From 84f0ec9364a5f7d0c93d229aa0517c58bde19e10 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 23 Dec 2025 14:45:46 +0000
Subject: [PATCH 1/5] Initial plan
From 669690b06af9dd3979c9b54954a99cdd796c2e39 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 23 Dec 2025 14:58:33 +0000
Subject: [PATCH 2/5] Add scopes package and update ServerTool struct with
scope fields
- Created pkg/scopes package with OAuth scope constants
- Added RequiredScopes and AcceptedScopes fields to ServerTool
- Added NewToolWithScopes helpers in dependencies.go
- Updated context tools (get_me, get_teams, get_team_members) with scopes
Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
---
pkg/github/context_tools.go | 13 ++++--
pkg/github/dependencies.go | 36 +++++++++++++++++
pkg/inventory/server_tool.go | 9 +++++
pkg/scopes/scopes.go | 77 ++++++++++++++++++++++++++++++++++++
4 files changed, 132 insertions(+), 3 deletions(-)
create mode 100644 pkg/scopes/scopes.go
diff --git a/pkg/github/context_tools.go b/pkg/github/context_tools.go
index e0df82c88..77c9ce10a 100644
--- a/pkg/github/context_tools.go
+++ b/pkg/github/context_tools.go
@@ -7,6 +7,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/jsonschema-go/jsonschema"
@@ -38,7 +39,7 @@ type UserDetails struct {
// GetMe creates a tool to get details of the authenticated user.
func GetMe(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataContext,
mcp.Tool{
Name: "get_me",
@@ -51,6 +52,8 @@ func GetMe(t translations.TranslationHelperFunc) inventory.ServerTool {
// OpenAI strict mode requires the properties field to be present.
InputSchema: json.RawMessage(`{"type":"object","properties":{}}`),
},
+ nil, // no required scopes
+ nil, // no accepted scopes
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, _ map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -110,7 +113,7 @@ type OrganizationTeams struct {
}
func GetTeams(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataContext,
mcp.Tool{
Name: "get_teams",
@@ -129,6 +132,8 @@ func GetTeams(t translations.TranslationHelperFunc) inventory.ServerTool {
},
},
},
+ scopes.ToStringSlice(scopes.ReadOrg),
+ scopes.ToStringSlice(scopes.ReadOrg, scopes.WriteOrg, scopes.AdminOrg),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
user, err := OptionalParam[string](args, "user")
if err != nil {
@@ -207,7 +212,7 @@ func GetTeams(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func GetTeamMembers(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataContext,
mcp.Tool{
Name: "get_team_members",
@@ -231,6 +236,8 @@ func GetTeamMembers(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"org", "team_slug"},
},
},
+ scopes.ToStringSlice(scopes.ReadOrg),
+ scopes.ToStringSlice(scopes.ReadOrg, scopes.WriteOrg, scopes.AdminOrg),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
org, err := RequiredParam[string](args, "org")
if err != nil {
diff --git a/pkg/github/dependencies.go b/pkg/github/dependencies.go
index d23e993c3..e15efb1d5 100644
--- a/pkg/github/dependencies.go
+++ b/pkg/github/dependencies.go
@@ -155,6 +155,24 @@ func NewTool[In, Out any](toolset inventory.ToolsetMetadata, tool mcp.Tool, hand
})
}
+// NewToolWithScopes creates a ServerTool with OAuth scope requirements.
+// This is like NewTool but also accepts required and accepted scopes.
+func NewToolWithScopes[In, Out any](
+ toolset inventory.ToolsetMetadata,
+ tool mcp.Tool,
+ requiredScopes []string,
+ acceptedScopes []string,
+ handler func(ctx context.Context, deps ToolDependencies, req *mcp.CallToolRequest, args In) (*mcp.CallToolResult, Out, error),
+) inventory.ServerTool {
+ st := inventory.NewServerToolWithContextHandler(tool, toolset, func(ctx context.Context, req *mcp.CallToolRequest, args In) (*mcp.CallToolResult, Out, error) {
+ deps := MustDepsFromContext(ctx)
+ return handler(ctx, deps, req, args)
+ })
+ st.RequiredScopes = requiredScopes
+ st.AcceptedScopes = acceptedScopes
+ return st
+}
+
// NewToolFromHandler creates a ServerTool that retrieves ToolDependencies from context at call time.
// Use this when you have a handler that conforms to mcp.ToolHandler directly.
//
@@ -166,3 +184,21 @@ func NewToolFromHandler(toolset inventory.ToolsetMetadata, tool mcp.Tool, handle
return handler(ctx, deps, req)
})
}
+
+// NewToolFromHandlerWithScopes creates a ServerTool with OAuth scope requirements.
+// This is like NewToolFromHandler but also accepts required and accepted scopes.
+func NewToolFromHandlerWithScopes(
+ toolset inventory.ToolsetMetadata,
+ tool mcp.Tool,
+ requiredScopes []string,
+ acceptedScopes []string,
+ handler func(ctx context.Context, deps ToolDependencies, req *mcp.CallToolRequest) (*mcp.CallToolResult, error),
+) inventory.ServerTool {
+ st := inventory.NewServerToolWithRawContextHandler(tool, toolset, func(ctx context.Context, req *mcp.CallToolRequest) (*mcp.CallToolResult, error) {
+ deps := MustDepsFromContext(ctx)
+ return handler(ctx, deps, req)
+ })
+ st.RequiredScopes = requiredScopes
+ st.AcceptedScopes = acceptedScopes
+ return st
+}
diff --git a/pkg/inventory/server_tool.go b/pkg/inventory/server_tool.go
index 362ee2643..095bedf2b 100644
--- a/pkg/inventory/server_tool.go
+++ b/pkg/inventory/server_tool.go
@@ -70,6 +70,15 @@ type ServerTool struct {
// The context carries request-scoped information for the consumer to use.
// Returns (enabled, error). On error, the tool should be treated as disabled.
Enabled func(ctx context.Context) (bool, error)
+
+ // RequiredScopes specifies the minimum OAuth scopes required for this tool.
+ // These are the scopes that must be present for the tool to function.
+ RequiredScopes []string
+
+ // AcceptedScopes specifies all OAuth scopes that can be used with this tool.
+ // This includes the required scopes plus any higher-level scopes that provide
+ // the necessary permissions due to scope hierarchy.
+ AcceptedScopes []string
}
// IsReadOnly returns true if this tool is marked as read-only via annotations.
diff --git a/pkg/scopes/scopes.go b/pkg/scopes/scopes.go
new file mode 100644
index 000000000..d6272a0a0
--- /dev/null
+++ b/pkg/scopes/scopes.go
@@ -0,0 +1,77 @@
+package scopes
+
+// Scope represents a GitHub OAuth scope.
+// These constants define all OAuth scopes used by the GitHub MCP server tools.
+// See https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps
+type Scope string
+
+const (
+// Repo grants full control of private repositories
+Repo Scope = "repo"
+
+// PublicRepo grants access to public repositories
+PublicRepo Scope = "public_repo"
+
+// ReadOrg grants read-only access to organization membership, teams, and projects
+ReadOrg Scope = "read:org"
+
+// WriteOrg grants write access to organization membership and teams
+WriteOrg Scope = "write:org"
+
+// AdminOrg grants full control of organizations and teams
+AdminOrg Scope = "admin:org"
+
+// Gist grants write access to gists
+Gist Scope = "gist"
+
+// Notifications grants access to notifications
+Notifications Scope = "notifications"
+
+// ReadProject grants read-only access to projects
+ReadProject Scope = "read:project"
+
+// Project grants full control of projects
+Project Scope = "project"
+
+// SecurityEvents grants read and write access to security events
+SecurityEvents Scope = "security_events"
+)
+
+// ScopeSet represents a set of OAuth scopes.
+type ScopeSet map[Scope]bool
+
+// NewScopeSet creates a new ScopeSet from the given scopes.
+func NewScopeSet(scopes ...Scope) ScopeSet {
+set := make(ScopeSet)
+for _, scope := range scopes {
+set[scope] = true
+}
+return set
+}
+
+// ToSlice converts a ScopeSet to a slice of Scope values.
+func (s ScopeSet) ToSlice() []Scope {
+scopes := make([]Scope, 0, len(s))
+for scope := range s {
+scopes = append(scopes, scope)
+}
+return scopes
+}
+
+// ToStringSlice converts a ScopeSet to a slice of string values.
+func (s ScopeSet) ToStringSlice() []string {
+scopes := make([]string, 0, len(s))
+for scope := range s {
+scopes = append(scopes, string(scope))
+}
+return scopes
+}
+
+// ToStringSlice converts a slice of Scopes to a slice of strings.
+func ToStringSlice(scopes ...Scope) []string {
+result := make([]string, len(scopes))
+for i, scope := range scopes {
+result[i] = string(scope)
+}
+return result
+}
From 099ad57e637da6a714ee70121cc81e5fbfd0c063 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 23 Dec 2025 15:07:10 +0000
Subject: [PATCH 3/5] Update most tools with OAuth scope information
- Updated 60+ tools with required and accepted OAuth scopes
- Added scopes to: gists, git, notifications, projects, code scanning,
dependabot, secret scanning, security advisories, actions, discussions,
issues (partial), labels, pull requests (partial), repositories (partial), search (partial)
- Remaining: ~20 tools in issues, pullrequests, repositories, and search files
Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
---
pkg/github/actions.go | 1 +
pkg/github/code_scanning.go | 9 +++-
pkg/github/dependabot.go | 9 +++-
pkg/github/discussions.go | 17 ++++++--
pkg/github/gists.go | 17 ++++++--
pkg/github/git.go | 5 ++-
pkg/github/issues.go | 17 ++++++--
pkg/github/labels.go | 13 ++++--
pkg/github/notifications.go | 25 ++++++++---
pkg/github/projects.go | 37 +++++++++++++----
pkg/github/pullrequests.go | 1 +
pkg/github/repositories.go | 69 +++++++++++++++++++++++--------
pkg/github/search.go | 1 +
pkg/github/secret_scanning.go | 9 +++-
pkg/github/security_advisories.go | 17 ++++++--
15 files changed, 189 insertions(+), 58 deletions(-)
diff --git a/pkg/github/actions.go b/pkg/github/actions.go
index 6c7cdc367..a7e04d90a 100644
--- a/pkg/github/actions.go
+++ b/pkg/github/actions.go
@@ -13,6 +13,7 @@ import (
buffer "github.com/github/github-mcp-server/pkg/buffer"
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
diff --git a/pkg/github/code_scanning.go b/pkg/github/code_scanning.go
index 5e25d0501..af232937c 100644
--- a/pkg/github/code_scanning.go
+++ b/pkg/github/code_scanning.go
@@ -8,6 +8,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -16,7 +17,7 @@ import (
)
func GetCodeScanningAlert(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataCodeSecurity,
mcp.Tool{
Name: "get_code_scanning_alert",
@@ -44,6 +45,8 @@ func GetCodeScanningAlert(t translations.TranslationHelperFunc) inventory.Server
Required: []string{"owner", "repo", "alertNumber"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -92,7 +95,7 @@ func GetCodeScanningAlert(t translations.TranslationHelperFunc) inventory.Server
}
func ListCodeScanningAlerts(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataCodeSecurity,
mcp.Tool{
Name: "list_code_scanning_alerts",
@@ -135,6 +138,8 @@ func ListCodeScanningAlerts(t translations.TranslationHelperFunc) inventory.Serv
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/dependabot.go b/pkg/github/dependabot.go
index db6352dab..9a0c09a8f 100644
--- a/pkg/github/dependabot.go
+++ b/pkg/github/dependabot.go
@@ -9,6 +9,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -17,7 +18,7 @@ import (
)
func GetDependabotAlert(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataDependabot,
mcp.Tool{
Name: "get_dependabot_alert",
@@ -45,6 +46,8 @@ func GetDependabotAlert(t translations.TranslationHelperFunc) inventory.ServerTo
Required: []string{"owner", "repo", "alertNumber"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -93,7 +96,7 @@ func GetDependabotAlert(t translations.TranslationHelperFunc) inventory.ServerTo
}
func ListDependabotAlerts(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataDependabot,
mcp.Tool{
Name: "list_dependabot_alerts",
@@ -128,6 +131,8 @@ func ListDependabotAlerts(t translations.TranslationHelperFunc) inventory.Server
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/discussions.go b/pkg/github/discussions.go
index c891ba294..d91722e6e 100644
--- a/pkg/github/discussions.go
+++ b/pkg/github/discussions.go
@@ -6,6 +6,7 @@ import (
"fmt"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/go-viper/mapstructure/v2"
@@ -123,7 +124,7 @@ func getQueryType(useOrdering bool, categoryID *githubv4.ID) any {
}
func ListDiscussions(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "list_discussions",
@@ -161,6 +162,8 @@ func ListDiscussions(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -275,7 +278,7 @@ func ListDiscussions(t translations.TranslationHelperFunc) inventory.ServerTool
}
func GetDiscussion(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "get_discussion",
@@ -303,6 +306,8 @@ func GetDiscussion(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "discussionNumber"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
// Decode params
var params struct {
@@ -378,7 +383,7 @@ func GetDiscussion(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func GetDiscussionComments(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "get_discussion_comments",
@@ -406,6 +411,8 @@ func GetDiscussionComments(t translations.TranslationHelperFunc) inventory.Serve
Required: []string{"owner", "repo", "discussionNumber"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
// Decode params
var params struct {
@@ -504,7 +511,7 @@ func GetDiscussionComments(t translations.TranslationHelperFunc) inventory.Serve
}
func ListDiscussionCategories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "list_discussion_categories",
@@ -528,6 +535,8 @@ func ListDiscussionCategories(t translations.TranslationHelperFunc) inventory.Se
Required: []string{"owner"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/gists.go b/pkg/github/gists.go
index 4d741b88d..cd268c6a1 100644
--- a/pkg/github/gists.go
+++ b/pkg/github/gists.go
@@ -9,6 +9,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -18,7 +19,7 @@ import (
// ListGists creates a tool to list gists for a user
func ListGists(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataGists,
mcp.Tool{
Name: "list_gists",
@@ -41,6 +42,8 @@ func ListGists(t translations.TranslationHelperFunc) inventory.ServerTool {
},
}),
},
+ nil, // no required scopes
+ nil, // no accepted scopes
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
username, err := OptionalParam[string](args, "username")
if err != nil {
@@ -104,7 +107,7 @@ func ListGists(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetGist creates a tool to get the content of a gist
func GetGist(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataGists,
mcp.Tool{
Name: "get_gist",
@@ -124,6 +127,8 @@ func GetGist(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"gist_id"},
},
},
+ nil, // no required scopes
+ nil, // no accepted scopes
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
gistID, err := RequiredParam[string](args, "gist_id")
if err != nil {
@@ -161,7 +166,7 @@ func GetGist(t translations.TranslationHelperFunc) inventory.ServerTool {
// CreateGist creates a tool to create a new gist
func CreateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataGists,
mcp.Tool{
Name: "create_gist",
@@ -194,6 +199,8 @@ func CreateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"filename", "content"},
},
},
+ scopes.ToStringSlice(scopes.Gist),
+ scopes.ToStringSlice(scopes.Gist),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
description, err := OptionalParam[string](args, "description")
if err != nil {
@@ -263,7 +270,7 @@ func CreateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
// UpdateGist creates a tool to edit an existing gist
func UpdateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataGists,
mcp.Tool{
Name: "update_gist",
@@ -295,6 +302,8 @@ func UpdateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"gist_id", "filename", "content"},
},
},
+ scopes.ToStringSlice(scopes.Gist),
+ scopes.ToStringSlice(scopes.Gist),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
gistID, err := RequiredParam[string](args, "gist_id")
if err != nil {
diff --git a/pkg/github/git.go b/pkg/github/git.go
index 7b93c3675..06c766163 100644
--- a/pkg/github/git.go
+++ b/pkg/github/git.go
@@ -8,6 +8,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -39,7 +40,7 @@ type TreeResponse struct {
// GetRepositoryTree creates a tool to get the tree structure of a GitHub repository.
func GetRepositoryTree(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataGit,
mcp.Tool{
Name: "get_repository_tree",
@@ -76,6 +77,8 @@ func GetRepositoryTree(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/issues.go b/pkg/github/issues.go
index f06dc2d9d..f4b5ad43c 100644
--- a/pkg/github/issues.go
+++ b/pkg/github/issues.go
@@ -11,6 +11,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/lockdown"
"github.com/github/github-mcp-server/pkg/octicons"
"github.com/github/github-mcp-server/pkg/sanitize"
@@ -545,7 +546,7 @@ func GetIssueLabels(ctx context.Context, client *githubv4.Client, owner string,
// ListIssueTypes creates a tool to list defined issue types for an organization. This can be used to understand supported issue type values for creating or updating issues.
func ListIssueTypes(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "list_issue_types",
@@ -565,6 +566,8 @@ func ListIssueTypes(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner"},
},
},
+ scopes.ToStringSlice(scopes.ReadOrg),
+ scopes.ToStringSlice(scopes.ReadOrg, scopes.WriteOrg, scopes.AdminOrg),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -600,7 +603,7 @@ func ListIssueTypes(t translations.TranslationHelperFunc) inventory.ServerTool {
// AddIssueComment creates a tool to add a comment to an issue.
func AddIssueComment(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "add_issue_comment",
@@ -632,6 +635,8 @@ func AddIssueComment(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "issue_number", "body"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -683,7 +688,7 @@ func AddIssueComment(t translations.TranslationHelperFunc) inventory.ServerTool
// SubIssueWrite creates a tool to add a sub-issue to a parent issue.
func SubIssueWrite(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "sub_issue_write",
@@ -736,6 +741,8 @@ Options are:
Required: []string{"method", "owner", "repo", "issue_number", "sub_issue_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
method, err := RequiredParam[string](args, "method")
if err != nil {
@@ -971,7 +978,7 @@ func SearchIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
// IssueWrite creates a tool to create a new or update an existing issue in a GitHub repository.
func IssueWrite(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "issue_write",
@@ -1052,6 +1059,8 @@ Options are:
Required: []string{"method", "owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
method, err := RequiredParam[string](args, "method")
if err != nil {
diff --git a/pkg/github/labels.go b/pkg/github/labels.go
index 2811cf66e..d55b605fe 100644
--- a/pkg/github/labels.go
+++ b/pkg/github/labels.go
@@ -8,6 +8,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/jsonschema-go/jsonschema"
@@ -17,7 +18,7 @@ import (
// GetLabel retrieves a specific label by name from a GitHub repository
func GetLabel(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "get_label",
@@ -45,6 +46,8 @@ func GetLabel(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "name"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -118,7 +121,7 @@ func GetLabelForLabelsToolset(t translations.TranslationHelperFunc) inventory.Se
// ListLabels lists labels from a repository
func ListLabels(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetLabels,
mcp.Tool{
Name: "list_label",
@@ -142,6 +145,8 @@ func ListLabels(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -208,7 +213,7 @@ func ListLabels(t translations.TranslationHelperFunc) inventory.ServerTool {
// LabelWrite handles create, update, and delete operations for GitHub labels
func LabelWrite(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetLabels,
mcp.Tool{
Name: "label_write",
@@ -253,6 +258,8 @@ func LabelWrite(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"method", "owner", "repo", "name"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
// Get and validate required parameters
method, err := RequiredParam[string](args, "method")
diff --git a/pkg/github/notifications.go b/pkg/github/notifications.go
index 1e2011fa3..b3008362b 100644
--- a/pkg/github/notifications.go
+++ b/pkg/github/notifications.go
@@ -11,6 +11,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -26,7 +27,7 @@ const (
// ListNotifications creates a tool to list notifications for the current user.
func ListNotifications(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "list_notifications",
@@ -62,6 +63,8 @@ func ListNotifications(t translations.TranslationHelperFunc) inventory.ServerToo
},
}),
},
+ scopes.ToStringSlice(scopes.Notifications),
+ scopes.ToStringSlice(scopes.Notifications),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -162,7 +165,7 @@ func ListNotifications(t translations.TranslationHelperFunc) inventory.ServerToo
// DismissNotification creates a tool to mark a notification as read/done.
