- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620

…1592)* refactor(notifications): migrate notifications.go to NewTool patternConvert all notification tools to use the new NewTool helper withToolDependencies injection.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Refactor repositories.go tools to use NewTool pattern with ToolDependenciesConvert all 18 tool functions in repositories.go to use the new NewTool helperpattern with typed ToolDependencies, isolating type assertions to a singlelocation and improving code maintainability.Functions converted:- GetCommit, ListCommits, ListBranches- CreateOrUpdateFile, CreateRepository, GetFileContents- ForkRepository, DeleteFile, CreateBranch, PushFiles- ListTags, GetTag, ListReleases, GetLatestRelease, GetReleaseByTag- ListStarredRepositories, StarRepository, UnstarRepositoryThis is part of a stacked PR series to systematically migrate all toolfiles to the new pattern.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(issues): migrate issues.go to NewTool patternConvert all 8 tool functions in issues.go to use the new NewToolhelper pattern which standardizes dependency injection:- IssueRead: GetClient, GetGQLClient, RepoAccessCache, Flags- ListIssueTypes: GetClient- AddIssueComment: GetClient- SubIssueWrite: GetClient- SearchIssues: GetClient- IssueWrite: GetClient, GetGQLClient- ListIssues: GetGQLClient- AssignCopilotToIssue: GetGQLClientUpdated tools.go to use direct function calls instead ofNewServerToolLegacy wrappers. Updated all tests in issues_test.goto use the new ToolDependencies pattern and Handler() method.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(pullrequests): convert PR tools to NewTool patternConvert all 10 pull request tool functions to use the NewToolpattern with ToolDependencies injection:- PullRequestRead- CreatePullRequest- UpdatePullRequest- ListPullRequests- MergePullRequest- SearchPullRequests- UpdatePullRequestBranch- PullRequestReviewWrite- AddCommentToPendingReview- RequestCopilotReviewUpdate tools.go to use direct function calls (removingNewServerToolLegacy wrappers) for PR functions.Update all tests in pullrequests_test.go to use the newhandler pattern with deps and 2-value return.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Refactor actions.go to use NewTool patternConvert all 14 tool functions in actions.go to use the NewTool pattern withToolDependencies for dependency injection. This is part of a broader effortto standardize the tool implementation pattern across the codebase.Changes:- ListWorkflows, ListWorkflowRuns, RunWorkflow, GetWorkflowRun- GetWorkflowRunLogs, ListWorkflowJobs, GetJobLogs- RerunWorkflowRun, RerunFailedJobs, CancelWorkflowRun- ListWorkflowRunArtifacts, DownloadWorkflowRunArtifact- DeleteWorkflowRunLogs, GetWorkflowRunUsageThe new pattern:- Takes only translations.TranslationHelperFunc as parameter- Returns toolsets.ServerTool with Tool and Handler- Handler receives ToolDependencies for client access- Enables better testability and consistent interfaceCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(git): migrate GetRepositoryTree to NewTool pattern* refactor(security): migrate code_scanning, secret_scanning, dependabot to NewTool patternCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(discussions): migrate to NewTool patternCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Refactor security_advisories tools to use NewTool patternConvert 4 functions from NewServerToolLegacy wrapper to NewTool:- ListGlobalSecurityAdvisories- GetGlobalSecurityAdvisory- ListRepositorySecurityAdvisories- ListOrgRepositorySecurityAdvisoriesUpdate tools.go toolset registration and tests.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor: convert projects, labels, and dynamic_tools to NewTool patternThis PR converts projects.go, labels.go, and dynamic_tools.go from thelegacy NewServerToolLegacy wrapper pattern to the new NewTool pattern withproper ToolDependencies.Changes:- projects.go: Convert all 9 project functions to use NewTool with  ToolHandlerFor[map[string]any, any] and 3-return-value handlers- projects_test.go: Update tests to use new serverTool.Handler(deps) pattern- labels.go: Convert GetLabel, ListLabels, and LabelWrite to NewTool pattern- labels_test.go: Update tests to use new pattern- dynamic_tools.go: Refactor functions to return ServerTool directly  (using NewServerToolLegacy internally since they have special dependencies)- tools.go: Remove NewServerToolLegacy wrappers for dynamic tools registrationCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Add --features CLI flag for feature flag supportAdd CLI flag and config support for feature flags in the local server:- Add --features flag to main.go (StringSlice, comma-separated)- Add EnabledFeatures field to StdioServerConfig and MCPServerConfig- Create createFeatureChecker() that builds a set from enabled features- Wire WithFeatureChecker() into the toolset group filter chainThis