codebase-graph 1.1.5

Native codebaseGraph CLI and MCP server for local code knowledge graphs.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237

name: Release

on:
  push:
    branches:
      - main
  workflow_dispatch:
    inputs:
      publish-existing-tag:
        description: Re-publish an existing GitHub release tag's native artifacts.
        required: false
        type: string
        default: ""

permissions:
  contents: read

env:
  MACOSX_DEPLOYMENT_TARGET: "13.3"
  CARGO_HTTP_MULTIPLEXING: "false"
  CARGO_NET_RETRY: "10"

jobs:
  release-please:
    name: release please
    if: ${{ github.event_name != 'workflow_dispatch' || inputs.publish-existing-tag == '' }}
    runs-on: ubuntu-latest
    timeout-minutes: 10
    permissions:
      contents: write
      pull-requests: write
    outputs:
      release-created: ${{ steps.release.outputs.release_created }}
      tag-name: ${{ steps.release.outputs.tag_name }}
      version: ${{ steps.release.outputs.version }}
    steps:
      - name: Create release pull request or GitHub release
        id: release
        uses: googleapis/release-please-action@45996ed1f6d02564a971a2fa1b5860e934307cf7 # v5.0.0
        with:
          token: ${{ secrets.RELEASE_PLEASE_TOKEN || github.token }}
          config-file: release-please-config.json
          manifest-file: .release-please-manifest.json

  release-target:
    name: resolve release target
    needs: release-please
    if: ${{ always() && (github.event_name == 'workflow_dispatch' || needs.release-please.result == 'success') }}
    runs-on: ubuntu-latest
    timeout-minutes: 5
    outputs:
      should-publish: ${{ steps.resolve.outputs.should-publish }}
      tag-name: ${{ steps.resolve.outputs.tag-name }}
    steps:
      - name: Resolve release tag
        id: resolve
        shell: bash
        env:
          PUBLISH_EXISTING_TAG: ${{ inputs.publish-existing-tag }}
          RELEASE_CREATED: ${{ needs.release-please.outputs.release-created }}
          RELEASE_TAG: ${{ needs.release-please.outputs.tag-name }}
        run: |
          if [[ -n "${PUBLISH_EXISTING_TAG}" ]]; then
            {
              echo "should-publish=true"
              echo "tag-name=${PUBLISH_EXISTING_TAG}"
            } >> "$GITHUB_OUTPUT"
          elif [[ "${RELEASE_CREATED}" == "true" ]]; then
            {
              echo "should-publish=true"
              echo "tag-name=${RELEASE_TAG}"
            } >> "$GITHUB_OUTPUT"
          else
            {
              echo "should-publish=false"
              echo "tag-name="
            } >> "$GITHUB_OUTPUT"
          fi

  production-gate:
    name: production release gate
    needs: release-target
    if: needs.release-target.outputs.should-publish == 'true'
    runs-on: ubuntu-latest
    timeout-minutes: 10
    environment:
      name: cargo
    permissions:
      contents: read
    env:
      RELEASE_TAG: ${{ needs.release-target.outputs.tag-name }}
    steps:
      - name: Check out release tag
        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
        with:
          ref: ${{ env.RELEASE_TAG }}
          fetch-depth: 0
      - name: Run production release gate
        shell: bash
        env:
          CODEBASE_GRAPH_CONFIRM_RELEASE_ENVIRONMENT: ${{ vars.CODEBASE_GRAPH_CONFIRM_RELEASE_ENVIRONMENT }}
          CODEBASE_GRAPH_CONFIRM_HOSTED_CI_GREEN: ${{ vars.CODEBASE_GRAPH_CONFIRM_HOSTED_CI_GREEN }}
          CODEBASE_GRAPH_CONFIRM_PRIVATE_VULNERABILITY_REPORTING: ${{ vars.CODEBASE_GRAPH_CONFIRM_PRIVATE_VULNERABILITY_REPORTING }}
          CODEBASE_GRAPH_REQUIRE_CONDA: ${{ vars.CODEBASE_GRAPH_REQUIRE_CONDA }}
        run: |
          args=(release-gate --production)
          if [[ "${CODEBASE_GRAPH_CONFIRM_RELEASE_ENVIRONMENT}" == "true" ]]; then
            args+=(--confirm release-environment)
          fi
          if [[ "${CODEBASE_GRAPH_CONFIRM_HOSTED_CI_GREEN}" == "true" ]]; then
            args+=(--confirm hosted-ci-green)
          fi
          if [[ "${CODEBASE_GRAPH_CONFIRM_PRIVATE_VULNERABILITY_REPORTING}" == "true" ]]; then
            args+=(--confirm private-vulnerability-reporting)
          fi
          if [[ "${CODEBASE_GRAPH_REQUIRE_CONDA}" == "true" ]]; then
            args+=(--require-conda)
          fi
          cargo run -p xtask -- "${args[@]}"