func DismissNotification(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "dismiss_notification",
@@ -187,6 +190,8 @@ func DismissNotification(t translations.TranslationHelperFunc) inventory.ServerT
Required: []string{"threadID", "state"},
},
},
+ scopes.ToStringSlice(scopes.Notifications),
+ scopes.ToStringSlice(scopes.Notifications),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -243,7 +248,7 @@ func DismissNotification(t translations.TranslationHelperFunc) inventory.ServerT
// MarkAllNotificationsRead creates a tool to mark all notifications as read.
func MarkAllNotificationsRead(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "mark_all_notifications_read",
@@ -270,6 +275,8 @@ func MarkAllNotificationsRead(t translations.TranslationHelperFunc) inventory.Se
},
},
},
+ scopes.ToStringSlice(scopes.Notifications),
+ scopes.ToStringSlice(scopes.Notifications),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -334,7 +341,7 @@ func MarkAllNotificationsRead(t translations.TranslationHelperFunc) inventory.Se
// GetNotificationDetails creates a tool to get details for a specific notification.
func GetNotificationDetails(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "get_notification_details",
@@ -354,6 +361,8 @@ func GetNotificationDetails(t translations.TranslationHelperFunc) inventory.Serv
Required: []string{"notificationID"},
},
},
+ scopes.ToStringSlice(scopes.Notifications),
+ scopes.ToStringSlice(scopes.Notifications),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -402,7 +411,7 @@ const (
// ManageNotificationSubscription creates a tool to manage a notification subscription (ignore, watch, delete)
func ManageNotificationSubscription(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "manage_notification_subscription",
@@ -427,6 +436,8 @@ func ManageNotificationSubscription(t translations.TranslationHelperFunc) invent
Required: []string{"notificationID", "action"},
},
},
+ scopes.ToStringSlice(scopes.Notifications),
+ scopes.ToStringSlice(scopes.Notifications),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -497,7 +508,7 @@ const (
// ManageRepositoryNotificationSubscription creates a tool to manage a repository notification subscription (ignore, watch, delete)
func ManageRepositoryNotificationSubscription(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "manage_repository_notification_subscription",
@@ -526,6 +537,8 @@ func ManageRepositoryNotificationSubscription(t translations.TranslationHelperFu
Required: []string{"owner", "repo", "action"},
},
},
+ scopes.ToStringSlice(scopes.Notifications),
+ scopes.ToStringSlice(scopes.Notifications),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
diff --git a/pkg/github/projects.go b/pkg/github/projects.go
index 0536bed99..4edef178e 100644
--- a/pkg/github/projects.go
+++ b/pkg/github/projects.go
@@ -10,6 +10,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -26,7 +27,7 @@ const (
)
func ListProjects(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "list_projects",
@@ -67,6 +68,8 @@ func ListProjects(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner_type", "owner"},
},
},
+ scopes.ToStringSlice(scopes.ReadProject),
+ scopes.ToStringSlice(scopes.ReadProject, scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
@@ -143,7 +146,7 @@ func ListProjects(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func GetProject(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "get_project",
@@ -172,6 +175,8 @@ func GetProject(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"project_number", "owner_type", "owner"},
},
},
+ scopes.ToStringSlice(scopes.ReadProject),
+ scopes.ToStringSlice(scopes.ReadProject, scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
projectNumber, err := RequiredInt(args, "project_number")
@@ -231,7 +236,7 @@ func GetProject(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func ListProjectFields(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "list_project_fields",
@@ -272,6 +277,8 @@ func ListProjectFields(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner_type", "owner", "project_number"},
},
},
+ scopes.ToStringSlice(scopes.ReadProject),
+ scopes.ToStringSlice(scopes.ReadProject, scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
@@ -337,7 +344,7 @@ func ListProjectFields(t translations.TranslationHelperFunc) inventory.ServerToo
}
func GetProjectField(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "get_project_field",
@@ -370,6 +377,8 @@ func GetProjectField(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner_type", "owner", "project_number", "field_id"},
},
},
+ scopes.ToStringSlice(scopes.ReadProject),
+ scopes.ToStringSlice(scopes.ReadProject, scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
@@ -429,7 +438,7 @@ func GetProjectField(t translations.TranslationHelperFunc) inventory.ServerTool
}
func ListProjectItems(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "list_project_items",
@@ -481,6 +490,8 @@ func ListProjectItems(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner_type", "owner", "project_number"},
},
},
+ scopes.ToStringSlice(scopes.ReadProject),
+ scopes.ToStringSlice(scopes.ReadProject, scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
@@ -565,7 +576,7 @@ func ListProjectItems(t translations.TranslationHelperFunc) inventory.ServerTool
}
func GetProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "get_project_item",
@@ -605,6 +616,8 @@ func GetProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner_type", "owner", "project_number", "item_id"},
},
},
+ scopes.ToStringSlice(scopes.ReadProject),
+ scopes.ToStringSlice(scopes.ReadProject, scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
@@ -671,7 +684,7 @@ func GetProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func AddProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "add_project_item",
@@ -709,6 +722,8 @@ func AddProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner_type", "owner", "project_number", "item_type", "item_id"},
},
},
+ scopes.ToStringSlice(scopes.Project),
+ scopes.ToStringSlice(scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
@@ -782,7 +797,7 @@ func AddProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func UpdateProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "update_project_item",
@@ -819,6 +834,8 @@ func UpdateProjectItem(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner_type", "owner", "project_number", "item_id", "updated_field"},
},
},
+ scopes.ToStringSlice(scopes.Project),
+ scopes.ToStringSlice(scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
@@ -894,7 +911,7 @@ func UpdateProjectItem(t translations.TranslationHelperFunc) inventory.ServerToo
}
func DeleteProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataProjects,
mcp.Tool{
Name: "delete_project_item",
@@ -928,6 +945,8 @@ func DeleteProjectItem(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner_type", "owner", "project_number", "item_id"},
},
},
+ scopes.ToStringSlice(scopes.Project),
+ scopes.ToStringSlice(scopes.Project),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
diff --git a/pkg/github/pullrequests.go b/pkg/github/pullrequests.go
index d51c14fa4..400918858 100644
--- a/pkg/github/pullrequests.go
+++ b/pkg/github/pullrequests.go
@@ -15,6 +15,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/lockdown"
"github.com/github/github-mcp-server/pkg/octicons"
"github.com/github/github-mcp-server/pkg/sanitize"
diff --git a/pkg/github/repositories.go b/pkg/github/repositories.go
index c31bb7df2..b883485da 100644
--- a/pkg/github/repositories.go
+++ b/pkg/github/repositories.go
@@ -11,6 +11,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/octicons"
"github.com/github/github-mcp-server/pkg/raw"
"github.com/github/github-mcp-server/pkg/translations"
@@ -21,7 +22,7 @@ import (
)
func GetCommit(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_commit",
@@ -54,6 +55,8 @@ func GetCommit(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "sha"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -118,7 +121,7 @@ func GetCommit(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListCommits creates a tool to get commits of a branch in a repository.
func ListCommits(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_commits",
@@ -150,6 +153,8 @@ func ListCommits(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -225,7 +230,7 @@ func ListCommits(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListBranches creates a tool to list branches in a GitHub repository.
func ListBranches(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_branches",
@@ -249,6 +254,8 @@ func ListBranches(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -509,7 +516,7 @@ If the SHA is not provided, the tool will attempt to acquire it by fetching the
// CreateRepository creates a tool to create a new GitHub repository.
func CreateRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "create_repository",
@@ -545,6 +552,8 @@ func CreateRepository(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"name"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
name, err := RequiredParam[string](args, "name")
if err != nil {
@@ -614,7 +623,7 @@ func CreateRepository(t translations.TranslationHelperFunc) inventory.ServerTool
// GetFileContents creates a tool to get the contents of a file or directory from a GitHub repository.
func GetFileContents(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_file_contents",
@@ -651,6 +660,8 @@ func GetFileContents(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -805,7 +816,7 @@ func GetFileContents(t translations.TranslationHelperFunc) inventory.ServerTool
// ForkRepository creates a tool to fork a repository.
func ForkRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "fork_repository",
@@ -834,6 +845,8 @@ func ForkRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -903,7 +916,7 @@ func ForkRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
// The approach implemented here gets automatic commit signing when used with either the github-actions user or as an app,
// both of which suit an LLM well.
func DeleteFile(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "delete_file",
@@ -940,6 +953,8 @@ func DeleteFile(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "path", "message", "branch"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1087,7 +1102,7 @@ func DeleteFile(t translations.TranslationHelperFunc) inventory.ServerTool {
// CreateBranch creates a tool to create a new branch.
func CreateBranch(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "create_branch",
@@ -1119,6 +1134,8 @@ func CreateBranch(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "branch"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1199,7 +1216,7 @@ func CreateBranch(t translations.TranslationHelperFunc) inventory.ServerTool {
// PushFiles creates a tool to push multiple files in a single commit to a GitHub repository.
func PushFiles(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "push_files",
@@ -1249,6 +1266,8 @@ func PushFiles(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "branch", "files", "message"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1382,7 +1401,7 @@ func PushFiles(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListTags creates a tool to list tags in a GitHub repository.
func ListTags(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_tags",
@@ -1406,6 +1425,8 @@ func ListTags(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1460,7 +1481,7 @@ func ListTags(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetTag creates a tool to get details about a specific tag in a GitHub repository.
func GetTag(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_tag",
@@ -1488,6 +1509,8 @@ func GetTag(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "tag"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1557,7 +1580,7 @@ func GetTag(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListReleases creates a tool to list releases in a GitHub repository.
func ListReleases(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_releases",
@@ -1581,6 +1604,8 @@ func ListReleases(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1631,7 +1656,7 @@ func ListReleases(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetLatestRelease creates a tool to get the latest release in a GitHub repository.
func GetLatestRelease(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_latest_release",
@@ -1655,6 +1680,8 @@ func GetLatestRelease(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1695,7 +1722,7 @@ func GetLatestRelease(t translations.TranslationHelperFunc) inventory.ServerTool
}
func GetReleaseByTag(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_release_by_tag",
@@ -1723,6 +1750,8 @@ func GetReleaseByTag(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "tag"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -2010,7 +2039,7 @@ func resolveDefaultBranch(ctx context.Context, githubClient *github.Client, owne
// ListStarredRepositories creates a tool to list starred repositories for the authenticated user or a specified user.
func ListStarredRepositories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataStargazers,
mcp.Tool{
Name: "list_starred_repositories",
@@ -2039,6 +2068,8 @@ func ListStarredRepositories(t translations.TranslationHelperFunc) inventory.Ser
},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
username, err := OptionalParam[string](args, "username")
if err != nil {
@@ -2141,7 +2172,7 @@ func ListStarredRepositories(t translations.TranslationHelperFunc) inventory.Ser
// StarRepository creates a tool to star a repository.
func StarRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataStargazers,
mcp.Tool{
Name: "star_repository",
@@ -2166,6 +2197,8 @@ func StarRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.PublicRepo),
+ scopes.ToStringSlice(scopes.PublicRepo, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -2206,7 +2239,7 @@ func StarRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
// UnstarRepository creates a tool to unstar a repository.
func UnstarRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataStargazers,
mcp.Tool{
Name: "unstar_repository",
@@ -2230,6 +2263,8 @@ func UnstarRepository(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.PublicRepo),
+ scopes.ToStringSlice(scopes.PublicRepo, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/search.go b/pkg/github/search.go
index 9a8b971e2..e207479d6 100644
--- a/pkg/github/search.go
+++ b/pkg/github/search.go
@@ -9,6 +9,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
diff --git a/pkg/github/secret_scanning.go b/pkg/github/secret_scanning.go
index 0de5166ba..fb259758e 100644
--- a/pkg/github/secret_scanning.go
+++ b/pkg/github/secret_scanning.go
@@ -9,6 +9,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -17,7 +18,7 @@ import (
)
func GetSecretScanningAlert(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataSecretProtection,
mcp.Tool{
Name: "get_secret_scanning_alert",
@@ -45,6 +46,8 @@ func GetSecretScanningAlert(t translations.TranslationHelperFunc) inventory.Serv
Required: []string{"owner", "repo", "alertNumber"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -93,7 +96,7 @@ func GetSecretScanningAlert(t translations.TranslationHelperFunc) inventory.Serv
}
func ListSecretScanningAlerts(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataSecretProtection,
mcp.Tool{
Name: "list_secret_scanning_alerts",
@@ -131,6 +134,8 @@ func ListSecretScanningAlerts(t translations.TranslationHelperFunc) inventory.Se
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/security_advisories.go b/pkg/github/security_advisories.go
index f898de61d..44858dbd9 100644
--- a/pkg/github/security_advisories.go
+++ b/pkg/github/security_advisories.go
@@ -9,6 +9,7 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -17,7 +18,7 @@ import (
)
func ListGlobalSecurityAdvisories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "list_global_security_advisories",
@@ -83,6 +84,8 @@ func ListGlobalSecurityAdvisories(t translations.TranslationHelperFunc) inventor
},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -207,7 +210,7 @@ func ListGlobalSecurityAdvisories(t translations.TranslationHelperFunc) inventor
}
func ListRepositorySecurityAdvisories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "list_repository_security_advisories",
@@ -246,6 +249,8 @@ func ListRepositorySecurityAdvisories(t translations.TranslationHelperFunc) inve
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -310,7 +315,7 @@ func ListRepositorySecurityAdvisories(t translations.TranslationHelperFunc) inve
}
func GetGlobalSecurityAdvisory(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "get_global_security_advisory",
@@ -330,6 +335,8 @@ func GetGlobalSecurityAdvisory(t translations.TranslationHelperFunc) inventory.S
Required: []string{"ghsaId"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -366,7 +373,7 @@ func GetGlobalSecurityAdvisory(t translations.TranslationHelperFunc) inventory.S
}
func ListOrgRepositorySecurityAdvisories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "list_org_repository_security_advisories",
@@ -401,6 +408,8 @@ func ListOrgRepositorySecurityAdvisories(t translations.TranslationHelperFunc) i
Required: []string{"org"},
},
},
+ scopes.ToStringSlice(scopes.SecurityEvents),
+ scopes.ToStringSlice(scopes.SecurityEvents, scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
org, err := RequiredParam[string](args, "org")
if err != nil {
From 4ed031073829c5e8a72115ea7feba4d318047e6c Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 23 Dec 2025 15:16:11 +0000
Subject: [PATCH 4/5] Complete OAuth scope implementation for all tools
- Updated all remaining tools with OAuth scope information
- Added scope documentation generation to generate-docs command
- Documentation now shows Required and Accepted OAuth scopes for each tool
- All 100+ tools now have scope information defined
- Tests pass, linter passes, documentation generated successfully
Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
---
README.md | 192 +++++++++++++++++++++++++
cmd/github-mcp-server/generate_docs.go | 21 ++-
pkg/github/actions.go | 72 +++++++---
pkg/github/issues.go | 18 ++-
pkg/github/pullrequests.go | 42 ++++--
pkg/github/repositories.go | 6 +-
pkg/github/search.go | 16 ++-
pkg/scopes/scopes.go | 80 +++++------
8 files changed, 361 insertions(+), 86 deletions(-)
diff --git a/README.md b/README.md
index 059256aaa..70fd8fea0 100644
--- a/README.md
+++ b/README.md
@@ -491,6 +491,8 @@ The following sets of tools are available:
Actions
- **actions_get** - Get details of GitHub Actions resources (workflows, workflow runs, jobs, and artifacts)
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `method`: The method to execute (string, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
@@ -502,6 +504,8 @@ The following sets of tools are available:
(string, required)
- **actions_list** - List GitHub Actions workflows in a repository
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `method`: The action to perform (string, required)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (default: 1) (number, optional)
@@ -516,6 +520,8 @@ The following sets of tools are available:
- `workflow_runs_filter`: Filters for workflow runs. **ONLY** used when method is 'list_workflow_runs' (object, optional)
- **actions_run_trigger** - Trigger GitHub Actions workflow actions
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `inputs`: Inputs the workflow accepts. Only used for 'run_workflow' method. (object, optional)
- `method`: The method to execute (string, required)
- `owner`: Repository owner (string, required)
@@ -525,21 +531,29 @@ The following sets of tools are available:
- `workflow_id`: The workflow ID (numeric) or workflow file name (e.g., main.yml, ci.yaml). Required for 'run_workflow' method. (string, optional)
- **cancel_workflow_run** - Cancel workflow run
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **delete_workflow_run_logs** - Delete workflow logs
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **download_workflow_run_artifact** - Download workflow artifact
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `artifact_id`: The unique identifier of the artifact (number, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_job_logs** - Get job logs
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `failed_only`: When true, gets logs for all failed jobs in run_id (boolean, optional)
- `job_id`: The unique identifier of the workflow job (required for single job logs) (number, optional)
- `owner`: Repository owner (string, required)
@@ -549,6 +563,8 @@ The following sets of tools are available:
- `tail_lines`: Number of lines to return from the end of the log (number, optional)
- **get_job_logs** - Get GitHub Actions workflow job logs
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `failed_only`: When true, gets logs for all failed jobs in the workflow run specified by run_id. Requires run_id to be provided. (boolean, optional)
- `job_id`: The unique identifier of the workflow job. Required when getting logs for a single job. (number, optional)
- `owner`: Repository owner (string, required)
@@ -558,21 +574,29 @@ The following sets of tools are available:
- `tail_lines`: Number of lines to return from the end of the log (number, optional)
- **get_workflow_run** - Get workflow run
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **get_workflow_run_logs** - Get workflow run logs
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **get_workflow_run_usage** - Get workflow usage
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **list_workflow_jobs** - List workflow jobs
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `filter`: Filters jobs by their completed_at timestamp (string, optional)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -581,6 +605,8 @@ The following sets of tools are available:
- `run_id`: The unique identifier of the workflow run (number, required)
- **list_workflow_run_artifacts** - List workflow artifacts
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -588,6 +614,8 @@ The following sets of tools are available:
- `run_id`: The unique identifier of the workflow run (number, required)
- **list_workflow_runs** - List workflow runs
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `actor`: Returns someone's workflow runs. Use the login for the user who created the workflow run. (string, optional)
- `branch`: Returns workflow runs associated with a branch. Use the name of the branch. (string, optional)
- `event`: Returns workflow runs for a specific event type (string, optional)
@@ -599,22 +627,30 @@ The following sets of tools are available:
- `workflow_id`: The workflow ID or workflow file name (string, required)
- **list_workflows** - List workflows
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
- `repo`: Repository name (string, required)
- **rerun_failed_jobs** - Rerun failed jobs
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **rerun_workflow_run** - Rerun workflow run
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **run_workflow** - Run workflow
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `inputs`: Inputs the workflow accepts (object, optional)
- `owner`: Repository owner (string, required)
- `ref`: The git reference for the workflow. The reference can be a branch or tag name. (string, required)
@@ -628,11 +664,15 @@ The following sets of tools are available:
Code Security
- **get_code_scanning_alert** - Get code scanning alert
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `alertNumber`: The number of the alert. (number, required)
- `owner`: The owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
- **list_code_scanning_alerts** - List code scanning alerts
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `owner`: The owner of the repository. (string, required)
- `ref`: The Git reference for the results you want to list. (string, optional)
- `repo`: The name of the repository. (string, required)
@@ -650,10 +690,14 @@ The following sets of tools are available:
- No parameters required
- **get_team_members** - Get team members
+ - **Required OAuth Scopes**: `read:org`
+ - **Accepted OAuth Scopes**: `read:org`, `write:org`, `admin:org`
- `org`: Organization login (owner) that contains the team. (string, required)
- `team_slug`: Team slug (string, required)
- **get_teams** - Get teams
+ - **Required OAuth Scopes**: `read:org`
+ - **Accepted OAuth Scopes**: `read:org`, `write:org`, `admin:org`
- `user`: Username to get teams for. If not provided, uses the authenticated user. (string, optional)
@@ -663,11 +707,15 @@ The following sets of tools are available:
Dependabot
- **get_dependabot_alert** - Get dependabot alert
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `alertNumber`: The number of the alert. (number, required)
- `owner`: The owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
- **list_dependabot_alerts** - List dependabot alerts
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `owner`: The owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
- `severity`: Filter dependabot alerts by severity (string, optional)
@@ -680,11 +728,15 @@ The following sets of tools are available:
Discussions
- **get_discussion** - Get discussion
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `discussionNumber`: Discussion Number (number, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_discussion_comments** - Get discussion comments
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `after`: Cursor for pagination. Use the endCursor from the previous page's PageInfo for GraphQL APIs. (string, optional)
- `discussionNumber`: Discussion Number (number, required)
- `owner`: Repository owner (string, required)
@@ -692,10 +744,14 @@ The following sets of tools are available:
- `repo`: Repository name (string, required)
- **list_discussion_categories** - List discussion categories
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name. If not provided, discussion categories will be queried at the organisation level. (string, optional)
- **list_discussions** - List discussions
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `after`: Cursor for pagination. Use the endCursor from the previous page's PageInfo for GraphQL APIs. (string, optional)
- `category`: Optional filter by discussion category ID. If provided, only discussions with this category are listed. (string, optional)
- `direction`: Order direction. (string, optional)
@@ -711,6 +767,8 @@ The following sets of tools are available:
Gists
- **create_gist** - Create Gist
+ - **Required OAuth Scopes**: `gist`
+ - **Accepted OAuth Scopes**: `gist`
- `content`: Content for simple single-file gist creation (string, required)
- `description`: Description of the gist (string, optional)
- `filename`: Filename for simple single-file gist creation (string, required)
@@ -726,6 +784,8 @@ The following sets of tools are available:
- `username`: GitHub username (omit for authenticated user's gists) (string, optional)
- **update_gist** - Update Gist
+ - **Required OAuth Scopes**: `gist`
+ - **Accepted OAuth Scopes**: `gist`
- `content`: Content for the file (string, required)
- `description`: Updated description of the gist (string, optional)
- `filename`: Filename to update or create (string, required)
@@ -738,6 +798,8 @@ The following sets of tools are available:
Git
- **get_repository_tree** - Get repository tree
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (username or organization) (string, required)
- `path_filter`: Optional path prefix to filter the tree results (e.g., 'src/' to only show files in the src directory) (string, optional)
- `recursive`: Setting this parameter to true returns the objects or subtrees referenced by the tree. Default is false (boolean, optional)
@@ -751,22 +813,30 @@ The following sets of tools are available:
Issues
- **add_issue_comment** - Add comment to issue
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `body`: Comment content (string, required)
- `issue_number`: Issue number to comment on (number, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **assign_copilot_to_issue** - Assign Copilot to issue
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `issueNumber`: Issue number (number, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_label** - Get a specific label from a repository.
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `name`: Label name. (string, required)
- `owner`: Repository owner (username or organization name) (string, required)
- `repo`: Repository name (string, required)
- **issue_read** - Get issue details
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `issue_number`: The number of the issue (number, required)
- `method`: The read operation to perform on a single issue.
Options are:
@@ -781,6 +851,8 @@ The following sets of tools are available:
- `repo`: The name of the repository (string, required)
- **issue_write** - Create or update issue.
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `assignees`: Usernames to assign to this issue (string[], optional)
- `body`: Issue body content (string, optional)
- `duplicate_of`: Issue number that this issue is a duplicate of. Only used when state_reason is 'duplicate'. (number, optional)
@@ -800,9 +872,13 @@ The following sets of tools are available:
- `type`: Type of this issue. Only use if the repository has issue types configured. Use list_issue_types tool to get valid type values for the organization. If the repository doesn't support issue types, omit this parameter. (string, optional)
- **list_issue_types** - List available issue types
+ - **Required OAuth Scopes**: `read:org`
+ - **Accepted OAuth Scopes**: `read:org`, `write:org`, `admin:org`
- `owner`: The organization owner of the repository (string, required)
- **list_issues** - List issues
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `after`: Cursor for pagination. Use the endCursor from the previous page's PageInfo for GraphQL APIs. (string, optional)
- `direction`: Order direction. If provided, the 'orderBy' also needs to be provided. (string, optional)
- `labels`: Filter by labels (string[], optional)
@@ -814,6 +890,8 @@ The following sets of tools are available:
- `state`: Filter by state, by default both open and closed issues are returned when not provided (string, optional)
- **search_issues** - Search issues
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order (string, optional)
- `owner`: Optional repository owner. If provided with repo, only issues for this repository are listed. (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -823,6 +901,8 @@ The following sets of tools are available:
- `sort`: Sort field by number of matches of categories, defaults to best match (string, optional)
- **sub_issue_write** - Change sub-issue
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `after_id`: The ID of the sub-issue to be prioritized after (either after_id OR before_id should be specified) (number, optional)
- `before_id`: The ID of the sub-issue to be prioritized before (either after_id OR before_id should be specified) (number, optional)
- `issue_number`: The number of the parent issue (number, required)
@@ -844,11 +924,15 @@ The following sets of tools are available:
Labels
- **get_label** - Get a specific label from a repository.
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `name`: Label name. (string, required)
- `owner`: Repository owner (username or organization name) (string, required)
- `repo`: Repository name (string, required)
- **label_write** - Write operations on repository labels.
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `color`: Label color as 6-character hex code without '#' prefix (e.g., 'f29513'). Required for 'create', optional for 'update'. (string, optional)
- `description`: Label description text. Optional for 'create' and 'update'. (string, optional)
- `method`: Operation to perform: 'create', 'update', or 'delete' (string, required)
@@ -858,6 +942,8 @@ The following sets of tools are available:
- `repo`: Repository name (string, required)
- **list_label** - List labels from a repository
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (username or organization name) - required for all operations (string, required)
- `repo`: Repository name - required for all operations (string, required)
@@ -868,13 +954,19 @@ The following sets of tools are available:
Notifications
- **dismiss_notification** - Dismiss notification
+ - **Required OAuth Scopes**: `notifications`
+ - **Accepted OAuth Scopes**: `notifications`
- `state`: The new state of the notification (read/done) (string, required)
- `threadID`: The ID of the notification thread (string, required)
- **get_notification_details** - Get notification details
+ - **Required OAuth Scopes**: `notifications`
+ - **Accepted OAuth Scopes**: `notifications`
- `notificationID`: The ID of the notification (string, required)
- **list_notifications** - List notifications
+ - **Required OAuth Scopes**: `notifications`
+ - **Accepted OAuth Scopes**: `notifications`
- `before`: Only show notifications updated before the given time (ISO 8601 format) (string, optional)
- `filter`: Filter notifications to, use default unless specified. Read notifications are ones that have already been acknowledged by the user. Participating notifications are those that the user is directly involved in, such as issues or pull requests they have commented on or created. (string, optional)
- `owner`: Optional repository owner. If provided with repo, only notifications for this repository are listed. (string, optional)
@@ -884,15 +976,21 @@ The following sets of tools are available:
- `since`: Only show notifications updated after the given time (ISO 8601 format) (string, optional)
- **manage_notification_subscription** - Manage notification subscription
+ - **Required OAuth Scopes**: `notifications`
+ - **Accepted OAuth Scopes**: `notifications`
- `action`: Action to perform: ignore, watch, or delete the notification subscription. (string, required)
- `notificationID`: The ID of the notification thread. (string, required)
- **manage_repository_notification_subscription** - Manage repository notification subscription
+ - **Required OAuth Scopes**: `notifications`
+ - **Accepted OAuth Scopes**: `notifications`
- `action`: Action to perform: ignore, watch, or delete the repository notification subscription. (string, required)
- `owner`: The account owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
- **mark_all_notifications_read** - Mark all notifications as read
+ - **Required OAuth Scopes**: `notifications`
+ - **Accepted OAuth Scopes**: `notifications`
- `lastReadAt`: Describes the last point that notifications were checked (optional). Default: Now (string, optional)
- `owner`: Optional repository owner. If provided with repo, only notifications for this repository are marked as read. (string, optional)
- `repo`: Optional repository name. If provided with owner, only notifications for this repository are marked as read. (string, optional)
@@ -904,6 +1002,8 @@ The following sets of tools are available:
Organizations
- **search_orgs** - Search organizations
+ - **Required OAuth Scopes**: `read:org`
+ - **Accepted OAuth Scopes**: `read:org`, `write:org`, `admin:org`
- `order`: Sort order (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -917,6 +1017,8 @@ The following sets of tools are available:
Projects
- **add_project_item** - Add project item
+ - **Required OAuth Scopes**: `project`
+ - **Accepted OAuth Scopes**: `project`
- `item_id`: The numeric ID of the issue or pull request to add to the project. (number, required)
- `item_type`: The item's type, either issue or pull_request. (string, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
@@ -924,23 +1026,31 @@ The following sets of tools are available:
- `project_number`: The project's number. (number, required)
- **delete_project_item** - Delete project item
+ - **Required OAuth Scopes**: `project`
+ - **Accepted OAuth Scopes**: `project`
- `item_id`: The internal project item ID to delete from the project (not the issue or pull request ID). (number, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
- `owner_type`: Owner type (string, required)
- `project_number`: The project's number. (number, required)
- **get_project** - Get project
+ - **Required OAuth Scopes**: `read:project`
+ - **Accepted OAuth Scopes**: `read:project`, `project`
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
- `owner_type`: Owner type (string, required)
- `project_number`: The project's number (number, required)
- **get_project_field** - Get project field
+ - **Required OAuth Scopes**: `read:project`
+ - **Accepted OAuth Scopes**: `read:project`, `project`
- `field_id`: The field's id. (number, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
- `owner_type`: Owner type (string, required)
- `project_number`: The project's number. (number, required)
- **get_project_item** - Get project item
+ - **Required OAuth Scopes**: `read:project`
+ - **Accepted OAuth Scopes**: `read:project`, `project`
- `fields`: Specific list of field IDs to include in the response (e.g. ["102589", "985201", "169875"]). If not provided, only the title field is included. (string[], optional)
- `item_id`: The item's ID. (number, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
@@ -948,6 +1058,8 @@ The following sets of tools are available:
- `project_number`: The project's number. (number, required)
- **list_project_fields** - List project fields
+ - **Required OAuth Scopes**: `read:project`
+ - **Accepted OAuth Scopes**: `read:project`, `project`
- `after`: Forward pagination cursor from previous pageInfo.nextCursor. (string, optional)
- `before`: Backward pagination cursor from previous pageInfo.prevCursor (rare). (string, optional)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
@@ -956,6 +1068,8 @@ The following sets of tools are available:
- `project_number`: The project's number. (number, required)
- **list_project_items** - List project items
+ - **Required OAuth Scopes**: `read:project`
+ - **Accepted OAuth Scopes**: `read:project`, `project`
- `after`: Forward pagination cursor from previous pageInfo.nextCursor. (string, optional)
- `before`: Backward pagination cursor from previous pageInfo.prevCursor (rare). (string, optional)
- `fields`: Field IDs to include (e.g. ["102589", "985201"]). CRITICAL: Always provide to get field values. Without this, only titles returned. (string[], optional)
@@ -966,6 +1080,8 @@ The following sets of tools are available:
- `query`: Query string for advanced filtering of project items using GitHub's project filtering syntax. (string, optional)
- **list_projects** - List projects
+ - **Required OAuth Scopes**: `read:project`
+ - **Accepted OAuth Scopes**: `read:project`, `project`
- `after`: Forward pagination cursor from previous pageInfo.nextCursor. (string, optional)
- `before`: Backward pagination cursor from previous pageInfo.prevCursor (rare). (string, optional)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
@@ -974,6 +1090,8 @@ The following sets of tools are available:
