Latte
385b442b6f
Reframe the README around two transports and add a local stdio quickstart with uvx/pip and Claude Desktop / Claude Code wiring. New docs: local-quickstart.md and packaging.md (uv build/publish). Document resource-type-aware authorization and classified gitea_request in security.md; stdio env vars + audit-log fallback in configuration.md; local install in deployment.md; core+adapters in architecture.md. Add the missing root AGENTS.md contract, update CLAUDE.md with the core/adapter layout, fail-closed invariants, and the branching flow (HEAD -> feature -> dev -> main). Update roadmap/todo and .env.example. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
3.4 KiB
3.4 KiB
TODO
Phase 0 Governance
- Add
CODE_OF_CONDUCT.md. - Add governance policy documentation.
- Upgrade
AGENTS.mdas authoritative AI contract.
Phase 1 Architecture
- Publish roadmap and threat/security model updates.
- Publish phased TODO tracker.
Phase 2 Expanded Read Tools
- Implement
search_code. - Implement
list_commits. - Implement
get_commit_diff. - Implement
compare_refs. - Implement
list_issues. - Implement
get_issue. - Implement
list_pull_requests. - Implement
get_pull_request. - Implement
list_labels. - Implement
list_tags. - Implement
list_releases. - Add input validation and response bounds.
- Add unit/failure-mode tests.
Phase 3 Policy Engine
- Implement YAML policy loader and validator.
- Implement per-tool and per-repo allow/deny.
- Implement optional path restrictions.
- Enforce default write deny.
- Add policy unit tests.
Phase 4 Write Mode
- Implement write tools (
create_issue,update_issue, comments, labels, assignment). - Keep write mode disabled by default.
- Enforce repository whitelist.
- Ensure no merge/deletion/force-push capabilities.
- Add write denial tests.
Phase 5 Hardening
- Add secret detection + mask/block controls.
- Add prompt-injection defensive model (data-only handling).
- Add tamper-evident audit chaining and validation.
- Add per-IP and per-token rate limiting.
Phase 6 Automation
- Implement webhook ingestion pipeline.
- Implement on-demand scheduled jobs runner endpoint.
- Implement auto issue creation job scaffold from findings.
- Implement dependency hygiene scan orchestration scaffold.
- Implement stale issue detection automation.
- Add automation endpoint tests.
Phase 7 Deployment
- Harden Docker runtime defaults.
- Separate dev/prod compose profiles.
- Preserve non-root runtime and health checks.
Phase 8 Observability
- Add Prometheus metrics endpoint.
- Add structured JSON logging.
- Add request ID correlation.
- Add tool timing metrics.
Phase 9 Testing and Release Readiness
- Extend unit tests.
- Add policy tests.
- Add secret detection tests.
- Add write-mode denial tests.
- Add audit integrity tests.
- Add integration-tagged tests against live Gitea (optional CI stage).
- Final security review sign-off.
- Release checklist execution.
Phase 10 Local Package & Safe Full Coverage (0.2.0)
- Extract transport-agnostic core + shared tool registry.
- Lock the core/web boundary with a no-fastapi import test.
- Add local stdio adapter (
stdio_app.py) over themcpSDK. - Restructure packaging: core install +
[server]extra + console scripts. - Resource-type-aware authorization (repo/org/user/admin/misc), fail-closed.
- Classified
gitea_request: write classifier + known-path gate + denylist. - Authz matrix, write-mode bypass, classifier, and stdio adapter tests.
.gitea/workflows/publish.yml(uv build + publish to Gitea registry on tag).- Make
list_organizationsuser-scoped in service-PAT mode (/users/{login}/orgs) so it can be allowed instead of denied. (TODO(authz))
Release Checklist
make lintmake test- Documentation review complete
- Policy file reviewed for production scope
- Write mode remains disabled unless explicitly approved