v1.0.3 – Cloudflare Worker Explicit Schemas & Transport Stabilization
This release finalizes the Cloudflare Worker deployment path with explicit Zod schemas for every MCP tool, eliminating the prior adapter ambiguity that occasionally caused hosts to drop or strip arguments. All core and extended tools now advertise a single authoritative schema surface, improving reliability across IDEs and remote MCP bridges.
🚀 Highlights
- Full dual transport (SSE
/sse+ Streamable HTTP/mcp) stable on Cloudflare Workers - Migrated remaining tools to explicit Zod schemas (no more permissive placeholder schemas):
append_rows,upsert_rows,delete_rows,link_rows,unlink_rows,attach_file_to_row,bulk_set_select_options
- Consistent structured JSON output across batch, linking, and option update operations
- File attachment tool now enforces size guard (
<= 5 MB) and returns a structuredERR_FILE_TOO_LARGEerror - Bulk select option updates return updated table schema snapshot
- New utility scripts (schema snapshot, transport parity, live tool tests) added for future regression tracking
🔐 Security Notice (Important)
The Cloudflare Worker endpoints are currently UNAUTHENTICATED in v1.0.3.
Do not expose a public Worker URL backed by sensitive SeaTable data until OAuth + scoped permissions land (planned).
Mitigations you can apply today:
- Keep the Worker URL private
- Restrict access with Cloudflare Access / IP rules
- Use mock mode (
SEATABLE_MOCK=true) for demos
🛠 Changed
- Removed dual (adapter + explicit) tool registration ambiguity; each tool now has one canonical schema
- Normalized
find_rowsDSL + shorthand mapping (friendly display column names → internal keys) - Consistent return envelope shape across all multi-row mutations and link/unlink operations
➕ Added
Scripts:
snapshot-schemas.ts– capture host-visible tool schemastransport-parity.ts– planned parity checks across transportslive-tool-test.ts/remote-sse-test.ts– manual exercise harnesses
Diagnostics:
- Diagnostic tools (
add_row_explicit,args_probe) retained temporarily for transport verification - Schema snapshot fixture:
tool-schemas.snapshot.json
🐛 Fixed
- Eliminated silent argument rejection caused by host caching overly permissive or empty schemas
- Ensured multi-step upsert correctly disambiguates ambiguous matches and surfaces structured errors
⚡ Tool Inventory (Post-Tightening)
Core & Data: ping_seatable, list_tables, get_schema, list_rows, get_row, add_row, append_rows, update_rows, upsert_rows, delete_rows, find_rows, search_rows
Relational / Schema: link_rows, unlink_rows, manage_tables, manage_columns, bulk_set_select_options
File & Attachments: attach_file_to_row
(Plus temporary diagnostics when enabled via SEATABLE_ENABLE_DEBUG_TOOLS.)
🔄 Upgrade Notes
| From | Action |
|---|---|
| 1.0.2 | Replace version pin with @aspereo/mcp-seatable@1.0.3 in your MCP client config |
| ≤1.0.1 | Ensure environment variables are aligned (SEATABLE_SERVER_URL, SEATABLE_API_TOKEN, SEATABLE_BASE_UUID) before switching to Worker deployment |
No breaking API changes; only stricter, more accurate tool schemas. If you scripted against the permissive adapter’s “accept anything” behavior, validate your payload keys match the documented schemas (row objects remain flexible).
✅ Verification Checklist (What Was Manually Validated)
- Tool list enumeration reflects all explicit schemas
- SSE transport: arguments preserved end-to-end
- Upsert: correct handling of missing key / ambiguous key edge cases
- Link/unlink idempotency (no duplicate link entries)
- Bulk select options skipping logic for unknown or non-select columns
- Attach file size validation (base64 path)
🧪 Follow-Up / Roadmap
| Area | Status | Next Step |
|---|---|---|
| OAuth / AuthZ | Pending | Implement Workers OAuth provider + scoped tool claims |
| Schema Hardening | Partial | Add strict column existence validation for append_rows when allow_create_columns !== true |
| Logging | Verbose dev mode | Gate tool invocation logs behind LOG_LEVEL=debug |
| Transport Parity CI | In progress scaffolding | Automate parity script across /sse & /mcp |
| Diagnostic Tools | Present | Remove or feature-flag before 1.1.0 |
🛡 Planned Security Enhancements
Upcoming (tracked for next minor):
- OAuth (GitHub / custom provider) integration
- Role separation (read-only vs. mutation vs. schema control)
- Per-tool permission mapping
- Audit log enrichment + rate limiting
📦 Install / Pin
🌐 Cloudflare Worker Endpoints (After Deployment)
🧾 Changelog Reference
See CHANGELOG.md section [1.0.3] for full detail.
🔗 Compare
(Adjust the link once tag is live on GitHub):
🙌 Thanks
Feedback on schema strictness, transport edge cases, or auth requirements is welcome—please open an issue with payload + tool name.