- `query`: Filter projects by title text and open/closed state; permitted qualifiers: is:open, is:closed; examples: "roadmap is:open", "is:open feature planning". (string, optional)
- **update_project_item** - Update project item
+ - **Required OAuth Scopes**: `project`
+ - **Accepted OAuth Scopes**: `project`
- `item_id`: The unique identifier of the project item. This is not the issue or pull request ID. (number, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
- `owner_type`: Owner type (string, required)
@@ -987,6 +1105,8 @@ The following sets of tools are available:
Pull Requests
- **add_comment_to_pending_review** - Add review comment to the requester's latest pending pull request review
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `body`: The text of the review comment (string, required)
- `line`: The line of the blob in the pull request diff that the comment applies to. For multi-line comments, the last line of the range (number, optional)
- `owner`: Repository owner (string, required)
@@ -999,6 +1119,8 @@ The following sets of tools are available:
- `subjectType`: The level at which the comment is targeted (string, required)
- **create_pull_request** - Open new pull request
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `base`: Branch to merge into (string, required)
- `body`: PR description (string, optional)
- `draft`: Create as draft PR (boolean, optional)
@@ -1009,6 +1131,8 @@ The following sets of tools are available:
- `title`: PR title (string, required)
- **list_pull_requests** - List pull requests
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `base`: Filter by base branch (string, optional)
- `direction`: Sort direction (string, optional)
- `head`: Filter by head user/org and branch (string, optional)
@@ -1020,6 +1144,8 @@ The following sets of tools are available:
- `state`: Filter by state (string, optional)
- **merge_pull_request** - Merge pull request
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `commit_message`: Extra detail for merge commit (string, optional)
- `commit_title`: Title for merge commit (string, optional)
- `merge_method`: Merge method (string, optional)
@@ -1028,6 +1154,8 @@ The following sets of tools are available:
- `repo`: Repository name (string, required)
- **pull_request_read** - Get details for a single pull request
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `method`: Action to specify what pull request data needs to be retrieved from GitHub.
Possible options:
1. get - Get details of a specific pull request.
@@ -1045,6 +1173,8 @@ The following sets of tools are available:
- `repo`: Repository name (string, required)
- **pull_request_review_write** - Write operations (create, submit, delete) on pull request reviews.
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `body`: Review comment text (string, optional)
- `commitID`: SHA of commit to review (string, optional)
- `event`: Review action to perform. (string, optional)
@@ -1054,11 +1184,15 @@ The following sets of tools are available:
- `repo`: Repository name (string, required)
- **request_copilot_review** - Request Copilot review
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `pullNumber`: Pull request number (number, required)
- `repo`: Repository name (string, required)
- **search_pull_requests** - Search pull requests
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order (string, optional)
- `owner`: Optional repository owner. If provided with repo, only pull requests for this repository are listed. (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1068,6 +1202,8 @@ The following sets of tools are available:
- `sort`: Sort field by number of matches of categories, defaults to best match (string, optional)
- **update_pull_request** - Edit pull request
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `base`: New base branch name (string, optional)
- `body`: New description (string, optional)
- `draft`: Mark pull request as draft (true) or ready for review (false) (boolean, optional)
@@ -1080,6 +1216,8 @@ The following sets of tools are available:
- `title`: New title (string, optional)
- **update_pull_request_branch** - Update pull request branch
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `expectedHeadSha`: The expected SHA of the pull request's HEAD ref (string, optional)
- `owner`: Repository owner (string, required)
- `pullNumber`: Pull request number (number, required)
@@ -1092,12 +1230,16 @@ The following sets of tools are available:
Repositories
- **create_branch** - Create branch
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `branch`: Name for new branch (string, required)
- `from_branch`: Source branch (defaults to repo default) (string, optional)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **create_or_update_file** - Create or update file
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `branch`: Branch to create/update the file in (string, required)
- `content`: Content of the file (string, required)
- `message`: Commit message (string, required)
@@ -1107,6 +1249,8 @@ The following sets of tools are available:
- `sha`: The blob SHA of the file being replaced. (string, optional)
- **create_repository** - Create repository
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `autoInit`: Initialize with README (boolean, optional)
- `description`: Repository description (string, optional)
- `name`: Repository name (string, required)
@@ -1114,6 +1258,8 @@ The following sets of tools are available:
- `private`: Whether repo should be private (boolean, optional)
- **delete_file** - Delete file
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `branch`: Branch to delete the file from (string, required)
- `message`: Commit message (string, required)
- `owner`: Repository owner (username or organization) (string, required)
@@ -1121,11 +1267,15 @@ The following sets of tools are available:
- `repo`: Repository name (string, required)
- **fork_repository** - Fork repository
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `organization`: Organization to fork to (string, optional)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_commit** - Get commit details
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `include_diff`: Whether to include file diffs and stats in the response. Default is true. (boolean, optional)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1134,6 +1284,8 @@ The following sets of tools are available:
- `sha`: Commit SHA, branch name, or tag name (string, required)
- **get_file_contents** - Get file or directory contents
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (username or organization) (string, required)
- `path`: Path to file/directory (string, optional)
- `ref`: Accepts optional git refs such as `refs/tags/{tag}`, `refs/heads/{branch}` or `refs/pull/{pr_number}/head` (string, optional)
@@ -1141,26 +1293,36 @@ The following sets of tools are available:
- `sha`: Accepts optional commit SHA. If specified, it will be used instead of ref (string, optional)
- **get_latest_release** - Get latest release
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_release_by_tag** - Get a release by tag name
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `tag`: Tag name (e.g., 'v1.0.0') (string, required)
- **get_tag** - Get tag details
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `tag`: Tag name (string, required)
- **list_branches** - List branches
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
- `repo`: Repository name (string, required)
- **list_commits** - List commits
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `author`: Author username or email address to filter commits by (string, optional)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1169,18 +1331,24 @@ The following sets of tools are available:
- `sha`: Commit SHA, branch or tag name to list commits of. If not provided, uses the default branch of the repository. If a commit SHA is provided, will list commits up to that SHA. (string, optional)
- **list_releases** - List releases
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
- `repo`: Repository name (string, required)
- **list_tags** - List tags
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
- `repo`: Repository name (string, required)
- **push_files** - Push files to repository
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `branch`: Branch to push to (string, required)
- `files`: Array of file objects to push, each object with path (string) and content (string) (object[], required)
- `message`: Commit message (string, required)
@@ -1188,6 +1356,8 @@ The following sets of tools are available:
- `repo`: Repository name (string, required)
- **search_code** - Search code
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order for results (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -1195,6 +1365,8 @@ The following sets of tools are available:
- `sort`: Sort field ('indexed' only) (string, optional)
- **search_repositories** - Search repositories
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `minimal_output`: Return minimal repository information (default: true). When false, returns full GitHub API repository objects. (boolean, optional)
- `order`: Sort order (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1209,11 +1381,15 @@ The following sets of tools are available:
Secret Protection
- **get_secret_scanning_alert** - Get secret scanning alert
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `alertNumber`: The number of the alert. (number, required)
- `owner`: The owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
- **list_secret_scanning_alerts** - List secret scanning alerts
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `owner`: The owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
- `resolution`: Filter by resolution (string, optional)
@@ -1227,9 +1403,13 @@ The following sets of tools are available:
Security Advisories
- **get_global_security_advisory** - Get a global security advisory
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `ghsaId`: GitHub Security Advisory ID (format: GHSA-xxxx-xxxx-xxxx). (string, required)
- **list_global_security_advisories** - List global security advisories
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `affects`: Filter advisories by affected package or version (e.g. "package1,package2@1.0.0"). (string, optional)
- `cveId`: Filter by CVE ID. (string, optional)
- `cwes`: Filter by Common Weakness Enumeration IDs (e.g. ["79", "284", "22"]). (string[], optional)
@@ -1243,12 +1423,16 @@ The following sets of tools are available:
- `updated`: Filter by update date or date range (ISO 8601 date or range). (string, optional)
- **list_org_repository_security_advisories** - List org repository security advisories
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `direction`: Sort direction. (string, optional)
- `org`: The organization login. (string, required)
