Add vscode-codeql-development-mcp-server.vsix extension for "bridge" to GitHub.vscode-codeql extension's databases, query results, and MRVA results#61
Merged
data-douser merged 15 commits intomainfrom Feb 22, 2026
Conversation
Introduce a VS Code extension (extensions/vscode/) that automatically installs, configures, and manages the MCP server. It bridges with vscode-codeql to watch databases and query run results, resolves the CodeQL CLI, and provides an MCP server definition provider. Add two new MCP server tools: - list_codeql_databases: discovers databases in configured base dirs - list_query_run_results: discovers per-run result directories Supporting changes: - Add discovery-config module for env-var-based directory parsing - Set timeout: 0 for fresh-process CodeQL commands in cli-executor - Add .vscode workspace configuration (launch, tasks, mcp) - Add root tsconfig project reference for the extension - Add integration test fixtures for the new tools
- Add `list_mrva_run_results` tool to discover Multi-Repository Variant Analysis run results from `CODEQL_MRVA_RUN_RESULTS_DIRS` directories - Add `profile_codeql_query_from_logs` tool to parse evaluator logs into performance profiles (JSON + Mermaid) without re-running queries - Add reusable evaluator log parser supporting both raw and summary formats - Extend `codeql_database_analyze` with logDir, evaluator-log, and tuple-counting parameters, matching `codeql_query_run` logging support - Generate evaluator log summaries post-execution for query run and database analyze commands - Add `getMrvaRunResultsDirs` to discovery config for MRVA env var - Add unit tests for all new tools and libraries
Fixes found by stress-testing MCP tools against real CodeQL databases: - bqrs_decode: replace non-existent --max-results/--max-paths with correct --rows option; add --result-set, --entities, --sort-direction, --no-titles - bqrs_info: add --format (text/json), --paginate-rows, --paginate-result-set; fix format passthrough in cli-tool-registry (formatShouldBePassedToCLI) - list_query_run_results: add language/queryPath filters; extract metadata from query.log (queryPath, databasePath, language); add fallback language detection from semmlecode.<lang>.dbscheme and codeql/<lang>-all/ paths - database_analyze: add --rerun parameter; auto-create output parent directory to prevent NoSuchFileException after long-running evaluations - query_run: fix SARIF generation to use interpretBQRSFile with proper -t metadata instead of bare bqrs interpret; fix output filename to results-interpreted.sarif - `docs/**/*.md`: update project docs to reflect ^ improvements to tools. Unit tests: 873 passed (44 files, +23 new tests) Integration tests: 5 new test cases covering each fix
Rename the (unreleased) vscode extension: from: codeql-development-mcp-server-vscode to: vscode-codeql-development-mcp-server Make the VSIX self-contained by bundling the MCP server entry point (server/dist/), tool query packs (server/ql/*/tools/src/), and server package.json directly into the extension. The server is now launched via `node` against the bundled JS instead of downloading via `npx` at runtime. Falls back to npx in dev environments where the bundle is absent. New files: - scripts/bundle-server.js — copies server files into extension dir - .github/workflows/build-extension.yml — CI for extension PR/push - .github/workflows/release-vsix.yml — reusable release sub-workflow with release-vsix environment, consistent with release-npm.yml and release-codeql.yml patterns Updated release.yml to call release-vsix.yml and include the VSIX in GitHub Release artifacts as codeql-development-mcp-server.vsix.
