Integration tests for annotation, audit, cache, and CallGraphFromTo tools#170
Merged
data-douser merged 6 commits intodd/sqlite-annotation-cachefrom Mar 29, 2026
Merged
Conversation
data-douser
force-pushed
the
dd/sqlite-annotation-cache
branch
2 times, most recently
from
7c71547 to
5c4f5b8
Compare
Replace lowdb with sql.js (asm.js build) for zero-dependency SQLite persistence. Bundle inline with esbuild — no native modules, no external deps at runtime. SqliteStore provides three tables: - sessions: session tracking (migrated from lowdb) - annotations: key-value annotation store with categories and metadata - query_result_cache: BQRS/SARIF result caching with subset retrieval New tools (gated by ENABLE_ANNOTATION_TOOLS env var): - annotation_create, annotation_list, annotation_search, annotation_delete - audit_store_findings, audit_list_findings, audit_add_notes, audit_clear_repo - query_results_cache_lookup, query_results_cache_retrieve, query_results_cache_clear, query_results_cache_compare Code refactoring for maintainability: - Extract database-resolver.ts from cli-tool-registry.ts - Extract query-resolver.ts from cli-tool-registry.ts - Extract result-processor.ts from cli-tool-registry.ts - Extract codeql-version.ts from cli-executor.ts Bug fixes: - Fix params.output not propagated to proce- Fix params.output not propagated to proce- Fix params.output not propagated txternal predicate conditions for direct query paths Closes #165
…To tools Client integration test fixtures: - annotation_create, annotation_delete, annotation_list, annotation_search - audit_store_findings, audit_list_findings, audit_add_notes, audit_clear_repo - query_results_cache_lookup, query_results_cache_retrieve, query_results_cache_clear, query_results_cache_compare - codeql_query_run CallGraphFromTo for cpp, javascript, python Workflow integration test: - mrva_finding_triage end-to-end workflow Extension integration tests: - mcp-tool-e2e: tool availability and MRVA workflow validation Updated client/scripts/run-integration-tests.sh with annotation mode support. Closes #166
…ics; always apply SARIF path for SARIF format Agent-Logs-Url: https://github.com/advanced-security/codeql-development-mcp-server/sessions/219712ee-4c28-4b51-9da5-961020112e6e Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>
Brings in all review feedback fixes (FTS safety, offset-only LIMIT, cache limit param, int/positive Zod schemas, store lifecycle fix) and the rebuilt dist.
data-douser
force-pushed
the
dd/integration-tests
branch
from
901a192 to
47979aa
Compare
data-douser
added a commit
that referenced
this pull request
Mar 30, 2026
…ools (#170) * feat: SqliteStore backend with annotation, audit, and cache tools Replace lowdb with sql.js (asm.js build) for zero-dependency SQLite persistence. Bundle inline with esbuild — no native modules, no external deps at runtime. SqliteStore provides three tables: - sessions: session tracking (migrated from lowdb) - annotations: key-value annotation store with categories and metadata - query_result_cache: BQRS/SARIF result caching with subset retrieval New tools (gated by ENABLE_ANNOTATION_TOOLS env var): - annotation_create, annotation_list, annotation_search, annotation_delete - audit_store_findings, audit_list_findings, audit_add_notes, audit_clear_repo - query_results_cache_lookup, query_results_cache_retrieve, query_results_cache_clear, query_results_cache_compare Code refactoring for maintainability: - Extract database-resolver.ts from cli-tool-registry.ts - Extract query-resolver.ts from cli-tool-registry.ts - Extract result-processor.ts from cli-tool-registry.ts - Extract codeql-version.ts from cli-executor.ts Bug fixes: - Fix params.output not propagated to proce- Fix params.output not propagated to proce- Fix params.output not propagated txternal predicate conditions for direct query paths Closes #165 * Add integration tests for annotation, audit, cache, and CallGraphFromTo tools Client integration test fixtures: - annotation_create, annotation_delete, annotation_list, annotation_search - audit_store_findings, audit_list_findings, audit_add_notes, audit_clear_repo - query_results_cache_lookup, query_results_cache_retrieve, query_results_cache_clear, query_results_cache_compare - codeql_query_run CallGraphFromTo for cpp, javascript, python Workflow integration test: - mrva_finding_triage end-to-end workflow Extension integration tests: - mcp-tool-e2e: tool availability and MRVA workflow validation Updated client/scripts/run-integration-tests.sh with annotation mode support. Closes #166 * Fix server build * Remove grep from cache tools; fix annotation_search API to FTS semantics; always apply SARIF path for SARIF format Agent-Logs-Url: https://github.com/advanced-security/codeql-development-mcp-server/sessions/219712ee-4c28-4b51-9da5-961020112e6e Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> * Sync server src/test/dist to dd/sqlite-annotation-cache tip Brings in all review feedback fixes (FTS safety, offset-only LIMIT, cache limit param, int/positive Zod schemas, store lifecycle fix) and the rebuilt dist. * Fix extension integration tests --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add client integration test fixtures and extension integration tests for all new annotation, audit, cache, and CallGraphFromTo tools introduced in #169.
Changes
Client integration test fixtures (16 new test cases)
annotation_create/basic_create— verify annotation creation with categoriesannotation_delete/delete_by_prefix— verify prefix-based deletionannotation_list/filter_by_category_and_prefix— verify filtered listingannotation_search/full_text_search— verify full-text search across annotationsaudit_store_findings/mrva_findings_across_repos— verify MRVA finding storageaudit_list_findings/mrva_findings_for_repo— verify per-repo listingaudit_add_notes/mrva_triage_notes— verify triage note attachmentaudit_clear_repo/clear_single_repo— verify per-repo cleanupquery_results_cache_lookup/lookup_by_query_name— verify cache key lookupquery_results_cache_retrieve/retrieve_with_subset— verify subset retrievalquery_results_cache_clear/clear_all— verify cache clearingquery_results_cache_compare/compare_across_databases— verify cross-DB comparisoncodeql_query_run/cpp_call_graph_from_to_example1— CallGraphFromTo for C++codeql_query_run/javascript_call_graph_from_to_example1— CallGraphFromTo for JScodeql_query_run/python_call_graph_from_to_example1— CallGraphFromTo for PythonWorkflow integration test
mrva_finding_triage/mrva_triage_workflow— end-to-end MRVA finding triageExtension integration test
mcp-tool-e2e.integration.test.tswith tool availability checks and MRVA e2e workflowTest runner update
client/scripts/run-integration-tests.sh— added annotation mode supportDependencies
Review order
Review after #169 is merged.
Closes #166
Part of #163