-
Notifications
You must be signed in to change notification settings - Fork 4.7k
feat: embedded MCP server with user-scoped token authentication (#15383) #41980
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
salevine
wants to merge
60
commits into
release
Choose a base branch
from
feat/15383/add_mcp_server
base: release
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
60 commits
Select commit
Hold shift + click to select a range
f07f6bf
feat: add embedded MCP server with user-scoped token authentication (…
salevine b55ba0a
feat(mcp): app-builder tools + adversarial security hardening
salevine de790f9
fix(mcp): review round — flag-off healthcheck, token expiry UX, sessi…
salevine 673f6d4
fix(mcp): fix failing server unit tests (CsrfTest, manager test)
salevine 1aed8c5
fix(mcp): CsrfTest filter-order + McpTokens font-family test assertion
salevine e5ed59b
fix(mcp): stop MCP auth manager from hijacking form-login (CsrfTest 500)
salevine 0bb4bbd
feat(mcp): app-builder capability release — lint, instructions, catal…
salevine d362734
feat(mcp): safe direct-authoring MCP v1 — governance, CRUD, data laye…
salevine 0ec4d8b
fix(mcp): green CI — prettier/lint formatting, Java test fixes, rever…
salevine aac87f2
fix(mcp): format McpTokens.tsx (prettier) and drop redundant rotate s…
salevine da31c7b
test(mcp): integration-test governance store against real Mongo + Redis
salevine 8c49436
feat(mcp): close the CRUD loop — datasource creation, display binding…
salevine bfeba6d
feat(mcp): enable MCP by default with an Admin Settings toggle
salevine 77a6e22
fix(mcp): live-test fixes, reachable token UI, and admin-settable tok…
salevine dd0e8ea
feat(mcp): REST datasource creation + fix live app-build blockers
salevine b5c0119
fix(mcp): resolve actions via applicationId (getAction 405) so run_ac…
salevine 8813ee2
feat(mcp): dynamic REST paths, query-bound tables, fixed layout — wor…
salevine e4c03e3
fix(mcp): emit current DSL version so the client runs zero migrations
salevine 629bc1e
feat(mcp): enable data tools and JS objects by default
salevine d7e7897
fix(mcp): guard table query bindings so the table is valid before the…
salevine dde8870
feat(mcp): reset action, clear-on-empty table binding, and zebra row …
salevine 504e16b
feat(mcp): input validation formats and disable-when-invalid wiring
salevine f4bf271
fix(mcp): only REST GET/HEAD is confirmation-free; never trust SQL te…
salevine 90afa75
fix(mcp): add configurable Host allowlist for /mcp (DNS-rebinding def…
salevine dbb9617
feat(mcp): make the agent see (and use) more of Appsmith's capabilities
salevine 9bcbb29
feat(mcp): surface the MCP server URL on the tokens page
salevine a2b8ae5
test(cypress): target the profile email field by test id, not last input
salevine dad3474
feat(mcp): conditional visibility / view switching (visibleWhen)
salevine 92117cc
fix(mcp): make the select widget's options render (sourceData) + reje…
salevine 6c9e5c1
feat(mcp): add card grid (List Widget V2) to the app builder
salevine e048608
feat(mcp): milestone 1 — safety hardening for the default-on MCP surface
salevine e00466f
feat(mcp): M2-T1 — lock mcp_ tokens to the MCP flow (internal marker …
salevine eee866f
feat(mcp): M2-T2 admin audit visibility + M2-T3 rate-limit keying
salevine 77cb991
test(mcp): M3 — close CI/test gaps (integration suite, flag-off, migr…
salevine dea69f4
feat(mcp): M4-T1 query-bound charts/selects + query ordering/aggregat…
salevine 7b5fcb3
feat(mcp): M4-T5 widen widget catalog (+5 widgets); M4-T6 widget-vers…
salevine 0f58ec4
feat(mcp): M4-T2 MongoDB + Google Sheets datasources and structured q…
salevine 01df201
feat(mcp): M4-T4 usage telemetry (token-created analytics + tool-invo…
salevine 71e0bd9
feat(mcp): audit-log direct /api/v1 token rejections + hash username …
salevine 122fb57
fix(mcp): reformat README.md table to satisfy Prettier CI check
salevine e6fd46b
fix(mcp): enforce the MCP allowlist filter (denied requests no longer…
salevine 9b4dfe5
fix(mcp): evict own oldest session at per-user cap instead of 429 loc…
salevine 648ff0a
feat(mcp): M5 — store accumulation vocabulary, auto-publish + URLs, a…
salevine d034732
fix(mcp): 404 for dead sessions (spec compliance), deployNote on edit…
salevine e491504
feat(mcp): M6 canvas awareness — overlap prevention, resize op, modal…
salevine a0be711
feat(mcp): M7 git awareness — status gate, mcp/ agent branches, elici…
salevine 4098b2f
feat(mcp): human-approval elicitation for all destructive ops + field…
salevine 7552451
refactor(mcp): extract git projections, prompt hygiene, and build inf…
salevine 324b23b
Merge remote-tracking branch 'origin/release' into feat/15383/add_mcp…
salevine 466a98c
feat(mcp): M9 live-integration fixes — git-state 405, build URLs, lay…
salevine 36b7551
chore: gitignore the local .gitnexus index directory
salevine 6afe0a1
fix(mcp): disambiguate elicitation non-accept outcomes in destructive…
salevine 7ce78a4
feat(mcp): harden destructive-approval elicitation for broken clients
salevine 2cb6579
feat(mcp): bind text and image widgets to a query response field