- Include vscode-codeql workspace storage in CODEQL_DATABASES_BASE_DIRS alongside global storage (picks up databases from current workspace) - Add settings: additionalDatabaseDirs, additionalQueryRunResultsDirs, additionalMrvaRunResultsDirs for user-appended discovery directories - Add .gitignore for extension build artifacts (dist/, server/, *.vsix) - Update clean script to remove server/ and *.vsix - Fix launch.json: use npx for vitest (hoisted node_modules), add 5 debug configs (run ext, host tests, unit tests, current file, server) - Export environmentBuilder and serverManager from extension API - Add Extension Host integration tests: bridge env var path validation, MCP server definition tests - Add unit tests: storage paths workspace methods, env var multi-path assembly, user-configured dir appending, discovery var passthrough - Add extension host integration tests for common workspace states: - empty (no folders) vscode workspace; - single-root folder vscode workspace; - multi-root folder vscode workspace.
data-douser
added
documentation
![github-license-compliance[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
Contributor
Dependency ReviewThe following issues were found:
|
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a VS Code “bridge” extension and accompanying server/tooling changes so the MCP server can auto-discover and work with GitHub.vscode-codeql databases, query results, and MRVA artifacts, plus strengthens CI/release packaging and integration tests around these workflows.
Changes:
- Introduces a new VS Code extension workspace (
extensions/vscode) that installs/configures the MCP server, sets discovery env vars, and bundles the server + tool packs into a VSIX. - Adds server-side discovery helpers/tools and improves CodeQL CLI tool schemas/logging behavior (BQRS info/decode updates; analyze/query-run logging enhancements).
- Expands unit/integration tests and updates release automation to build and attach the VSIX artifact.
Reviewed changes
Copilot reviewed 120 out of 128 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| tsconfig.json | Adds project reference for the VS Code extension workspace. |
| server/test/src/tools/codeql/list-databases.test.ts | Unit tests for filesystem-based CodeQL DB discovery. |
| server/test/src/tools/codeql/bqrs-info.test.ts | Unit tests validating codeql_bqrs_info tool schema expectations. |
| server/test/src/tools/codeql/bqrs-decode.test.ts | Unit tests validating codeql_bqrs_decode tool schema expectations. |
| server/test/src/tools/codeql-tools.test.ts | Updates expected registered tool set/count to include new discovery tools. |
| server/test/src/lib/discovery-config.test.ts | Unit tests for discovery env var parsing. |
| server/src/tools/codeql/query-run.ts | Enhances tool description to point users at new discovery + BQRS inspection tools. |
| server/src/tools/codeql/list-mrva-run-results.ts | Adds MRVA run results discovery tool implementation. |
| server/src/tools/codeql/list-databases.ts | Adds CodeQL database discovery tool implementation. |
| server/src/tools/codeql/index.ts | Exports new discovery/register tools from CodeQL tool index. |
| server/src/tools/codeql/database-analyze.ts | Extends tool description and schema to better support logging/output behaviors. |
| server/src/tools/codeql/bqrs-info.ts | Expands docs + schema for JSON output and pagination offset computation. |
| server/src/tools/codeql/bqrs-decode.ts | Fixes/expands decode schema (pagination, result-set selection, formats) and docs. |
| server/src/tools/codeql-tools.ts | Registers new discovery tools into the server tool set. |
| server/src/lib/discovery-config.ts | Adds env-var based discovery configuration helpers for DB/results/MRVA paths. |
| server/src/lib/cli-tool-registry.ts | Adjusts CLI tool invocation behavior (format pass-through, logging dirs, summaries, output dir creation). |
| server/src/lib/cli-executor.ts | Changes fresh-process CodeQL execution timeout behavior. |
| package.json | Adds extensions/vscode as a workspace and includes it in build/lint/test scripts. |
| extensions/vscode/vitest.config.ts | Vitest config for the extension workspace (including vscode module alias). |
| extensions/vscode/tsconfig.json | TypeScript config for the extension source build output. |
| extensions/vscode/test/tsconfig.json | TypeScript config for extension tests (vitest + node typings). |
| extensions/vscode/test/suite/workspace-scenario.integration.test.ts | Extension-host integration tests for workspace/no-workspace scenarios. |
| extensions/vscode/test/suite/mcp-tool-e2e.integration.test.ts | Extension-host E2E tests that spawn the MCP server and call discovery tools. |
