fix: 2nd-pass audit — CodeQL workflow-permissions alert + dead ok/err helpers marketed as feature#32
Merged
Merged
Conversation
Adversarial second-pass on commits 01ed305 (PR #26) and ec7045d (PR #27), both reported as "done / tests pass / CI green". Two Critical findings. [C1] CodeQL `analyze (actions)` open alert - Rule: `actions/missing-workflow-permissions` - File: .github/workflows/cd.yml - Message: "Actions job or workflow does not limit the permissions of the GITHUB_TOKEN." - Detected by the CodeQL `actions` language matrix that PR #26 itself added. PR #26 introduced top-level permissions on most workflows but missed cd.yml and setup.yml. The 5 required CI checks didn't include CodeQL, so the alert landed silently after merge. - Fix: add `permissions: contents: read` at workflow top level in cd.yml and setup.yml. Jobs continue to opt into the writes they need (contents:write / id-token:write / attestations:write for publish; issues:write for setup). [C2] `ok()` and `err()` Response Helpers — dead code marketed as feature - server.py:41 and server.py:47 defined ok() / err() helpers. - Zero references anywhere in src/ or tests/ (`grep -rn "\\bok(\\|\\berr("` = only the definitions + the introductory comment). - Coverage report confirmed: server.py:43-44, 49 uncovered. - README.md:32 and README.ko.md:30 marketed these as "Response Helpers — ok() and err() for consistent tool responses" in the "What You Get" list — i.e. a public feature claim with no backing code usage. - The bundled `greet` tool returns plain `str` — the README's marketed pattern doesn't match the bundled example. - FastMCP's idiom is `return value` / `raise on error`; ok/err helpers are a raw-MCP-without-FastMCP relic that actively teach the wrong pattern. - Fix: delete ok() / err() / their introductory comment. Replace the Tools-section banner comment with one line documenting the actual FastMCP idiom. Remove the "Response Helpers" bullet from README.md and README.ko.md. Why this matters beyond cosmetics: a starter is a teaching artifact. False "What You Get" entries silently propagate the wrong pattern to every clone. The dead helpers were also reachable code surface that CodeQL has to scan but no test exercises. Verification - All 7 workflows now have top-level `permissions:` (verified via `awk` scan of column-1 `permissions:` line). - ruff / ruff format / mypy strict / pytest 17/17 all clean. - Coverage 72.12% (improved from 70.64% — uncovered dead code removed). Out-of-scope for this PR (will be raised as Major findings for user decision): - tests/test_tools.py has no `test_greet_registered_on_server` despite test_server_info.py and test_code_review.py both having that pattern. - server_info.py wheel-install fallback path (lines 41-42, 52-56) is 0% covered; test only exercises the dev/source-tree read-pyproject path. - src/my_mcp_server/tools/greet.py defines a `register()` that's never called by server.py — fully dead modular example. - SECURITY.md "branch protection on main" claim is starter-side only; clones inherit nothing. - 4 Dependabot PRs (#28, #29, #30, #31) opened today — #28 is attest-build-provenance v3.2.0 → v4.1.0, making our 6-hour-old SHA pin already one major behind.
