Commit Graph

176 Commits

Author SHA1 Message Date
q792602257 2d6521e610 feat(mcp): prompts registration via RegisterSystemPrompts (system-scope only)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:52:54 +08:00
q792602257 5cccc97edd feat(app): wire MCP module — repo/service/ratelimiter/server + transport mount + AuditWrap
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:44:17 +08:00
q792602257 6ce21d178e feat(mcp): mount Streamable HTTP + legacy SSE transports with auth+ratelimit
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:37:48 +08:00
q792602257 5fd4eab7ca feat(mcp): audit recorder wrapper injecting via_mcp + mcp_token_id from ctx
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:35:44 +08:00
q792602257 d6279c6ee1 feat(mcp): scope check helpers (CheckToolFromCtx + CheckProjectFromCtx)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:34:54 +08:00
q792602257 59e0138e7c feat(mcp): CallerResolver (AuthSession -> project.Caller bridge)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:34:47 +08:00
q792602257 319b3a8baa feat(mcp): add MCP Go SDK v1.6.0 + NewMCPServer scaffold with register stubs
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:34:08 +08:00
q792602257 a00f5a9efd refactor(mcp): apply Part 1 review I1+I3+I4+I5
- Rename MCPToken -> Token (mcp.Token reads cleaner; zero external callers yet)
- IssueSystemToken: guard against nil ACPSessionID / UserID (early input validation)
- TokenService: inject now func for clock injection (parity with RateLimiter)
- Repository CHECK constraint tests: assert wrapped CodeInternal