enables tools/resources/prompts that have FeatureFlagEnable set toa flag name that is passed via --features. The checker uses a simpleset membership test for O(1) lookup.Usage:  github-mcp-server stdio --features=my_feature,another_feature  GITHUB_FEATURES=my_feature github-mcp-server stdio* Add validation tests for tools, resources, and prompts metadataThis commit adds comprehensive validation tests to ensure all MCP itemshave required metadata:- TestAllToolsHaveRequiredMetadata: Validates Toolset.ID and Annotations- TestAllToolsHaveValidToolsetID: Ensures toolsets are in AvailableToolsets()- TestAllResourcesHaveRequiredMetadata: Validates resource metadata- TestAllPromptsHaveRequiredMetadata: Validates prompt metadata- TestToolReadOnlyHintConsistency: Validates IsReadOnly() matches annotation- TestNoDuplicate*Names: Ensures unique names across tools/resources/prompts- TestAllToolsHaveHandlerFunc: Ensures all tools have handlers- TestDefaultToolsetsAreValid: Validates default toolset IDs- TestToolsetMetadataConsistency: Ensures consistent descriptions per toolsetAlso fixes a bug discovered by these tests: ToolsetMetadataGit was definedbut not added to AvailableToolsets(), causing get_repository_tree to havean invalid toolset ID.* Fix default toolsets behavior when not in dynamic modeWhen no toolsets are specified and dynamic mode is disabled, the servershould use the default toolsets. The bug was introduced when addingdynamic toolsets support:1. CleanToolsets(nil) was converting nil to empty slice2. Empty slice passed to WithToolsets means 'no toolsets'3. This resulted in zero tools being registeredFix: Preserve nil for non-dynamic mode (nil = use defaults in WithToolsets)and only set empty slice when dynamic mode is enabled without explicittoolsets.* refactor: address PR review feedback for toolsets- Rename AddDeprecatedToolAliases to WithDeprecatedToolAliases for  immutable filter chain consistency (returns new ToolsetGroup)- Remove unused mockGetRawClient from generate_docs.go (use nil instead)- Remove legacy ServerTool functions (NewServerToolLegacy and  NewServerToolFromHandlerLegacy) - no usages- Add panic in Handler()/RegisterFunc() when HandlerFunc is nil- Add HasHandler() method for checking if tool has a handler- Add tests for HasHandler and nil handler panic behavior- Update all tests to use new WithDeprecatedToolAliases pattern* refactor: Apply HandlerFunc pattern to resources for stateless NewToolsetGroupThis change applies the same HandlerFunc pattern used by tools to resources,allowing NewToolsetGroup to be fully stateless (only requiring translations).Key changes:- Add ResourceHandlerFunc type to toolsets package- Update ServerResourceTemplate to use HandlerFunc instead of direct Handler- Add HasHandler() and Handler(deps) methods to ServerResourceTemplate- Update RegisterResourceTemplates to take deps parameter- Refactor repository resource definitions to use HandlerFunc pattern- Make AllResources(t) stateless (only takes translations)- Make NewToolsetGroup(t) stateless (only takes translations)- Update generate_docs.go - no longer needs mock clients- Update tests to use new patternsThis resolves the concern about mixed concerns in doc generation - thetoolset metadata and resource templates can now be created without anyruntime dependencies, while handlers are generated on-demand when depsare provided during registration.* refactor: simplify ForMCPRequest switch cases* refactor(generate_docs): use strings.Builder and AllTools() iteration- Replace slice joining with strings.Builder for all doc generation- Iterate AllTools() directly instead of ToolsetIDs()/ToolsForToolset()- Removes need for special 'dynamic' toolset handling (no tools = no output)- Context toolset still explicitly handled for custom description- Consistent pattern across generateToolsetsDoc, generateToolsDoc,  generateRemoteToolsetsDoc, and generateDeprecatedAliasesTable* feat(toolsets): add AvailableToolsets() with exclude filter- Add AvailableToolsets() method that returns toolsets with actual tools- Support variadic exclude parameter for filtering out specific toolsets- Simplifies doc generation by removing manual skip logic- Naturally excludes empty toolsets (like 'dynamic') without special cases* refactor(generate_docs): hoist success logging to generateAllDocs* refactor: consolidate toolset validation into ToolsetGroup- Add Default field to ToolsetMetadata and derive defaults from metadata- Move toolset validation into WithToolsets (trims whitespace, dedupes, tracks unrecognized)- Add UnrecognizedToolsets() method for warning about typos- Add DefaultToolsetIDs() method to derive defaults from metadata- Remove redundant functions: CleanToolsets, GetValidToolsetIDs, AvailableToolsets, GetDefaultToolsetIDs- Update DynamicTools to take ToolsetGroup for schema enum generation- Add stubTranslator for cases needing ToolsetGroup without translationsThis eliminates hardcoded toolset lists - everything is now derived fromthe actual registered tools and their metadata.* refactor: rename toolsets package to registry with builder pattern- Rename pkg/toolsets to pkg/registry (better reflects its purpose)- Split monolithic toolsets.go into focused files:  - registry.go: Core Registry struct and MCP methods  - builder.go: Builder pattern for creating Registry instances  - filters.go: All filtering logic (toolsets, read-only, feature flags)  - resources.go: ServerResourceTemplate type  - prompts.go: ServerPrompt type  - errors.go: Error types  - server_tool.go: ServerTool and ToolsetMetadata (existing)- Fix lint: Rename RegistryBuilder to Builder (avoid stuttering)- Update all imports across ~45 filesThis refactoring improves code organization and makes the registry'spurpose clearer. The builder pattern provides a clean API:  reg := registry.NewBuilder().      SetTools(tools).      WithReadOnly(true).      WithToolsets([]string{"repos"}).      Build()* fix: remove unnecessary type arguments in helper_test.go* fix: restore correct behavior for --tools and --toolsets flagsTwo behavioral regressions were fixed in resolveEnabledToolsets():1. When --tools=X is used without --toolsets, the server should only   register the specified tools, not the default toolsets. Now returns   an empty slice instead of nil when EnabledTools is set.2. When --toolsets=all --dynamic-toolsets is used, the 'all' and 'default'   pseudo-toolsets should be removed so only the dynamic management tools   are registered. This matches the original pre-refactor behavior.* Move labels tools to issues toolsetLabels are closely related to issues - you add labels to issues,search issues by label, etc. Keeping them in a separate toolsetrequired users to explicitly enable 'labels' to get this functionality.Moving to issues toolset makes labels available by default sinceissues is a default toolset.* Restore labels toolset with get_label in both issues and labelsThis restores conformance with the original behavior where:- get_label is in issues toolset (read-only label access for issue workflows)- get_label, list_label, label_write are in labels toolset (full management)The duplicate get_label registration is intentional - it was in both toolsetsin the original implementation. Added test exception to allow this case.* Fix instruction generation and capability advertisement- Expand nil toolsets to default IDs before GenerateInstructions  (nil means 'use defaults' in registry but instructions need actual names)- Remove unconditional HasTools/HasResources/HasPrompts=true in NewServer  (let SDK determine capabilities based on registered items, matching main)* Add tests for dynamic toolset management toolsTests cover:- list_available_toolsets: verifies toolsets are listed with enabled status- get_toolset_tools: verifies tools can be retrieved for a toolset- enable_toolset: verifies toolset can be enabled and marked as enabled- enable_toolset invalid: verifies proper error for non-existent toolset- toolsets enum: verifies tools have proper enum values in schema* Advertise all capabilities in dynamic toolsets modeIn dynamic mode, explicitly set HasTools/HasResources/HasPrompts=truesince toolsets with those capabilities can be enabled at runtime.This ensures clients know the server supports these features evenwhen no tools/resources/prompts are initially registered.* Improve conformance test with dynamic tool calls and JSON normalization- Add dynamic tool call testing (list_available_toolsets, get_toolset_tools, enable_toolset)- Parse and sort embedded JSON in text fields for proper comparison- Separate progress output (stderr) from summary (stdout) for CI- Add test type field to distinguish standard vs dynamic tests* Add conformance-report to .gitignore* Add conformance test CI workflow- Runs on pull requests to main- Compares PR branch against merge-base with origin/main- Outputs full conformance report to GitHub Actions Job Summary- Uploads detailed report as artifact for deeper investigation- Does not fail the build on differences (may be intentional)* Add map indexes for O(1) lookups in RegistryAddress review feedback to use maps for collections. Added lookup maps(toolsByName, resourcesByURI, promptsByName) while keeping slices forordered iteration. This provides O(1) lookup for:- FindToolByName- filterToolsByName (used by ForMCPRequest)- filterResourcesByURI- filterPromptsByNameMaps are built once during Build() and shared in ForMCPRequest copies.* perf(registry): O(1) HasToolset lookup via pre-computed setAdd toolsetIDSet (map[ToolsetID]bool) to Registry for O(1) HasToolset lookups.Previously HasToolset iterated through all tools, resourceTemplates, and promptsto check if any belonged to the given toolset. Now it's a simple map lookup.The set is populated during the single-pass processToolsets() call, which alreadycollected all valid toolset IDs. This adds zero new iteration - just returns theexisting validIDs map.processToolsets now returns 6 values:- enabledToolsets, unrecognized, toolsetIDs, toolsetIDSet, defaultToolsetIDs, descriptions* simplify: remove lazy toolsByName map - not needed for actual use casesFindToolByName() is only called once per request at most (to find toolset IDfor dynamic enablement). The SDK handles tool dispatch after registration.A simple linear scan over ~90 tools is trivially fast and avoids:- sync.Once complexity- Map allocation- Premature optimization for non-existent 'repeated lookups'The pre-computed maps we keep (toolsetIDSet, etc.) are justified becausethey're used for filtering logic that runs on every request.* Add generic tool filtering mechanisms to registry package- Add Enabled field to ServerTool for self-filtering based on context- Add ToolFilter type and WithFilter method to Builder for cross-cutting filters- Update isToolEnabled to check Enabled function and builder filters in order:  1. Tool's Enabled function  2. Feature flags (FeatureFlagEnable/FeatureFlagDisable)  3. Read-only filter  4. Builder filters  5. Toolset/additional tools check- Add FilteredTools method to Registry as alias for AvailableTools- Add comprehensive tests for all new functionality- All tests pass and linter is cleanCloses#1618Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>* docs: improve filter evaluation order and FilteredTools documentation- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620* Refactor GenerateToolsetsHelp() to use strings.Builder patternCo-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>---------Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>

…r-request optimization (#1589)* refactor: separate ServerTool into own file with HandlerFunc pattern- Extract ServerTool struct into pkg/toolsets/server_tool.go- Add ToolDependencies struct for passing common dependencies to handlers- HandlerFunc allows lazy handler generation from Tool definitions- NewServerTool for new dependency-based tools- NewServerToolLegacy for backward compatibility with existing handlers- Update toolsets.go to store and pass dependencies- Update all call sites to use NewServerToolLegacyCo-authored-by: Adam Holt <4619+omgitsads@users.noreply.github.com>* Wire ToolDependencies through toolsets- Move ToolDependencies to pkg/github/dependencies.go with proper types- Use 'any' in toolsets package to avoid circular dependencies- Add NewTool/NewToolFromHandler helpers that isolate type assertion- Tool implementations will be fully typed with no assertions scattered- Infrastructure ready for incremental tool migration* refactor(search): migrate search tools to new ServerTool patternMigrate search.go tools (SearchRepositories, SearchCode, SearchUsers,SearchOrgs) to use the new NewTool helper and ToolDependencies pattern.- Functions now take only TranslationHelperFunc and return ServerTool- Handler generation uses ToolDependencies for typed access to clients- Update tools.go call sites to remove getClient parameter- Update tests to use new Handler(deps) patternThis demonstrates the migration pattern for additional tool files.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Migrate context_tools to new ServerTool pattern (#1590)* refactor(search): migrate search tools to new ServerTool patternMigrate search.go tools (SearchRepositories, SearchCode, SearchUsers,SearchOrgs) to use the new NewTool helper and ToolDependencies pattern.- Functions now take only TranslationHelperFunc and return ServerTool- Handler generation uses ToolDependencies for typed access to clients- Update tools.go call sites to remove getClient parameter- Update tests to use new Handler(deps) patternThis demonstrates the migration pattern for additional tool files.Co-authored-by: Adam Holt <oholt@github.com>* Migrate context_tools to new ServerTool patternConvert GetMe, GetTeams, and GetTeamMembers to use the new typeddependency injection pattern:- Functions now take only translations helper, return toolsets.ServerTool- Handler is generated lazily via deps.GetClient/deps.GetGQLClient- Tests updated to use serverTool.Handler(deps) pattern- Fixed error return pattern to return nil for Go error (via result.IsError)Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(gists): migrate gists.go to NewTool pattern (#1591)* Migrate context_tools to new ServerTool patternConvert GetMe, GetTeams, and GetTeamMembers to use the new typeddependency injection pattern:- Functions now take only translations helper, return toolsets.ServerTool- Handler is generated lazily via deps.GetClient/deps.GetGQLClient- Tests updated to use serverTool.Handler(deps) pattern- Fixed error return pattern to return nil for Go error (via result.IsError)Co-authored-by: Adam Holt <oholt@github.com>* refactor(gists): migrate gists.go to NewTool patternConvert all gist tools (ListGists, GetGist, CreateGist, UpdateGist)to use the new NewTool helper with ToolDependencies injection.