Skip to content

Commit d519639

Browse files
data-dousergithub-actions[bot]CopilotCopilot
authored
Prep for v2.24.2 release (#81)
* Enforce release version and tag consistency * fix(release-tag): detect and replace stale tags Add a lightweight version check in the check-tag step that inspects server/package.json at the tagged commit. If the version doesn't match the release name, the stale tag is deleted and recreated with correct versions through the normal update/build/test/tag flow. Also suppress stderr on git restore --staged for paths that may not exist (.codeql, *.qlx). * Release v2.24.2-rc1: update versions to 2.24.2-rc1 * Allow codeql pack prerelease * Release v2.24.2-rc2: update versions to 2.24.2-rc2 * fix VSIX-bundled server install & version artifacts VSIX install fixes: - Skip npm install entirely when the VSIX bundle is present; the bundle already ships server/dist/, server/ql/, and server/package.json - PackInstaller now prefers bundled qlpacks from the VSIX over the npm-installed copy in globalStorage, fixing version skew between the packs being installed and the server code being run - In the unbundled fallback path (Extension Development Host), compare the npm-installed version against the extension's own version instead of short-circuiting on targetVersion === 'latest' Versioned release artifact filenames: - VSIX: codeql-development-mcp-server-vX.Y.Z.vsix (was unversioned) - CodeQL pack bundles: ql-mcp-<lang>-tools-src-vX.Y.Z.tar.gz (was unversioned) - Update release, build-and-test, and package scripts accordingly - Add *.vsix to .gitignore - Normalize docs to use vX.Y.Z placeholders consistently * Add `.md` docs for all `.ql` tools queries (#78) (#79) * Add .md docs for all tools queries (#78) Add query documentation (.md) for every `server/ql/*/tools/src/*/*.ql` query across all 9 supported languages: PrintAST, PrintCFG, CallGraphFrom, and CallGraphTo. - Add `query-documentation.test.ts` to enforce that every tools query has a matching .md file - Update `server_ql_languages_tools.instructions.md` to require query docs, clarify `@kind graph` vs detection-query guidance, and scope COMPLIANT/NON_COMPLIANT annotations to detection queries only - Remove COMPLIANT/NON_COMPLIANT annotations from existing PrintCFG docs (structural queries, not detection queries) * Apply suggestions from code review Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Nathan Randall <70299490+data-douser@users.noreply.github.com> * [UPDATE PRIMITIVE] Consistent `CallGraphFrom`/`CallGraphTo` naming in all language docs (#80) * Initial plan * Use CallGraphFrom and CallGraphTo naming consistently in all docs (no spaces) Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> * Update server/ql/cpp/tools/src/CallGraphFrom/CallGraphFrom.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Nathan Randall <70299490+data-douser@users.noreply.github.com> --------- Signed-off-by: Nathan Randall <70299490+data-douser@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> * Release v2.24.2-rc3: update versions to 2.24.2-rc3 * Fix `getExtensionVersion()` and `getBundledQlRoot()` per review comments (#82) * Initial plan * Fix getExtensionVersion() and getBundledQlRoot() per review comments Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> * [UPDATE PRIMITIVE] Fix CallGraph docs: remove IDE integration claim, fix output format, fix NON_COMPLIANT typo (#83) --------- Signed-off-by: Nathan Randall <70299490+data-douser@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
1 parent 4baf6af commit d519639

