Open
Conversation
Adds a full complement of .github/** files for leveraging AI agents with the ql-mcp server for more efficient development of features and troubleshooting of problems related to SAP frameworks such as CAP / CDS, UI5, and XSJS. Sets up the 'advanced-security/codeql-sap-js' repo for ongoing "agentic maintenance", aka Resolves #259
Contributor
There was a problem hiding this comment.
Pull request overview
This PR sets up repository-level .github/** infrastructure to support agentic Copilot maintenance workflows for CodeQL modeling and maintenance tasks (resolving #259), and adds tooling/version files to support consistent CodeQL environment setup.
Changes:
- Adds multiple Copilot agent definitions, instruction files, and task prompts for CAP/UI5/XSJS modeling, CDS extractor work, dependency upgrades, and
.githubmaintenance. - Introduces a
copilot-setup-stepsworkflow plus.node-version/.codeql-versionfiles to standardize agent environment setup. - Extends
scripts/update-release-version.shto validate/update.codeql-versionalongside existing version-bearing files.
Reviewed changes
Copilot reviewed 28 out of 29 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/update-release-version.sh | Adds .codeql-version consistency check and update logic tied to release version updates. |
| .node-version | Defines Node major version for consistent setup across workflows/agents. |
| .gitignore | Ignores .vscode/ workspace settings. |
| .github/workflows/copilot-setup-steps.yml | New workflow to provision Node + CodeQL env and install packs for Copilot setup. |
| .github/workflows/cds-extractor-dist-bundle.yml | Minor comment placement tweak for workflow_dispatch. |
| .github/prompts/xsjs_framework_development.prompt.md | Adds XSJS modeling guidance prompt (sources/sinks/tests). |
| .github/prompts/ui5_framework_codeql_test.prompt.md | Adds UI5 unit testing prompt content and examples. |
| .github/prompts/ui5_framework_codeql_lib.prompt.md | Adds UI5 library modeling prompt content and examples. |
| .github/prompts/ui5_framework_codeql_dev.prompt.md | Adds UI5 query development prompt content and examples. |
| .github/prompts/test_driven_development.prompt.md | Adds shared TDD workflow prompt for CodeQL development. |
| .github/prompts/github_maintenance.prompt.md | Adds .github maintenance workflow prompt (agents/instructions/prompts/templates). |
| .github/prompts/dependency_upgrade.prompt.md | Adds dependency upgrade workflow prompt (Node/CodeQL/Actions). |
| .github/prompts/codeql_test_commands.prompt.md | Adds centralized CodeQL/ql-mcp test command reference prompt. |
| .github/prompts/cds_extractor_development.prompt.md | Adds CDS extractor development prompt (build/test/architecture). |
| .github/prompts/cap_framework_development.prompt.md | Adds CAP modeling development prompt (patterns/tests/examples). |
| .github/instructions/javascript_xsjs_ql.instructions.md | Adds XSJS QL/QLL instruction constraints and workflow requirements. |
| .github/instructions/javascript_ui5_ql.instructions.md | Adds UI5 QL/QLL/testing instruction constraints and workflow requirements. |
| .github/instructions/javascript_cap_ql.instructions.md | Adds CAP QL/QLL instruction constraints and workflow requirements. |
| .github/instructions/github_maintenance.instructions.md | Adds .github maintenance instruction constraints and hierarchy guidance. |
| .github/instructions/dependency_upgrades.instructions.md | Adds dependency-upgrade instruction constraints and workflow requirements. |
| .github/instructions/README.md | Documents instruction-file purpose, structure, and prompt hierarchy. |
| .github/agents/javascript-xsjs-modeling-agent.md | Adds XSJS modeling agent definition (tools, workflow, boundaries). |
| .github/agents/javascript-ui5-modeling-agent.md | Adds UI5 modeling agent definition (tools, workflow, structure). |
| .github/agents/javascript-cap-modeling-agent.md | Adds CAP modeling agent definition (tools, workflow, structure). |
| .github/agents/github-maintenance-agent.md | Adds .github maintenance agent definition (commands, hierarchy). |
| .github/agents/dependency-upgrade-agent.md | Adds dependency upgrade agent definition (commands, boundaries). |
| .github/agents/codeql-cds-extractor-agent.md | Adds CDS extractor agent definition (commands, boundaries, tests). |
| .github/.yamllint | Adds yamllint configuration intended for workflow/template YAML linting. |
| .codeql-version | Adds pinned CodeQL version file used by setup and versioning automation. |
Collaborator
Author
|
@copilot open a new pull request to apply changes based on the comments in this thread |
Contributor
|
@data-douser I've opened a new pull request, #336, to work on those changes. Once the pull request is ready, I'll request review from you. |
…nd UI5 prompt outer fences (#336) * Initial plan * Address review feedback: fix yamllint commands, agent structure diagram, and UI5 prompt fences Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com> Agent-Logs-Url: https://github.com/advanced-security/codeql-sap-js/sessions/404b2862-c982-4730-894b-d434ad2bb1ed --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>
data-douser
added
documentation
Contributor
|
@copilot the CodeQL version is already specified in qlt.conf.json. |
…e in copilot-setup-steps workflow Agent-Logs-Url: https://github.com/advanced-security/codeql-sap-js/sessions/baa532ae-dce3-46f4-8f65-9200ae19135c Co-authored-by: mbaluda <5237080+mbaluda@users.noreply.github.com>
Contributor
Fixed in commit
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What This PR Contributes
Resolves #259
Agent Definitions and Documentation:
.github/agents/javascript-cap-modeling-agent.mdto define the responsibilities, workflow, and boundaries for the CAP framework CodeQL modeling agent, including TDD workflow, ql-mcp tools, and project structure..github/agents/javascript-ui5-modeling-agent.mdto provide detailed instructions and best practices for the UI5 CodeQL modeling agent, covering TDD, supporting prompts, and project structure..github/agents/dependency-upgrade-agent.mdto specify the workflow, commands, and boundaries for managing dependency upgrades (Node.js, CodeQL CLI, GitHub Actions) across the repository..github/agents/github-maintenance-agent.mdto document the scope, structure, and best practices for maintaining the.githubinfrastructure, including prompts, instructions, templates, and workflows..github/agents/codeql-cds-extractor-agent.mdto guide development, testing, and maintenance of the CodeQL CDS extractor (TypeScript), with explicit build/test commands and boundaries.Configuration and Tooling:
.github/.yamllintconfiguration to enforce YAML style and linting rules for GitHub workflows and templates..codeql-versionfile;qlt.conf.jsonis now the single source of truth for the CodeQL CLI version. Thecopilot-setup-stepsworkflow dynamically generates.codeql-versionat runtime fromqlt.conf.json(usingjq -r '.CodeQLCLI') as required by thesetup-codeql-environmentaction.scripts/update-release-version.shto remove.codeql-versionmaintenance code (version check and update functions), since the file is no longer tracked in the repository.Future Works
⌨️ Start Copilot coding agent tasks without leaving your editor — available in VS Code, Visual Studio, JetBrains IDEs and Eclipse.