Add Rust language support: query packs, TypeScript, scripts, docs, CI

Create Rust CodeQL query pack structure with PrintAST, PrintCFG,
CallGraphFrom, CallGraphTo, and CallGraphFromTo tool queries.
Update all TypeScript source, shell scripts, documentation,
skills, and CI/CD configurations to include Rust.

Agent-Logs-Url: https://github.com/advanced-security/codeql-development-mcp-server/sessions/1817d842-51f6-4414-8df3-5b40c48bc036

Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>

Author: Copilot

.github/skills/create-codeql-query-development-workshop/SKILL.md

@@ -398,6 +398,7 @@ Include appropriate CodeQL libraries in `codeql-pack.yml`:
 - **JavaScript/TypeScript**: `codeql/javascript-all`
 - **Python**: `codeql/python-all`
 - **Ruby**: `codeql/ruby-all`
+- **Rust**: `codeql/rust-all`
 
 ### Java-Specific API Notes
 

.github/skills/validate-ql-mcp-server-tools-queries/SKILL.md

@@ -33,6 +33,7 @@ The tools queries are available for all CodeQL-supported languages:
 | javascript | `server/ql/javascript/tools/` | `.js`               |
 | python     | `server/ql/python/tools/`     | `.py`               |
 | ruby       | `server/ql/ruby/tools/`       | `.rb`               |
+| rust       | `server/ql/rust/tools/`       | `.rs`               |
 | swift      | `server/ql/swift/tools/`      | `.swift`            |
 
 ## Tools Queries Overview

.github/workflows/query-unit-tests.yml

@@ -42,7 +42,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: ['actions', 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby']
+        language: ['actions', 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'rust']
 
     steps:
       - name: Query Unit Tests - ${{ matrix.language }} - Checkout repository

.github/workflows/release.yml

@@ -279,6 +279,6 @@ jobs:
           echo "### Published CodeQL Packs" >> $GITHUB_STEP_SUMMARY
           echo "| Pack | Version |" >> $GITHUB_STEP_SUMMARY
           echo "| ---- | ------- |" >> $GITHUB_STEP_SUMMARY
-          for lang in actions cpp csharp go java javascript python ruby swift; do
+          for lang in actions cpp csharp go java javascript python ruby rust swift; do
             echo "| \`advanced-security/ql-mcp-${lang}-tools-src\` | ${RELEASE_NAME} |" >> $GITHUB_STEP_SUMMARY
           done

docs/public.md

@@ -187,6 +187,7 @@ The MCP server includes tool query packs for the following CodeQL languages:
 | JavaScript/TypeScript | `javascript`      | `advanced-security/ql-mcp-javascript-tools-src` |
 | Python                | `python`          | `advanced-security/ql-mcp-python-tools-src`     |
 | Ruby                  | `ruby`            | `advanced-security/ql-mcp-ruby-tools-src`       |
+| Rust                  | `rust`            | `advanced-security/ql-mcp-rust-tools-src`       |
 | Swift                 | `swift`           | `advanced-security/ql-mcp-swift-tools-src`      |
 
 Each pack contains the following tool queries used by the server:

server/package.json

@@ -18,6 +18,7 @@
     "ql/javascript/tools/src/",
     "ql/python/tools/src/",
     "ql/ruby/tools/src/",
+    "ql/rust/tools/src/",
     "ql/swift/tools/src/",
     "scripts/setup-packs.sh",
     "package.json",

server/ql/README.md

@@ -35,6 +35,7 @@ Currently supported languages:
 - `javascript/` - JavaScript/TypeScript
 - `python/` - Python
 - `ruby/` - Ruby
+- `rust/` - Rust
 - `swift/` - Swift
 
