feat(issue_graph): Add focus parameter, cross-repo support, and status extraction

[Copilot]

Closes: #1510

Enhances the issue_graph tool to be the primary tool for project status queries. This PR adds intelligent focus shifting, cross-repo relationship discovery, and status extraction to provide comprehensive project overviews in a single API call.

Changes

New Features

• focus parameter - Automatically shifts focus to parent epic or batch

  • focus="epic" - Finds and focuses on the nearest epic in the hierarchy
  • focus="batch" - Finds and focuses on the nearest batch/parent issue
  • Falls back gracefully with helpful suggestions if no match found

• Cross-repo support - Uses GraphQL to discover relationships across repositories

  • Parent issues can be in different repos than their sub-issues
  • Sub-issues are fetched with their actual owner/repo (not assumed same-repo)
  • Full GitHub URL parsing (https://github.com/owner/repo/issues/123)

• Status extraction - Lightweight "if lucky" status detection

  • Parses milestone due dates (overdue/due in X days)
  • Scans issue body for status keywords (on-track, delayed, blocked, ETA, etc.)
  • Checks 3 most recent comments for status updates (epics/batches only)

• State reason - Shows why issues/PRs are in their current state

  • Issues: completed, not_planned, duplicate, reopened
  • PRs: merged state detection

• Project info - Fetches project name and status for the focus node

• Issue Types recognition - Detects GitHub's native "Epic" issue type for classification

Tool Description Updates

• Enhanced issue_graph description to emphasize it as the primary tool for status queries
• Updated issue_read description to defer to issue_graph for status/progress questions
• Updated server instructions with comprehensive guidance on when to use issue_graph

Example Output

GRAPH SUMMARY
=============
Focus: github/copilot-agent-services#871 (batch) "[Batch] Support scope challenge"
State: open
Focus shifted: from github/github-mcp-server-remote#461 via cross-reference
Hierarchy: #201 (epic) → #871 (batch)
Direct children: 6
Projects: Agent Services Team Dashboard [In Progress]

NODES (5 total)
===============
github/github-mcp-server-remote#461|pr|merged|Implement initial scope challenge
  Preview: Only do a scope challenge for org list tool...
#871|batch|open|[Batch] Support scope challenge in remote MCP [FOCUS]
  Preview: Build out scope challenge...
  Status: Target: 2:00pm PT today (Thursday)

What an LLM Gets From This Data

From a single tool call, an LLM can understand:

1. Work Context: The focus item and its position in the work hierarchy
2. Hierarchy: Full epic → batch → task → PR chain across repositories
3. Node Classification: Epics, batches, tasks, PRs with GitHub Issue Types support
4. Status Updates: Milestone due dates, status keywords, recent updates
5. State Details: Open/closed with reason (completed, not_planned, duplicate, merged)
6. Project Info: Which projects the issue is in and its status
7. Cross-repo Relationships: Parent/child links that span different repositories

Testing

• Added tests for cross-repo ancestor traversal via cross-references
• Added tests for findBestFocus with cross-repo relationships
• Added test cases for GitHub URL parsing
• Added test case for Issue Types (Epic) classification
• All existing tests pass

Checklist

• script/lint passes
• script/test passes
• Toolsnaps updated
• README.md updated via script/generate-docs

To fix the problem, we should add a ^ anchor at the start of the regular expression and possibly a $ anchor at the end if we expect the entire string to be just a GitHub URL (often not the case for extraction in free text). In most extraction scenarios, we use functions like FindAllStringSubmatch to extract all matches from a larger string, and each match is checked against the regex from the start; so using ^ in each match ensures that random substrings are not matched. The minimal required fix is to update line 114 in file pkg/github/issue_graph.go by adding ^ at the beginning of the regex, i.e., change

https?://(?:www\.)?github\.com/...

to

^https?://(?:www\.)?github\.com/...

No new imports or additional methods are needed; just a change in the regex definition. This change ensures that the extraction finds only URLs that start at the match, preventing invalid or embedded matches.

[Copilot]

Pull request overview

This PR adds a comprehensive issue_graph tool to provide a unified view of issue/PR relationships and project status in a single API call, reducing the need for multiple separate queries.

Key Changes:

• New issue_graph tool with focus parameter for automatic parent epic/batch discovery
• Cross-repository relationship support via GraphQL for parent/sub-issue traversal
• Status extraction from milestones, issue bodies, and recent comments
• Enhanced tool descriptions and server instructions to guide LLMs toward using issue_graph for status queries

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 16 comments.

Show a summary per file

File	Description
pkg/github/issue_graph.go	Core implementation of the graph crawler with BFS traversal, GraphQL queries, and cross-repo support (1647 lines)
pkg/github/issue_graph_test.go	Comprehensive unit tests covering reference extraction, node classification, graph formatting, and cross-repo scenarios
pkg/github/issue_graph_prompts.go	ConnectIssueGraph prompt for guided workflow to find and connect missing relationships
pkg/github/tools.go	Registers the new issue_graph tool and ConnectIssueGraph prompt in the issues toolset
pkg/github/issues.go	Updates issue_read description to defer to issue_graph for status/progress questions
pkg/github/instructions.go	Adds detailed guidance on when to use issue_graph as the primary tool for status queries
pkg/github/toolsnaps/issue_graph.snap	Tool schema snapshot for the new issue_graph tool
pkg/github/toolsnaps/issue_read.snap	Updated snapshot reflecting the modified issue_read description
README.md	Documents the new issue_graph tool with its parameters
work-plan.md	Unrelated OAuth scopes work documentation (should be removed from this PR)
e2e-repos-to-delete.txt	Unrelated e2e test cleanup file (should be removed from this PR)
docs/remote-server.md	Unrelated change from "Default" to "all" toolset name

[Copilot]

This change from "Default" to "all" appears to be unrelated to the issue_graph feature. If this is an intentional change, it should be in a separate PR or explained in the PR description.

