From 79f756ba5a9b9a79de08e8b25e5ff4fb07a34955 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 18 Nov 2025 11:04:29 +0000 Subject: [PATCH 1/3] Initial plan From b6d8c2bc18a462f1f3bb771cdcbdd4c829137f23 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 18 Nov 2025 11:18:11 +0000 Subject: [PATCH 2/3] Migrate dependabot toolset to modelcontextprotocol/go-sdk Co-authored-by: omgitsads <4619+omgitsads@users.noreply.github.com> --- .../__toolsnaps__/get_dependabot_alert.snap | 30 +- .../__toolsnaps__/list_dependabot_alerts.snap | 34 +-- pkg/github/dependabot.go | 283 ++++++++++-------- pkg/github/dependabot_test.go | 17 +- 4 files changed, 187 insertions(+), 177 deletions(-) diff --git a/pkg/github/__toolsnaps__/get_dependabot_alert.snap b/pkg/github/__toolsnaps__/get_dependabot_alert.snap index 76b5ef126..a517809e2 100644 --- a/pkg/github/__toolsnaps__/get_dependabot_alert.snap +++ b/pkg/github/__toolsnaps__/get_dependabot_alert.snap @@ -1,30 +1,30 @@ { "annotations": { - "title": "Get dependabot alert", - "readOnlyHint": true + "readOnlyHint": true, + "title": "Get dependabot alert" }, "description": "Get details of a specific dependabot alert in a GitHub repository.", "inputSchema": { + "type": "object", + "required": [ + "owner", + "repo", + "alertNumber" + ], "properties": { "alertNumber": { - "description": "The number of the alert.", - "type": "number" + "type": "number", + "description": "The number of the alert." }, "owner": { - "description": "The owner of the repository.", - "type": "string" + "type": "string", + "description": "The owner of the repository." }, "repo": { - "description": "The name of the repository.", - "type": "string" + "type": "string", + "description": "The name of the repository." } - }, - "required": [ - "owner", - "repo", - "alertNumber" - ], - "type": "object" + } }, "name": "get_dependabot_alert" } \ No newline at end of file diff --git a/pkg/github/__toolsnaps__/list_dependabot_alerts.snap b/pkg/github/__toolsnaps__/list_dependabot_alerts.snap index 681d640b7..d96d3972c 100644 --- a/pkg/github/__toolsnaps__/list_dependabot_alerts.snap +++ b/pkg/github/__toolsnaps__/list_dependabot_alerts.snap @@ -1,46 +1,46 @@ { "annotations": { - "title": "List dependabot alerts", - "readOnlyHint": true + "readOnlyHint": true, + "title": "List dependabot alerts" }, "description": "List dependabot alerts in a GitHub repository.", "inputSchema": { + "type": "object", + "required": [ + "owner", + "repo" + ], "properties": { "owner": { - "description": "The owner of the repository.", - "type": "string" + "type": "string", + "description": "The owner of the repository." }, "repo": { - "description": "The name of the repository.", - "type": "string" + "type": "string", + "description": "The name of the repository." }, "severity": { + "type": "string", "description": "Filter dependabot alerts by severity", "enum": [ "low", "medium", "high", "critical" - ], - "type": "string" + ] }, "state": { - "default": "open", + "type": "string", "description": "Filter dependabot alerts by state. Defaults to open", + "default": "open", "enum": [ "open", "fixed", "dismissed", "auto_dismissed" - ], - "type": "string" + ] } - }, - "required": [ - "owner", - "repo" - ], - "type": "object" + } }, "name": "list_dependabot_alerts" } \ No newline at end of file diff --git a/pkg/github/dependabot.go b/pkg/github/dependabot.go index 2823daf3e..351cbdb37 100644 --- a/pkg/github/dependabot.go +++ b/pkg/github/dependabot.go @@ -1,5 +1,3 @@ -//go:build ignore - package github import ( @@ -11,153 +9,174 @@ import ( ghErrors "github.com/github/github-mcp-server/pkg/errors" "github.com/github/github-mcp-server/pkg/translations" + "github.com/github/github-mcp-server/pkg/utils" "github.com/google/go-github/v79/github" - "github.com/mark3labs/mcp-go/mcp" - "github.com/mark3labs/mcp-go/server" + "github.com/google/jsonschema-go/jsonschema" + "github.com/modelcontextprotocol/go-sdk/mcp" ) -func GetDependabotAlert(getClient GetClientFn, t translations.TranslationHelperFunc) (tool mcp.Tool, handler server.ToolHandlerFunc) { - return mcp.NewTool( - "get_dependabot_alert", - mcp.WithDescription(t("TOOL_GET_DEPENDABOT_ALERT_DESCRIPTION", "Get details of a specific dependabot alert in a GitHub repository.")), - mcp.WithToolAnnotation(mcp.ToolAnnotation{ - Title: t("TOOL_GET_DEPENDABOT_ALERT_USER_TITLE", "Get dependabot alert"), - ReadOnlyHint: ToBoolPtr(true), - }), - mcp.WithString("owner", - mcp.Required(), - mcp.Description("The owner of the repository."), - ), - mcp.WithString("repo", - mcp.Required(), - mcp.Description("The name of the repository."), - ), - mcp.WithNumber("alertNumber", - mcp.Required(), - mcp.Description("The number of the alert."), - ), - ), - func(ctx context.Context, request mcp.CallToolRequest) (*mcp.CallToolResult, error) { - owner, err := RequiredParam[string](request, "owner") - if err != nil { - return mcp.NewToolResultError(err.Error()), nil - } - repo, err := RequiredParam[string](request, "repo") - if err != nil { - return mcp.NewToolResultError(err.Error()), nil - } - alertNumber, err := RequiredInt(request, "alertNumber") - if err != nil { - return mcp.NewToolResultError(err.Error()), nil - } +func GetDependabotAlert(getClient GetClientFn, t translations.TranslationHelperFunc) (mcp.Tool, mcp.ToolHandlerFor[map[string]any, any]) { + tool := mcp.Tool{ + Name: "get_dependabot_alert", + Description: t("TOOL_GET_DEPENDABOT_ALERT_DESCRIPTION", "Get details of a specific dependabot alert in a GitHub repository."), + Annotations: &mcp.ToolAnnotations{ + Title: t("TOOL_GET_DEPENDABOT_ALERT_USER_TITLE", "Get dependabot alert"), + ReadOnlyHint: true, + }, + InputSchema: &jsonschema.Schema{ + Type: "object", + Properties: map[string]*jsonschema.Schema{ + "owner": { + Type: "string", + Description: "The owner of the repository.", + }, + "repo": { + Type: "string", + Description: "The name of the repository.", + }, + "alertNumber": { + Type: "number", + Description: "The number of the alert.", + }, + }, + Required: []string{"owner", "repo", "alertNumber"}, + }, + } - client, err := getClient(ctx) - if err != nil { - return nil, fmt.Errorf("failed to get GitHub client: %w", err) - } + handler := mcp.ToolHandlerFor[map[string]any, any](func(ctx context.Context, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) { + owner, err := RequiredParam[string](args, "owner") + if err != nil { + return utils.NewToolResultError(err.Error()), nil, nil + } + repo, err := RequiredParam[string](args, "repo") + if err != nil { + return utils.NewToolResultError(err.Error()), nil, nil + } + alertNumber, err := RequiredInt(args, "alertNumber") + if err != nil { + return utils.NewToolResultError(err.Error()), nil, nil + } - alert, resp, err := client.Dependabot.GetRepoAlert(ctx, owner, repo, alertNumber) - if err != nil { - return ghErrors.NewGitHubAPIErrorResponse(ctx, - fmt.Sprintf("failed to get alert with number '%d'", alertNumber), - resp, - err, - ), nil - } - defer func() { _ = resp.Body.Close() }() - - if resp.StatusCode != http.StatusOK { - body, err := io.ReadAll(resp.Body) - if err != nil { - return nil, fmt.Errorf("failed to read response body: %w", err) - } - return mcp.NewToolResultError(fmt.Sprintf("failed to get alert: %s", string(body))), nil - } + client, err := getClient(ctx) + if err != nil { + return utils.NewToolResultErrorFromErr("failed to get GitHub client", err), nil, err + } - r, err := json.Marshal(alert) + alert, resp, err := client.Dependabot.GetRepoAlert(ctx, owner, repo, alertNumber) + if err != nil { + return ghErrors.NewGitHubAPIErrorResponse(ctx, + fmt.Sprintf("failed to get alert with number '%d'", alertNumber), + resp, + err, + ), nil, nil + } + defer func() { _ = resp.Body.Close() }() + + if resp.StatusCode != http.StatusOK { + body, err := io.ReadAll(resp.Body) if err != nil { - return nil, fmt.Errorf("failed to marshal alert: %w", err) + return utils.NewToolResultErrorFromErr("failed to read response body", err), nil, err } + return utils.NewToolResultError(fmt.Sprintf("failed to get alert: %s", string(body))), nil, nil + } - return mcp.NewToolResultText(string(r)), nil + r, err := json.Marshal(alert) + if err != nil { + return utils.NewToolResultErrorFromErr("failed to marshal alert", err), nil, err } + + return utils.NewToolResultText(string(r)), nil, nil + }) + + return tool, handler } -func ListDependabotAlerts(getClient GetClientFn, t translations.TranslationHelperFunc) (tool mcp.Tool, handler server.ToolHandlerFunc) { - return mcp.NewTool( - "list_dependabot_alerts", - mcp.WithDescription(t("TOOL_LIST_DEPENDABOT_ALERTS_DESCRIPTION", "List dependabot alerts in a GitHub repository.")), - mcp.WithToolAnnotation(mcp.ToolAnnotation{ - Title: t("TOOL_LIST_DEPENDABOT_ALERTS_USER_TITLE", "List dependabot alerts"), - ReadOnlyHint: ToBoolPtr(true), - }), - mcp.WithString("owner", - mcp.Required(), - mcp.Description("The owner of the repository."), - ), - mcp.WithString("repo", - mcp.Required(), - mcp.Description("The name of the repository."), - ), - mcp.WithString("state", - mcp.Description("Filter dependabot alerts by state. Defaults to open"), - mcp.DefaultString("open"), - mcp.Enum("open", "fixed", "dismissed", "auto_dismissed"), - ), - mcp.WithString("severity", - mcp.Description("Filter dependabot alerts by severity"), - mcp.Enum("low", "medium", "high", "critical"), - ), - ), - func(ctx context.Context, request mcp.CallToolRequest) (*mcp.CallToolResult, error) { - owner, err := RequiredParam[string](request, "owner") - if err != nil { - return mcp.NewToolResultError(err.Error()), nil - } - repo, err := RequiredParam[string](request, "repo") - if err != nil { - return mcp.NewToolResultError(err.Error()), nil - } - state, err := OptionalParam[string](request, "state") - if err != nil { - return mcp.NewToolResultError(err.Error()), nil - } - severity, err := OptionalParam[string](request, "severity") - if err != nil { - return mcp.NewToolResultError(err.Error()), nil - } +func ListDependabotAlerts(getClient GetClientFn, t translations.TranslationHelperFunc) (mcp.Tool, mcp.ToolHandlerFor[map[string]any, any]) { + tool := mcp.Tool{ + Name: "list_dependabot_alerts", + Description: t("TOOL_LIST_DEPENDABOT_ALERTS_DESCRIPTION", "List dependabot alerts in a GitHub repository."), + Annotations: &mcp.ToolAnnotations{ + Title: t("TOOL_LIST_DEPENDABOT_ALERTS_USER_TITLE", "List dependabot alerts"), + ReadOnlyHint: true, + }, + InputSchema: &jsonschema.Schema{ + Type: "object", + Properties: map[string]*jsonschema.Schema{ + "owner": { + Type: "string", + Description: "The owner of the repository.", + }, + "repo": { + Type: "string", + Description: "The name of the repository.", + }, + "state": { + Type: "string", + Description: "Filter dependabot alerts by state. Defaults to open", + Enum: []any{"open", "fixed", "dismissed", "auto_dismissed"}, + Default: json.RawMessage(`"open"`), + }, + "severity": { + Type: "string", + Description: "Filter dependabot alerts by severity", + Enum: []any{"low", "medium", "high", "critical"}, + }, + }, + Required: []string{"owner", "repo"}, + }, + } - client, err := getClient(ctx) - if err != nil { - return nil, fmt.Errorf("failed to get GitHub client: %w", err) - } + handler := mcp.ToolHandlerFor[map[string]any, any](func(ctx context.Context, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) { + owner, err := RequiredParam[string](args, "owner") + if err != nil { + return utils.NewToolResultError(err.Error()), nil, nil + } + repo, err := RequiredParam[string](args, "repo") + if err != nil { + return utils.NewToolResultError(err.Error()), nil, nil + } + state, err := OptionalParam[string](args, "state") + if err != nil { + return utils.NewToolResultError(err.Error()), nil, nil + } + severity, err := OptionalParam[string](args, "severity") + if err != nil { + return utils.NewToolResultError(err.Error()), nil, nil + } - alerts, resp, err := client.Dependabot.ListRepoAlerts(ctx, owner, repo, &github.ListAlertsOptions{ - State: ToStringPtr(state), - Severity: ToStringPtr(severity), - }) - if err != nil { - return ghErrors.NewGitHubAPIErrorResponse(ctx, - fmt.Sprintf("failed to list alerts for repository '%s/%s'", owner, repo), - resp, - err, - ), nil - } - defer func() { _ = resp.Body.Close() }() - - if resp.StatusCode != http.StatusOK { - body, err := io.ReadAll(resp.Body) - if err != nil { - return nil, fmt.Errorf("failed to read response body: %w", err) - } - return mcp.NewToolResultError(fmt.Sprintf("failed to list alerts: %s", string(body))), nil - } + client, err := getClient(ctx) + if err != nil { + return utils.NewToolResultErrorFromErr("failed to get GitHub client", err), nil, err + } - r, err := json.Marshal(alerts) + alerts, resp, err := client.Dependabot.ListRepoAlerts(ctx, owner, repo, &github.ListAlertsOptions{ + State: ToStringPtr(state), + Severity: ToStringPtr(severity), + }) + if err != nil { + return ghErrors.NewGitHubAPIErrorResponse(ctx, + fmt.Sprintf("failed to list alerts for repository '%s/%s'", owner, repo), + resp, + err, + ), nil, nil + } + defer func() { _ = resp.Body.Close() }() + + if resp.StatusCode != http.StatusOK { + body, err := io.ReadAll(resp.Body) if err != nil { - return nil, fmt.Errorf("failed to marshal alerts: %w", err) + return utils.NewToolResultErrorFromErr("failed to read response body", err), nil, err } + return utils.NewToolResultError(fmt.Sprintf("failed to list alerts: %s", string(body))), nil, nil + } - return mcp.NewToolResultText(string(r)), nil + r, err := json.Marshal(alerts) + if err != nil { + return utils.NewToolResultErrorFromErr("failed to marshal alerts", err), nil, err } + + return utils.NewToolResultText(string(r)), nil, nil + }) + + return tool, handler } diff --git a/pkg/github/dependabot_test.go b/pkg/github/dependabot_test.go index 2aa02981e..24e5130e9 100644 --- a/pkg/github/dependabot_test.go +++ b/pkg/github/dependabot_test.go @@ -1,5 +1,3 @@ -//go:build ignore - package github import ( @@ -25,10 +23,7 @@ func Test_GetDependabotAlert(t *testing.T) { // Validate tool schema assert.Equal(t, "get_dependabot_alert", tool.Name) assert.NotEmpty(t, tool.Description) - assert.Contains(t, tool.InputSchema.Properties, "owner") - assert.Contains(t, tool.InputSchema.Properties, "repo") - assert.Contains(t, tool.InputSchema.Properties, "alertNumber") - assert.ElementsMatch(t, tool.InputSchema.Required, []string{"owner", "repo", "alertNumber"}) + assert.True(t, tool.Annotations.ReadOnlyHint, "get_dependabot_alert tool should be read-only") // Setup mock alert for success case mockAlert := &github.DependabotAlert{ @@ -92,7 +87,7 @@ func Test_GetDependabotAlert(t *testing.T) { request := createMCPRequest(tc.requestArgs) // Call handler - result, err := handler(context.Background(), request) + result, _, err := handler(context.Background(), &request, tc.requestArgs) // Verify results if tc.expectError { @@ -128,11 +123,7 @@ func Test_ListDependabotAlerts(t *testing.T) { assert.Equal(t, "list_dependabot_alerts", tool.Name) assert.NotEmpty(t, tool.Description) - assert.Contains(t, tool.InputSchema.Properties, "owner") - assert.Contains(t, tool.InputSchema.Properties, "repo") - assert.Contains(t, tool.InputSchema.Properties, "state") - assert.Contains(t, tool.InputSchema.Properties, "severity") - assert.ElementsMatch(t, tool.InputSchema.Required, []string{"owner", "repo"}) + assert.True(t, tool.Annotations.ReadOnlyHint, "list_dependabot_alerts tool should be read-only") // Setup mock alerts for success case criticalAlert := github.DependabotAlert{ @@ -244,7 +235,7 @@ func Test_ListDependabotAlerts(t *testing.T) { request := createMCPRequest(tc.requestArgs) - result, err := handler(context.Background(), request) + result, _, err := handler(context.Background(), &request, tc.requestArgs) if tc.expectError { require.NoError(t, err) From 1dbc1d5338320f73641432d1257a53c427a9d5dd Mon Sep 17 00:00:00 2001 From: LuluBeatson Date: Wed, 19 Nov 2025 15:23:43 +0000 Subject: [PATCH 3/3] re-add dependabot toolset --- pkg/github/tools.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkg/github/tools.go b/pkg/github/tools.go index 2889c16c8..95738c997 100644 --- a/pkg/github/tools.go +++ b/pkg/github/tools.go @@ -250,11 +250,11 @@ func DefaultToolsetGroup(readOnly bool, getClient GetClientFn, getGQLClient GetG // toolsets.NewServerTool(GetSecretScanningAlert(getClient, t)), // toolsets.NewServerTool(ListSecretScanningAlerts(getClient, t)), // ) - // dependabot := toolsets.NewToolset(ToolsetMetadataDependabot.ID, ToolsetMetadataDependabot.Description). - // AddReadTools( - // toolsets.NewServerTool(GetDependabotAlert(getClient, t)), - // toolsets.NewServerTool(ListDependabotAlerts(getClient, t)), - // ) + dependabot := toolsets.NewToolset(ToolsetMetadataDependabot.ID, ToolsetMetadataDependabot.Description). + AddReadTools( + toolsets.NewServerTool(GetDependabotAlert(getClient, t)), + toolsets.NewServerTool(ListDependabotAlerts(getClient, t)), + ) // notifications := toolsets.NewToolset(ToolsetMetadataNotifications.ID, ToolsetMetadataNotifications.Description). // AddReadTools( @@ -369,7 +369,7 @@ func DefaultToolsetGroup(readOnly bool, getClient GetClientFn, getGQLClient GetG // tsg.AddToolset(actions) tsg.AddToolset(codeSecurity) // tsg.AddToolset(secretProtection) - // tsg.AddToolset(dependabot) + tsg.AddToolset(dependabot) // tsg.AddToolset(notifications) // tsg.AddToolset(experiments) // tsg.AddToolset(discussions)