- Remove getClient parameter from function signatures- Use deps.GetClient(ctx) inside handlers- Standardize error handling with utils.NewToolResultErrorFromErr()- Update all tests to use serverTool.Handler(deps) patternCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>---------Co-authored-by: Adam Holt <oholt@github.com>Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>---------Co-authored-by: Adam Holt <oholt@github.com>Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(notifications): migrate notifications.go to NewTool pattern (#1592)* refactor(notifications): migrate notifications.go to NewTool patternConvert all notification tools to use the new NewTool helper withToolDependencies injection.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Refactor repositories.go tools to use NewTool pattern with ToolDependenciesConvert all 18 tool functions in repositories.go to use the new NewTool helperpattern with typed ToolDependencies, isolating type assertions to a singlelocation and improving code maintainability.Functions converted:- GetCommit, ListCommits, ListBranches- CreateOrUpdateFile, CreateRepository, GetFileContents- ForkRepository, DeleteFile, CreateBranch, PushFiles- ListTags, GetTag, ListReleases, GetLatestRelease, GetReleaseByTag- ListStarredRepositories, StarRepository, UnstarRepositoryThis is part of a stacked PR series to systematically migrate all toolfiles to the new pattern.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(issues): migrate issues.go to NewTool patternConvert all 8 tool functions in issues.go to use the new NewToolhelper pattern which standardizes dependency injection:- IssueRead: GetClient, GetGQLClient, RepoAccessCache, Flags- ListIssueTypes: GetClient- AddIssueComment: GetClient- SubIssueWrite: GetClient- SearchIssues: GetClient- IssueWrite: GetClient, GetGQLClient- ListIssues: GetGQLClient- AssignCopilotToIssue: GetGQLClientUpdated tools.go to use direct function calls instead ofNewServerToolLegacy wrappers. Updated all tests in issues_test.goto use the new ToolDependencies pattern and Handler() method.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(pullrequests): convert PR tools to NewTool patternConvert all 10 pull request tool functions to use the NewToolpattern with ToolDependencies injection:- PullRequestRead- CreatePullRequest- UpdatePullRequest- ListPullRequests- MergePullRequest- SearchPullRequests- UpdatePullRequestBranch- PullRequestReviewWrite- AddCommentToPendingReview- RequestCopilotReviewUpdate tools.go to use direct function calls (removingNewServerToolLegacy wrappers) for PR functions.Update all tests in pullrequests_test.go to use the newhandler pattern with deps and 2-value return.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Refactor actions.go to use NewTool patternConvert all 14 tool functions in actions.go to use the NewTool pattern withToolDependencies for dependency injection. This is part of a broader effortto standardize the tool implementation pattern across the codebase.Changes:- ListWorkflows, ListWorkflowRuns, RunWorkflow, GetWorkflowRun- GetWorkflowRunLogs, ListWorkflowJobs, GetJobLogs- RerunWorkflowRun, RerunFailedJobs, CancelWorkflowRun- ListWorkflowRunArtifacts, DownloadWorkflowRunArtifact- DeleteWorkflowRunLogs, GetWorkflowRunUsageThe new pattern:- Takes only translations.TranslationHelperFunc as parameter- Returns toolsets.ServerTool with Tool and Handler- Handler receives ToolDependencies for client access- Enables better testability and consistent interfaceCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(git): migrate GetRepositoryTree to NewTool pattern* refactor(security): migrate code_scanning, secret_scanning, dependabot to NewTool patternCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor(discussions): migrate to NewTool patternCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Refactor security_advisories tools to use NewTool patternConvert 4 functions from NewServerToolLegacy wrapper to NewTool:- ListGlobalSecurityAdvisories- GetGlobalSecurityAdvisory- ListRepositorySecurityAdvisories- ListOrgRepositorySecurityAdvisoriesUpdate tools.go toolset registration and tests.Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* refactor: convert projects, labels, and dynamic_tools to NewTool patternThis PR converts projects.go, labels.go, and dynamic_tools.go from thelegacy NewServerToolLegacy wrapper pattern to the new NewTool pattern withproper ToolDependencies.Changes:- projects.go: Convert all 9 project functions to use NewTool with  ToolHandlerFor[map[string]any, any] and 3-return-value handlers- projects_test.go: Update tests to use new serverTool.Handler(deps) pattern- labels.go: Convert GetLabel, ListLabels, and LabelWrite to NewTool pattern- labels_test.go: Update tests to use new pattern- dynamic_tools.go: Refactor functions to return ServerTool directly  (using NewServerToolLegacy internally since they have special dependencies)- tools.go: Remove NewServerToolLegacy wrappers for dynamic tools registrationCo-authored-by: Adam Holt <omgitsads@users.noreply.github.com>* Add --features CLI flag for feature flag supportAdd CLI flag and config support for feature flags in the local server:- Add --features flag to main.go (StringSlice, comma-separated)- Add EnabledFeatures field to StdioServerConfig and MCPServerConfig- Create createFeatureChecker() that builds a set from enabled features- Wire WithFeatureChecker() into the toolset group filter chainThis enables tools/resources/prompts that have FeatureFlagEnable set toa flag name that is passed via --features. The checker uses a simpleset membership test for O(1) lookup.Usage:  github-mcp-server stdio --features=my_feature,another_feature  GITHUB_FEATURES=my_feature github-mcp-server stdio* Add validation tests for tools, resources, and prompts metadataThis commit adds comprehensive validation tests to ensure all MCP itemshave required metadata:- TestAllToolsHaveRequiredMetadata: Validates Toolset.ID and Annotations- TestAllToolsHaveValidToolsetID: Ensures toolsets are in AvailableToolsets()- TestAllResourcesHaveRequiredMetadata: Validates resource metadata- TestAllPromptsHaveRequiredMetadata: Validates prompt metadata- TestToolReadOnlyHintConsistency: Validates IsReadOnly() matches annotation- TestNoDuplicate*Names: Ensures unique names across tools/resources/prompts- TestAllToolsHaveHandlerFunc: Ensures all tools have handlers- TestDefaultToolsetsAreValid: Validates default toolset IDs- TestToolsetMetadataConsistency: Ensures consistent descriptions per toolsetAlso fixes a bug discovered by these tests: ToolsetMetadataGit was definedbut not added to AvailableToolsets(), causing get_repository_tree to havean invalid toolset ID.* Fix default toolsets behavior when not in dynamic modeWhen no toolsets are specified and dynamic mode is disabled, the servershould use the default toolsets. The bug was introduced when addingdynamic toolsets support:1. CleanToolsets(nil) was converting nil to empty slice2. Empty slice passed to WithToolsets means 'no toolsets'3. This resulted in zero tools being registeredFix: Preserve nil for non-dynamic mode (nil = use defaults in WithToolsets)and only set empty slice when dynamic mode is enabled without explicittoolsets.* refactor: address PR review feedback for toolsets- Rename AddDeprecatedToolAliases to WithDeprecatedToolAliases for  immutable filter chain consistency (returns new ToolsetGroup)- Remove unused mockGetRawClient from generate_docs.go (use nil instead)- Remove legacy ServerTool functions (NewServerToolLegacy and  NewServerToolFromHandlerLegacy) - no usages- Add panic in Handler()/RegisterFunc() when HandlerFunc is nil- Add HasHandler() method for checking if tool has a handler- Add tests for HasHandler and nil handler panic behavior- Update all tests to use new WithDeprecatedToolAliases pattern* refactor: Apply HandlerFunc pattern to resources for stateless NewToolsetGroupThis change applies the same HandlerFunc pattern used by tools to resources,allowing NewToolsetGroup to be fully stateless (only requiring translations).Key changes:- Add ResourceHandlerFunc type to toolsets package- Update ServerResourceTemplate to use HandlerFunc instead of direct Handler- Add HasHandler() and Handler(deps) methods to ServerResourceTemplate- Update RegisterResourceTemplates to take deps parameter- Refactor repository resource definitions to use HandlerFunc pattern- Make AllResources(t) stateless (only takes translations)- Make NewToolsetGroup(t) stateless (only takes translations)- Update generate_docs.go - no longer needs mock clients- Update tests to use new patternsThis resolves the concern about mixed concerns in doc generation - thetoolset metadata and resource templates can now be created without anyruntime dependencies, while handlers are generated on-demand when depsare provided during registration.* refactor: simplify ForMCPRequest switch cases* refactor(generate_docs): use strings.Builder and AllTools() iteration- Replace slice joining with strings.Builder for all doc generation- Iterate AllTools() directly instead of ToolsetIDs()/ToolsForToolset()- Removes need for special 'dynamic' toolset handling (no tools = no output)- Context toolset still explicitly handled for custom description- Consistent pattern across generateToolsetsDoc, generateToolsDoc,  generateRemoteToolsetsDoc, and generateDeprecatedAliasesTable* feat(toolsets): add AvailableToolsets() with exclude filter- Add AvailableToolsets() method that returns toolsets with actual tools- Support variadic exclude parameter for filtering out specific toolsets- Simplifies doc generation by removing manual skip logic- Naturally excludes empty toolsets (like 'dynamic') without special cases* refactor(generate_docs): hoist success logging to generateAllDocs* refactor: consolidate toolset validation into ToolsetGroup- Add Default field to ToolsetMetadata and derive defaults from metadata- Move toolset validation into WithToolsets (trims whitespace, dedupes, tracks unrecognized)- Add UnrecognizedToolsets() method for warning about typos- Add DefaultToolsetIDs() method to derive defaults from metadata- Remove redundant functions: CleanToolsets, GetValidToolsetIDs, AvailableToolsets, GetDefaultToolsetIDs- Update DynamicTools to take ToolsetGroup for schema enum generation- Add stubTranslator for cases needing ToolsetGroup without translationsThis eliminates hardcoded toolset lists - everything is now derived fromthe actual registered tools and their metadata.* refactor: rename toolsets package to registry with builder pattern- Rename pkg/toolsets to pkg/registry (better reflects its purpose)- Split monolithic toolsets.go into focused files:  - registry.go: Core Registry struct and MCP methods  - builder.go: Builder pattern for creating Registry instances  - filters.go: All filtering logic (toolsets, read-only, feature flags)  - resources.go: ServerResourceTemplate type  - prompts.go: ServerPrompt type  - errors.go: Error types  - server_tool.go: ServerTool and ToolsetMetadata (existing)- Fix lint: Rename RegistryBuilder to Builder (avoid stuttering)- Update all imports across ~45 filesThis refactoring improves code organization and makes the registry'spurpose clearer. The builder pattern provides a clean API:  reg := registry.NewBuilder().      SetTools(tools).      WithReadOnly(true).      WithToolsets([]string{"repos"}).      Build()* fix: remove unnecessary type arguments in helper_test.go* fix: restore correct behavior for --tools and --toolsets flagsTwo behavioral regressions were fixed in resolveEnabledToolsets():1. When --tools=X is used without --toolsets, the server should only   register the specified tools, not the default toolsets. Now returns   an empty slice instead of nil when EnabledTools is set.2. When --toolsets=all --dynamic-toolsets is used, the 'all' and 'default'   pseudo-toolsets should be removed so only the dynamic management tools   are registered. This matches the original pre-refactor behavior.* Move labels tools to issues toolsetLabels are closely related to issues - you add labels to issues,search issues by label, etc. Keeping them in a separate toolsetrequired users to explicitly enable 'labels' to get this functionality.Moving to issues toolset makes labels available by default sinceissues is a default toolset.* Restore labels toolset with get_label in both issues and labelsThis restores conformance with the original behavior where:- get_label is in issues toolset (read-only label access for issue workflows)- get_label, list_label, label_write are in labels toolset (full management)The duplicate get_label registration is intentional - it was in both toolsetsin the original implementation. Added test exception to allow this case.* Fix instruction generation and capability advertisement- Expand nil toolsets to default IDs before GenerateInstructions  (nil means 'use defaults' in registry but instructions need actual names)- Remove unconditional HasTools/HasResources/HasPrompts=true in NewServer  (let SDK determine capabilities based on registered items, matching main)* Add tests for dynamic toolset management toolsTests cover:- list_available_toolsets: verifies toolsets are listed with enabled status- get_toolset_tools: verifies tools can be retrieved for a toolset- enable_toolset: verifies toolset can be enabled and marked as enabled- enable_toolset invalid: verifies proper error for non-existent toolset- toolsets enum: verifies tools have proper enum values in schema* Advertise all capabilities in dynamic toolsets modeIn dynamic mode, explicitly set HasTools/HasResources/HasPrompts=truesince toolsets with those capabilities can be enabled at runtime.This ensures clients know the server supports these features evenwhen no tools/resources/prompts are initially registered.* Improve conformance test with dynamic tool calls and JSON normalization- Add dynamic tool call testing (list_available_toolsets, get_toolset_tools, enable_toolset)- Parse and sort embedded JSON in text fields for proper comparison- Separate progress output (stderr) from summary (stdout) for CI- Add test type field to distinguish standard vs dynamic tests* Add conformance-report to .gitignore* Add conformance test CI workflow- Runs on pull requests to main- Compares PR branch against merge-base with origin/main- Outputs full conformance report to GitHub Actions Job Summary- Uploads detailed report as artifact for deeper investigation- Does not fail the build on differences (may be intentional)* Add map indexes for O(1) lookups in RegistryAddress review feedback to use maps for collections. Added lookup maps(toolsByName, resourcesByURI, promptsByName) while keeping slices forordered iteration. This provides O(1) lookup for:- FindToolByName- filterToolsByName (used by ForMCPRequest)- filterResourcesByURI- filterPromptsByNameMaps are built once during Build() and shared in ForMCPRequest copies.