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:28:49 +08:00
q792602257 980c6fcf0e models 2026-05-08 08:57:09 +08:00
q792602257 71a3a85b26 fix(mcp): code review I2 — admin expires_at must be future + Part 3 tx TODO + scope JSON round-trip tests
- IssueAdmin now rejects past/now ExpiresAt with CodeMcpTokenExpiresRequired
- TestIssueAdmin_ExpiresMustBeFuture covers the new path
- IssueSystemToken doc comment notes pgRepo currently ignores ctx tx; Part 3
  must add Repository.WithTx for true same-transaction guarantee with
  acp_sessions (spec §6.1)
- New scope_test.go (whitebox) verifies JSON round-trip preserves nil-vs-empty
  semantics on Tools / ProjectIDs and exercises AllowsTool / AllowsProject
  edges that Authenticate / future tool gating depend on
2026-05-08 08:30:26 +08:00
q792602257 c046d77a6e test(mcp): auth middleware + rate limiter tests 2026-05-08 08:11:02 +08:00
q792602257 e1e6508c4c feat(mcp): rate limit middleware (per-token + global token bucket, 1-min window) 2026-05-08 08:08:13 +08:00
q792602257 416a7d5023 feat(mcp): auth middleware (Bearer + ?token= fallback) 2026-05-08 08:06:41 +08:00
q792602257 8031579487 test(mcp): TokenService unit tests with fake repo 2026-05-08 08:04:54 +08:00
q792602257 7d9cd4bf6b feat(mcp): TokenService.Revoke + RevokeBySession (with audit) 2026-05-08 08:02:11 +08:00
q792602257 796e1e0d4c feat(mcp): TokenService.Authenticate (hash lookup + revoked/expired check + async last_used) 2026-05-08 08:00:35 +08:00
q792602257 0081ad6e49 feat(mcp): TokenService.IssueSystemToken (with default scope + 24h TTL) 2026-05-08 07:59:00 +08:00
q792602257 d1573bde09 feat(mcp): TokenService skeleton + IssueAdmin 2026-05-08 07:57:17 +08:00
q792602257 4071778930 test(mcp): RevokeBySession + ReapStaleSystemTokens integration 2026-05-08 07:27:59 +08:00
q792602257 d431b8103d test(mcp): repository CRUD + CHECK constraints + filter + purge integration 2026-05-08 07:25:21 +08:00
q792602257 bb512c0029 feat(mcp): repository RevokeBySession + ReapStaleSystemTokens + PurgeExpired 2026-05-08 07:22:16 +08:00
q792602257 21f29a68b5 feat(mcp): repository List + UpdateLastUsed + Revoke + DeleteByID 2026-05-08 07:20:19 +08:00
q792602257 3d16e4a877 feat(mcp): repository skeleton + Create + GetByHash + GetByID 2026-05-08 07:18:09 +08:00
q792602257 30a85d1b2d feat(config): add MCPConfig (enabled / public_url / system_token_ttl / rate_limit) 2026-05-08 07:14:24 +08:00
q792602257 29b4c50888 feat(mcp): plaintext token generator + SHA-256 hash helper 2026-05-08 07:12:43 +08:00
q792602257 a3710c8645 feat(mcp): domain types — Issuer / Scope / MCPToken + helpers 2026-05-08 07:11:03 +08:00
q792602257 b1db7841c7 feat(errs): add 8 MCP error codes + HTTPStatus mapping 2026-05-08 07:09:26 +08:00
q792602257 39f57df882 feat(mcp): sqlc queries for mcp_tokens (CRUD + revoke + reaper + purge) 2026-05-08 07:07:47 +08:00
q792602257 ce53c54fde test(acp): integration matrix scaffold + 3 implemented scenarios (CreateSuccess/Quota/BranchConflict) 2026-05-07 18:18:08 +08:00
q792602257 faebfc3135 feat(app): wire acp_events_purge runner into jobs scheduler 2026-05-07 17:47:50 +08:00
q792602257 4c19ce29ca feat(jobs): acp_events_purge runner (retention-based cron cleanup) 2026-05-07 17:39:57 +08:00
q792602257 b22aacee62 feat(middleware): support ?token= query param fallback for browser WebSocket auth 2026-05-07 17:30:10 +08:00
q792602257 70ffddb76c test(acp): handler integration e2e (POST session + WS state event + DELETE) 2026-05-07 17:20:33 +08:00
q792602257 f5f048083a feat(acp): WebSocket session handler (history + live + ping/pong + owner-only prompt/cancel) 2026-05-07 17:08:09 +08:00
q792602257 72cd353757 feat(acp): handler refactor + sessions REST endpoints (list/create/get/delete/events) 2026-05-07 14:34:47 +08:00
q792602257 26011975b4 feat(app): wire ACP Supervisor + SessionService + startup reaper 2026-05-07 14:29:14 +08:00
q792602257 90f910fcdd feat(acp): SessionService.Create with worktree acquire + supervisor.Spawn 2026-05-07 14:23:01 +08:00
q792602257 3e50da4a49 feat(workspace): session-scoped Caller.Holder + ReleaseByHolder for ACP integration 2026-05-07 14:21:00 +08:00
q792602257 9fc96b0a1a feat(acp): SessionService skeleton + ResolveBranch (5 paths) + tests 2026-05-07 14:11:47 +08:00
q792602257 ce28b822f9 feat(acp): SessionService interface + CreateSessionInput 2026-05-07 14:09:42 +08:00
q792602257 54a69a46cd test(acp): supervisor integration with fake-acp-agent (happy/hang/crash) 2026-05-07 14:05:06 +08:00
q792602257 70c86a552b feat(acp): supervisor spawn / handshake / monitor / kill / onExit 2026-05-07 14:01:04 +08:00
q792602257 85a8bc0df7 test(acp): relay round-trip + fanout + agent request handling + slow subscriber 2026-05-07 13:45:25 +08:00
q792602257 679ded50c9 chore(sqlc): regenerate models for migration 0006
sqlc reads all migrations into every package's schema, so the
addition of acp_* tables and workspaces.active_main_session_id
in migration 0006 propagates type definitions and SELECT
column lists across all sub-packages. No code logic changes.
2026-05-07 13:39:08 +08:00
q792602257 3d5f63b28e feat(acp): relay reader/writer goroutines + Call + persist with truncation 2026-05-07 12:25:39 +08:00
q792602257 64ff2a8c02 feat(acp/handlers): initialize + session/new param builders 2026-05-07 12:22:31 +08:00
q792602257 6da1dc5a40 feat(acp/handlers): session/request_permission auto-reject 2026-05-07 12:21:18 +08:00
q792602257 b9f38b6e94 feat(acp/handlers): fs/read_text_file + fs/write_text_file with path safety 2026-05-07 12:19:03 +08:00
q792602257 de73ad4935 feat(acp): relay skeleton (subscribe/unsubscribe/fanout/close) + supervisor.GetRelay 2026-05-07 12:16:06 +08:00
q792602257 839e5c9e95 feat(acp/handlers): handlers subpackage with shared types + placeholder handlers 2026-05-07 12:16:03 +08:00