Suggested change

| all | All available GitHub MCP tools | https://api.githubcopilot.com/mcp/ | [Install](https://insiders.vscode.dev/redirect/mcp/install?name=github&config=%7B%22type%22%3A%20%22http%22%2C%22url%22%3A%20%22https%3A%2F%2Fapi.githubcopilot.com%2Fmcp%2F%22%7D) | [read-only](https://api.githubcopilot.com/mcp/readonly) | [Install read-only](https://insiders.vscode.dev/redirect/mcp/install?name=github&config=%7B%22type%22%3A%20%22http%22%2C%22url%22%3A%20%22https%3A%2F%2Fapi.githubcopilot.com%2Fmcp%2Freadonly%22%7D) |

| Default | All available GitHub MCP tools | https://api.githubcopilot.com/mcp/ | [Install](https://insiders.vscode.dev/redirect/mcp/install?name=github&config=%7B%22type%22%3A%20%22http%22%2C%22url%22%3A%20%22https%3A%2F%2Fapi.githubcopilot.com%2Fmcp%2F%22%7D) | [read-only](https://api.githubcopilot.com/mcp/readonly) | [Install read-only](https://insiders.vscode.dev/redirect/mcp/install?name=github&config=%7B%22type%22%3A%20%22http%22%2C%22url%22%3A%20%22https%3A%2F%2Fapi.githubcopilot.com%2Fmcp%2Freadonly%22%7D) |

[Copilot]

Same int32 overflow issue as line 1416. The gosec suppression should acknowledge the theoretical limitation or use a safer conversion pattern.

[Copilot]

The timeout of 7 seconds is a magic number without explanation. Consider extracting this to a named constant at the package level (e.g., MaxGraphCrawlTimeout) with a comment explaining why 7 seconds was chosen. This makes it easier to tune performance and understand the trade-offs.

[Copilot]

Another magic number timeout (2 seconds). Consider extracting to a named constant for consistency with the other timeout suggestions.

[Copilot]

[nitpick] The instructions include many emphatic phrases like "CRITICAL", "ALWAYS", "MUST", "FIRST", etc. While these emphasize importance, they may be overly forceful. Consider whether a more balanced tone would be clearer and easier for LLMs to parse, while still conveying priority. The repetition of these strong directives across multiple sentences could potentially confuse rather than clarify.

[Copilot]

The regex pattern for same-repo references uses (?:^|[^\w])#(\d+) which will match #123 in the middle of words. This could potentially extract false positives from hex color codes (e.g., #ffffff123), commit SHAs, or other contexts where # followed by digits doesn't represent an issue. Consider adding a word boundary check or being more specific about the preceding character to avoid these false matches.

Suggested change

	sameRepoRefRegex = regexp.MustCompile(`(?:^|[^\w])#(\d+)`)
	sameRepoRefRegex = regexp.MustCompile(`(?:^|[^\w])#(\d+)\b`)

[Copilot]

[nitpick] The description update is very verbose and includes bold formatting (**USE issue_graph INSTEAD when user asks about:**). While this emphasizes the importance, consider if this level of detail is appropriate for a tool description field, or if it would be better served in documentation or server instructions. The description is quite long for an API tool definition.

Suggested change

	mcp.WithDescription(t("TOOL_ISSUE_READ_DESCRIPTION", `Get detailed information about a single issue: full body, comments, sub-issues, or labels.
	**USE issue_graph INSTEAD when user asks about:**
	- Status, updates, or progress on issues/PRs/epics
	- Project overview or how work is going
	- Parent issues, sub-issues, or work hierarchy
	- Related or blocking issues
	issue_read is for: reading the full issue body, fetching comments, listing sub-issues of a known parent, or getting label details - AFTER you already know which specific issue you need.`)),
	mcp.WithDescription(t("TOOL_ISSUE_READ_DESCRIPTION", `Get detailed information about a single issue, including its body, comments, sub-issues, and labels.`)),

[Copilot]

The variable requestCount is incremented but never checked in the test. If this is intended for debugging or future assertions, consider either using it in an assertion or removing it to keep the test code clean.

[Copilot]

The timeline events API call uses PerPage: 100 without pagination. For issues with many cross-references, this could miss events beyond the first 100. Consider either adding pagination or documenting this limitation as a known trade-off for performance.

[Copilot]

The gosec lint suppression comment references "issue numbers are always small positive integers", but the conversion to int32 could theoretically overflow for issue numbers above 2,147,483,647. While extremely unlikely in practice, GitHub's API uses int for issue numbers, not int32. Consider using a safer conversion or updating the comment to acknowledge this theoretical limitation.

Suggested change

	vars := map[string]interface{}{
	"owner": githubv4.String(owner),
	"repo": githubv4.String(repo),
	"number": githubv4.Int(int32(number)), //nolint:gosec // issue numbers are always small positive integers
	// Issue numbers must fit in int32 for githubv4.Int; GitHub API currently uses int, but issue numbers above 2,147,483,647 will overflow.
	if number < 1 || number > int32(^uint32(0)>>1) {
	// Return nil or handle error gracefully if issue number is out of int32 range
	return nil
	}
	vars := map[string]interface{}{
	"owner": githubv4.String(owner),
	"repo": githubv4.String(repo),
	"number": githubv4.Int(int32(number)), //nolint:gosec // issue numbers are always small positive integers; conversion will fail for numbers above int32 max