File tree

73 files changed

+1677
-105
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

73 files changed

+1677
-105
lines changed

.github/instructions/server_ql_languages_tools.instructions.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,10 +22,13 @@ Each language directory follows a standardized structure that enables automatic
2222
- ALWAYS place query implementation files in `tools/src/<query-name>/` subdirectories.
2323
- ALWAYS place corresponding test files in `tools/test/<query-name>/` subdirectories.
2424
- ALWAYS include proper CodeQL query metadata using `@name`, `@description`, `@id`, `@kind`, and `@tags` annotations.
25+
- ALWAYS create a `.md` query documentation file alongside every `.ql` query in `tools/src/<query-name>/` (e.g., `PrintAST.md` next to `PrintAST.ql`). This is enforced by the `query-documentation.test.ts` unit test.
26+
- ALWAYS use the existing `server/ql/*/tools/src/PrintCFG/PrintCFG.md` files as the canonical style reference for `@kind graph` query documentation. These docs describe the structural output (nodes/edges) rather than flagging problems, so code examples should illustrate what structure the query visualizes — not whether code is compliant or non-compliant.
2527
- ALWAYS create `.qlref` files that reference the correct query path relative to the tools directory.
2628
- ALWAYS create `.expected` files with the expected output for each test case.
27-
- ALWAYS implement test code source files that test both the query's ability to ignore `COMPLIANT` code patterns AND to detect `NON_COMPLIANT` code patterns.
28-
- ALWAYS comment test cases as either `COMPLIANT` (i.e. query should not match) or `NON-COMPLIANT` (i.e. query should match).
29+
- ALWAYS implement test code source files that test both the query's ability to ignore `COMPLIANT` code patterns AND to detect `NON_COMPLIANT` code patterns for detection-style queries (`@kind problem` / `@kind path-problem`).
30+
- ALWAYS comment test cases as either `COMPLIANT` (i.e. query should not match) or `NON_COMPLIANT` (i.e. query should match) for detection-style queries.
31+
- ALWAYS omit `COMPLIANT` and `NON_COMPLIANT` annotations from `@kind graph` query documentation and test code, because these queries produce structural output (ASTs, CFGs, call graphs) rather than detecting problems.
2932
- ALWAYS use the `server/scripts/install-packs.sh` script to install dependencies for CodeQL packs defined under the `server/ql/*/language/tools/` directories.
3033
- ALWAYS use explicit version numbers in `codeql-pack.yml` files; never use wildcards (`*`).
3134
- ALWAYS set `ql-mcp-*` pack versions to match the CodeQL CLI version from `.codeql-version` (without the `v` prefix).
@@ -51,4 +54,5 @@ Each language directory follows a standardized structure that enables automatic
5154
- NEVER create `.qlref` files with incorrect paths or missing target queries.
5255
- NEVER mix different query purposes within a single query file.
5356
- NEVER omit required CodeQL query metadata annotations.
57+
- NEVER omit query documentation (`.md`) for any query published in a `tools/src/` pack directory.
5458
- NEVER create test cases that don't actually exercise the query logic being tested.

.github/workflows/build-and-test-extension.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,9 @@ jobs:
6969

7070
- name: Verify VSIX packaging
7171
working-directory: extensions/vscode
72-
run: npx @vscode/vsce package --no-dependencies --out codeql-development-mcp-server.vsix
72+
run: |
73+
VERSION=$(node -e "console.log(require('./package.json').version)")
74+
npx @vscode/vsce package --no-dependencies --out "codeql-development-mcp-server-v${VERSION}.vsix"
7375
7476
- name: Verify VSIX contents
7577
working-directory: extensions/vscode

.github/workflows/release-codeql.yml

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -81,13 +81,22 @@ jobs:
8181
env:
8282
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
8383
run: |
84+
RELEASE_NAME="${{ steps.version.outputs.release_name }}"
8485
LANGUAGES="actions cpp csharp go java javascript python ruby swift"
86+
87+
# Prerelease versions (containing a hyphen) require --allow-prerelease
88+
PRERELEASE_FLAG=""
89+
if [[ "${RELEASE_NAME}" == *-* ]]; then
90+
PRERELEASE_FLAG="--allow-prerelease"
91+
echo "Detected prerelease version — using ${PRERELEASE_FLAG}"
92+
fi
93+
8594
echo "Publishing CodeQL tool query packs..."
8695
for lang in ${LANGUAGES}; do
8796
PACK_DIR="server/ql/${lang}/tools/src"
8897
if [ -d "${PACK_DIR}" ]; then
8998
echo "📦 Publishing ${PACK_DIR}..."
90-
codeql pack publish --threads=-1 -- "${PACK_DIR}"
99+
codeql pack publish --threads=-1 ${PRERELEASE_FLAG} -- "${PACK_DIR}"
91100
echo "✅ Published ${lang} tool query pack"
92101
else
93102
echo "⚠️ Skipping ${lang}: ${PACK_DIR} not found"
@@ -106,7 +115,8 @@ jobs:
106115
for lang in ${LANGUAGES}; do
107116
PACK_DIR="server/ql/${lang}/tools/src"
108117
if [ -d "${PACK_DIR}" ]; then
109-
PACK_NAME="ql-mcp-${lang}-tools-src"
118+
VERSION="${{ steps.version.outputs.version }}"
119+
PACK_NAME="ql-mcp-${lang}-tools-src-${VERSION}"
110120
OUTPUT="dist-packs/${PACK_NAME}.tar.gz"
111121
echo "📦 Bundling ${PACK_DIR} -> ${OUTPUT}..."
112122
codeql pack bundle --threads=-1 --output="${OUTPUT}" -- "${PACK_DIR}"

.github/workflows/release-tag.yml

Lines changed: 20 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -63,11 +63,27 @@ jobs:
6363
id: check-tag
6464
run: |
6565
TAG="${{ steps.version.outputs.version }}"
66+
RELEASE_NAME="${{ steps.version.outputs.release_name }}"
6667
if git rev-parse "refs/tags/${TAG}" >/dev/null 2>&1; then
6768
TAG_SHA=$(git rev-parse "refs/tags/${TAG}^{commit}" 2>/dev/null || git rev-parse "refs/tags/${TAG}")
68-
echo "tag_exists=true" >> $GITHUB_OUTPUT
69-
echo "tag_sha=${TAG_SHA}" >> $GITHUB_OUTPUT
7069
echo "ℹ️ Tag ${TAG} already exists at commit ${TAG_SHA:0:8}"
70+
71+
# Verify version-bearing files at the tagged commit match the release
72+
TAG_SERVER_VERSION=$(git show "${TAG_SHA}:server/package.json" \
73+
| grep -m1 '"version"' \
74+
| sed 's/.*"version"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/')
75+
if [[ "${TAG_SERVER_VERSION}" == "${RELEASE_NAME}" ]]; then
76+
echo "tag_exists=true" >> $GITHUB_OUTPUT
77+
echo "tag_sha=${TAG_SHA}" >> $GITHUB_OUTPUT
78+
echo "✅ Existing tag ${TAG} has correct version (${RELEASE_NAME})"
79+
else
80+
echo "⚠️ Version mismatch at tag ${TAG}: found ${TAG_SERVER_VERSION}, expected ${RELEASE_NAME}"
81+
echo " Removing stale tag to recreate with correct versions..."
82+
git tag -d "${TAG}" 2>/dev/null || true
83+
git push origin ":refs/tags/${TAG}" 2>/dev/null || true
84+
echo "tag_exists=false" >> $GITHUB_OUTPUT
85+
echo "ℹ️ Stale tag ${TAG} removed — will recreate with updated versions"
86+
fi
7187
else
7288
echo "tag_exists=false" >> $GITHUB_OUTPUT
7389
echo "ℹ️ Tag ${TAG} does not exist yet"
@@ -128,8 +144,8 @@ jobs:
128144
# Stage version-bearing files and lockfile changes
129145
git add -A
130146
# Ensure CodeQL-generated artifacts are not staged for commit
131-
git restore --staged .codeql || true
132-
git restore --staged '*.qlx' || true
147+
git restore --staged .codeql 2>/dev/null || true
148+
git restore --staged '*.qlx' 2>/dev/null || true
133149
134150
# Check if there are changes to commit
135151
if git diff --cached --quiet; then

.github/workflows/release-vsix.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ on:
1515
description: 'The full version string with "v" prefix (e.g., vX.Y.Z)'
1616
value: ${{ jobs.publish-vsix.outputs.version }}
1717
vsix_name:
18-
description: 'The VSIX filename (e.g., codeql-development-mcp-server.vsix)'
18+
description: 'The VSIX filename (e.g., codeql-development-mcp-server-vX.Y.Z.vsix)'
1919
value: ${{ jobs.publish-vsix.outputs.vsix_name }}
2020