| extensions/vscode/test/suite/mcp-server.integration.test.ts | Extension-host integration tests for MCP server definition wiring. |
| extensions/vscode/test/suite/index.ts | Mocha-based extension-host test runner entrypoint. |
| extensions/vscode/test/suite/extension.integration.test.ts | Extension-host integration tests for activation and contributions/commands. |
| extensions/vscode/test/suite/bridge.integration.test.ts | Extension-host integration tests for discovery env-var “bridge” behavior. |
| extensions/vscode/test/setup.ts | Global test setup placeholder/docs for extension unit tests. |
| extensions/vscode/test/server/server-manager.test.ts | Unit tests for server installation/launch configuration logic. |
| extensions/vscode/test/server/pack-installer.test.ts | Unit tests for CodeQL pack installation helper logic. |
| extensions/vscode/test/server/mcp-provider.test.ts | Unit tests for MCP definition provider output (command/args/env). |
| extensions/vscode/test/helpers/vscode-mock.ts | Shared vitest-based vscode mock factory helper. |
| extensions/vscode/test/fixtures/single-folder-workspace/codeql-storage/variant-analyses/10001/timestamp | Fixture MRVA run timestamp for E2E tests. |
| extensions/vscode/test/fixtures/single-folder-workspace/codeql-storage/variant-analyses/10001/repo_states.json | Fixture MRVA run state file for E2E tests. |
| extensions/vscode/test/fixtures/single-folder-workspace/codeql-storage/queries/ExampleQuery1.ql-abc123/timestamp | Fixture query-run timestamp for E2E tests. |
| extensions/vscode/test/fixtures/single-folder-workspace/codeql-storage/databases/test-javascript-db/codeql-database.yml | Fixture CodeQL DB metadata for E2E tests. |
| extensions/vscode/test/fixtures/multi-root-workspace/test.code-workspace | Multi-root workspace fixture for extension-host tests. |
| extensions/vscode/test/fixtures/multi-root-workspace/folder-b/.gitkeep | Ensures folder-b exists in multi-root fixture. |
| extensions/vscode/test/fixtures/multi-root-workspace/folder-a/codeql-storage/queries/SqlInjection.ql-def456/timestamp | Fixture query-run timestamp for multi-root scenario. |
| extensions/vscode/test/fixtures/multi-root-workspace/folder-a/codeql-storage/databases/test-python-db/codeql-database.yml | Fixture Python DB metadata for multi-root scenario. |
| extensions/vscode/test/extension.test.ts | Unit tests for extension activation surface using mocked dependencies. |
| extensions/vscode/test/codeql/cli-resolver.test.ts | Unit tests for CodeQL CLI path resolution strategy/caching. |
| extensions/vscode/test/bridge/storage-paths.test.ts | Unit tests for vscode-codeql storage path derivation logic. |
| extensions/vscode/test/bridge/query-results-watcher.test.ts | Unit tests for watcher eventing on query result artifacts/tasks. |
| extensions/vscode/test/bridge/environment-builder.test.ts | Unit tests for env var assembly logic and caching/invalidation. |
| extensions/vscode/test/bridge/database-watcher.test.ts | Unit tests for DB discovery watcher behavior and known-set tracking. |
| extensions/vscode/src/server/server-manager.ts | Implements npm install management and launch command/args selection (bundled vs npx). |
| extensions/vscode/src/server/pack-installer.ts | Implements codeql pack install automation across supported languages. |
| extensions/vscode/src/server/mcp-provider.ts | Implements VS Code MCP server definition provider for the bundled/npx server. |
| extensions/vscode/src/extension.ts | Extension activation, bridging/watchers, env building, MCP provider registration, and commands. |
| extensions/vscode/src/common/logger.ts | Thin wrapper around VS Code LogOutputChannel for structured logging. |
| extensions/vscode/src/common/disposable.ts | Disposable helper base class for managing VS Code disposables. |
| extensions/vscode/src/codeql/cli-resolver.ts | Resolves CodeQL CLI location via env/PATH/known locations with caching. |
| extensions/vscode/src/bridge/storage-paths.ts | Computes vscode-codeql storage paths (global/workspace) deterministically. |
| extensions/vscode/src/bridge/query-results-watcher.ts | Watches for BQRS/SARIF results and task completions to trigger refreshes. |
| extensions/vscode/src/bridge/environment-builder.ts | Builds discovery + runtime env vars for the MCP server process (cached + invalidatable). |
| extensions/vscode/src/bridge/database-watcher.ts | Watches for created/deleted codeql-database.yml to refresh server definition env. |
| extensions/vscode/scripts/bundle-server.js | Bundles server dist + ql packs into extension output for self-contained VSIX. |
| extensions/vscode/package.json | Defines extension packaging, scripts, engines, contributions, and dev deps. |
| extensions/vscode/eslint.config.mjs | ESLint + TypeScript lint configuration for extension source/tests. |
| extensions/vscode/esbuild.config.js | Bundles extension + compiles extension-host test suite outputs. |
| extensions/vscode/mocks/vscode.ts | Global module mock for vscode used during vitest unit tests. |
| extensions/vscode/README.md | Placeholder README for the extension workspace. |
| extensions/vscode/.vscodeignore | VSIX packaging filters; ensures bundled server content is included appropriately. |
| extensions/vscode/.gitignore | Ignores extension build artifacts (dist/server/coverage/vsix). |
| docs/vscode/extension.md | Adds end-user docs for the VS Code extension behavior, settings, and commands. |
| docs/ql-mcp/tools.md | Updates tool inventory/docs to reflect new discovery tools and BQRS improvements. |
| docs/getting-started.md | Documents new discovery env vars for databases/query results/MRVA paths. |
| client/src/lib/integration-test-runner.js | Adds config-driven argument support for profile_codeql_query_from_logs tests. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/single_query_raw_log/test-config.json | Integration test config for profiling a single raw evaluator log. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/single_query_raw_log/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/single_query_raw_log/after/query-evaluation-profile.md | Expected profiling output (mermaid diagram). |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/single_query_raw_log/after/query-evaluation-profile.json | Expected profiling output (structured JSON). |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/single_query_raw_log/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/single_query_raw_log/README.md | Documents the single-query profiling integration test. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/multi_query_raw_log/test-config.json | Integration test config for profiling a multi-query raw evaluator log. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/multi_query_raw_log/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/multi_query_raw_log/after/query-evaluation-profile.md | Expected profiling output (multi-query mermaid diagram). |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/multi_query_raw_log/after/query-evaluation-profile.json | Expected profiling output (multi-query structured JSON). |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/multi_query_raw_log/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/profile_codeql_query_from_logs/multi_query_raw_log/README.md | Documents the multi-query profiling integration test. |
| client/integration-tests/primitives/tools/list_query_run_results/no_dirs_configured/test-config.json | Integration test config for missing query results dirs scenario. |
| client/integration-tests/primitives/tools/list_query_run_results/no_dirs_configured/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/list_query_run_results/no_dirs_configured/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/list_query_run_results/no_dirs_configured/README.md | Documents missing dirs behavior expectations. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_query_name/test-config.json | Integration test config validating schema accepts queryName. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_query_name/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_query_name/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_query_name/README.md | Documents filter-by-query-name schema acceptance test. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_language/test-config.json | Integration test config validating schema accepts language. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_language/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_language/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/list_query_run_results/filter_by_language/README.md | Documents filter-by-language schema acceptance test. |
| client/integration-tests/primitives/tools/list_codeql_databases/no_dirs_configured/test-config.json | Integration test config for missing database dirs scenario. |
| client/integration-tests/primitives/tools/list_codeql_databases/no_dirs_configured/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/list_codeql_databases/no_dirs_configured/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/list_codeql_databases/no_dirs_configured/README.md | Documents missing dirs behavior expectations. |
