Conversation
…streaming
Extend the MCP server beyond the stdio tools into a more complete,
agent-native surface (transport-agnostic core shared by both transports):
Transport & integration
- Streamable HTTP transport (serve --mcp --http): JSON for sync methods,
SSE for tools/call, static bearer auth, /healthz, body/concurrency caps,
graceful shutdown, session registry with eviction.
- Devin integration pack (examples/hooks/devin): HTTP + stdio onboarding,
config examples, run/setup scripts.
Capabilities
- resources (codeguard://rules, codeguard://config, rules/{id} template),
prompts (review-diff, triage-findings, explain-rule), logging.
- tool annotations (readOnly/destructive hints) + output schemas.
Verified auto-fix tools
- verify_fix (caller diff), propose_fix (generate via sampling or configured
AI provider, then verify), apply_fix (verify then write the working tree,
the one destructive tool; confirms via elicitation when supported).
- Failures return isError + structuredContent (attempted diff, remaining
findings). Verification stays fail-closed.
Server->client requests (stdio + HTTP GET-SSE)
- sampling/createMessage, roots/list, elicitation/create via a shared
serverRequester; client capabilities captured at initialize.
- roots feed config_path confinement and are cached per connection
(invalidated on notifications/roots/list_changed).
- richer sampling request (includeContext + modelPreferences).
Streaming & security
- scan streams a per-section progress notification (core.ScanOptions
OnSectionComplete fired in FinalizeSection).
- caller-supplied config_path is confined to the config dir, cwd, and client
roots; out-of-tree paths rejected with a generic error (closes a remote
arbitrary-file-read vector).
Tests cover stdio + HTTP transports, resources/prompts, streaming,
verify/apply fail-closed, and bidirectional sampling/roots round-trips.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
alxxjohn
added a commit
that referenced
this pull request
Jun 19, 2026
🤖 I have created a release *beep* *boop* --- ## [0.5.0](v0.4.0...v0.5.0) (2026-06-19) ### Features * mcp server features ([2efd47c](2efd47c)) * **mcp:** HTTP transport, Devin pack, verified fix, sampling/roots ([#15](#15)) ([44de1bb](44de1bb)) * **mcp:** HTTP transport, Devin pack, verified fix, sampling/roots, streaming ([0bfab1d](0bfab1d)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
This branch turns
codeguardinto a more complete MCP-capable agent integration surface.It adds a production-ready MCP server with stdio and Streamable HTTP transports, expands the MCP API beyond basic scan/explain flows, and introduces verified auto-fix workflows that can generate, verify, and optionally apply changes safely.
What’s New
MCP server expansion
codeguard serve --mcpsupport for a broader MCP surface:scan,validate_config,validate_patch,explain,list_rules,verify_fix,propose_fix,apply_fixcodeguard://rules,codeguard://config,codeguard://rules/{rule_id}review-diff,triage-findings,explain-ruleVerified auto-fix flow
verify_fixto validate a caller-supplied unified diff in an isolated workspace.propose_fixto generate a candidate fix and then verify it before returning it.apply_fixto verify a diff and only then write it to disk.apply_fixthrough MCPelicitationwhen the host supports it.Server-initiated MCP client capabilities
sampling,roots, andelicitation.samplingto generate fixes via the connected client’s LLM when available.rootsto widen allowedconfig_pathconfinement safely.notifications/roots/list_changed.Streamable HTTP transport
codeguard serve --mcp --httpfor remote and cloud-hosted agents.POSTtools/callprogress and server-initiated requestsMcp-Session-Id/healthzAgent and host integrations
Implementation Notes
Testing
samplingandrootsUser Impact
codeguardas an MCP server over stdio.Validation