You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: .github/instructions/server_src_ts.instructions.md
+1-5Lines changed: 1 addition & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,13 +24,9 @@ This file contains instructions for working with TypeScript source code files in
24
24
- PREFER the import of functionality from `@modelcontextprotocol/sdk` over direct implementation, unless absolutely necessary.
25
25
- PREFER to implement each MCP server primitive in its own file named after the primitive, e.g., `server/src/<lib-example>/<primitive-example>.ts`.
26
26
- PREFER many simple MCP server primitives that each do one thing well over fewer complex MCP server primitives that do many things.
27
-
- PREFER copying and/or adapting existing `*.prompt.md` files matching one of the following patterns:
28
-
-`ql/.github/prompts/*.prompt.md`
29
-
-`ql/languages/*/tools/dev/*.prompt.md`
30
-
-`ql/resources/{codeql,qlt}/*.prompt.md`
31
27
32
28
## CONTRAINTS
33
29
34
30
- NEVER leave any trailing whitespace on any line.
35
-
- NEVER guess at what a `codeql`or `qlt`CLI subcommand does; ALWAYS verify against the official `codeql <subcommand> -h -vv`or `qlt <subcommand> -h`documentation, respectively.
31
+
- NEVER guess at what a `codeql` CLI subcommand does; ALWAYS verify against the official `codeql <subcommand> -h -vv` documentation.
36
32
-**NEVER use stat/lstat followed by a separate read/open on the same path** — this is a TOCTOU (Time-of-Check-Time-of-Use) race condition (CWE-367). Instead, attempt the operation directly (e.g., `readFileSync`) within a try/catch block. If you need to know the file size before reading, read first and then check the buffer size — do NOT stat then read. For directory traversal, `lstatSync` is acceptable since it is the operation itself (checking entry type), not a precursor to a separate operation.
Copy file name to clipboardExpand all lines: server/dist/codeql-development-mcp-server.js
+42-6Lines changed: 42 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -62913,7 +62913,7 @@ var codeqlResolveTestsTool = {
62913
62913
};
62914
62914
62915
62915
// src/tools/codeql/search-ql-code.ts
62916
-
import { createReadStream as createReadStream3, lstatSync, readdirSync as readdirSync8, readFileSync as readFileSync9, realpathSync } from "fs";
62916
+
import { closeSync, createReadStream as createReadStream3, fstatSync, lstatSync, openSync, readdirSync as readdirSync8, readFileSync as readFileSync9, realpathSync } from "fs";
62917
62917
import { basename as basename6, extname as extname2, join as join15, resolve as resolve9 } from "path";
62918
62918
import { createInterface as createInterface3 } from "readline";
62919
62919
init_logger();
@@ -62968,14 +62968,38 @@ function collectFiles(paths, extensions, fileCount) {
62968
62968
return files;
62969
62969
}
62970
62970
async function searchFile(filePath, regex, contextLines, maxCollect) {
0 commit comments