* perf(registry): O(1) HasToolset lookup via pre-computed setAdd toolsetIDSet (map[ToolsetID]bool) to Registry for O(1) HasToolset lookups.Previously HasToolset iterated through all tools, resourceTemplates, and promptsto check if any belonged to the given toolset. Now it's a simple map lookup.The set is populated during the single-pass processToolsets() call, which alreadycollected all valid toolset IDs. This adds zero new iteration - just returns theexisting validIDs map.processToolsets now returns 6 values:- enabledToolsets, unrecognized, toolsetIDs, toolsetIDSet, defaultToolsetIDs, descriptions* simplify: remove lazy toolsByName map - not needed for actual use casesFindToolByName() is only called once per request at most (to find toolset IDfor dynamic enablement). The SDK handles tool dispatch after registration.A simple linear scan over ~90 tools is trivially fast and avoids:- sync.Once complexity- Map allocation- Premature optimization for non-existent 'repeated lookups'The pre-computed maps we keep (toolsetIDSet, etc.) are justified becausethey're used for filtering logic that runs on every request.* Add generic tool filtering mechanisms to registry package- Add Enabled field to ServerTool for self-filtering based on context- Add ToolFilter type and WithFilter method to Builder for cross-cutting filters- Update isToolEnabled to check Enabled function and builder filters in order:  1. Tool's Enabled function  2. Feature flags (FeatureFlagEnable/FeatureFlagDisable)  3. Read-only filter  4. Builder filters  5. Toolset/additional tools check- Add FilteredTools method to Registry as alias for AvailableTools- Add comprehensive tests for all new functionality- All tests pass and linter is cleanCloses#1618Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>* docs: improve filter evaluation order and FilteredTools documentation- Add numbered filter evaluation order to isToolEnabled function doc- Number inline comments for each filter step (1-5)- Clarify FilteredTools error return is for future extensibility- Document that library consumers may need to surface recoverable errorsAddresses review feedback on PR#1620* Refactor GenerateToolsetsHelp() to use strings.Builder patternCo-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>---------Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>* Port functional changes from main to registry patternPort three functional improvements from main branch:- GraphQL review comments grouped as threads (#1554)- get_file_contents description improvement (#1582)- create_or_update_file SHA validation fix (#1621)Adapted implementations to use the new registry pattern with:- BaseDeps for providing clients via ToolDependencies interface- deps.GetClient(ctx) and deps.GetGQLClient(ctx) patterns- Updated tests to use GraphQL mocks for review comments- Added SHA validation test cases for create_or_update_file* fix(e2e): Fix e2e test compilation and add rate limit handling- Fix DefaultToolsetIDs() type mismatch by using github.GetDefaultToolsetIDs()- Add waitForRateLimit() to check and wait for rate limits before each test- Add skip conditions for Copilot tests when Copilot isn't available- Use multi-line file content in TestPullRequestReviewCommentSubmit for  multi-line review comments to work correctly- Improve error messages to include response details* fix(gists): Use proper GitHub API error handling for observabilityThe gists.go file was using NewToolResultErrorFromErr for GitHub APIerrors, which breaks the error middleware tracking that the remoteserver uses for observability and incident detection.Changed API errors (client.Gists.List, Get, Create, Edit) to useghErrors.NewGitHubAPIErrorResponse which properly:- Records errors in the context for middleware access- Preserves the response object for rate limit and status tracking- Maintains consistency with other tools that use this patternThis ensures production observability is maintained for Gist operations.* chore: Update server.json schema to 2025-12-11- Update schema URL to latest version (2025-12-11)- Remove 'status' field (now managed by registry per 2025-09-29 changelog)* fix(get_file_contents): Restore correct implementation from#1582The refactor incorrectly restructured the GetFileContents logic:- Move 'if rawOpts.SHA != "" { ref = rawOpts.SHA }' before GetContents call- Always call GetContents first (not conditionally based on path suffix)- Restore matchFiles helper function for proper fallback handling- Use matchFiles when Contents API fails or raw API failsThis aligns with the improvements from PR#1582 that was merged into main.* Rename registry to inventory in commentsUpdate remaining references to 'registry' in code comments to use'inventory' consistently after the package rename.---------Co-authored-by: Adam Holt <4619+omgitsads@users.noreply.github.com>Co-authored-by: Adam Holt <omgitsads@users.noreply.github.com>Co-authored-by: Adam Holt <oholt@github.com>Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>