@bbearai/mcp-server 0.3.0 → 0.3.3

package/dist/index.js

@@ -722,6 +722,159 @@ const tools = [
             },
         },
     },
+    // === SPRINT 5: QA INTELLIGENCE EXPANSION ===
+    {
+        name: 'get_qa_sessions',
+        description: 'Get QA session history showing exploratory testing sessions. Sessions capture findings that may or may not become formal bugs. Use this to understand tester exploration patterns and unstructured discoveries.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                status: {
+                    type: 'string',
+                    enum: ['active', 'completed', 'all'],
+                    description: 'Filter by session status (default: all)',
+                },
+                tester_id: {
+                    type: 'string',
+                    description: 'Filter by specific tester UUID',
+                },
+                limit: {
+                    type: 'number',
+                    description: 'Maximum sessions to return (default: 20)',
+                },
+                include_findings: {
+                    type: 'boolean',
+                    description: 'Include session findings in response (default: true)',
+                },
+            },
+        },
+    },
+    {
+        name: 'get_qa_alerts',
+        description: 'Get active QA alerts including hot spots (routes with many bugs), coverage gaps (untested areas), and track gaps. Alerts are proactively generated to highlight areas needing attention.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                severity: {
+                    type: 'string',
+                    enum: ['critical', 'warning', 'info', 'all'],
+                    description: 'Filter by alert severity (default: all)',
+                },
+                type: {
+                    type: 'string',
+                    enum: ['hot_spot', 'coverage_gap', 'track_gap', 'regression', 'all'],
+                    description: 'Filter by alert type (default: all)',
+                },
+                status: {
+                    type: 'string',
+                    enum: ['active', 'acknowledged', 'all'],
+                    description: 'Filter by status (default: active)',
+                },
+                refresh: {
+                    type: 'boolean',
+                    description: 'Refresh alerts by running detection (default: false)',
+                },
+            },
+        },
+    },
+    {
+        name: 'get_deployment_analysis',
+        description: 'Get deployment history with risk analysis. Shows what files/routes were affected by each deploy and the calculated risk score. Use this to understand deployment impact on QA.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                deployment_id: {
+                    type: 'string',
+                    description: 'Get specific deployment by ID',
+                },
+                environment: {
+                    type: 'string',
+                    enum: ['production', 'preview', 'staging', 'all'],
+                    description: 'Filter by environment (default: all)',
+                },
+                limit: {
+                    type: 'number',
+                    description: 'Maximum deployments to return (default: 10)',
+                },
+                include_testing_priority: {
+                    type: 'boolean',
+                    description: 'Include testing priority recommendations (default: true)',
+                },
+            },
+        },
+    },
+    {
+        name: 'get_tester_recommendations',
+        description: 'Get recommended testers for a test case based on their expertise, track strengths, and past performance. Use this for smart test assignment.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                test_case_id: {
+                    type: 'string',
+                    description: 'Test case UUID to get recommendations for (required)',
+                },
+                limit: {
+                    type: 'number',
+                    description: 'Maximum recommendations to return (default: 5)',
+                },
+            },
+            required: ['test_case_id'],
+        },
+    },
+    {
+        name: 'analyze_commit_for_testing',
+        description: 'Analyze a commit to suggest what should be tested. Maps changed files to routes/features and checks bug history to provide prioritized testing recommendations.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                commit_sha: {
+                    type: 'string',
+                    description: 'Git commit SHA to analyze',
+                },
+                files_changed: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'List of files changed in the commit',
+                },
+                commit_message: {
+                    type: 'string',
+                    description: 'Commit message for context',
+                },
+                record_deployment: {
+                    type: 'boolean',
+                    description: 'Record this as a deployment for tracking (default: false)',
+                },
+            },
+            required: ['files_changed'],
+        },
+    },
+    {
+        name: 'get_testing_patterns',
+        description: 'Get common testing patterns from the curated pattern library. Patterns are based on public knowledge (OWASP, WCAG, framework docs) NOT customer data. Use this to suggest tests for specific feature types.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                feature_type: {
