Fix tests and add query documentation files for Rust

Copilot · data-douser · data-douser · commit 75e88105ef7e · 2026-03-30T06:48:04.000-06:00
- Update workflow-prompts tests to expect 10 languages (was 9) - Replace 'rust' with 'kotlin' as invalid language in tests since 'rust' is now a valid supported language - Add .md documentation files for all 5 Rust tool queries Agent-Logs-Url: https://github.com/advanced-security/codeql-development-mcp-server/sessions/1817d842-51f6-4414-8df3-5b40c48bc036 Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>
diff --git a/server/dist/codeql-development-mcp-server.js b/server/dist/codeql-development-mcp-server.js
diff --git a/server/dist/codeql-development-mcp-server.js.map b/server/dist/codeql-development-mcp-server.js.map
diff --git a/server/ql/rust/tools/src/CallGraphFrom/CallGraphFrom.md b/server/ql/rust/tools/src/CallGraphFrom/CallGraphFrom.md
@@ -0,0 +1,48 @@
+# CallGraphFrom for Rust
+
+Displays calls made from a specified function, showing the call graph outbound from the source function.
+
+## Overview
+
+This query identifies all function calls made within the body of a named function, producing an outbound call graph. Given a source function name, it reports each call site and the callee, which is useful for understanding function dependencies and call chains.
+
+The query accepts function names via an external predicate (`sourceFunction`).
+
+## Use Cases
+
+This query is primarily used for:
+
+- Mapping outbound dependencies of a specific function
+- Understanding what a function calls and in what order
+- Analyzing call chains for refactoring or security review
+
+## Example
+
+The following Rust code demonstrates outbound calls from `source_func`:
+
+```rust
+fn helper1() {}
+
+fn helper2() {
+    helper1();
+}
+
+fn source_func() {  // Source function for analysis
+    helper1();
+    helper2();
+}
+```
+
+Running with `sourceFunction = "source_func"` produces results showing each call site with the message pattern ``Call from `source_func`to`helper1```.
+
+## Output Format
+
+The query is a `@kind problem` query producing rows of:
+
+- ``select call, "Call from `source` to `callee`"``
+
+## References
+
+- [Rust Functions](https://doc.rust-lang.org/book/ch03-03-how-functions-work.html)
+- [CodeQL Call Graph Analysis](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)
+- [CodeQL Library for Rust](https://codeql.github.com/docs/codeql-language-guides/codeql-library-for-rust/)
diff --git a/server/ql/rust/tools/src/CallGraphFromTo/CallGraphFromTo.md b/server/ql/rust/tools/src/CallGraphFromTo/CallGraphFromTo.md
@@ -0,0 +1,48 @@
+# CallGraphFromTo for Rust
+
+Displays calls on reachable paths from a source function to a target function, showing transitive call graph connectivity.
+
+## Overview
+
+This query identifies all call sites on paths that transitively connect a source function to a target function. It uses the `calls*` transitive closure to find functions reachable from the source that can also reach the target, then reports calls within those functions.
+
+The query accepts both source and target function names via external predicates (`sourceFunction` and `targetFunction`).
+
+## Use Cases
+
+This query is primarily used for:
+
+- Understanding transitive call chains between two functions
+- Analyzing reachability in the call graph
+- Identifying intermediate functions on critical paths
+- Security analysis of data flow through function boundaries
+
+## Example
+
+The following Rust code demonstrates a transitive call chain:
+
+```rust
+fn target() {}
+
+fn intermediate() {
+    target();
+}
+
+fn source() {
+    intermediate();
+}
+```
+
+Running with `sourceFunction = "source"` and `targetFunction = "target"` produces results showing each call site on the path with the message pattern ``Reachable call from `intermediate`to`target```.
+
+## Output Format
+
+The query is a `@kind problem` query producing rows of:
+
+- ``select call, "Reachable call from `caller` to `callee`"``
+
+## References
+
+- [Rust Functions](https://doc.rust-lang.org/book/ch03-03-how-functions-work.html)
+- [CodeQL Call Graph Analysis](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)
+- [CodeQL Library for Rust](https://codeql.github.com/docs/codeql-language-guides/codeql-library-for-rust/)
diff --git a/server/ql/rust/tools/src/CallGraphTo/CallGraphTo.md b/server/ql/rust/tools/src/CallGraphTo/CallGraphTo.md
@@ -0,0 +1,47 @@
+# CallGraphTo for Rust
+
+Displays calls made to a specified function, showing the call graph inbound to the target function.
+
+## Overview
+
+This query identifies all call sites that invoke a named function, producing an inbound call graph. Given a target function name, it reports each call site and the enclosing caller, which is useful for understanding how a function is used throughout the codebase.
+
+The query accepts function names via an external predicate (`targetFunction`).
+
+## Use Cases
+
+This query is primarily used for:
+
+- Finding all callers of a specific function
+- Understanding how a function is used across modules
+- Impact analysis when modifying or deprecating a function
+
+## Example
+
+The following Rust code demonstrates inbound calls to `target_func`:
+
+```rust
+fn target_func() {}  // Target function for analysis
+
+fn caller1() {
+    target_func();
+}
+
+fn caller2() {
+    target_func();
+}
+```
+