4 tasks
heznpc
added a commit
that referenced
this pull request
May 21, 2026
…verage, dead modular example, clone-vs-starter boundary (#33) Resolves all 4 Major findings from the second-pass audit on PR #32. [M1] tests/test_tools.py: add `test_greet_registered_on_server` - Parallels test_server_info.py and test_code_review.py, both of which had an equivalent registration assertion already. - Calls `mcp.list_tools()` and verifies the greet tool is wired in AND that the generated JSON Schema actually reflects the Annotated[..., Field( min_length, max_length)] constraints. Without this, FastMCP's schema generation was an unverified link in the protocol contract. [M2] tests/test_server_info.py: cover wheel-install fallback path - The existing tests all walk the source tree and find pyproject.toml. That's the dev/editable-install path. When a user does `pip install my-mcp-server` from a wheel, pyproject.toml is NOT shipped — _read_pyproject returns None and _server_metadata must fall back to importlib.metadata.version(). That branch (server_info.py:51-56) was previously 0% covered. - Three new tests via monkeypatch: · `_read_pyproject` returns None → version comes from importlib.metadata. · `_read_pyproject` returns None AND importlib.metadata raises PackageNotFoundError → returns "0.0.0" fallback. · pyproject.toml exists but has no [project] table → covers the server_info.py:42 exit. - server_info.py coverage: 79% → 96%. [M3] src/my_mcp_server/tools/greet.py: delete dead modular example - The file defined `greet_formal` + a `register()` function, but server.py never called `from my_mcp_server.tools.greet import register` to wire it in. 100% dead code with 0% test coverage. - Updated server.py:71-74 comment to describe the modular pattern in prose without referencing the deleted file. [M4] SECURITY.md: distinguish code-level vs runtime GitHub settings - Previous text "Repo-side toggles enabled — Secret scanning + push protection + Dependabot security updates + branch protection on main" was misleading for clones: GitHub does NOT copy these settings when a template is cloned into a new repo. Clones inherited the false belief that "I'm safe because the starter is." - Added a new section "What clones inherit vs. what they don't" with the exact `gh api` invocations clones can run to replicate the toggles on their own fork. Coverage moved 70.64% → 84.69% (also benefits from M3 deletion of the 0%-covered dead module). 21 tests pass (was 17).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously declared done; second-pass caught these.
This PR audits PR #26 (modernization sweep) and PR #27 (simplify pass) — both reported "tests pass, CI green, merged." Adversarial re-read found 2 Critical findings.
[C1] CodeQL
analyze (actions)open alertactions/missing-workflow-permissions(warning).github/workflows/cd.ymlactionsmatrix that PR chore: modernization sweep — SLSA attestations, SHA-pinned actions, ruff S/B/ASYNC, coverage gate, governance #26 itself added. PR chore: modernization sweep — SLSA attestations, SHA-pinned actions, ruff S/B/ASYNC, coverage gate, governance #26 added top-levelpermissions:to most workflows but missedcd.ymlandsetup.yml. Branch-protection required-checks didn't include CodeQL, so the alert landed silently after merge.permissions: contents: readat workflow top level incd.ymlandsetup.yml. Job-level writes (contents:write / id-token:write / attestations:writein publish;issues:writein setup) unchanged.[C2]
ok()anderr()Response Helpers — dead code marketed as featuresrc/my_mcp_server/server.py:41,47definedok()/err()helpers.src/ortests/. Coverage report confirmedserver.py:43-44, 49uncovered.README.md:32andREADME.ko.md:30marketed these as "Response Helpers —ok()anderr()for consistent tool responses" in the "What You Get" list — a public feature claim with no backing usage.greettool returns plainstr— the README-marketed pattern doesn't match the only bundled example.return value/raise on error;ok/errhelpers are a raw-MCP-without-FastMCP relic that actively teach the wrong pattern.ok()/err()+ their introductory comment. Replace the Tools-section banner with one line documenting the actual FastMCP idiom. Remove the "Response Helpers" bullet from both READMEs.Why this matters
A starter is a teaching artifact. False "What You Get" entries propagate the wrong pattern to every clone. Coverage even improved (70.64% → 72.12%) by deleting marketed-but-dead code surface.
Out-of-scope (Major findings — for user decision, separate PR)
tests/test_tools.pyhas notest_greet_registered_on_serverdespite both other test files having that pattern (A2/A8: tool registration claim unverified).server_info.pywheel-install fallback path (lines 41-42, 52-56) is 0% covered.src/my_mcp_server/tools/greet.pyregister()never called byserver.py— fully dead modular example.SECURITY.md"branch protection on main" claim is starter-side only; clones inherit nothing.attest-build-provenance@v3.2.0SHA pin already one major behind.Test plan
permissions:(column-1awkscan)ruff check ./ruff format --check ./mypy src/cleanpytest17/17, coverage 72.12% (above 70 threshold)analyze (actions)alert closes after merge