+                    type: 'string',
+                    enum: ['form', 'auth', 'payment', 'file_upload', 'search', 'navigation', 'settings', 'dashboard', 'checkout', 'media', 'async', 'error', 'rendering'],
+                    description: 'Type of feature to get patterns for',
+                },
+                framework: {
+                    type: 'string',
+                    description: 'Framework to filter patterns (react, nextjs, vue, etc.)',
+                },
+                tracks: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'QA tracks to focus on (functional, security, accessibility, performance)',
+                },
+                search: {
+                    type: 'string',
+                    description: 'Search patterns by keyword instead of category',
+                },
+            },
+        },
+    },
 ];
 // Tool handlers
 async function listReports(args) {
@@ -2134,6 +2287,353 @@ async function getQAHealth(args) {
         },
     };
 }
+// === SPRINT 5: NEW HANDLER FUNCTIONS ===
+async function getQASessions(args) {
+    const status = args.status || 'all';
+    const limit = Math.min(args.limit || 20, 50);
+    const includeFindings = args.include_findings !== false;
+    let query = supabase
+        .from('qa_sessions')
+        .select(`
+      id, focus_area, track, platform, started_at, ended_at,
+      notes, routes_covered, status, duration_minutes,
+      findings_count, bugs_filed, created_at,
+      tester:testers(id, name, email)
+    `)
+        .eq('project_id', PROJECT_ID)
+        .order('started_at', { ascending: false })
+        .limit(limit);
+    if (status !== 'all') {
+        query = query.eq('status', status);
+    }
+    if (args.tester_id && isValidUUID(args.tester_id)) {
+        query = query.eq('tester_id', args.tester_id);
+    }
+    const { data: sessions, error } = await query;
+    if (error) {
+        return { error: error.message };
+    }
+    // Optionally load findings for each session
+    let sessionsWithFindings = sessions || [];
+    if (includeFindings && sessions && sessions.length > 0) {
+        const sessionIds = sessions.map(s => s.id);
+        const { data: findings } = await supabase
+            .from('qa_findings')
+            .select('id, session_id, type, severity, title, description, route, converted_to_bug_id, dismissed')
+            .in('session_id', sessionIds);
+        const findingsList = findings || [];
+        const findingsBySession = findingsList.reduce((acc, f) => {
+            acc[f.session_id] = acc[f.session_id] || [];
+            acc[f.session_id].push(f);
+            return acc;
+        }, {});
+        sessionsWithFindings = sessions.map(s => ({
+            ...s,
+            findings: findingsBySession[s.id] || [],
+        }));
+    }
+    const summary = {
+        total: sessionsWithFindings.length,
+        active: sessionsWithFindings.filter(s => s.status === 'active').length,
+        completed: sessionsWithFindings.filter(s => s.status === 'completed').length,
+        totalFindings: sessionsWithFindings.reduce((sum, s) => sum + (s.findings_count || 0), 0),
+        totalBugsFiled: sessionsWithFindings.reduce((sum, s) => sum + (s.bugs_filed || 0), 0),
+    };
+    return {
+        sessions: sessionsWithFindings,
+        summary,
+    };
+}
+async function getQAAlerts(args) {
+    const severity = args.severity || 'all';
+    const type = args.type || 'all';
+    const status = args.status || 'active';
+    // Optionally refresh alerts
+    if (args.refresh) {
+        await supabase.rpc('detect_all_alerts', { p_project_id: PROJECT_ID });
+    }
+    let query = supabase
+        .from('qa_alerts')
+        .select('*')
+        .eq('project_id', PROJECT_ID)
+        .order('severity', { ascending: true }) // critical first
+        .order('created_at', { ascending: false });
+    if (severity !== 'all') {
+        query = query.eq('severity', severity);
+    }
+    if (type !== 'all') {
+        query = query.eq('type', type);
+    }
+    if (status !== 'all') {
+        query = query.eq('status', status);
+    }
+    const { data: alerts, error } = await query;
+    if (error) {
+        return { error: error.message };
+    }
+    const summary = {
+        total: alerts?.length || 0,
+        critical: alerts?.filter(a => a.severity === 'critical').length || 0,
+        warning: alerts?.filter(a => a.severity === 'warning').length || 0,
+        info: alerts?.filter(a => a.severity === 'info').length || 0,
+        byType: {
+            hot_spot: alerts?.filter(a => a.type === 'hot_spot').length || 0,
+            coverage_gap: alerts?.filter(a => a.type === 'coverage_gap').length || 0,
+            track_gap: alerts?.filter(a => a.type === 'track_gap').length || 0,
+        },
+    };
+    return {
+        alerts: alerts?.map(a => ({
+            id: a.id,
+            type: a.type,
+            severity: a.severity,
+            title: a.title,
+            description: a.description,
+            route: a.trigger_route,
+            track: a.trigger_track,
+            recommendation: a.recommendation,
+            action_type: a.action_type,
+            status: a.status,
+            created_at: a.created_at,
+        })),
+        summary,
+    };
+}
+async function getDeploymentAnalysis(args) {
+    const limit = Math.min(args.limit || 10, 50);
+    const includeTestingPriority = args.include_testing_priority !== false;
+    if (args.deployment_id && isValidUUID(args.deployment_id)) {
+        // Get specific deployment
+        const { data: deployment, error } = await supabase
+            .from('deployments')
+            .select('*')
+            .eq('id', args.deployment_id)
+            .eq('project_id', PROJECT_ID)
+            .single();
+        if (error) {
+            return { error: error.message };
+        }
+        return { deployment };
+    }
+    // Get deployment history
+    let query = supabase
+        .from('deployments')
+        .select('*')
+        .eq('project_id', PROJECT_ID)
+        .order('deployed_at', { ascending: false })
+        .limit(limit);
+    if (args.environment && args.environment !== 'all') {
+        query = query.eq('environment', args.environment);
+    }
+    const { data: deployments, error } = await query;
+    if (error) {
+        return { error: error.message };
+    }
+    const summary = {
+        total: deployments?.length || 0,
+        avgRiskScore: deployments?.length
+            ? Math.round(deployments.reduce((sum, d) => sum + (d.risk_score || 0), 0) / deployments.length)
+            : 0,
+        highRisk: deployments?.filter(d => (d.risk_score || 0) >= 70).length || 0,
+        verified: deployments?.filter(d => d.verified_at).length || 0,
+    };
+    return {
+        deployments: deployments?.map(d => ({
+            id: d.id,
+            environment: d.environment,
+            commit_sha: d.commit_sha,
+            commit_message: d.commit_message,
+            branch: d.branch,
+            deployed_at: d.deployed_at,
+            risk_score: d.risk_score,
+            routes_affected: d.routes_affected,
+            testing_priority: includeTestingPriority ? d.testing_priority : undefined,
+            verified: !!d.verified_at,
+        })),
+        summary,
+    };
+}
+async function getTesterRecommendations(args) {
+    if (!isValidUUID(args.test_case_id)) {
+        return { error: 'Invalid test_case_id format' };
+    }
+    const limit = Math.min(args.limit || 5, 10);
+    const { data: recommendations, error } = await supabase.rpc('get_tester_recommendations', {
+        p_test_case_id: args.test_case_id,
+        p_limit: limit,
+    });
+    if (error) {
+        return { error: error.message };
+    }
+    // Get test case info for context
+    const { data: testCase } = await supabase
+        .from('test_cases')
+        .select('test_key, title, track:qa_tracks(name)')
+        .eq('id', args.test_case_id)
+        .single();
+    return {
+        test_case: testCase ? {
+            id: args.test_case_id,
+            test_key: testCase.test_key,
+            title: testCase.title,
+            track: testCase.track?.name,
+        } : null,
+        recommendations: recommendations?.map((r) => ({
+            tester_id: r.tester_id,
+            name: r.tester_name,
+            email: r.tester_email,
+            match_score: r.match_score,
+            reasons: r.match_reasons,
+        })) || [],
+    };
+}
+async function analyzeCommitForTesting(args) {
+    const filesChanged = args.files_changed || [];
+    // Map files to routes using file_route_mapping
+    const { data: mappings } = await supabase
+        .from('file_route_mapping')
+        .select('file_pattern, route, feature, confidence')
+        .eq('project_id', PROJECT_ID);
+    const affectedRoutes = [];
+    for (const mapping of mappings || []) {
+        const matchedFiles = filesChanged.filter(file => {
+            const pattern = mapping.file_pattern
+                .replace(/\*\*/g, '.*')
+                .replace(/\*/g, '[^/]*');
+            return new RegExp(pattern).test(file);
+        });
+        if (matchedFiles.length > 0) {
+            affectedRoutes.push({
+                route: mapping.route,
+                feature: mapping.feature || undefined,
+                confidence: mapping.confidence,
+                matched_files: matchedFiles,
+            });
+        }
+    }
+    // Get bug history for affected routes
+    const routes = affectedRoutes.map(r => r.route);
+    let bugHistory = [];
+    if (routes.length > 0) {
+        const { data: bugs } = await supabase
+            .from('reports')
+            .select('id, severity, description, route, created_at')
+            .eq('project_id', PROJECT_ID)
+            .eq('report_type', 'bug')
+            .in('route', routes)
+            .gte('created_at', new Date(Date.now() - 30 * 24 * 60 * 60 * 1000).toISOString());
+        bugHistory = bugs || [];
+    }
+    // Calculate risk score
+    let riskScore = 0;
+    riskScore += Math.min(filesChanged.length * 2, 20); // File count
+    riskScore += Math.min(affectedRoutes.length * 5, 30); // Route count
+    riskScore += Math.min(bugHistory.length * 10, 50); // Bug history
+    // Generate testing recommendations
+    const recommendations = affectedRoutes.map(r => {
+        const routeBugs = bugHistory.filter(b => b.route === r.route);
+        const priority = routeBugs.length >= 3 ? 'critical' :
+            routeBugs.length >= 1 ? 'high' : 'medium';
+        return {
+            route: r.route,
+            feature: r.feature,
+            priority,
+            reason: routeBugs.length > 0
+                ? `${routeBugs.length} bug(s) in last 30 days`
+                : 'Code changed in this area',
+            recent_bugs: routeBugs.length,
+        };
+    }).sort((a, b) => {
+        const order = { critical: 0, high: 1, medium: 2 };
+        return order[a.priority] - order[b.priority];
+    });
+    // Optionally record as deployment
+    if (args.record_deployment) {
+        await supabase.rpc('record_deployment', {
+            p_project_id: PROJECT_ID,
+            p_environment: 'production',
+            p_commit_sha: args.commit_sha || null,
+            p_commit_message: args.commit_message || null,
+            p_files_changed: filesChanged,
+            p_webhook_source: 'mcp',
+        });
+    }
+    return {
+        commit_sha: args.commit_sha,
+        files_analyzed: filesChanged.length,
+        risk_score: Math.min(riskScore, 100),
+        affected_routes: affectedRoutes,
+        bug_history_summary: {
+            total: bugHistory.length,
+            critical: bugHistory.filter(b => b.severity === 'critical').length,
+            high: bugHistory.filter(b => b.severity === 'high').length,
+        },
+        testing_recommendations: recommendations,
+        deployment_recorded: args.record_deployment || false,
+    };
+}
+async function getTestingPatterns(args) {
+    let patterns = [];
+    if (args.search) {
+        // Search patterns by keyword
+        const { data, error } = await supabase.rpc('search_patterns', {
+            p_query: args.search,
+            p_limit: 20,
+        });
+        if (!error)
+            patterns = data || [];
+    }
+    else if (args.feature_type) {
+        // Get patterns for feature type
+        const { data, error } = await supabase.rpc('get_patterns_for_feature', {
+            p_category: args.feature_type,
+            p_framework: args.framework || null,
+            p_tracks: args.tracks || null,
+        });
+        if (!error)
+            patterns = data || [];
+    }
+    else {
+        // Get all patterns (limited)
+        const { data, error } = await supabase
+            .from('qa_patterns')
+            .select('*')
+            .eq('is_active', true)
+            .order('severity')
+            .limit(30);
+        if (!error)
+            patterns = data || [];
+    }
+    const summary = {
+        total: patterns.length,
+        by_severity: {
+            critical: patterns.filter(p => p.severity === 'critical').length,
+            high: patterns.filter(p => p.severity === 'high').length,
+            medium: patterns.filter(p => p.severity === 'medium').length,
+            low: patterns.filter(p => p.severity === 'low').length,
+        },
+        by_track: patterns.reduce((acc, p) => {
+            acc[p.track] = (acc[p.track] || 0) + 1;
+            return acc;
+        }, {}),
+    };
+    return {
+        patterns: patterns.map(p => ({
+            title: p.title,
+            category: p.category,
+            track: p.track,
+            severity: p.severity,
+            description: p.description,
+            why_it_happens: p.why_it_happens,
+            suggested_tests: p.suggested_tests,
+            common_fix: p.common_fix,
+            source: p.source,
+            frameworks: p.frameworks,
+        })),
+        summary,
+        note: 'Patterns are from public knowledge (OWASP, WCAG, framework docs), not customer data.',
+    };
+}
 async function analyzeChangesForTests(args) {
     // Get existing tests to check coverage
     const { data: existingTests } = await supabase
@@ -2496,6 +2996,27 @@ async function createBugReport(args) {
     if (args.suggested_fix) {
         codeContext.suggested_fix = args.suggested_fix;
     }
+    // Find a reporter_id: try to get the project owner or first tester
+    let reporterId = null;
+    const { data: project } = await supabase
+        .from('projects')
+        .select('owner_id')
+        .eq('id', PROJECT_ID)
+        .single();
+    if (project?.owner_id) {
+        reporterId = project.owner_id;
+    }
+    else {
+        // Fallback: use the first tester for this project
+        const { data: testers } = await supabase
+            .from('testers')
+            .select('id')
+            .eq('project_id', PROJECT_ID)
+            .limit(1);
+        if (testers && testers.length > 0) {
+            reporterId = testers[0].id;
+        }
+    }
     const report = {
         project_id: PROJECT_ID,
         report_type: 'bug',
@@ -2514,6 +3035,9 @@ async function createBugReport(args) {
         },
         code_context: codeContext,
     };
+    if (reporterId) {
+        report.reporter_id = reporterId;
+    }
     const { data, error } = await supabase
         .from('reports')
         .insert(report)
@@ -3491,6 +4015,25 @@ async function main() {
                 case 'complete_fix_request':
                     result = await completeFixRequest(args);
                     break;
+                // === SPRINT 5: NEW MCP TOOLS ===
+                case 'get_qa_sessions':
+                    result = await getQASessions(args);
+                    break;
+                case 'get_qa_alerts':
+                    result = await getQAAlerts(args);
+                    break;
+                case 'get_deployment_analysis':
+                    result = await getDeploymentAnalysis(args);
+                    break;
+                case 'get_tester_recommendations':
+                    result = await getTesterRecommendations(args);
+                    break;
+                case 'analyze_commit_for_testing':
+                    result = await analyzeCommitForTesting(args);
+                    break;
+                case 'get_testing_patterns':
+                    result = await getTestingPatterns(args);
+                    break;
                 default:
                     return {
                         content: [{ type: 'text', text: `Unknown tool: ${name}` }],

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bbearai/mcp-server",
-  "version": "0.3.0",
+  "version": "0.3.3",
   "description": "MCP server for BugBear - allows Claude Code to query bug reports",
   "main": "dist/index.js",
   "bin": {

package/src/index.ts

@@ -739,6 +739,159 @@ const tools = [
       },
     },
   },
+  // === SPRINT 5: QA INTELLIGENCE EXPANSION ===
+  {
+    name: 'get_qa_sessions',
+    description: 'Get QA session history showing exploratory testing sessions. Sessions capture findings that may or may not become formal bugs. Use this to understand tester exploration patterns and unstructured discoveries.',
+    inputSchema: {
+      type: 'object' as const,
+      properties: {
+        status: {
+          type: 'string',
+          enum: ['active', 'completed', 'all'],
+          description: 'Filter by session status (default: all)',
+        },
+        tester_id: {
+          type: 'string',
+          description: 'Filter by specific tester UUID',
+        },
+        limit: {
+          type: 'number',
+          description: 'Maximum sessions to return (default: 20)',
+        },
+        include_findings: {
+          type: 'boolean',
+          description: 'Include session findings in response (default: true)',
+        },
+      },
+    },
+  },
+  {
+    name: 'get_qa_alerts',
+    description: 'Get active QA alerts including hot spots (routes with many bugs), coverage gaps (untested areas), and track gaps. Alerts are proactively generated to highlight areas needing attention.',
+    inputSchema: {
+      type: 'object' as const,
+      properties: {
+        severity: {
+          type: 'string',
+          enum: ['critical', 'warning', 'info', 'all'],
+          description: 'Filter by alert severity (default: all)',
+        },
+        type: {
+          type: 'string',
+          enum: ['hot_spot', 'coverage_gap', 'track_gap', 'regression', 'all'],
+          description: 'Filter by alert type (default: all)',
+        },
+        status: {
+          type: 'string',
+          enum: ['active', 'acknowledged', 'all'],
+          description: 'Filter by status (default: active)',
+        },
+        refresh: {
+          type: 'boolean',
+          description: 'Refresh alerts by running detection (default: false)',
+        },
+      },
+    },
+  },
+  {
+    name: 'get_deployment_analysis',
+    description: 'Get deployment history with risk analysis. Shows what files/routes were affected by each deploy and the calculated risk score. Use this to understand deployment impact on QA.',
+    inputSchema: {
+      type: 'object' as const,
+      properties: {
+        deployment_id: {
+          type: 'string',
+          description: 'Get specific deployment by ID',
+        },
+        environment: {
+          type: 'string',
+          enum: ['production', 'preview', 'staging', 'all'],
+          description: 'Filter by environment (default: all)',
+        },
+        limit: {
+          type: 'number',
+          description: 'Maximum deployments to return (default: 10)',
+        },
+        include_testing_priority: {
+          type: 'boolean',
+          description: 'Include testing priority recommendations (default: true)',
+        },
+      },
+    },
+  },
+  {
+    name: 'get_tester_recommendations',
+    description: 'Get recommended testers for a test case based on their expertise, track strengths, and past performance. Use this for smart test assignment.',
+    inputSchema: {
+      type: 'object' as const,
+      properties: {
+        test_case_id: {
+          type: 'string',
+          description: 'Test case UUID to get recommendations for (required)',
+        },
+        limit: {
+          type: 'number',
+          description: 'Maximum recommendations to return (default: 5)',
+        },
+      },
+      required: ['test_case_id'],
+    },
+  },
+  {
+    name: 'analyze_commit_for_testing',
+    description: 'Analyze a commit to suggest what should be tested. Maps changed files to routes/features and checks bug history to provide prioritized testing recommendations.',
+    inputSchema: {
+      type: 'object' as const,
+      properties: {
+        commit_sha: {
+          type: 'string',
+          description: 'Git commit SHA to analyze',
+        },
+        files_changed: {
+          type: 'array',
+          items: { type: 'string' },
+          description: 'List of files changed in the commit',
+        },
+        commit_message: {
+          type: 'string',
+          description: 'Commit message for context',
+        },
+        record_deployment: {
+          type: 'boolean',
+          description: 'Record this as a deployment for tracking (default: false)',
+        },
+      },
+      required: ['files_changed'],
+    },
+  },
+  {
+    name: 'get_testing_patterns',
+    description: 'Get common testing patterns from the curated pattern library. Patterns are based on public knowledge (OWASP, WCAG, framework docs) NOT customer data. Use this to suggest tests for specific feature types.',
+    inputSchema: {
+      type: 'object' as const,
+      properties: {
+        feature_type: {
+          type: 'string',
+          enum: ['form', 'auth', 'payment', 'file_upload', 'search', 'navigation', 'settings', 'dashboard', 'checkout', 'media', 'async', 'error', 'rendering'],
+          description: 'Type of feature to get patterns for',
+        },
+        framework: {
+          type: 'string',
+          description: 'Framework to filter patterns (react, nextjs, vue, etc.)',
+        },
+        tracks: {
+          type: 'array',
+          items: { type: 'string' },
+          description: 'QA tracks to focus on (functional, security, accessibility, performance)',
+        },
+        search: {
+          type: 'string',
+          description: 'Search patterns by keyword instead of category',
+        },
+      },
+    },
+  },
 ];
 
 // Tool handlers
@@ -750,7 +903,7 @@ async function listReports(args: {
 }) {
   let query = supabase
     .from('reports')
-    .select('id, report_type, severity, status, description, app_context, created_at, tester:testers(name, email)')
+    .select('id, report_type, severity, status, description, app_context, created_at, reporter_name, reporter_email, tester:testers(name, email)')
     .eq('project_id', PROJECT_ID)
     .order('created_at', { ascending: false })
     .limit(Math.min(args.limit || 10, 50));
@@ -773,7 +926,7 @@ async function listReports(args: {
       status: r.status,
       description: r.description,
       route: (r.app_context as any)?.currentRoute,
-      reporter: (r.tester as any)?.name || 'Anonymous',
+      reporter: (r.tester as any)?.name || (r as any).reporter_name || 'Anonymous',
       created_at: r.created_at,
     })),
     total: data?.length || 0,
@@ -812,7 +965,10 @@ async function getReport(args: { report_id: string }) {
       reporter: data.tester ? {
         name: data.tester.name,
         email: data.tester.email,
-      } : null,
+      } : (data.reporter_name ? {
+        name: data.reporter_name,
+        email: data.reporter_email,
+      } : null),
       track: data.track ? {
         name: data.track.name,
         icon: data.track.icon,
@@ -2409,6 +2565,429 @@ async function getQAHealth(args: {
   };
 }
 
+// === SPRINT 5: NEW HANDLER FUNCTIONS ===
+
+async function getQASessions(args: {
+  status?: 'active' | 'completed' | 'all';
+  tester_id?: string;
+  limit?: number;
+  include_findings?: boolean;
+}) {
+  const status = args.status || 'all';
+  const limit = Math.min(args.limit || 20, 50);
+  const includeFindings = args.include_findings !== false;
+
+  let query = supabase
+    .from('qa_sessions')
+    .select(`
+      id, focus_area, track, platform, started_at, ended_at,
+      notes, routes_covered, status, duration_minutes,
+      findings_count, bugs_filed, created_at,
+      tester:testers(id, name, email)
+    `)
+    .eq('project_id', PROJECT_ID)
+    .order('started_at', { ascending: false })
+    .limit(limit);
+
+  if (status !== 'all') {
+    query = query.eq('status', status);
+  }
+
+  if (args.tester_id && isValidUUID(args.tester_id)) {
+    query = query.eq('tester_id', args.tester_id);
+  }
+
+  const { data: sessions, error } = await query;
+
+  if (error) {
+    return { error: error.message };
+  }
+
+  // Optionally load findings for each session
+  let sessionsWithFindings = sessions || [];
+  if (includeFindings && sessions && sessions.length > 0) {
+    const sessionIds = sessions.map(s => s.id);
+    const { data: findings } = await supabase
+      .from('qa_findings')
+      .select('id, session_id, type, severity, title, description, route, converted_to_bug_id, dismissed')
+      .in('session_id', sessionIds);
+
+    const findingsList = findings || [];
+    const findingsBySession = findingsList.reduce((acc, f) => {
+      acc[f.session_id] = acc[f.session_id] || [];
+      acc[f.session_id].push(f);
+      return acc;
+    }, {} as Record<string, typeof findingsList>);
+
+    sessionsWithFindings = sessions.map(s => ({
+      ...s,
+      findings: findingsBySession[s.id] || [],
+    }));
+  }
+
+  const summary = {
+    total: sessionsWithFindings.length,
+    active: sessionsWithFindings.filter(s => s.status === 'active').length,
+    completed: sessionsWithFindings.filter(s => s.status === 'completed').length,
+    totalFindings: sessionsWithFindings.reduce((sum, s) => sum + (s.findings_count || 0), 0),
+    totalBugsFiled: sessionsWithFindings.reduce((sum, s) => sum + (s.bugs_filed || 0), 0),
+  };
+
+  return {
+    sessions: sessionsWithFindings,
+    summary,
+  };
+}
+
+async function getQAAlerts(args: {
+  severity?: 'critical' | 'warning' | 'info' | 'all';
+  type?: 'hot_spot' | 'coverage_gap' | 'track_gap' | 'regression' | 'all';
+  status?: 'active' | 'acknowledged' | 'all';
+  refresh?: boolean;
+}) {
+  const severity = args.severity || 'all';
+  const type = args.type || 'all';
+  const status = args.status || 'active';
+
+  // Optionally refresh alerts
+  if (args.refresh) {
+    await supabase.rpc('detect_all_alerts', { p_project_id: PROJECT_ID });
+  }
+
+  let query = supabase
+    .from('qa_alerts')
+    .select('*')
+    .eq('project_id', PROJECT_ID)
+    .order('severity', { ascending: true }) // critical first
+    .order('created_at', { ascending: false });
+
+  if (severity !== 'all') {
+    query = query.eq('severity', severity);
+  }
+  if (type !== 'all') {
+    query = query.eq('type', type);
+  }
+  if (status !== 'all') {
+    query = query.eq('status', status);
+  }
+
+  const { data: alerts, error } = await query;
+
+  if (error) {
+    return { error: error.message };
+  }
+
+  const summary = {
+    total: alerts?.length || 0,
+    critical: alerts?.filter(a => a.severity === 'critical').length || 0,
+    warning: alerts?.filter(a => a.severity === 'warning').length || 0,
+    info: alerts?.filter(a => a.severity === 'info').length || 0,
+    byType: {
+      hot_spot: alerts?.filter(a => a.type === 'hot_spot').length || 0,
+      coverage_gap: alerts?.filter(a => a.type === 'coverage_gap').length || 0,
+      track_gap: alerts?.filter(a => a.type === 'track_gap').length || 0,
+    },
+  };
+
+  return {
+    alerts: alerts?.map(a => ({
+      id: a.id,
+      type: a.type,
+      severity: a.severity,
+      title: a.title,
+      description: a.description,
+      route: a.trigger_route,
+      track: a.trigger_track,
+      recommendation: a.recommendation,
+      action_type: a.action_type,
+      status: a.status,
+      created_at: a.created_at,
+    })),
+    summary,
+  };
+}
+
+async function getDeploymentAnalysis(args: {
+  deployment_id?: string;
+  environment?: 'production' | 'preview' | 'staging' | 'all';
+  limit?: number;
+  include_testing_priority?: boolean;
+}) {
+  const limit = Math.min(args.limit || 10, 50);
+  const includeTestingPriority = args.include_testing_priority !== false;
+
+  if (args.deployment_id && isValidUUID(args.deployment_id)) {
+    // Get specific deployment
+    const { data: deployment, error } = await supabase
+      .from('deployments')
+      .select('*')
+      .eq('id', args.deployment_id)
+      .eq('project_id', PROJECT_ID)
+      .single();
+
+    if (error) {
+      return { error: error.message };
+    }
+
+    return { deployment };
+  }
+
+  // Get deployment history
+  let query = supabase
+    .from('deployments')
+    .select('*')
+    .eq('project_id', PROJECT_ID)
+    .order('deployed_at', { ascending: false })
+    .limit(limit);
+
+  if (args.environment && args.environment !== 'all') {
+    query = query.eq('environment', args.environment);
+  }
+
+  const { data: deployments, error } = await query;
+
+  if (error) {
+    return { error: error.message };
+  }
+
+  const summary = {
+    total: deployments?.length || 0,
+    avgRiskScore: deployments?.length
+      ? Math.round(deployments.reduce((sum, d) => sum + (d.risk_score || 0), 0) / deployments.length)
+      : 0,
+    highRisk: deployments?.filter(d => (d.risk_score || 0) >= 70).length || 0,
+    verified: deployments?.filter(d => d.verified_at).length || 0,
+  };
+
+  return {
+    deployments: deployments?.map(d => ({
+      id: d.id,
+      environment: d.environment,
+      commit_sha: d.commit_sha,
+      commit_message: d.commit_message,
+      branch: d.branch,
+      deployed_at: d.deployed_at,
+      risk_score: d.risk_score,
+      routes_affected: d.routes_affected,
+      testing_priority: includeTestingPriority ? d.testing_priority : undefined,
+      verified: !!d.verified_at,
+    })),
+    summary,
+  };
+}
+
+async function getTesterRecommendations(args: {
+  test_case_id: string;
+  limit?: number;
+}) {
+  if (!isValidUUID(args.test_case_id)) {
+    return { error: 'Invalid test_case_id format' };
+  }
+
+  const limit = Math.min(args.limit || 5, 10);
+
+  const { data: recommendations, error } = await supabase.rpc('get_tester_recommendations', {
+    p_test_case_id: args.test_case_id,
+    p_limit: limit,
+  });
+
+  if (error) {
+    return { error: error.message };
+  }
+
+  // Get test case info for context
+  const { data: testCase } = await supabase
+    .from('test_cases')
+    .select('test_key, title, track:qa_tracks(name)')
+    .eq('id', args.test_case_id)
+    .single();
+
+  return {
+    test_case: testCase ? {
+      id: args.test_case_id,
+      test_key: testCase.test_key,
+      title: testCase.title,
+      track: (testCase.track as any)?.name,
+    } : null,
+    recommendations: recommendations?.map((r: any) => ({
+      tester_id: r.tester_id,
+      name: r.tester_name,
+      email: r.tester_email,
+      match_score: r.match_score,
+      reasons: r.match_reasons,
+    })) || [],
+  };
+}
+
+async function analyzeCommitForTesting(args: {
+  commit_sha?: string;
+  files_changed: string[];
+  commit_message?: string;
+  record_deployment?: boolean;
+}) {
+  const filesChanged = args.files_changed || [];
+
+  // Map files to routes using file_route_mapping
+  const { data: mappings } = await supabase
+    .from('file_route_mapping')
+    .select('file_pattern, route, feature, confidence')
+    .eq('project_id', PROJECT_ID);
+
+  const affectedRoutes: Array<{ route: string; feature?: string; confidence: number; matched_files: string[] }> = [];
+
+  for (const mapping of mappings || []) {
+    const matchedFiles = filesChanged.filter(file => {
+      const pattern = mapping.file_pattern
+        .replace(/\*\*/g, '.*')
+        .replace(/\*/g, '[^/]*');
+      return new RegExp(pattern).test(file);
+    });
+
+    if (matchedFiles.length > 0) {
+      affectedRoutes.push({
+        route: mapping.route,
+        feature: mapping.feature || undefined,
+        confidence: mapping.confidence,
+        matched_files: matchedFiles,
+      });
+    }
+  }
+
+  // Get bug history for affected routes
+  const routes = affectedRoutes.map(r => r.route);
+  let bugHistory: any[] = [];
+
+  if (routes.length > 0) {
+    const { data: bugs } = await supabase
+      .from('reports')
+      .select('id, severity, description, route, created_at')
+      .eq('project_id', PROJECT_ID)
+      .eq('report_type', 'bug')
+      .in('route', routes)
+      .gte('created_at', new Date(Date.now() - 30 * 24 * 60 * 60 * 1000).toISOString());
+
+    bugHistory = bugs || [];
+  }
+
+  // Calculate risk score
+  let riskScore = 0;
+  riskScore += Math.min(filesChanged.length * 2, 20); // File count
+  riskScore += Math.min(affectedRoutes.length * 5, 30); // Route count
+  riskScore += Math.min(bugHistory.length * 10, 50); // Bug history
+
+  // Generate testing recommendations
+  const recommendations = affectedRoutes.map(r => {
+    const routeBugs = bugHistory.filter(b => b.route === r.route);
+    const priority = routeBugs.length >= 3 ? 'critical' :
+                     routeBugs.length >= 1 ? 'high' : 'medium';
+
+    return {
+      route: r.route,
+      feature: r.feature,
+      priority,
+      reason: routeBugs.length > 0
+        ? `${routeBugs.length} bug(s) in last 30 days`
+        : 'Code changed in this area',
+      recent_bugs: routeBugs.length,
+    };
+  }).sort((a, b) => {
+    const order = { critical: 0, high: 1, medium: 2 };
+    return order[a.priority as keyof typeof order] - order[b.priority as keyof typeof order];
+  });
+
+  // Optionally record as deployment
+  if (args.record_deployment) {
+    await supabase.rpc('record_deployment', {
+      p_project_id: PROJECT_ID,
+      p_environment: 'production',
+      p_commit_sha: args.commit_sha || null,
+      p_commit_message: args.commit_message || null,
+      p_files_changed: filesChanged,
+      p_webhook_source: 'mcp',
+    });
+  }
+
+  return {
+    commit_sha: args.commit_sha,
+    files_analyzed: filesChanged.length,
+    risk_score: Math.min(riskScore, 100),
+    affected_routes: affectedRoutes,
+    bug_history_summary: {
+      total: bugHistory.length,
+      critical: bugHistory.filter(b => b.severity === 'critical').length,
+      high: bugHistory.filter(b => b.severity === 'high').length,
+    },
+    testing_recommendations: recommendations,
+    deployment_recorded: args.record_deployment || false,
+  };
+}
+
+async function getTestingPatterns(args: {
+  feature_type?: string;
+  framework?: string;
+  tracks?: string[];
+  search?: string;
+}) {
+  let patterns: any[] = [];
+
+  if (args.search) {
+    // Search patterns by keyword
+    const { data, error } = await supabase.rpc('search_patterns', {
+      p_query: args.search,
+      p_limit: 20,
+    });
+    if (!error) patterns = data || [];
+  } else if (args.feature_type) {
+    // Get patterns for feature type
+    const { data, error } = await supabase.rpc('get_patterns_for_feature', {
+      p_category: args.feature_type,
+      p_framework: args.framework || null,
+      p_tracks: args.tracks || null,
+    });
+    if (!error) patterns = data || [];
+  } else {
+    // Get all patterns (limited)
+    const { data, error } = await supabase
+      .from('qa_patterns')
+      .select('*')
+      .eq('is_active', true)
+      .order('severity')
+      .limit(30);
+    if (!error) patterns = data || [];
+  }
+
+  const summary = {
+    total: patterns.length,
+    by_severity: {
+      critical: patterns.filter(p => p.severity === 'critical').length,
+      high: patterns.filter(p => p.severity === 'high').length,
+      medium: patterns.filter(p => p.severity === 'medium').length,
+      low: patterns.filter(p => p.severity === 'low').length,
+    },
+    by_track: patterns.reduce((acc, p) => {
+      acc[p.track] = (acc[p.track] || 0) + 1;
+      return acc;
+    }, {} as Record<string, number>),
+  };
+
+  return {
+    patterns: patterns.map(p => ({
+      title: p.title,
+      category: p.category,
+      track: p.track,
+      severity: p.severity,
+      description: p.description,
+      why_it_happens: p.why_it_happens,
+      suggested_tests: p.suggested_tests,
+      common_fix: p.common_fix,
+      source: p.source,
+      frameworks: p.frameworks,
+    })),
+    summary,
+    note: 'Patterns are from public knowledge (OWASP, WCAG, framework docs), not customer data.',
+  };
+}
+
 async function analyzeChangesForTests(args: {
   changed_files: string[];
   change_type: 'feature' | 'bugfix' | 'refactor' | 'ui_change' | 'api_change' | 'config';
@@ -2837,7 +3416,28 @@ async function createBugReport(args: {
     codeContext.suggested_fix = args.suggested_fix;
   }
 
-  const report = {
+  // Find a reporter_id: try to get the project owner or first tester
+  let reporterId: string | null = null;
+  const { data: project } = await supabase
+    .from('projects')
+    .select('owner_id')
+    .eq('id', PROJECT_ID)
+    .single();
+  if (project?.owner_id) {
+    reporterId = project.owner_id;
+  } else {
+    // Fallback: use the first tester for this project
+    const { data: testers } = await supabase
+      .from('testers')
+      .select('id')
+      .eq('project_id', PROJECT_ID)
+      .limit(1);
+    if (testers && testers.length > 0) {
+      reporterId = testers[0].id;
+    }
+  }
+
+  const report: Record<string, unknown> = {
     project_id: PROJECT_ID,
     report_type: 'bug',
     title: args.title,
@@ -2856,6 +3456,10 @@ async function createBugReport(args: {
     code_context: codeContext,
   };
 
+  if (reporterId) {
+    report.reporter_id = reporterId;
+  }
+
   const { data, error } = await supabase
     .from('reports')
     .insert(report)
@@ -3986,6 +4590,25 @@ async function main() {
         case 'complete_fix_request':
           result = await completeFixRequest(args as any);
           break;
+        // === SPRINT 5: NEW MCP TOOLS ===
+        case 'get_qa_sessions':
+          result = await getQASessions(args as any);
+          break;
+        case 'get_qa_alerts':
+          result = await getQAAlerts(args as any);
+          break;
+        case 'get_deployment_analysis':
+          result = await getDeploymentAnalysis(args as any);
+          break;
+        case 'get_tester_recommendations':
+          result = await getTesterRecommendations(args as any);
+          break;
+        case 'analyze_commit_for_testing':
+          result = await analyzeCommitForTesting(args as any);
+          break;
+        case 'get_testing_patterns':
+          result = await getTestingPatterns(args as any);
+          break;
         default:
           return {
             content: [{ type: 'text', text: `Unknown tool: ${name}` }],