
+
+- Verify code changes compile and pass tests: `mvn clean verify` or `./mvnw clean verify`