# TODO ## Phase 0 Governance - [x] Add `CODE_OF_CONDUCT.md`. - [x] Add governance policy documentation. - [x] Upgrade `AGENTS.md` as authoritative AI contract. ## Phase 1 Architecture - [x] Publish roadmap and threat/security model updates. - [x] Publish phased TODO tracker. ## Phase 2 Expanded Read Tools - [x] Implement `search_code`. - [x] Implement `list_commits`. - [x] Implement `get_commit_diff`. - [x] Implement `compare_refs`. - [x] Implement `list_issues`. - [x] Implement `get_issue`. - [x] Implement `list_pull_requests`. - [x] Implement `get_pull_request`. - [x] Implement `list_labels`. - [x] Implement `list_tags`. - [x] Implement `list_releases`. - [x] Add input validation and response bounds. - [x] Add unit/failure-mode tests. ## Phase 3 Policy Engine - [x] Implement YAML policy loader and validator. - [x] Implement per-tool and per-repo allow/deny. - [x] Implement optional path restrictions. - [x] Enforce default write deny. - [x] Add policy unit tests. ## Phase 4 Write Mode - [x] Implement write tools (`create_issue`, `update_issue`, comments, labels, assignment). - [x] Keep write mode disabled by default. - [x] Enforce repository whitelist. - [x] Ensure no merge/deletion/force-push capabilities. - [x] Add write denial tests. ## Phase 5 Hardening - [x] Add secret detection + mask/block controls. - [x] Add prompt-injection defensive model (data-only handling). - [x] Add tamper-evident audit chaining and validation. - [x] Add per-IP and per-token rate limiting. ## Phase 6 Automation - [x] Implement webhook ingestion pipeline. - [x] Implement on-demand scheduled jobs runner endpoint. - [x] Implement auto issue creation job scaffold from findings. - [x] Implement dependency hygiene scan orchestration scaffold. - [x] Implement stale issue detection automation. - [x] Add automation endpoint tests. ## Phase 7 Deployment - [x] Harden Docker runtime defaults. - [x] Separate dev/prod compose profiles. - [x] Preserve non-root runtime and health checks. ## Phase 8 Observability - [x] Add Prometheus metrics endpoint. - [x] Add structured JSON logging. - [x] Add request ID correlation. - [x] Add tool timing metrics. ## Phase 9 Testing and Release Readiness - [x] Extend unit tests. - [x] Add policy tests. - [x] Add secret detection tests. - [x] Add write-mode denial tests. - [x] Add audit integrity tests. - [ ] Add integration-tagged tests against live Gitea (optional CI stage). - [ ] Final security review sign-off. - [ ] Release checklist execution. ## Phase 10 Local Package & Safe Full Coverage (0.2.0) - [x] Extract transport-agnostic core + shared tool registry. - [x] Lock the core/web boundary with a no-fastapi import test. - [x] Add local stdio adapter (`stdio_app.py`) over the `mcp` SDK. - [x] Restructure packaging: core install + `[server]` extra + console scripts. - [x] Resource-type-aware authorization (repo/org/user/admin/misc), fail-closed. - [x] Classified `gitea_request`: write classifier + known-path gate + denylist. - [x] Authz matrix, write-mode bypass, classifier, and stdio adapter tests. - [x] `.gitea/workflows/publish.yml` (uv build + publish to Gitea registry on tag). - [ ] Make `list_organizations` user-scoped in service-PAT mode (`/users/{login}/orgs`) so it can be allowed instead of denied. (TODO(authz)) ## Release Checklist - [ ] `make lint` - [ ] `make test` - [ ] Documentation review complete - [ ] Policy file reviewed for production scope - [ ] Write mode remains disabled unless explicitly approved