From f0418ccbd8635acd68ad34b18718bbf779d95600 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 10 Feb 2026 03:12:12 +0000 Subject: [PATCH 1/4] Initial plan From fe75f842c869bd7fdb17ab2f6817e9ba3acb7c6d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 10 Feb 2026 03:17:03 +0000 Subject: [PATCH 2/4] Enable auto-creation of tags in release workflow for workflow_dispatch Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> --- .github/workflows/release.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8085882..3f0619c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -58,7 +58,7 @@ jobs: echo "version=${VERSION}" >> $GITHUB_OUTPUT echo "release_name=${VERSION#v}" >> $GITHUB_OUTPUT - - name: Release - Checkout tag for workflow_dispatch + - name: Release - Checkout or create tag for workflow_dispatch if: github.event_name == 'workflow_dispatch' run: | # For workflow_dispatch, we need to checkout the specific tag @@ -67,8 +67,11 @@ jobs: echo "Checking out existing tag: ${TAG}" git checkout "refs/tags/${TAG}" else - echo "::error::Tag '${TAG}' does not exist. Create the tag first before running this workflow." - exit 1 + echo "Tag '${TAG}' does not exist. Creating it now..." + CURRENT_SHA=$(git rev-parse HEAD) + git tag "${TAG}" "${CURRENT_SHA}" + git push origin "${TAG}" + echo "✅ Created and pushed tag: ${TAG} at commit ${CURRENT_SHA:0:8}" fi - name: Release - Verify checkout matches expected version From 8f5c9e9be273b791db255315d20162e6197e923a Mon Sep 17 00:00:00 2001 From: Nathan Randall Date: Mon, 9 Feb 2026 20:41:31 -0700 Subject: [PATCH 3/4] More fixes for release workflow --- .github/workflows/release.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3f0619c..e8057fd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -102,6 +102,9 @@ jobs: add-to-path: true install-language-runtimes: false + - name: Release - Install CodeQL pack dependencies + run: server/scripts/install-packs.sh + - name: Release - Publish CodeQL tool query packs if: startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch' env: @@ -140,9 +143,6 @@ jobs: cp -r server/ql dist-package/server/ cp server/package.json dist-package/server/ - # Copy root package-lock.json for npm ci (monorepo lockfile) - cp package-lock.json dist-package/server/ - # Copy root files cp README.md dist-package/ cp LICENSE dist-package/ @@ -157,7 +157,7 @@ jobs: - name: Release - Install production dependencies working-directory: dist-package/server - run: npm ci --omit=dev --include=optional + run: npm install --omit=dev --include=optional - name: Release - Create archive run: | From 0ae607129737bee6520776dc21d456f15141215b Mon Sep 17 00:00:00 2001 From: Nathan Randall Date: Mon, 9 Feb 2026 21:52:19 -0700 Subject: [PATCH 4/4] Add CodeQL query packs as uploaded release artifacts --- .github/workflows/release.yml | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e8057fd..a887200 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -123,6 +123,30 @@ jobs: fi done + - name: Release - Bundle CodeQL tool query packs + run: | + mkdir -p dist-packs + LANGUAGES="actions cpp csharp go java javascript python ruby swift" + echo "Bundling CodeQL tool query packs..." + for lang in ${LANGUAGES}; do + PACK_DIR="server/ql/${lang}/tools/src" + if [ -d "${PACK_DIR}" ]; then + PACK_NAME="ql-mcp-${lang}-tools-src" + OUTPUT="dist-packs/${PACK_NAME}.tar.gz" + echo "📦 Bundling ${PACK_DIR} -> ${OUTPUT}..." + codeql pack bundle --threads=-1 --output="${OUTPUT}" -- "${PACK_DIR}" + echo "✅ Bundled ${PACK_NAME}" + fi + done + echo "Bundled packs:" + ls -lh dist-packs/ + + - name: Release - Upload CodeQL pack artifacts + uses: actions/upload-artifact@v6 + with: + name: codeql-tool-query-packs-${{ steps.version.outputs.version }} + path: dist-packs/*.tar.gz + - name: Release - Publish npm package if: startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch' working-directory: server @@ -173,7 +197,9 @@ jobs: if: startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch' uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 with: - files: codeql-development-mcp-server-${{ steps.version.outputs.version }}.tar.gz + files: | + codeql-development-mcp-server-${{ steps.version.outputs.version }}.tar.gz + dist-packs/*.tar.gz generate_release_notes: true tag_name: ${{ steps.version.outputs.version }} @@ -186,6 +212,7 @@ jobs: echo "✅ Distribution package created" >> $GITHUB_STEP_SUMMARY echo "✅ Production dependencies installed" >> $GITHUB_STEP_SUMMARY echo "✅ Archive created: codeql-development-mcp-server-${{ steps.version.outputs.version }}.tar.gz" >> $GITHUB_STEP_SUMMARY + echo "✅ CodeQL tool query pack archives bundled" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "### Package Contents" >> $GITHUB_STEP_SUMMARY echo "- \`server/dist/\` - Bundled JavaScript output" >> $GITHUB_STEP_SUMMARY