Add PR author and reviewer eligibility checks to Gitea MCP #14

Closed
opened 2026-07-01 11:16:00 -05:00 by jcwalker3 · 0 comments
Owner

Parent

Roadmap #10 — Task-scoped MCP execution profiles for LLM-operated Gitea workflows

Problem

Before reviewing, approving, or merging a PR, the LLM must know whether the authenticated Gitea identity is eligible.

Scope

Add read-only eligibility checks for PR workflows.

Inputs:

  • repository
  • PR number
  • requested action: review, approve, request changes, merge

Checks:

  • authenticated username
  • active profile
  • PR author
  • PR state
  • whether authenticated user equals PR author
  • whether requested action is allowed by profile
  • whether PR is open/mergeable, where available

Required behavior

If the authenticated user is the PR author, approval and merge must fail closed.

If identity cannot be determined, approval and merge must fail closed.

Acceptance criteria

  • MCP can report reviewer eligibility for a PR.
  • MCP can report merger eligibility for a PR.
  • Self-review/self-merge is blocked before mutation.
  • Results include clear reasons for eligibility/ineligibility.
  • No mutation occurs in this issue unless explicitly limited to read-only checks.
  • Existing Gitea MCP behavior is not broken.

Non-goals

  • Do not implement actual approve/merge mutation yet unless separately approved.
  • Do not bypass Gitea protections.
  • Do not add Jenkins/Ops/deploy behavior.

Proposed labels

mcp · gitea · review · merge · security

## Parent Roadmap #10 — Task-scoped MCP execution profiles for LLM-operated Gitea workflows ## Problem Before reviewing, approving, or merging a PR, the LLM must know whether the authenticated Gitea identity is eligible. ## Scope Add read-only eligibility checks for PR workflows. Inputs: * repository * PR number * requested action: review, approve, request changes, merge Checks: * authenticated username * active profile * PR author * PR state * whether authenticated user equals PR author * whether requested action is allowed by profile * whether PR is open/mergeable, where available ## Required behavior If the authenticated user is the PR author, approval and merge must fail closed. If identity cannot be determined, approval and merge must fail closed. ## Acceptance criteria * MCP can report reviewer eligibility for a PR. * MCP can report merger eligibility for a PR. * Self-review/self-merge is blocked before mutation. * Results include clear reasons for eligibility/ineligibility. * No mutation occurs in this issue unless explicitly limited to read-only checks. * Existing Gitea MCP behavior is not broken. ## Non-goals * Do not implement actual approve/merge mutation yet unless separately approved. * Do not bypass Gitea protections. * Do not add Jenkins/Ops/deploy behavior. ## Proposed labels `mcp` · `gitea` · `review` · `merge` · `security`
jcwalker3 added the mcpsecuritygitearead-only labels 2026-07-01 11:28:22 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Scaled-Tech-Consulting/Gitea-Tools#14