 ## Testing

server/ql/rust/tools/src/CallGraphFrom/CallGraphFrom.ql

@@ -0,0 +1,33 @@
+/**
+ * @name Call Graph From for rust
+ * @description Displays calls made from a specified function, showing the call graph outbound from the source function.
+ * @id rust/tools/call-graph-from
+ * @kind problem
+ * @problem.severity recommendation
+ * @tags call-graph
+ */
+
+import rust
+import ExternalPredicates
+
+/**
+ * Gets a single source function name from the comma-separated list.
+ */
+string getSourceFunctionName() {
+  exists(string s | sourceFunction(s) | result = s.splitAt(",").trim())
+}
+
+/**
+ * Gets the name of the called function.
+ */
+string getCalleeName(CallExpr call) {
+  if exists(call.getResolvedTarget().(Function).getName())
+  then result = call.getResolvedTarget().(Function).getName()
+  else result = call.toString()
+}
+
+from CallExpr call, Function source
+where
+  call.getEnclosingCallable() = source and
+  source.getName() = getSourceFunctionName()
+select call, "Call from `" + source.getName() + "` to `" + getCalleeName(call) + "`"

server/ql/rust/tools/src/CallGraphFromTo/CallGraphFromTo.ql

@@ -0,0 +1,58 @@
+/**
+ * @name Call Graph From To for rust
+ * @description Displays calls on reachable paths from a source function to a target function, showing transitive call graph connectivity.
+ * @id rust/tools/call-graph-from-to
+ * @kind problem
+ * @problem.severity recommendation
+ * @tags call-graph
+ */
+
+import rust
+import ExternalPredicates
+
+/**
+ * Gets a single source function name from the comma-separated list.
+ */
+string getSourceFunctionName() {
+  exists(string s | sourceFunction(s) | result = s.splitAt(",").trim())
+}
+
+/**
+ * Gets a single target function name from the comma-separated list.
+ */
+string getTargetFunctionName() {
+  exists(string s | targetFunction(s) | result = s.splitAt(",").trim())
+}
+
+/**
+ * Holds if function `caller` directly calls function `callee` by name.
+ */
+predicate calls(Function caller_, Function callee_) {
+  exists(CallExpr c |
+    c.getEnclosingCallable() = caller_ and
+    c.getResolvedTarget().(Function).getName() = callee_.getName()
+  )
+}
+
+/**
+ * Gets the name of the called function.
+ */
+string getCalleeName(CallExpr call) {
+  if exists(call.getResolvedTarget().(Function).getName())
+  then result = call.getResolvedTarget().(Function).getName()
+  else result = call.toString()
+}
+
+from CallExpr call, Function caller
+where
+  call.getEnclosingCallable() = caller and
+  exists(Function source, Function target |
+    source.getName() = getSourceFunctionName() and
+    target.getName() = getTargetFunctionName() and
+    calls*(source, caller) and
+    exists(Function callee |
+      call.getResolvedTarget().(Function).getName() = callee.getName() and
+      calls*(callee, target)
+    )
+  )
+select call, "Reachable call from `" + caller.getName() + "` to `" + getCalleeName(call) + "`"

server/ql/rust/tools/src/CallGraphTo/CallGraphTo.ql

@@ -0,0 +1,40 @@
+/**
+ * @name Call Graph To for rust
+ * @description Displays calls made to a specified function, showing the call graph inbound to the target function.
+ * @id rust/tools/call-graph-to
+ * @kind problem
+ * @problem.severity recommendation
+ * @tags call-graph
+ */
+
+import rust
+import ExternalPredicates
+
+/**
+ * Gets a single target function name from the comma-separated list.
+ */
+string getTargetFunctionName() {
+  exists(string s | targetFunction(s) | result = s.splitAt(",").trim())
+}
+
+/**
+ * Gets the caller name for a call expression.
+ */
+string getCallerName(CallExpr call) {
+  if exists(call.getEnclosingCallable().(Function).getName())
+  then result = call.getEnclosingCallable().(Function).getName()
+  else result = "Top-level"
+}
+
+/**
+ * Gets the name of the called function.
+ */
+string getCalleeName(CallExpr call) {
+  if exists(call.getResolvedTarget().(Function).getName())
+  then result = call.getResolvedTarget().(Function).getName()
+  else result = call.toString()
+}
+
+from CallExpr call
+where call.getResolvedTarget().(Function).getName() = getTargetFunctionName()
+select call, "Call to `" + getCalleeName(call) + "` from `" + getCallerName(call) + "`"