Skip to content

chore: strengthen coding standards enforcement and fix scope violations#400

Closed
cursor[bot] wants to merge 3 commits into
mainfrom
cursor/mcp-server-coding-standards-1ce1
Closed

chore: strengthen coding standards enforcement and fix scope violations#400
cursor[bot] wants to merge 3 commits into
mainfrom
cursor/mcp-server-coding-standards-1ce1

Conversation

@cursor

@cursor cursor Bot commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Summary

Expands automated enforcement of the registry-driven MCP architecture documented in docs/coding-standards.md, and fixes toolset violations surfaced by the new checks.

Changes

New guardrails (pnpm standards:check)

  • Registry contract tests (tests/coding-standards/registry-contracts.test.ts):

    • Every resource declares a valid scope
    • Every resource declares identifierFields (empty array allowed for singleton gets)
    • Get operations with non-scope path params map them via identifierFields
    • Every endpoint declares operationPolicy.risk and retryPolicy
    • Endpoint specs do not manually map scope query params (with documented exceptions)
  • Architecture test additions (tests/coding-standards/architecture.test.ts):

    • HarnessClient is only instantiated in src/index.ts
    • Zod imports use zod/v4 (never bare zod)
    • No legacy server.tool() registrations

Toolset fixes (violations caught by new tests)

  • database_instance: add dbschema_id to identifierFields for nested get paths
  • idp_entity / idp_workflow: use scopeOptional and remove redundant org_id/project_id query param mappings
  • project: use injectOrgQueryFallback consistently instead of manual org_id → orgIdentifier mappings

Test update

  • registry.test.ts: project list now correctly expects org fallback injection when HARNESS_ORG is configured

Verification

  • pnpm standards:check — 17 tests pass
  • pnpm build — pass
  • pnpm typecheck — pass
  • pnpm test — 2159 tests pass
Open in Web View Automation 

thisrohangupta and others added 3 commits June 23, 2026 00:42
Update version across package.json, both manifest files, and the
release-metadata test that keeps them in sync.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

AI-Session-Id: 1b46c8db-abe4-4e9f-a38b-750362ead8ac
AI-Tool: claude-code
AI-Model: unknown
…ctors

Add regression tests for high-risk gaps in recent merges:
- resolveLogDownloadUrl hostname rewrite for self-managed CDN URLs (PR #358)
- HarnessClient.getCurrentUserId caching, dedup, and error paths (STO exemptions)
- CCM GraphQL response extractors (views, breakdown, timeseries, summary, recommendations)
- STO security_issue hint injection and pipeline_security_issue partition flattening

Co-authored-by: Rohan Gupta <thisrohangupta@users.noreply.github.com>
Expand automated architecture guardrails with registry contract tests,
HarnessClient singleton checks, Zod v4 import validation, and legacy
server.tool() detection.

Fix toolset violations caught by the new checks:
- database_instance: declare dbschema_id in identifierFields for nested gets
- idp_entity/idp_workflow: use scopeOptional instead of manual scope query params
- project: rely on injectOrgQueryFallback instead of redundant org_id mappings

Co-authored-by: Rohan Gupta <thisrohangupta@users.noreply.github.com>
@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ thisrohangupta
❌ cursoragent
You have signed the CLA already but the status is still pending? Let us recheck it.

@thisrohangupta

Copy link
Copy Markdown
Collaborator

Closing as stale: merge conflicts with main and work superseded by merged PRs (#447, #446, #449, #469, #440, #398, etc.) or duplicate agent-generated attempts. Reopen from a fresh branch if still needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants