This directory contains language-specific CodeQL queries -- organized by programming <language> -- used in the implementation and/or testing of (CodeQL) MCP server tools.
Each <language> subdirectory is expected to follow a standardized structure to ensure consistency and maintainability, though there is flexibility to accommodate different subsets of queries and/or tests for each code <language>.
Each subdirectory of the server/ql/<language>/ must implement the following structure:
server/ql/<language>/
├── tools/
│ ├── src/
│ │ └── <query-name>.ql # Query implementation files
│ └── test/
│ ├── codeql-pack.yml # Test pack configuration
│ ├── codeql-pack.lock.yml # Lock file for dependencies
│ └── <query-name>/ # Test directory for each query
│ ├── <query-name>.qlref # Reference to the query being tested
│ ├── <query-name>.expected # Expected test output
│ ├── <test-files> # Test source code files
│ └── <query-name>.testproj/ # Optional test project directory
Currently supported languages:
actions/- GitHub Actions workflowscpp/- C/C++csharp/- C#go/- Gojava/- Javajavascript/- JavaScript/TypeScriptpython/- Pythonruby/- Rubyswift/- Swift
The server/scripts/run-query-unit-tests.sh script automatically discovers and tests all language directories that follow this structure. It will:
- Iterate through all subdirectories in
server/ql/ - Look for a
tools/directory in each language - Run
codeql test runon thetools/test/directory - Count and report the number of
.qlreffiles found
No manual configuration is required when adding new languages - the test script will automatically include them.
- Consistent naming: Use descriptive names for queries that reflect their purpose
- Comprehensive testing: Each query should have corresponding test cases
- Documentation: Include comments in query files explaining their purpose and usage
- Test coverage: Ensure test cases cover edge cases and expected behaviors
- Pack configuration: Maintain proper
codeql-pack.ymlfiles for dependency management