Skip to content

Add cpg_get_last_write MCP tool#2805

Open
narangtanmay wants to merge 2 commits into
Fraunhofer-AISEC:mainfrom
narangtanmay:feat/cpg-get-last-write
Open

Add cpg_get_last_write MCP tool#2805
narangtanmay wants to merge 2 commits into
Fraunhofer-AISEC:mainfrom
narangtanmay:feat/cpg-get-last-write

Conversation

@narangtanmay

Copy link
Copy Markdown

Summary

Adds an MCP tool that returns the writes that may reach a given node's value, one-hop, control-flow-sensitive reaching definitions.

  • Node.reachingWrites() reads the node's existing prevDFG edges (already materialized by PointsToPass's kill/union analysis) and returns them as ReachingWrite(source, granularity, functionSummary).
  • cpg_get_last_write exposes this over MCP: resolves a node by ID, runs reachingWrites(), returns the writing nodes with their dataflow granularity and whether the edge came from a function summary.

This is deliberately different from followPrevDFG: that API returns a single witness path by design (findAllPossiblePaths = false), so on a variable written on multiple branches before a merge it picks one arbitrary write. reachingWrites() returns all of them, the full "may" set.

Test plan

No automated tests included yet, open question whether to add them before merge.

  • Manually exercised against a small fixture with branch writes before a merge point, confirmed multiple prevDFG sources come back
  • ./gradlew :cpg-core:compileKotlin :cpg-mcp:compileKotlin clean

@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.


Tanmay seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants