Skip to content

fix(mcp): address adversarial review — pin protocol version, bound git calls, add live dirty signal#628

Merged
NagyVikt merged 2 commits into
mainfrom
agent/claude/gx-mcp-cross-repo-read-only-multi-agent-2026-06-05-12-33
Jun 5, 2026
Merged

fix(mcp): address adversarial review — pin protocol version, bound git calls, add live dirty signal#628
NagyVikt merged 2 commits into
mainfrom
agent/claude/gx-mcp-cross-repo-read-only-multi-agent-2026-06-05-12-33

Conversation

@NagyVikt

@NagyVikt NagyVikt commented Jun 5, 2026

Copy link
Copy Markdown
Collaborator

Automated by gx branch finish (PR flow).

NagyVikt added 2 commits June 5, 2026 12:49
…rver

Agents running in parallel couldn't see who was on which branch/PR or who
had claimed a file, so they collided (and edited the primary checkout, which
auto-stashed). gitguardex already knows all of this; this exposes it to agents.

- src/mcp/server.js: dependency-free stdio JSON-RPC MCP server (no SDK; gx
  stays at 2 deps). Tools: list_agents, repo_state, who_owns, my_context.
- src/mcp/collect.js: read-only collector over git worktrees + per-worktree
  lock files + pr.findOpenPrForBranch + cockpit projects-finder. who_owns
  aggregates locks across ALL worktrees (they're per-worktree on disk);
  surfaces a warning when a lane edits the primary checkout.
- src/cli/commands/mcp.js: gx mcp serve | list-agents | who-owns | register.
- Wired into src/cli/main.js dispatch.
- Tests: mcp-collect (lanes, cross-worktree who_owns, dedupe, primary warning)
  + mcp-server (JSON-RPC protocol). 12/12 pass; no-new-failures vs base.

Read-only; never mutates a repo. Registration is opt-in (gx mcp register).
…t calls, add live dirty signal

Review verdict SHIP_WITH_FIXES. Applied:
- HIGH #5: initialize pins server PROTOCOL_VERSION instead of echoing the
  client's requested version (correct MCP version negotiation).
- HIGH #10: bound every git() call with a 7s timeout + maxBuffer, and make
  list_agents PR fetch opt-in (default off) so a hung gh can't exceed the MCP
  client timeout. repo_state/my_context keep PRs on (narrow scope).
- Value gap #16: add per-lane 'dirty' (git status --porcelain) — the files an
  agent is editing RIGHT NOW, independent of commit-time locks. Filters .omx/.omc
  runtime churn. Caught+fixed a porcelain parse bug (git() .trim() ate the first
  line's leading status column).
- Cheap: parse errors -> JSON-RPC -32700 (id null); stderr warn on corrupt lock.

Tests: 15/15 (added protocol-pin, parse-error, and live-dirty cases).
@NagyVikt NagyVikt merged commit 609963d into main Jun 5, 2026
@NagyVikt NagyVikt deleted the agent/claude/gx-mcp-cross-repo-read-only-multi-agent-2026-06-05-12-33 branch June 5, 2026 11:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant