feat: Add MCP query rules and digest statistics

[Copilot]

Implements firewall and query digest tracking for MCP queries, mirroring the MySQL query rules infrastructure.

Key Design

Actions are inferred from rule properties (not mutually exclusive):

• error_msg != NULL → block
• replace_pattern != NULL → rewrite
• timeout_ms > 0 → timeout
• OK_msg != NULL → return OK message
• otherwise → allow

Rules support flagIN/flagOUT chaining for multi-stage evaluation.

Tables

Configuration:

• mcp_query_rules - Persistent rule definitions (17 columns)
• runtime_mcp_query_rules - Active in-memory rules

Statistics:

• stats_mcp_query_rules - Hit counters per rule
• stats_mcp_query_digest - Query digest statistics (10 columns, SpookyHash-based)
• stats_mcp_query_digest_reset - Reset-on-read variant

Commands

Standard LOAD/SAVE patterns:

LOAD MCP QUERY RULES {FROM DISK | TO MEMORY | TO RUNTIME}
SAVE MCP QUERY RULES {TO DISK | TO MEMORY | FROM RUNTIME}

Implementation Notes

• Hit counters are in-memory only, not persisted
• Digest computation uses SpookyHash for consistency with MySQL digest implementation
• Rule evaluation uses ceiling division for timeout_ms to avoid truncating sub-second timeouts
• LOAD/SAVE operations use DELETE before INSERT to prevent stale rule persistence

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.