Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Migrate security_advisories toolset to modelcontextprotocol/go-sdk#1434

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Conversation

Copy link
Contributor

CopilotAI commentedNov 18, 2025
edited
Loading

Closes: Part of#1428

Migrates thesecurity_advisories toolset frommark3labs/mcp-go tomodelcontextprotocol/go-sdk.

Changes

Migrated 4 tools:

  • list_global_security_advisories - List advisories with filtering by GHSA ID, CVE ID, ecosystem, severity, CWEs
  • get_global_security_advisory - Get specific advisory by GHSA ID
  • list_repository_security_advisories - List advisories for a repository
  • list_org_repository_security_advisories - List advisories across an organization

Implementation updates:

  • Function signatures:(mcp.Tool, server.ToolHandlerFunc)(mcp.Tool, mcp.ToolHandlerFor[map[string]any, any])
  • Handler signatures:func(ctx, request) (*result, error)func(ctx, *request, args) (*result, any, error)
  • Schema definitions: DSL-based → explicitjsonschema.Schema structs with properjson.RawMessage for defaults
  • Parameter extraction: Fromrequest object → directargs map access
  • Result helpers:mcp.NewToolResult*utils.NewToolResult*

Testing:

  • Updated handler invocation pattern to 3-param/3-return
  • Addedtoolsnaps.Test() calls for schema validation
  • Created 4 snapshot files

Example schema migration:

// Before (DSL)mcp.WithString("type",mcp.Description("Advisory type."),mcp.Enum("reviewed","malware","unreviewed"),mcp.DefaultString("reviewed"),)// After (JSON Schema)"type": {    Type:"string",Description:"Advisory type.",Enum:        []any{"reviewed","malware","unreviewed"},Default:json.RawMessage(`"reviewed"`),}
Original prompt

Migrate thesecurity_advisories toolset tomodelcontextprotocol/go-sdk.

This will be merged into the parent PR#1428, so reference that PR in the description to track the migration

Custom agent used: go-sdk-tool-migrator
Agent specializing in migrating MCP tools from mark3labs/mcp-go to modelcontextprotocol/go-sdk

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn moreCopilot coding agent tips in the docs.

CopilotAIand others added2 commitsNovember 18, 2025 11:25
Co-authored-by: omgitsads <4619+omgitsads@users.noreply.github.com>
Co-authored-by: omgitsads <4619+omgitsads@users.noreply.github.com>
CopilotAI changed the title[WIP] Migrate security_advisories toolset to modelcontextprotocol/go-sdkMigrate security_advisories toolset to modelcontextprotocol/go-sdkNov 18, 2025
CopilotAI requested a review fromomgitsadsNovember 18, 2025 11:31
Copilot finished work on behalf ofomgitsadsNovember 18, 2025 11:31
We should do this eventually, but to keep the existing behavior, wejust return the error to the client.
@LuluBeatsonLuluBeatson self-requested a reviewNovember 19, 2025 09:45
@LuluBeatson
Copy link
Contributor

LuluBeatson commentedNov 19, 2025
edited
Loading

imageimage

⚠️list_org_repository_security_advisories was 404 for orgs I tried. But this is same as with the tool before migration. I don't have an example org with org-level security advisories to test this tool on.

Note: thelist_* tools in this toolset do not support pagination (before & after migration)

@LuluBeatsonLuluBeatson marked this pull request as ready for reviewNovember 19, 2025 10:21
@LuluBeatsonLuluBeatson requested a review froma team as acode ownerNovember 19, 2025 10:21
CopilotAI review requested due to automatic review settingsNovember 19, 2025 10:21
Copy link
Contributor

CopilotAI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Pull Request Overview

This PR successfully migrates thesecurity_advisories toolset frommark3labs/mcp-go tomodelcontextprotocol/go-sdk, bringing 4 security advisory tools back into the active codebase.

Key Changes:

  • Function signatures updated from DSL-based tool definitions to explicit JSON Schema structs
  • Handler signatures migrated to 3-parameter/3-return pattern
  • Result helpers changed frommcp.NewToolResult* toutils.NewToolResult*
  • All 4 tools (list global, get global, list repository, list org) properly migrated and registered

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.

FileDescription
pkg/github/tools.goUncommented securityAdvisories toolset registration, adding 4 migrated tools back to the active toolset group
pkg/github/security_advisories.goMigrated all 4 security advisory tools from mark3labs/mcp-go to modelcontextprotocol/go-sdk with explicit JSON schemas, updated handler signatures, and proper error handling
pkg/github/security_advisories_test.goUpdated test handlers to use new 3-param/3-return signature, added toolsnaps validation calls, but missing ReadOnlyHint assertions for all 4 tools
pkg/github/toolsnaps/*.snapCreated 4 new snapshot files capturing the JSON schema definitions for all security advisory tools, properly documenting the API surface

@omgitsadsomgitsads merged commitc06ace3 intoomgitsads/go-sdkNov 19, 2025
13 of 14 checks passed
@omgitsadsomgitsads deleted the copilot/migrate-security-advisories-toolset branchNovember 19, 2025 15:21
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

Copilot code reviewCopilotCopilot left review comments

@LuluBeatsonLuluBeatsonLuluBeatson approved these changes

@omgitsadsomgitsadsAwaiting requested review from omgitsads

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@LuluBeatson@omgitsads
[8]ページ先頭
©2009-2025 Movatter.jp