2121
# Note: This workflow is called exclusively via workflow_call from release.yml.
@@ -85,7 +85,8 @@ jobs:
8585
id: package
8686
working-directory: extensions/vscode
8787
run: |
88-
VSIX_NAME="codeql-development-mcp-server.vsix"
88+
VERSION="${{ steps.version.outputs.version }}"
89+
VSIX_NAME="codeql-development-mcp-server-${VERSION}.vsix"
8990
npx @vscode/vsce package --no-dependencies --out "${VSIX_NAME}"
9091
echo "vsix_name=${VSIX_NAME}" >> $GITHUB_OUTPUT
9192
echo "✅ Packaged ${VSIX_NAME}"

.github/workflows/release.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,10 @@ on:
2929
permissions:
3030
contents: read
3131

32+
concurrency:
33+
group: release-${{ github.event.inputs.version || github.ref_name }}
34+
cancel-in-progress: true
35+
3236
jobs:
3337
# ─────────────────────────────────────────────────────────────────────────────
3438
# Step 1: Determine the release version
@@ -239,7 +243,7 @@ jobs:
239243
files: |
240244
codeql-development-mcp-server-${{ needs.resolve-version.outputs.version }}.tar.gz
241245
dist-packs/*.tar.gz
242-
dist-vsix/codeql-development-mcp-server.vsix
246+
dist-vsix/codeql-development-mcp-server-${{ needs.resolve-version.outputs.version }}.vsix
243247
generate_release_notes: true
244248
tag_name: ${{ needs.resolve-version.outputs.version }}
245249

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ codeql-development-mcp-server.code-workspace
2626
*.swo
2727
*.tgz
2828
*.tar.gz
29+
*.vsix
2930
*~
3031

3132
.vscode/mcp.json

client/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "codeql-development-mcp-server_client",
3-
"version": "2.24.2",
3+
"version": "2.24.2-rc3",
44
"description": "MCP client for integration testing of the CodeQL development MCP server",
55
"main": "src/ql-mcp-client.js",
66
"type": "module",

docs/getting-started.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ npx -y codeql-development-mcp-server
4747
### From GitHub Releases
4848

4949
1. Download the latest release from [Releases](https://github.com/advanced-security/codeql-development-mcp-server/releases)
50-
2. Extract: `tar -xzf codeql-development-mcp-server-vX.X.X.tar.gz -C /path/to/destination`
50+
2. Extract: `tar -xzf codeql-development-mcp-server-vX.Y.Z.tar.gz -C /path/to/destination`
5151

5252
### From Source
5353

docs/vscode/extension.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,12 @@ to do by hand.
1717

1818
### From `.vsix` (GitHub Releases)
1919

20-
Download `codeql-development-mcp-server.vsix` from the latest
20+
Download `codeql-development-mcp-server-vX.Y.Z.vsix` from the latest
2121
[GitHub Release](https://github.com/advanced-security/codeql-development-mcp-server/releases),
2222
then install:
2323

2424
```bash
25-
code --install-extension codeql-development-mcp-server.vsix
25+
code --install-extension codeql-development-mcp-server-vX.Y.Z.vsix
2626
```
2727

2828
Or in VS Code: **Extensions** sidebar → `` menu → **Install from VSIX…** → select the file.
@@ -40,7 +40,7 @@ From the repository root:
4040

4141
```bash
4242
npm run package:vsix
43-
code --install-extension extensions/vscode/codeql-development-mcp-server.vsix
43+
code --install-extension extensions/vscode/codeql-development-mcp-server-vX.Y.Z.vsix
4444
```
4545

4646
The extension requires the [CodeQL extension](https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-codeql) (`GitHub.vscode-codeql`) and will prompt you to install it if missing.

0 commit comments

Comments
 (0)