salevine a3dc250
feat(mcp): extend wire_event to select/input/checkbox/switch/datepick…
salevine 835510d
feat(mcp): computed display values for text widgets (now/count/concat)
salevine abe9735
feat(mcp): visibleWhen predicates, strict elicitation mode, hand-auth…
salevine 8ac7694
chore(mcp): prettier-format README env-var tables
salevine 3c77fe7
feat(mcp): formula AST — compiled arithmetic for text computed values
salevine 9543878
fix(mcp): scope governance audit reads to the caller's tenant
salevine File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,142 @@ | ||
| name: Build MCP Workflow | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| workflow_call: | ||
| inputs: | ||
| pr: | ||
| description: "PR number when building a pull-request merge commit" | ||
| required: false | ||
| type: number | ||
| skip-tests: | ||
| description: "Skip unit tests for image-only builds" | ||
| required: false | ||
| type: string | ||
| default: "false" | ||
| branch: | ||
| description: "Branch to build when pr is 0" | ||
| required: false | ||
| type: string | ||
|
|
||
| pull_request: | ||
| branches: [release, master] | ||
| paths: | ||
| - "app/client/packages/mcp/**" | ||
|
|
||
| defaults: | ||
| run: | ||
| working-directory: app/client/packages/mcp | ||
| shell: bash | ||
|
|
||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| if: | | ||
| github.event.pull_request.head.repo.full_name == github.repository || | ||
| github.event_name == 'push' || | ||
| github.event_name == 'workflow_dispatch' || | ||
| github.event_name == 'repository_dispatch' || | ||
| github.event_name == 'schedule' || | ||
| github.event_name == 'release' | ||
| # Mongo + Redis back the governance store's distributed-lock / confirmation-atomicity safety net. Without these | ||
| # service containers store.integration.test.ts stays describe.skip and that safety net never runs in CI. | ||
| services: | ||
| mongodb: | ||
| image: mongo:6.0 | ||
| ports: | ||
| - 27017:27017 | ||
| options: >- | ||
| --health-cmd "mongosh --quiet --eval 'db.runCommand({ ping: 1 }).ok'" | ||
| --health-interval 10s | ||
| --health-timeout 5s | ||
| --health-retries 10 | ||
| redis: | ||
| image: redis:7 | ||
| ports: | ||
| - 6379:6379 | ||
| options: >- | ||
| --health-cmd "redis-cli ping" | ||
| --health-interval 10s | ||
| --health-timeout 5s | ||
| --health-retries 10 | ||
| steps: | ||
| - name: Checkout the merged pull-request commit | ||
| if: inputs.pr != 0 | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-tags: true | ||
| persist-credentials: false | ||
| ref: refs/pull/${{ inputs.pr }}/merge | ||
|
|
||
| - name: Checkout the specified branch | ||
| if: inputs.pr == 0 && inputs.branch != '' | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-tags: true | ||
| persist-credentials: false | ||
| ref: ${{ inputs.branch }} | ||
|
|
||
| - name: Checkout the head commit | ||
| if: inputs.pr == 0 && inputs.branch == '' | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-tags: true | ||
| persist-credentials: false | ||
|
|
||
| - name: Use Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version-file: app/client/package.json | ||
|
|
||
| # actions/setup-node@v4 does not restore Yarn 3 caches from a subdirectory. | ||
| - name: Restore Yarn cache | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: app/client/.yarn/cache | ||
| key: v1-yarn3-${{ hashFiles('app/client/yarn.lock') }} | ||
| restore-keys: | | ||
| v1-yarn3- | ||
|
|
||
| - name: Install dependencies | ||
| run: | | ||
| corepack enable | ||
| yarn install --immutable | ||
|
|
||
| - name: Check types | ||
| run: yarn check-types | ||
|
|
||
| - name: Lint | ||
| run: yarn lint | ||
|
|
||
| - name: Check formatting | ||
| run: yarn prettier | ||
|
|
||
| - name: Run unit tests | ||
| if: inputs.skip-tests != 'true' | ||
| run: yarn test:unit | ||
|
|
||
| # Runs ONLY the governance integration suite against the mongo+redis service containers (kept separate so the | ||
| # unit run above stays fast). With these env vars set, store.integration.test.ts's describe.skip flips to | ||
| # describe and the Redis-lock / confirmation-atomicity assertions actually execute. | ||
| - name: Run governance integration tests | ||
| if: inputs.skip-tests != 'true' | ||
| env: | ||
| APPSMITH_MONGODB_URI: mongodb://127.0.0.1:27017 | ||
| APPSMITH_REDIS_URL: redis://127.0.0.1:6379 | ||
| # Forces the anti-silent-no-op guard: if the mongo/redis wiring ever drifts, the step FAILS instead of the | ||
| # suite reverting to describe.skip and exiting 0 green. | ||
| MCP_REQUIRE_INTEGRATION: "1" | ||
| run: yarn test:unit src/governance/store.integration.test.ts | ||
|
|
||
| - name: Build | ||
| run: yarn build | ||
|
|
||
| - name: Tar the MCP bundle | ||
| run: tar -cvf mcp-dist.tar dist | ||
|
|
||
| - name: Upload MCP build bundle | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: mcp-dist | ||
| path: app/client/packages/mcp/mcp-dist.tar | ||
| overwrite: true |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.