fix(mcp): gate onboarding pack previews#4379
Conversation
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #4379 +/- ##
=======================================
Coverage 94.11% 94.11%
=======================================
Files 432 432
Lines 38348 38351 +3
Branches 13979 13980 +1
=======================================
+ Hits 36091 36094 +3
Misses 1600 1600
Partials 657 657
🚀 New features to boost your workflow:
|
3538deb to
bf5d9bd
Compare
|
Warning 🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨 ⏸️ Gittensory review result - manual review recommendedReview updated: 2026-07-10 08:38:09 UTC
⏸️ Suggested Action - Manual Review
Review summary Blockers
Nits — 5 non-blocking
Concerns raised — review before merging
Review context
Contributor next steps
Signal definitions
🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed 💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →. Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.
|
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
gittensory-ui | 61cf0a1 | Commit Preview URL Branch Preview URL |
Jul 10 2026, 08:26 AM |
This PR's own new requireRepoOnboardingPackAccess guard unconditionally
rejects the shared static "mcp" identity -- connectTestClient's default --
so its own added test broke an existing one that relied on that default.
Mirrors the { kind: "static", actor: "api" } pattern already used elsewhere
in this file for tools with the same access requirement.
Motivation
mcpcredential (when a repo is inMCP_READ_REPO_ALLOWLIST) to retrieve maintainer/API-backed preview data that the HTTP preview route intentionally denies to that credential.Description
requireRepoOnboardingPackAccesstosrc/mcp/server.tsto reject the shared staticmcpidentity and otherwise defer to the usual repo-access checks.getRepoOnboardingPackinsrc/mcp/server.tsto callrequireRepoOnboardingPackAccessinstead of the genericrequireRepoAccess.test/unit/mcp-repo-onboarding-pack.test.tsthat asserts the shared staticmcptoken is denied even when the repo is listed inMCP_READ_REPO_ALLOWLIST, and adjust the unregistered-repo case to exercise the trusted staticapiidentity to preserve existing coverage.Testing
npm --workspace @jsonbored/gittensory-engine run buildand ran the focused unit suite withnpx vitest run test/unit/mcp-repo-onboarding-pack.test.ts --reporter=verbose, and the test file passed (4 tests, 0 failures).npm run typecheckwhich completed successfully.Codex Task