Skip to content

feat(mcp): add fail-closed read-only mode#76

Open
100yenadmin wants to merge 1 commit into
reconcile/r13-secure-eval-serverfrom
reconcile/r14-mcp-read-only
Open

feat(mcp): add fail-closed read-only mode#76
100yenadmin wants to merge 1 commit into
reconcile/r13-secure-eval-serverfrom
reconcile/r14-mcp-read-only

Conversation

@100yenadmin

@100yenadmin 100yenadmin commented Jul 13, 2026

Copy link
Copy Markdown
Member

Capability

Implements R14: fail-closed MCP read-only mode.

  • Uses GITNEXUS_MCP_READ_ONLY=1 with OPENCLAW_CODE_INDEX_MCP=1 retained as fork compatibility.
  • Resolves and validates mode once per MCP server instance.
  • Exposes only proven single-repository read tools.
  • Preserves legacy read aliases at dispatch.
  • Hides and rejects raw Cypher, mutation, group tools, group routes, group resources, and unknown dynamic calls before backend dispatch.
  • Removes group-only parameters and guidance from read-only discovery.
  • Scrubs hidden tools and group routes from generated setup and repository-context resources.
  • Rejects malformed switch values instead of silently disabling policy.

This supersedes the read-only portions of mixed legacy commits d1cd512e and c478f4a4; neither is cherry-picked.

Evidence

  • Initial red matrix: 17 of 20 cases failed before implementation.
  • Final security matrix: 22 passed.
  • Focused MCP/resource matrix: 108 passed.
  • Explicit CREATE, DETACH DELETE, and DROP TABLE Cypher attempts never reached the backend.
  • TypeScript and full package build: passed.
  • Targeted ESLint: zero errors; existing warnings only.
  • Prettier and diff checks: passed.
  • Detailed evidence: /Volumes/LEXAR/Codex/session-notes/2026-07-13/gitnexus-fork-upstream-reconciliation/r14-mcp-read-only.md.

Stack And Gate

  • Base: reconcile/r13-secure-eval-server.
  • Head: 750d9b94a095f6eed5ae4d9fb5562fdabfe957e8.
  • This PR must wait for R13, then be retargeted to the integration branch and revalidated at current head.
  • R15 adds repository policy separately.
  • Publication, runtime rollout, live-index mutation, and default-branch promotion are outside this PR.

Closes #53 after merge.
Parent epic: #39.

@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, add credits to your account and enable them for code reviews in your settings.

@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: ca66c773-fae3-4c04-870e-d5198700b0a8

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch reconcile/r14-mcp-read-only

Comment @coderabbitai help to get the list of available commands.

@evaos-code-review-bot

evaos-code-review-bot Bot commented Jul 13, 2026

Copy link
Copy Markdown

evaOS review status: stale head

PR: #76 - feat(mcp): add fail-closed read-only mode
Head: 3923d89fa530449b49b54e4a5a10b5cf10300344
Updated: 2026-07-13T13:14:48.077Z

evaOS review stopped because this queued head is no longer the live PR head.

Automation note: agents should wait for this comment to reach completed, stale_head, closed_or_merged_before_review, skipped, or failed before treating evaOS review as settled for this head. provider_deferred means evaOS still intends to retry.

PR URL: #76

Details: Superseded by a newer PR head.

@100yenadmin 100yenadmin force-pushed the reconcile/r14-mcp-read-only branch from 3923d89 to 750d9b9 Compare July 13, 2026 13:14
@evaos-code-review-bot

evaos-code-review-bot Bot commented Jul 13, 2026

Copy link
Copy Markdown

evaOS review status: completed

PR: #76 - feat(mcp): add fail-closed read-only mode
Head: 750d9b94a095f6eed5ae4d9fb5562fdabfe957e8
Updated: 2026-07-13T13:26:46.415Z

evaOS review completed for this PR head.

Automation note: agents should wait for this comment to reach completed, stale_head, closed_or_merged_before_review, skipped, or failed before treating evaOS review as settled for this head. provider_deferred means evaOS still intends to retry.

PR URL: #76

Review URL: #76 (review)

@evaos-code-review-bot evaos-code-review-bot Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Walkthrough

PR: #76 - feat(mcp): add fail-closed read-only mode
Head: 750d9b94a095f6eed5ae4d9fb5562fdabfe957e8 into reconcile/r13-secure-eval-server. Review event: COMMENT.
Provider: GLM/Z.ai through ZCode (zcode-glm, zcode, model GLM-5.2).

Estimated review effort: 1/5 (~10 min)

Changed Files

File Status Churn Purpose Risk

Review Signal

No validated inline findings.
Dropped findings before posting: 3. High-severity findings: 0.

Risk Taxonomy

No finding categories.

Validation and Proof

1 required validation/proof recommendation(s) selected from changed files.

  • required: TypeScript/web build or CI proof - Runtime TypeScript/web files or package/config files changed. Proof: npm run build; typecheck; focused Vitest; green GitHub check.
    Proof status: sufficient - PR metadata mentions acceptable proof for each required validation recommendation.
    Profile validation hints: Call out stale index, wrong repo identity, memory growth, and destructive analyze behavior.
    Profile proof expectations: Look for focused CLI, index, query, or migration proof.

Related Context

Related issues/PRs: #53, #39.
Suggested labels: none.
Suggested reviewers: none from current metadata.

Review Settings Preview

  • Profile: assertive
  • Enabled sections: Review summary (inline_review); Walkthrough (inline_review); Changed-files table (walkthrough); Effort estimate (walkthrough); Related issues/PRs (walkthrough); Suggested labels (suggestion_only); Review status comment (sticky_status)
  • Path instructions: none
  • Label suggestions: gitnexus, code-intelligence, backend
  • Reviewer suggestions: none
  • Suggestion behavior: suggestions only; labels and reviewers are not auto-applied.
  • Roadmap-only settings: auto-apply labels; auto-request reviewers; required status checks

Pre-merge checklist

  • Inline comments target current RIGHT-side diff lines.
  • No secret-like content survived into posted inline comments.
  • REQUEST_CHANGES is only used when eligible P0/P1 findings survive validation.
  • Required behavior proof is present or not applicable.
  • Labels and reviewers are suggestions only; the bot did not auto-apply them.

@github-actions

github-actions Bot commented Jul 13, 2026

Copy link
Copy Markdown

CI Report

All checks passed

Pipeline Status

Stage Status Details
✅ Typecheck success tsc --noEmit
✅ Tests success unit tests, 3 platforms
✅ E2E success gitnexus-web changes only

Test Results

Tests Passed Failed Skipped Duration
14614 14552 0 62 20s

✅ All 14552 tests passed

62 test(s) skipped — expand for details

Code Coverage

Tests

Metric Coverage Covered Base Delta Status
Statements 80.75% 54141/67042 N/A% 🟢 ████████████████░░░░
Branches 67.81% 33133/48861 N/A% 🟢 █████████████░░░░░░░
Functions 86.87% 6254/7199 N/A% 🟢 █████████████████░░░
Lines 84.27% 48298/57307 N/A% 🟢 ████████████████░░░░

📋 View full run · Generated by CI

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant