Hiddenden/AegisGitea-MCP
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat/raw api dispatch #58

Merged
Latte merged 4 commits from feat/raw-api-dispatch into dev 2026-06-26 10:33:11 +00:00
Conversation 0 Commits 4 Files Changed 12
+854 -3
Latte commented 2026-06-26 10:29:47 +00:00
Owner
Copy Link
Copy Source
No description provided.
Latte added 4 commits 2026-06-26 10:29:47 +00:00
feat(raw-api): add gitea_request schema, path parsing, client dispatch and handler 2844c42ec8 
Adds the RawApiRequestArgs schema (extra=forbid), raw path normalization/
parsing helpers, a GiteaClient.raw_request that audits method+path only (never
the body), and the raw_api_request_tool handler. The handler derives a coarse
virtual tool name (gitea_request:METHOD:topsegment) plus repository/target_path
from the path and runs them back through the policy engine, enforces an
admin/credential sensitive-path denylist, and bounds responses. Two config
flags gate it: RAW_API_ENABLED (killswitch) and RAW_API_ALLOW_SENSITIVE.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
feat(raw-api): register gitea_request tool and wire server dispatch 8e41fd12af 
Registers gitea_request in AVAILABLE_TOOLS with write_operation=False
(deliberate: a static flag cannot describe a read-or-write tool; the handler
authorizes writes per-method) and maps the tool name to raw_api_request_tool in
the server handler registry.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
docs(raw-api): document gitea_request, env vars and policy examples 8c84d76bd5 
Adds docs/raw-api.md (two-layer policy, sensitive denylist, env vars, write-mode
warning), links it from index and api-reference, documents RAW_API_ENABLED /
RAW_API_ALLOW_SENSITIVE in .env.example, and adds commented virtual-tool-name
deny examples to policy.yaml.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
test(raw-api): cover gitea_request handler and path parsing
docker / lint (push) Successful in 38s
Details
docker / test (push) Successful in 33s
Details
docker / test (pull_request) Successful in 32s
Details
test / test (push) Successful in 40s
Details
lint / lint (push) Successful in 42s
Details
docker / lint (pull_request) Successful in 39s
Details
test / test (pull_request) Successful in 39s
Details
lint / lint (pull_request) Successful in 40s
Details
docker / docker (pull_request) Successful in 31s
Details
docker / docker (push) Successful in 44s
Details
7f7aaab5a6 
Covers read allow + repository parsing, write denied without write-mode, write
allowed only for whitelisted repos, non-repo write denial, sensitive-path
denial (incl. GET) and override, cross-repo search handling, unknown-method and
traversal rejection before any network call, killswitch, response truncation,
and the raw path-parsing helpers and raw-aware extractors.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Latte merged commit aefb243a05 into dev 2026-06-26 10:33:11 +00:00
Latte deleted branch feat/raw-api-dispatch 2026-06-26 10:33:11 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
Compat/Breaking
Breaking change, not backwards compatible
 Kind/Bug
Something is not working
 Kind/Chore
Maintenance, deps, CI/CD
 Kind/Documentation
Documentation changes
 Kind/Enhancement
Improve existing functionality
 Kind/Feature
New functionality
 Kind/Refactor
Code restructuring, no behavior change
 Kind/Security
Security-related issue
 Priority/Critical
Must be addressed immediately
 Priority/High
Important, address soon
 Priority/Low
Nice to have
 Priority/Medium
Normal priority
 Reviewed/Confirmed
Issue has been confirmed
 Reviewed/Duplicate
Already tracked elsewhere
 Reviewed/Won't Fix
Acknowledged but won't be addressed
 Status/Blocked
Blocked by an external dependency
 Status/In Progress
Currently being worked on
 Status/Need More Info
Needs more information to proceed
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Bartender (Bartender) Latte (Latte)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Hiddenden/AegisGitea-MCP#58
Delete Branch "feat/raw-api-dispatch"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?