+Running with `targetFunction = "target_func"` produces results showing each call site with the message pattern ``Call to `target_func`from`caller1```.
+
+## Output Format
+
+The query is a `@kind problem` query producing rows of:
+
+- ``select call, "Call to `callee` from `caller`"``
+
+## References
+
+- [Rust Functions](https://doc.rust-lang.org/book/ch03-03-how-functions-work.html)
+- [CodeQL Call Graph Analysis](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)
+- [CodeQL Library for Rust](https://codeql.github.com/docs/codeql-language-guides/codeql-library-for-rust/)
diff --git a/server/ql/rust/tools/src/PrintAST/PrintAST.md b/server/ql/rust/tools/src/PrintAST/PrintAST.md
@@ -0,0 +1,59 @@
+# Print AST for Rust
+
+Outputs a representation of the Abstract Syntax Tree (AST) for specified source files.
+
+## Overview
+
+The Abstract Syntax Tree is a hierarchical representation of source code structure. Each node represents a syntactic construct (declaration, statement, expression, etc.) and edges represent parent-child containment relationships.
+
+This query produces the full AST for specified Rust source files, which is useful for understanding code structure, inspecting how the CodeQL extractor parses modules and functions, and debugging query logic that operates on AST nodes.
+
+## Use Cases
+
+This query is primarily used for:
+
+- Inspecting how CodeQL represents Rust functions, structs, and expressions
+- Debugging queries that match on AST node types
+- Understanding parent-child relationships between items and statements
+- Verifying extractor behavior for ownership, borrowing, and pattern matching
+- IDE integration for syntax tree visualization
+
+## Example
+
+The following Rust code demonstrates AST structure through function declarations and control flow:
+
+```rust
+struct Greeter {
+    name: String,
+}
+
+impl Greeter {
+    fn greet(&self) {
+        println!("Hello, {}!", self.name);
+    }
+}
+
+fn main() {
+    let g = Greeter { name: "World".to_string() };
+    g.greet();
+}
+```
+
+In the resulting AST:
+
+- The module contains struct and function declarations as children
+- Each function body contains a block expression with statement nodes
+- Call expressions reference their target and arguments as child nodes
+
+## Output Format
+
+The query produces a graph via the parameterized `PrintAst` library module:
+
+- `nodes`: Each AST node with its type, label, and properties
+- `edges`: Parent-child relationships forming the syntax tree
+
+## References
+
+- [The Rust Reference](https://doc.rust-lang.org/reference/)
+- [CodeQL Abstract Syntax Trees](https://codeql.github.com/docs/writing-codeql-queries/abstract-syntax-tree/)
+- [CodeQL Library for Rust](https://codeql.github.com/docs/codeql-language-guides/codeql-library-for-rust/)
diff --git a/server/ql/rust/tools/src/PrintCFG/PrintCFG.md b/server/ql/rust/tools/src/PrintCFG/PrintCFG.md
@@ -0,0 +1,56 @@
+# Print CFG for Rust
+
+Produces a representation of a file's Control Flow Graph (CFG) for specified source files.
+
+## Overview
+
+The Control Flow Graph models the runtime execution order of statements and expressions within functions. Nodes represent individual executable elements and edges represent possible transitions between them, including branches, loops, and exceptional control flow.
+
+This query produces the CFG for specified Rust source files, which is useful for understanding execution paths, identifying dead code, and debugging data flow queries that depend on control flow ordering.
+
+## Use Cases
+
+This query is primarily used for:
+
+- Visualizing execution paths through Rust functions
+- Understanding how `if`, `match`, `loop`, `while`, and `for` affect control flow
+- Debugging data flow queries that depend on CFG structure
+- Identifying unreachable code or unexpected control flow edges
+- Verifying CFG behavior for Rust-specific constructs like pattern matching
+
+## Example
+
+The following Rust code demonstrates control flow through branching and loops:
+
+```rust
+fn example(x: i32) -> i32 {
+    if x > 0 {
+        return x;
+    }
+
+    let mut val = x;
+    while val < 10 {
+        val += 1;
+    }
+    val
+}
+```
+
+In the resulting CFG:
+
+- The `if` condition creates a branch with two successors
+- The early `return` creates an edge to the function exit
+- The `while` loop creates a back-edge from the loop body to the condition
+
+## Output Format
+
+The query produces a graph with:
+
+- `nodes`: Each CFG node with a `semmle.label` property
+- `edges`: Control flow transitions between nodes
+
+## References
+
+- [The Rust Reference - Expressions](https://doc.rust-lang.org/reference/expressions.html)
+- [CodeQL Control Flow Analysis](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)
+- [CodeQL Library for Rust](https://codeql.github.com/docs/codeql-language-guides/codeql-library-for-rust/)
diff --git a/server/test/src/prompts/workflow-prompts.test.ts b/server/test/src/prompts/workflow-prompts.test.ts
@@ -86,13 +86,13 @@ describe('Workflow Prompts', () => {
   // SUPPORTED_LANGUAGES
   // -----------------------------------------------------------------------
   describe('SUPPORTED_LANGUAGES', () => {
-    it('should contain the expected 9 languages', () => {
-      expect(SUPPORTED_LANGUAGES).toHaveLength(9);
+    it('should contain the expected 10 languages', () => {
+      expect(SUPPORTED_LANGUAGES).toHaveLength(10);
     });
 
