sysadmin
|
6b675f5c83
|
fix: harden structured auth MCP errors against reviewer findings (#699)
Address PR #701 request-changes-class defects:
1. Fixed messages only — never embed HTTP bodies, Keychain, or exception
text in tool results or daemon logs; sanitization fails closed.
2. Narrow Tool.run boundary wraps original success path; re-raises
UrlElicitationRequiredError; install is idempotent.
3. No RuntimeError substring heuristics; only typed client failures
are classified as auth/authz/network/config.
4. Central classify_http_status — every HTTP 403 is GiteaAuthzError.
Regressions cover adversarial secrets, stdio survival, elicitation,
parser RuntimeError, generic 403, repeated install, profiles, provenance.
Closes #699
|
2026-07-13 13:40:38 -04:00 |
|
sysadmin
|
b4d0cb22e4
|
fix: map Gitea auth failures to structured MCP tool errors (Closes #699)
HTTP 401/scope-403/network failures become typed client errors with stable
reason codes. The FastMCP Tool.run boundary returns CallToolResult isError
payloads so stdio transport survives; daemon logs use sanitized reason codes
only. Regression tests cover author/reconciler profiles, transport survival,
and non-misclassification of unexpected exceptions.
Cross-links: #685, #695, #697, #698, PR #696 (scopes not absorbed).
|
2026-07-13 13:10:00 -04:00 |
|