Agentic maintenance of `advanced-security/codeql-sap-js` repository

[data-douser]

This issue tracks the implementation and validation of agentic maintenance capabilities for this repository, where "maintenance" is intentionally vague for our use case and applies to any development, testing, or other repository-specific task that has been done before and could reasonably be repeated and validated via some complementary set of agentic AI agents, with each "agent" described by a .github/agents/*.md file and backed by the Copilot Coding Agent (CCA) issue-assignment-to-PR workflow.

Purpose

The overall of this "agentic maintenance" approach is to minimize the amount of human time required purely for the maintenance of this repository

Another way to rephrase this "purpose" would be: All good admins are lazy. And we want to be great admins.

Requirements

Requirements to prepare .github/** for agentic maintenance:

• Setup subdirectories and .github/** contents for Issue templates, PR templates, agents, instructions, and prompts by following the approach used in advanced-security/codeql-development-template/.github/;
• Implement a "hierarchy of prompts" similar to advanced-security/codeql-development-template/PROMPTS.md, where we want our .github/ISSUE_TEMPLATE/*.yml templates and our .github/agents/*.md agents to be at the top of the hierarchy of prompts and .github/prompts/*.prompt.md prompts to be at the bottom of the hierarchy and .github/instructions/*.instructions.md instructions to be the middle layer that links to the top and bottom layers of the prompts hierarchy.
• Ensure .github/agents/*.md agents are create using best practices from the how-to-write-a-great-agents-md-lessons-from-over-2500-repsitories guide. The CCA firewall should allow a fetch of that guide, which should form the basis of your understanding for how to implement a complementary set of .github/agents/*.md agents for:
  • CDS extractor development, testing, node dependency upgrades, etc -- this agent must extend/improve/include the existing .github/instructions/extractors_cds_tools_ts.instructions.md instructions;
  • Development of custom CodeQL .ql queries and .qll library modeling for CAP framework;
  • Development of custom CodeQL .ql queries and .qll library modeling for UI5 framework;
  • Development of custom CodeQL .ql queries and .qll library modeling for XSJS framework;
  • Regular upgrades of codeql and qlt CLI dependencies as well as other actions/software versions used in .github/workflows/*.yml actions workflows of this repository;
  • Maintenance of the .github/** implementation of agents, instructions, prompts, issue templates, PR templates, and actions workflows;

Related Issues and PRs

The following closed Issues and Pull Requests (PRs) from this repository should be fetched for context on the types of issues we expect to be able to assign to our agents and the types of changes required to submit and merge a given PR:

• Improve precision CDS source model (FNs) #101
• Fix FN cap sources #109
• Separate cap from non-cap sinks #95
• Separate CAP from non-CAP alerts #96
• Verify the results of Code Scanning using sarif diff #57
• Add sarif-diff to Code Scanning workflow #58
• writeAttributeEscaped erroneously included in SinkModel #34
• Track dataflow through event handlers and their parameters #40
• UI5 support flow through event handlers #24
• Upgrade CodeQL CLI dependency to v2.23.3 #246
• Support dynamically instantiated UI5 controls placed at a DOM tree #240
• Fix shared flow step LogArgumentToListener #242
• Fix CDS extractor database diagnostics to point to source-relative file paths #239
• Update node dependencies for multiple subprojects #237
• Address deprecation of DbLocation #236
• Bump qlpacks to 2.3.0 #235
• Remove diagnostic query ListXssPartialPaths #232
• Make CAP Log injection query more resilient and conservative #226

The PRs listed above should also be used (a second time) to validate the content of our .github/** implementation. A given PR should be most applicable to the work expected for a specific/single agent.