     it.each([
       'actions', 'cpp', 'csharp', 'go', 'java',
-      'javascript', 'python', 'ruby', 'swift',
+      'javascript', 'python', 'ruby', 'rust', 'swift',
     ] as const)('should include "%s"', (lang) => {
       expect(SUPPORTED_LANGUAGES).toContain(lang);
     });
@@ -162,7 +162,7 @@ describe('Workflow Prompts', () => {
     });
 
     it('should reject invalid language', () => {
-      const result = testDrivenDevelopmentSchema.safeParse({ language: 'rust' });
+      const result = testDrivenDevelopmentSchema.safeParse({ language: 'kotlin' });
       expect(result.success).toBe(false);
     });
 
@@ -1597,14 +1597,14 @@ describe('Workflow Prompts', () => {
   // -----------------------------------------------------------------------
   describe('formatValidationError', () => {
     it('should format invalid_enum_value with available options', () => {
-      const result = testDrivenDevelopmentSchema.safeParse({ language: 'rust' });
+      const result = testDrivenDevelopmentSchema.safeParse({ language: 'kotlin' });
       expect(result.success).toBe(false);
       if (!result.success) {
         const msg = formatValidationError('test_driven_development', result.error);
         expect(msg).toContain('Invalid input');
         expect(msg).toContain('test_driven_development');
         expect(msg).toContain('`language`');
-        expect(msg).toContain('rust');
+        expect(msg).toContain('kotlin');
         expect(msg).toContain('javascript');
         expect(msg).toContain('try again');
       }
@@ -1675,13 +1675,13 @@ describe('Workflow Prompts', () => {
         innerHandler,
       );
 
-      const result = await safe({ language: 'rust' });
+      const result = await safe({ language: 'kotlin' });
       // Handler should NOT be called
       expect(innerHandler).not.toHaveBeenCalled();
       // Should return a message, not throw
       expect(result.messages).toHaveLength(1);
       expect(result.messages[0].content.text).toContain('Invalid input');
-      expect(result.messages[0].content.text).toContain('rust');
+      expect(result.messages[0].content.text).toContain('kotlin');
     });
 
     it('should return inline error when required fields are missing', async () => {
@@ -1941,12 +1941,12 @@ describe('Workflow Prompts', () => {
     it('explain_codeql_query handler should return inline error for invalid language', async () => {
       const handler = getRegisteredHandler(mockServer, 'explain_codeql_query');
       const result: PromptResult = await handler({
-        language: 'rust',
+        language: 'kotlin',
         queryPath: '/q.ql',
       });
       const text = result.messages[0].content.text;
       expect(text).toContain('Invalid input');
-      expect(text).toContain('rust');
+      expect(text).toContain('kotlin');
       expect(text).toContain('javascript');
     });
 
