Integration tests for annotation, audit, cache, and CallGraphFromTo tools#170
Draft
data-douser wants to merge 9 commits intodd/sqlite-annotation-cachefrom
Draft
Integration tests for annotation, audit, cache, and CallGraphFromTo tools#170data-douser wants to merge 9 commits intodd/sqlite-annotation-cachefrom
data-douser wants to merge 9 commits intodd/sqlite-annotation-cachefrom
Conversation
Replace lowdb with sql.js (asm.js build) for zero-dependency SQLite persistence. Bundle inline with esbuild — no native modules, no external deps at runtime. SqliteStore provides three tables: - sessions: session tracking (migrated from lowdb) - annotations: key-value annotation store with categories and metadata - query_result_cache: BQRS/SARIF result caching with subset retrieval New tools (gated by ENABLE_ANNOTATION_TOOLS env var): - annotation_create, annotation_list, annotation_search, annotation_delete - audit_store_findings, audit_list_findings, audit_add_notes, audit_clear_repo - query_results_cache_lookup, query_results_cache_retrieve, query_results_cache_clear, query_results_cache_compare Code refactoring for maintainability: - Extract database-resolver.ts from cli-tool-registry.ts - Extract query-resolver.ts from cli-tool-registry.ts - Extract result-processor.ts from cli-tool-registry.ts - Extract codeql-version.ts from cli-executor.ts Bug fixes: - Fix params.output not propagated to proce- Fix params.output not propagated to proce- Fix params.output not propagated txternal predicate conditions for direct query paths Closes #165
…To tools Client integration test fixtures: - annotation_create, annotation_delete, annotation_list, annotation_search - audit_store_findings, audit_list_findings, audit_add_notes, audit_clear_repo - query_results_cache_lookup, query_results_cache_retrieve, query_results_cache_clear, query_results_cache_compare - codeql_query_run CallGraphFromTo for cpp, javascript, python Workflow integration test: - mrva_finding_triage end-to-end workflow Extension integration tests: - mcp-tool-e2e: tool availability and MRVA workflow validation Updated client/scripts/run-integration-tests.sh with annotation mode support. Closes #166
- Fix TOCTOU in query-results-evaluator (openSync/fstatSync/readFileSync(fd))
- Use datetime('now') consistently for annotation timestamps
- Debounce flush() with 200ms coalescing via scheduleFlush()
- Fix resultIndices to inclusive [start, end] range with clamping
- Fix WASM→asm.js comments in session-data-manager
- Fix audit-tools header comment (no separate ENABLE_AUDIT_TOOLS flag)
- Add separate maxResults parameter for SARIF in cache-tools
- Use createProjectTempDir() in all test files
- Fix monitoring-tools test init order (mock before initialize)
- Add store.close() in session-data-manager test afterEach
- Bound metadataCache to 256 entries with oldest-first eviction - Make SqliteStore.initialize() idempotent (close existing db first) - Fix TOCTOU in initialize(): try readFileSync directly instead of existsSync - Atomic flush: write to temp file + renameSync to prevent corruption - Clarify annotation_search uses substring LIKE matching, not FTS - Close store in monitoring-tools test afterEach to prevent timer leaks
…fallback, JSON.parse fallback Agent-Logs-Url: https://github.com/advanced-security/codeql-development-mcp-server/sessions/7ff5a5d7-9ac1-4964-8b54-e233d7253301 Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>
…ics; always apply SARIF path for SARIF format Agent-Logs-Url: https://github.com/advanced-security/codeql-development-mcp-server/sessions/219712ee-4c28-4b51-9da5-961020112e6e Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>
data-douser
force-pushed
the
dd/sqlite-annotation-cache
branch
2 times, most recently
from
7c71547 to
5c4f5b8
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add client integration test fixtures and extension integration tests for all new annotation, audit, cache, and CallGraphFromTo tools introduced in #169.
Changes
Client integration test fixtures (16 new test cases)
annotation_create/basic_create— verify annotation creation with categoriesannotation_delete/delete_by_prefix— verify prefix-based deletionannotation_list/filter_by_category_and_prefix— verify filtered listingannotation_search/full_text_search— verify full-text search across annotationsaudit_store_findings/mrva_findings_across_repos— verify MRVA finding storageaudit_list_findings/mrva_findings_for_repo— verify per-repo listingaudit_add_notes/mrva_triage_notes— verify triage note attachmentaudit_clear_repo/clear_single_repo— verify per-repo cleanupquery_results_cache_lookup/lookup_by_query_name— verify cache key lookupquery_results_cache_retrieve/retrieve_with_subset— verify subset retrievalquery_results_cache_clear/clear_all— verify cache clearingquery_results_cache_compare/compare_across_databases— verify cross-DB comparisoncodeql_query_run/cpp_call_graph_from_to_example1— CallGraphFromTo for C++codeql_query_run/javascript_call_graph_from_to_example1— CallGraphFromTo for JScodeql_query_run/python_call_graph_from_to_example1— CallGraphFromTo for PythonWorkflow integration test
mrva_finding_triage/mrva_triage_workflow— end-to-end MRVA finding triageExtension integration test
mcp-tool-e2e.integration.test.tswith tool availability checks and MRVA e2e workflowTest runner update
client/scripts/run-integration-tests.sh— added annotation mode supportDependencies
Review order
Review after #169 is merged.
Closes #166
Part of #163