  build:
    name: build native release artifacts (${{ matrix.os }})
    needs:
      - release-target
      - production-gate
    if: needs.release-target.outputs.should-publish == 'true'
    runs-on: ${{ matrix.os }}
    timeout-minutes: 30
    permissions:
      contents: write
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: ubuntu-latest
            binary: codebase-graph
            artifact-suffix: linux-x86_64
            prebuilt_lbug: false
            lbug_archive: ""
            rustflags: ""
            cargo_features: ""
          - os: macos-latest
            binary: codebase-graph
            artifact-suffix: macos-arm64
            prebuilt_lbug: true
            lbug_archive: liblbug-static-osx-arm64.tar.gz
            rustflags: ""
            cargo_features: ""
          - os: macos-15-intel
            binary: codebase-graph
            artifact-suffix: macos-x86_64
            prebuilt_lbug: true
            lbug_archive: liblbug-static-osx-x86_64.tar.gz
            rustflags: ""
            cargo_features: ""
          - os: windows-2022
            binary: codebase-graph.exe
            artifact-suffix: windows-x86_64
            prebuilt_lbug: false
            lbug_archive: ""
            rustflags: ""
            cargo_features: "--features bundled-windows-extensions"
    env:
      RELEASE_TAG: ${{ needs.release-target.outputs.tag-name }}
    steps:
      - name: Check out release tag
        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
        with:
          ref: ${{ env.RELEASE_TAG }}
          fetch-depth: 0
      - name: Verify package version matches tag
        shell: bash
        run: cargo run -p xtask -- verify-release-version "$RELEASE_TAG"
      - name: Prepare prebuilt liblbug
        if: ${{ matrix.prebuilt_lbug }}
        shell: bash
        run: |
          set -eu
          lib_dir="$PWD/.cache/lbug-prebuilt"
          archive="${{ matrix.lbug_archive }}"
          lbug_version="$(awk '/^name = "lbug"/ { found=1 } found && /^version = / { gsub(/"/, "", $3); print $3; exit }' Cargo.lock)"
          mkdir -p "$lib_dir"
          curl --retry 5 --retry-all-errors --connect-timeout 20 -fSL \
            "https://github.com/LadybugDB/ladybug/releases/download/v${lbug_version}/${archive}" \
            -o "$RUNNER_TEMP/$archive"
          tar xzf "$RUNNER_TEMP/$archive" -C "$lib_dir"
          test -f "$lib_dir/liblbug.a"
          test -f "$lib_dir/lbug.h"
          {
            echo "LBUG_LIBRARY_DIR=$lib_dir"
            echo "LBUG_INCLUDE_DIR=$lib_dir"
          } >> "$GITHUB_ENV"
      - name: Build Rust production binary
        env:
          RUSTFLAGS: ${{ matrix.rustflags }}
          CARGO_FEATURES: ${{ matrix.cargo_features }}
        shell: bash
        run: |
          mkdir -p dist/smoke
          cargo build --locked --release --bin codebase-graph ${CARGO_FEATURES}
          cp "target/release/${{ matrix.binary }}" "dist/smoke/${{ matrix.binary }}"
          chmod +x "dist/smoke/${{ matrix.binary }}"
          archive="codebase-graph-${RELEASE_TAG#v}-${{ matrix.artifact-suffix }}.tar.gz"
          tar -C dist/smoke -czf "dist/${archive}" "${{ matrix.binary }}"
          checksum_python="$(command -v python3 || command -v python)"
          "$checksum_python" -c 'import hashlib, pathlib, sys; path = pathlib.Path(sys.argv[1]); print(f"{hashlib.sha256(path.read_bytes()).hexdigest()}  {path.as_posix()}")' "dist/${archive}" > "dist/${archive}.sha256"
      - name: Smoke-test Rust production binary
        shell: bash
        run: cargo run -p xtask -- smoke-artifact "./dist/smoke/${{ matrix.binary }}"
      - name: Upload native artifacts to GitHub release
        shell: bash
        env:
          GH_TOKEN: ${{ github.token }}
        run: gh release upload "$RELEASE_TAG" dist/codebase-graph-*.tar.gz dist/codebase-graph-*.tar.gz.sha256 --clobber

  publish-crate:
    name: publish crates.io package
    needs:
      - release-please
      - build
    if: needs.release-please.outputs.release-created == 'true'
    runs-on: ubuntu-latest
    timeout-minutes: 20
    environment:
      name: cargo
    steps:
      - name: Check out release tag
        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
        with:
          ref: ${{ needs.release-please.outputs.tag-name }}
          fetch-depth: 0
      - name: Verify crates.io package
        run: cargo publish --dry-run --locked
      - name: Publish crates.io package
        env:
          CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
        run: cargo publish --locked