| client/integration-tests/primitives/tools/codeql_database_analyze/analyze_with_output_subdir/before/monitoring-state.json | Integration test fixture for output-dir auto-creation behavior. |
| client/integration-tests/primitives/tools/codeql_database_analyze/analyze_with_output_subdir/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/codeql_database_analyze/analyze_with_output_subdir/README.md | Documents output directory auto-creation behavior for analyze. |
| client/integration-tests/primitives/tools/codeql_bqrs_info/json_format/test-config.json | Integration test config verifying format=json pass-through. |
| client/integration-tests/primitives/tools/codeql_bqrs_info/json_format/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/codeql_bqrs_info/json_format/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/codeql_bqrs_info/json_format/README.md | Documents bqrs info JSON format pass-through regression coverage. |
| client/integration-tests/primitives/tools/codeql_bqrs_decode/decode_with_result_set/test-config.json | Integration test config verifying result-set + no-titles + CSV decode. |
| client/integration-tests/primitives/tools/codeql_bqrs_decode/decode_with_result_set/before/monitoring-state.json | Integration test “before” monitoring fixture. |
| client/integration-tests/primitives/tools/codeql_bqrs_decode/decode_with_result_set/after/monitoring-state.json | Integration test “after” monitoring fixture. |
| client/integration-tests/primitives/tools/codeql_bqrs_decode/decode_with_result_set/README.md | Documents decode-with-result-set regression coverage. |
| .vscode/tasks.json | Adds tasks for building/bundling/testing server + extension locally. |
| .vscode/launch.json | Adds debug configs for running the extension and extension-host tests. |
| .gitignore | Ignores local .vscode/mcp.json configuration file. |
| .github/workflows/release.yml | Integrates VSIX build into release pipeline and uploads VSIX as release asset. |
| .github/workflows/release-vsix.yml | Adds reusable workflow to build/package/verify VSIX at release tag. |
| .github/workflows/build-extension.yml | Adds CI workflow to build/test/bundle/package the extension and verify clean working tree. |
This commit upgrades the NodeJS dependencies to latest available versions for all npm workspaces and fixes server code, as needed, for compatibility with (upgraded) eslint 10.x.
This commit adds a dependency-review.yml actions workflow and its associated "config-file": - .github/dependency-review-config.yml - .github/workflows/dependency-review.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves #59
Summary of Changes
This pull request introduces significant improvements to the development and release workflows for the VS Code extension and its associated server, as well as new and enhanced integration tests for CodeQL CLI tools. The main changes include adding dedicated GitHub Actions workflows for building and packaging the VSIX extension, integrating these workflows into the release process, providing improved VS Code debugging and task configurations, and expanding integration test coverage for CLI tool options and edge cases.
Outline of Changes
CI/CD and Release Automation:
.github/workflows/build-extension.ymlto automate building, testing (with coverage), linting, bundling, packaging, and verifying the VS Code extension and MCP server on pull requests and pushes..github/workflows/release-vsix.ymlto build and package the VSIX extension as part of the release process, including validation of version consistency and verification of critical bundled files..github/workflows/release.ymlto integrate the new VSIX build workflow, download the VSIX artifact, and include it in the GitHub Release assets and summary. [1] [2] [3] [4] [5]Local Development Enhancements:
.vscode/launch.jsonwith multiple debug and test configurations for the extension and server, including support for running and debugging the extension, integration tests, and unit tests with Vitest..vscode/tasks.jsonwith npm-based tasks for building, bundling, watching, and testing both the extension and server, improving the developer experience.Integration Test Coverage:
codeql_bqrs_decodeto verify decoding a specific result set with CSV output and the--no-titlesoption, including documentation and test configuration. [1] [2] [3] [4]codeql_bqrs_infoto ensure theformat=jsonoption is correctly passed through, with documentation and test configuration. [1] [2] [3] [4]codeql_database_analyzeto verify that output directories are auto-created if they do not exist, preventing failures at the SARIF export step.