Skip to content

Commit 600b9f2

Browse files
author
Array Fleet
committed
fix: align advisory ecosystem enums and document array clear limits
Share advisoryPackageEcosystemEnum across read/write tools so swift is available everywhere, and document that credits/cweIds cannot be cleared via update (empty arrays are rejected by design).
1 parent 7a81308 commit 600b9f2

4 files changed

Lines changed: 14 additions & 9 deletions

File tree

pkg/github/__toolsnaps__/list_global_security_advisories.snap

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,8 @@
3535
"pip",
3636
"pub",
3737
"rubygems",
38-
"rust"
38+
"rust",
39+
"swift"
3940
],
4041
"type": "string"
4142
},

pkg/github/__toolsnaps__/update_repository_security_advisory.snap

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,11 @@
44
"openWorldHint": true,
55
"title": "Update repository security advisory"
66
},
7-
"description": "Update a repository security advisory, including publishing it. Severity and cvssVectorString cannot both be set.",
7+
"description": "Update a repository security advisory, including publishing it. Severity and cvssVectorString cannot both be set. Omit credits and cweIds to leave them unchanged; empty arrays are rejected and clearing these fields is not supported.",
88
"inputSchema": {
99
"properties": {
1010
"credits": {
11-
"description": "Users credited for the advisory.",
11+
"description": "Users credited for the advisory. Omit to leave unchanged; empty arrays are rejected and clearing this field is not supported.",
1212
"items": {
1313
"properties": {
1414
"login": {
@@ -49,7 +49,7 @@
4949
"type": "string"
5050
},
5151
"cweIds": {
52-
"description": "Common Weakness Enumeration IDs (for example, [\"CWE-79\"]).",
52+
"description": "Common Weakness Enumeration IDs (for example, [\"CWE-79\"]). Omit to leave unchanged; empty arrays are rejected and clearing this field is not supported.",
5353
"items": {
5454
"type": "string"
5555
},

pkg/github/security_advisories.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ func ListGlobalSecurityAdvisories(t translations.TranslationHelperFunc) inventor
4747
"ecosystem": {
4848
Type: "string",
4949
Description: "Filter by package ecosystem.",
50-
Enum: []any{"actions", "composer", "erlang", "go", "maven", "npm", "nuget", "other", "pip", "pub", "rubygems", "rust"},
50+
Enum: advisoryPackageEcosystemEnum,
5151
},
5252
"severity": {
5353
Type: "string",

pkg/github/security_advisories_write.go

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,10 @@ import (
1919
"github.com/modelcontextprotocol/go-sdk/mcp"
2020
)
2121

22+
var advisoryPackageEcosystemEnum = []any{
23+
"actions", "composer", "erlang", "go", "maven", "npm", "nuget", "other", "pip", "pub", "rubygems", "rust", "swift",
24+
}
25+
2226
var validAdvisoryEcosystems = map[string]struct{}{
2327
"actions": {}, "composer": {}, "erlang": {}, "go": {}, "maven": {}, "npm": {},
2428
"nuget": {}, "other": {}, "pip": {}, "pub": {}, "rubygems": {}, "rust": {}, "swift": {},
@@ -63,7 +67,7 @@ var securityAdvisoryPackageSchema = &jsonschema.Schema{
6367
"ecosystem": {
6468
Type: "string",
6569
Description: "The package ecosystem.",
66-
Enum: []any{"actions", "composer", "erlang", "go", "maven", "npm", "nuget", "other", "pip", "pub", "rubygems", "rust", "swift"},
70+
Enum: advisoryPackageEcosystemEnum,
6771
},
6872
"name": {
6973
Type: "string",
@@ -484,7 +488,7 @@ func UpdateRepositorySecurityAdvisory(t translations.TranslationHelperFunc) inve
484488
ToolsetMetadataSecurityAdvisories,
485489
mcp.Tool{
486490
Name: "update_repository_security_advisory",
487-
Description: t("TOOL_UPDATE_REPOSITORY_SECURITY_ADVISORY_DESCRIPTION", "Update a repository security advisory, including publishing it. Severity and cvssVectorString cannot both be set."),
491+
Description: t("TOOL_UPDATE_REPOSITORY_SECURITY_ADVISORY_DESCRIPTION", "Update a repository security advisory, including publishing it. Severity and cvssVectorString cannot both be set. Omit credits and cweIds to leave them unchanged; empty arrays are rejected and clearing these fields is not supported."),
488492
Annotations: &mcp.ToolAnnotations{
489493
Title: t("TOOL_UPDATE_REPOSITORY_SECURITY_ADVISORY_USER_TITLE", "Update repository security advisory"),
490494
ReadOnlyHint: false,
@@ -525,7 +529,7 @@ func UpdateRepositorySecurityAdvisory(t translations.TranslationHelperFunc) inve
525529
},
526530
"cweIds": {
527531
Type: "array",
528-
Description: "Common Weakness Enumeration IDs (for example, [\"CWE-79\"]).",
532+
Description: "Common Weakness Enumeration IDs (for example, [\"CWE-79\"]). Omit to leave unchanged; empty arrays are rejected and clearing this field is not supported.",
529533
Items: &jsonschema.Schema{Type: "string"},
530534
},
531535
"severity": {
@@ -539,7 +543,7 @@ func UpdateRepositorySecurityAdvisory(t translations.TranslationHelperFunc) inve
539543
},
540544
"credits": {
541545
Type: "array",
542-
Description: "Users credited for the advisory.",
546+
Description: "Users credited for the advisory. Omit to leave unchanged; empty arrays are rejected and clearing this field is not supported.",
543547
Items: securityAdvisoryCreditSchema,
544548
},
545549
"state": {

0 commit comments

Comments
 (0)