Fix release.yml workflow for publishing CodeQL packs and npm package for codeql-development-mcp-server#40
Merged
data-douser merged 3 commits intodd/update-release-v2-24-1from Feb 10, 2026
Conversation
Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>
data-douser
added a commit
that referenced
this pull request
Feb 10, 2026
* Fix release workflow: use setup-codeql-environment action instead of codeql-action/init Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> * Add "fetch-tags" to release.yml workflow checkout * Upgrade codeql and repo version to 2.24.1 * Upgrade NodeJS dependencies to latest * Enhance MCP prompts with LSP tool guidance This commit: - updates 'server/src/prompts/*.prompt.md` files to provide better guidance to LLMs in relation to iterative and/or LSP-based tools; - improves unit tests of MCP ^ "workflow prompts"; - adds an example workshop, focused on using LSP-based MCP server tools, under the existing create-codeql-query-development-workshop agent skill; - updates .github/ instructions and prompts with lessons learned from tool validation via example workshop development. * improve release.yml workflow_dispatch compatibility * Improve prettier fix markdownlint required workflow * Fix tests flagged in PR review comments * Fix `release.yml` workflow for publishing CodeQL packs and npm package for `codeql-development-mcp-server` (#40) * Initial plan * Enable auto-creation of tags in release workflow for workflow_dispatch Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> * More fixes for release workflow --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> * Add `advanced-security/ql-mcp-*-tools-src` query pack archives as uploaded release artifacts (#41) * Initial plan * Enable auto-creation of tags in release workflow for workflow_dispatch Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> * More fixes for release workflow * Add CodeQL query packs as uploaded release artifacts --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> * Add version update script & fix packs for release (#42) --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary of Changes
This pull request updates the release workflow in
.github/workflows/release.ymlto streamline tag handling, dependency installation, and packaging steps. The most significant improvements are automatic tag creation during manual releases, installation of CodeQL pack dependencies, and simplification of dependency management in the release package. These changes fix therelease.ymlworkflow such that CodeQL query (src) packs are actually published, including:advanced-security/ql-mcp-actions-tools-srcadvanced-security/ql-mcp-cpp-tools-srcadvanced-security/ql-mcp-csharp-tools-srcadvanced-security/ql-mcp-go-tools-srcadvanced-security/ql-mcp-java-tools-srcadvanced-security/ql-mcp-javascript-tools-srcadvanced-security/ql-mcp-python-tools-srcadvanced-security/ql-mcp-ruby-tools-srcadvanced-security/ql-mcp-swift-tools-srcWhich can be downloaded via
codeql pack download -- advanced-security/ql-mcp-<language>-tools-srccommand for any<language>supported byadvanced-security/codeql-development-mcp-server.Outline of Changes
Release workflow improvements:
workflow_dispatch, reducing manual intervention and potential errors. [1] [2]Dependency management enhancements:
server/scripts/install-packs.sh, ensuring required packs are available before publishing.npm citonpm installfor production dependencies indist-package/server, which may improve reliability in certain scenarios.Packaging adjustments:
package-lock.jsonintodist-package/server, simplifying the package preparation and potentially avoiding lockfile conflicts.