- `sort`: Sort field. (string, optional)
- `state`: Filter by advisory state. (string, optional)
- **list_repository_security_advisories** - List repository security advisories
+ - **Required OAuth Scopes**: `security_events`
+ - **Accepted OAuth Scopes**: `security_events`, `repo`
- `direction`: Sort direction. (string, optional)
- `owner`: The owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
@@ -1262,6 +1446,8 @@ The following sets of tools are available:
Stargazers
- **list_starred_repositories** - List starred repositories
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `direction`: The direction to sort the results by. (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -1269,10 +1455,14 @@ The following sets of tools are available:
- `username`: Username to list starred repositories for. Defaults to the authenticated user. (string, optional)
- **star_repository** - Star repository
+ - **Required OAuth Scopes**: `public_repo`
+ - **Accepted OAuth Scopes**: `public_repo`, `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **unstar_repository** - Unstar repository
+ - **Required OAuth Scopes**: `public_repo`
+ - **Accepted OAuth Scopes**: `public_repo`, `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
@@ -1283,6 +1473,8 @@ The following sets of tools are available:
Users
- **search_users** - Search users
+ - **Required OAuth Scopes**: `repo`
+ - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
diff --git a/cmd/github-mcp-server/generate_docs.go b/cmd/github-mcp-server/generate_docs.go
index b40e3e2f4..8d10018dd 100644
--- a/cmd/github-mcp-server/generate_docs.go
+++ b/cmd/github-mcp-server/generate_docs.go
@@ -11,7 +11,6 @@ import (
"github.com/github/github-mcp-server/pkg/inventory"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/google/jsonschema-go/jsonschema"
- "github.com/modelcontextprotocol/go-sdk/mcp"
"github.com/spf13/cobra"
)
@@ -190,7 +189,7 @@ func generateToolsDoc(r *inventory.Inventory) string {
currentToolsetID = tool.Toolset.ID
currentToolsetIcon = tool.Toolset.Icon
}
- writeToolDoc(&toolBuf, tool.Tool)
+ writeToolDoc(&toolBuf, tool)
toolBuf.WriteString("\n\n")
}
@@ -224,16 +223,26 @@ func formatToolsetName(name string) string {
}
}
-func writeToolDoc(buf *strings.Builder, tool mcp.Tool) {
+func writeToolDoc(buf *strings.Builder, tool inventory.ServerTool) {
// Tool name (no icon - section header already has the toolset icon)
- fmt.Fprintf(buf, "- **%s** - %s\n", tool.Name, tool.Annotations.Title)
+ fmt.Fprintf(buf, "- **%s** - %s\n", tool.Tool.Name, tool.Tool.Annotations.Title)
+
+ // OAuth scopes if present
+ if len(tool.RequiredScopes) > 0 || len(tool.AcceptedScopes) > 0 {
+ if len(tool.RequiredScopes) > 0 {
+ fmt.Fprintf(buf, " - **Required OAuth Scopes**: `%s`\n", strings.Join(tool.RequiredScopes, "`, `"))
+ }
+ if len(tool.AcceptedScopes) > 0 {
+ fmt.Fprintf(buf, " - **Accepted OAuth Scopes**: `%s`\n", strings.Join(tool.AcceptedScopes, "`, `"))
+ }
+ }
// Parameters
- if tool.InputSchema == nil {
+ if tool.Tool.InputSchema == nil {
buf.WriteString(" - No parameters required")
return
}
- schema, ok := tool.InputSchema.(*jsonschema.Schema)
+ schema, ok := tool.Tool.InputSchema.(*jsonschema.Schema)
if !ok || schema == nil {
buf.WriteString(" - No parameters required")
return
diff --git a/pkg/github/actions.go b/pkg/github/actions.go
index a7e04d90a..8e31ce843 100644
--- a/pkg/github/actions.go
+++ b/pkg/github/actions.go
@@ -51,7 +51,7 @@ const (
// ListWorkflows creates a tool to list workflows in a repository
func ListWorkflows(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflows",
@@ -75,6 +75,8 @@ func ListWorkflows(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -122,7 +124,7 @@ func ListWorkflows(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListWorkflowRuns creates a tool to list workflow runs for a specific workflow
func ListWorkflowRuns(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflow_runs",
@@ -201,6 +203,8 @@ func ListWorkflowRuns(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "workflow_id"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -276,7 +280,7 @@ func ListWorkflowRuns(t translations.TranslationHelperFunc) inventory.ServerTool
// RunWorkflow creates a tool to run an Actions workflow
func RunWorkflow(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "run_workflow",
@@ -312,6 +316,8 @@ func RunWorkflow(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "workflow_id", "ref"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -388,7 +394,7 @@ func RunWorkflow(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetWorkflowRun creates a tool to get details of a specific workflow run
func GetWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_workflow_run",
@@ -416,6 +422,8 @@ func GetWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo", "run_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -456,7 +464,7 @@ func GetWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetWorkflowRunLogs creates a tool to download logs for a specific workflow run
func GetWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_workflow_run_logs",
@@ -484,6 +492,8 @@ func GetWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.ServerTo
Required: []string{"owner", "repo", "run_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -534,7 +544,7 @@ func GetWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.ServerTo
// ListWorkflowJobs creates a tool to list jobs for a specific workflow run
func ListWorkflowJobs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflow_jobs",
@@ -567,6 +577,8 @@ func ListWorkflowJobs(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "run_id"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -634,7 +646,7 @@ func ListWorkflowJobs(t translations.TranslationHelperFunc) inventory.ServerTool
// GetJobLogs creates a tool to download logs for a specific workflow job or efficiently get all failed job logs for a workflow run
func GetJobLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_job_logs",
@@ -679,6 +691,8 @@ func GetJobLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -899,7 +913,7 @@ func downloadLogContent(ctx context.Context, logURL string, tailLines int, maxLi
// RerunWorkflowRun creates a tool to re-run an entire workflow run
func RerunWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "rerun_workflow_run",
@@ -927,6 +941,8 @@ func RerunWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "run_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -974,7 +990,7 @@ func RerunWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool
// RerunFailedJobs creates a tool to re-run only the failed jobs in a workflow run
func RerunFailedJobs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "rerun_failed_jobs",
@@ -1002,6 +1018,8 @@ func RerunFailedJobs(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "run_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -1049,7 +1067,7 @@ func RerunFailedJobs(t translations.TranslationHelperFunc) inventory.ServerTool
// CancelWorkflowRun creates a tool to cancel a workflow run
func CancelWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "cancel_workflow_run",
@@ -1077,6 +1095,8 @@ func CancelWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner", "repo", "run_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -1126,7 +1146,7 @@ func CancelWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerToo
// ListWorkflowRunArtifacts creates a tool to list artifacts for a workflow run
func ListWorkflowRunArtifacts(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflow_run_artifacts",
@@ -1154,6 +1174,8 @@ func ListWorkflowRunArtifacts(t translations.TranslationHelperFunc) inventory.Se
Required: []string{"owner", "repo", "run_id"},
}),
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -1206,7 +1228,7 @@ func ListWorkflowRunArtifacts(t translations.TranslationHelperFunc) inventory.Se
// DownloadWorkflowRunArtifact creates a tool to download a workflow run artifact
func DownloadWorkflowRunArtifact(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "download_workflow_run_artifact",
@@ -1234,6 +1256,8 @@ func DownloadWorkflowRunArtifact(t translations.TranslationHelperFunc) inventory
Required: []string{"owner", "repo", "artifact_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -1283,7 +1307,7 @@ func DownloadWorkflowRunArtifact(t translations.TranslationHelperFunc) inventory
// DeleteWorkflowRunLogs creates a tool to delete logs for a workflow run
func DeleteWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "delete_workflow_run_logs",
@@ -1312,6 +1336,8 @@ func DeleteWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.Serve
Required: []string{"owner", "repo", "run_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -1359,7 +1385,7 @@ func DeleteWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.Serve
// GetWorkflowRunUsage creates a tool to get usage metrics for a workflow run
func GetWorkflowRunUsage(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_workflow_run_usage",
@@ -1387,6 +1413,8 @@ func GetWorkflowRunUsage(t translations.TranslationHelperFunc) inventory.ServerT
Required: []string{"owner", "repo", "run_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
client, err := deps.GetClient(ctx)
if err != nil {
@@ -1427,7 +1455,7 @@ func GetWorkflowRunUsage(t translations.TranslationHelperFunc) inventory.ServerT
// ActionsList returns the tool and handler for listing GitHub Actions resources.
func ActionsList(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "actions_list",
@@ -1551,6 +1579,8 @@ Use this tool to list workflows in a repository, or list workflow runs, jobs, an
Required: []string{"method", "owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1622,7 +1652,7 @@ Use this tool to list workflows in a repository, or list workflow runs, jobs, an
// ActionsGet returns the tool and handler for getting GitHub Actions resources.
func ActionsGet(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "actions_get",
@@ -1669,6 +1699,8 @@ Use this tool to get details about individual workflows, workflow runs, jobs, an
Required: []string{"method", "owner", "repo", "resource_id"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1730,7 +1762,7 @@ Use this tool to get details about individual workflows, workflow runs, jobs, an
// ActionsRunTrigger returns the tool and handler for triggering GitHub Actions workflows.
func ActionsRunTrigger(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "actions_run_trigger",
@@ -1782,6 +1814,8 @@ func ActionsRunTrigger(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"method", "owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1848,7 +1882,7 @@ func ActionsRunTrigger(t translations.TranslationHelperFunc) inventory.ServerToo
// ActionsGetJobLogs returns the tool and handler for getting workflow job logs.
func ActionsGetJobLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewTool(
+ tool := NewToolWithScopes(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_job_logs",
@@ -1896,6 +1930,8 @@ For single job logs, provide job_id. For all failed jobs in a run, provide run_i
Required: []string{"owner", "repo"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/issues.go b/pkg/github/issues.go
index f4b5ad43c..657ab6815 100644
--- a/pkg/github/issues.go
+++ b/pkg/github/issues.go
@@ -11,10 +11,10 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
- "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/lockdown"
"github.com/github/github-mcp-server/pkg/octicons"
"github.com/github/github-mcp-server/pkg/sanitize"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/go-viper/mapstructure/v2"
@@ -264,7 +264,7 @@ Options are:
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "issue_read",
@@ -275,6 +275,8 @@ Options are:
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
method, err := RequiredParam[string](args, "method")
if err != nil {
@@ -959,7 +961,7 @@ func SearchIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "search_issues",
@@ -970,6 +972,8 @@ func SearchIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
result, err := searchHandler(ctx, deps.GetClient, args, "issue", "failed to search issues")
return result, nil, err
@@ -1379,7 +1383,7 @@ func ListIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithCursorPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "list_issues",
@@ -1390,6 +1394,8 @@ func ListIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1613,7 +1619,7 @@ func AssignCopilotToIssue(t translations.TranslationHelperFunc) inventory.Server
},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataIssues,
mcp.Tool{
Name: "assign_copilot_to_issue",
@@ -1643,6 +1649,8 @@ func AssignCopilotToIssue(t translations.TranslationHelperFunc) inventory.Server
Required: []string{"owner", "repo", "issueNumber"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
var params struct {
Owner string
diff --git a/pkg/github/pullrequests.go b/pkg/github/pullrequests.go
index 400918858..e81f87ca0 100644
--- a/pkg/github/pullrequests.go
+++ b/pkg/github/pullrequests.go
@@ -15,10 +15,10 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
- "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/lockdown"
"github.com/github/github-mcp-server/pkg/octicons"
"github.com/github/github-mcp-server/pkg/sanitize"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
)
@@ -59,7 +59,7 @@ Possible options:
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "pull_request_read",
@@ -70,6 +70,8 @@ Possible options:
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
method, err := RequiredParam[string](args, "method")
if err != nil {
@@ -508,7 +510,7 @@ func CreatePullRequest(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner", "repo", "title", "head", "base"},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "create_pull_request",
@@ -519,6 +521,8 @@ func CreatePullRequest(t translations.TranslationHelperFunc) inventory.ServerToo
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -659,7 +663,7 @@ func UpdatePullRequest(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "update_pull_request",
@@ -670,6 +674,8 @@ func UpdatePullRequest(t translations.TranslationHelperFunc) inventory.ServerToo
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -940,7 +946,7 @@ func ListPullRequests(t translations.TranslationHelperFunc) inventory.ServerTool
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "list_pull_requests",
@@ -951,6 +957,8 @@ func ListPullRequests(t translations.TranslationHelperFunc) inventory.ServerTool
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1075,7 +1083,7 @@ func MergePullRequest(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "merge_pull_request",
@@ -1087,6 +1095,8 @@ func MergePullRequest(t translations.TranslationHelperFunc) inventory.ServerTool
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1193,7 +1203,7 @@ func SearchPullRequests(t translations.TranslationHelperFunc) inventory.ServerTo
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "search_pull_requests",
@@ -1204,6 +1214,8 @@ func SearchPullRequests(t translations.TranslationHelperFunc) inventory.ServerTo
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
result, err := searchHandler(ctx, deps.GetClient, args, "pr", "failed to search pull requests")
return result, nil, err
@@ -1235,7 +1247,7 @@ func UpdatePullRequestBranch(t translations.TranslationHelperFunc) inventory.Ser
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "update_pull_request_branch",
@@ -1246,6 +1258,8 @@ func UpdatePullRequestBranch(t translations.TranslationHelperFunc) inventory.Ser
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
@@ -1355,7 +1369,7 @@ func PullRequestReviewWrite(t translations.TranslationHelperFunc) inventory.Serv
Required: []string{"method", "owner", "repo", "pullNumber"},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "pull_request_review_write",
@@ -1372,6 +1386,8 @@ Available methods:
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
var params PullRequestReviewWriteParams
if err := mapstructure.Decode(args, ¶ms); err != nil {
@@ -1684,7 +1700,7 @@ func AddCommentToPendingReview(t translations.TranslationHelperFunc) inventory.S
Required: []string{"owner", "repo", "pullNumber", "path", "body", "subjectType"},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "add_comment_to_pending_review",
@@ -1695,6 +1711,8 @@ func AddCommentToPendingReview(t translations.TranslationHelperFunc) inventory.S
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
var params struct {
Owner string
@@ -1835,7 +1853,7 @@ func RequestCopilotReview(t translations.TranslationHelperFunc) inventory.Server
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "request_copilot_review",
@@ -1847,6 +1865,8 @@ func RequestCopilotReview(t translations.TranslationHelperFunc) inventory.Server
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/repositories.go b/pkg/github/repositories.go
index b883485da..f4641aaac 100644
--- a/pkg/github/repositories.go
+++ b/pkg/github/repositories.go
@@ -11,9 +11,9 @@ import (
ghErrors "github.com/github/github-mcp-server/pkg/errors"
"github.com/github/github-mcp-server/pkg/inventory"
- "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/octicons"
"github.com/github/github-mcp-server/pkg/raw"
+ "github.com/github/github-mcp-server/pkg/scopes"
"github.com/github/github-mcp-server/pkg/translations"
"github.com/github/github-mcp-server/pkg/utils"
"github.com/google/go-github/v79/github"
@@ -318,7 +318,7 @@ func ListBranches(t translations.TranslationHelperFunc) inventory.ServerTool {
// CreateOrUpdateFile creates a tool to create or update a file in a GitHub repository.
func CreateOrUpdateFile(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "create_or_update_file",
@@ -369,6 +369,8 @@ If the SHA is not provided, the tool will attempt to acquire it by fetching the
Required: []string{"owner", "repo", "path", "content", "message", "branch"},
},
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
owner, err := RequiredParam[string](args, "owner")
if err != nil {
diff --git a/pkg/github/search.go b/pkg/github/search.go
index e207479d6..d95214e55 100644
--- a/pkg/github/search.go
+++ b/pkg/github/search.go
@@ -46,7 +46,7 @@ func SearchRepositories(t translations.TranslationHelperFunc) inventory.ServerTo
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "search_repositories",
@@ -57,6 +57,8 @@ func SearchRepositories(t translations.TranslationHelperFunc) inventory.ServerTo
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
query, err := RequiredParam[string](args, "query")
if err != nil {
@@ -188,7 +190,7 @@ func SearchCode(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataRepos,
mcp.Tool{
Name: "search_code",
@@ -199,6 +201,8 @@ func SearchCode(t translations.TranslationHelperFunc) inventory.ServerTool {
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
query, err := RequiredParam[string](args, "query")
if err != nil {
@@ -369,7 +373,7 @@ func SearchUsers(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataUsers,
mcp.Tool{
Name: "search_users",
@@ -380,6 +384,8 @@ func SearchUsers(t translations.TranslationHelperFunc) inventory.ServerTool {
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.Repo),
+ scopes.ToStringSlice(scopes.Repo),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
return userOrOrgHandler(ctx, "user", deps, args)
},
@@ -410,7 +416,7 @@ func SearchOrgs(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewTool(
+ return NewToolWithScopes(
ToolsetMetadataOrgs,
mcp.Tool{
Name: "search_orgs",
@@ -421,6 +427,8 @@ func SearchOrgs(t translations.TranslationHelperFunc) inventory.ServerTool {
},
InputSchema: schema,
},
+ scopes.ToStringSlice(scopes.ReadOrg),
+ scopes.ToStringSlice(scopes.ReadOrg, scopes.WriteOrg, scopes.AdminOrg),
func(ctx context.Context, deps ToolDependencies, _ *mcp.CallToolRequest, args map[string]any) (*mcp.CallToolResult, any, error) {
return userOrOrgHandler(ctx, "org", deps, args)
},
diff --git a/pkg/scopes/scopes.go b/pkg/scopes/scopes.go
index d6272a0a0..268a24d99 100644
--- a/pkg/scopes/scopes.go
+++ b/pkg/scopes/scopes.go
@@ -6,35 +6,35 @@ package scopes
type Scope string
const (
-// Repo grants full control of private repositories
-Repo Scope = "repo"
+ // Repo grants full control of private repositories
+ Repo Scope = "repo"
-// PublicRepo grants access to public repositories
-PublicRepo Scope = "public_repo"
+ // PublicRepo grants access to public repositories
+ PublicRepo Scope = "public_repo"
-// ReadOrg grants read-only access to organization membership, teams, and projects
-ReadOrg Scope = "read:org"
+ // ReadOrg grants read-only access to organization membership, teams, and projects
+ ReadOrg Scope = "read:org"
-// WriteOrg grants write access to organization membership and teams
-WriteOrg Scope = "write:org"
+ // WriteOrg grants write access to organization membership and teams
+ WriteOrg Scope = "write:org"
-// AdminOrg grants full control of organizations and teams
-AdminOrg Scope = "admin:org"
+ // AdminOrg grants full control of organizations and teams
+ AdminOrg Scope = "admin:org"
-// Gist grants write access to gists
-Gist Scope = "gist"
+ // Gist grants write access to gists
+ Gist Scope = "gist"
-// Notifications grants access to notifications
-Notifications Scope = "notifications"
+ // Notifications grants access to notifications
+ Notifications Scope = "notifications"
-// ReadProject grants read-only access to projects
-ReadProject Scope = "read:project"
+ // ReadProject grants read-only access to projects
+ ReadProject Scope = "read:project"
-// Project grants full control of projects
-Project Scope = "project"
+ // Project grants full control of projects
+ Project Scope = "project"
-// SecurityEvents grants read and write access to security events
-SecurityEvents Scope = "security_events"
+ // SecurityEvents grants read and write access to security events
+ SecurityEvents Scope = "security_events"
)
// ScopeSet represents a set of OAuth scopes.
@@ -42,36 +42,36 @@ type ScopeSet map[Scope]bool
// NewScopeSet creates a new ScopeSet from the given scopes.
func NewScopeSet(scopes ...Scope) ScopeSet {
-set := make(ScopeSet)
-for _, scope := range scopes {
-set[scope] = true
-}
-return set
+ set := make(ScopeSet)
+ for _, scope := range scopes {
+ set[scope] = true
+ }
+ return set
}
// ToSlice converts a ScopeSet to a slice of Scope values.
func (s ScopeSet) ToSlice() []Scope {
-scopes := make([]Scope, 0, len(s))
-for scope := range s {
-scopes = append(scopes, scope)
-}
-return scopes
+ scopes := make([]Scope, 0, len(s))
+ for scope := range s {
+ scopes = append(scopes, scope)
+ }
+ return scopes
}
// ToStringSlice converts a ScopeSet to a slice of string values.
func (s ScopeSet) ToStringSlice() []string {
-scopes := make([]string, 0, len(s))
-for scope := range s {
-scopes = append(scopes, string(scope))
-}
-return scopes
+ scopes := make([]string, 0, len(s))
+ for scope := range s {
+ scopes = append(scopes, string(scope))
+ }
+ return scopes
}
// ToStringSlice converts a slice of Scopes to a slice of strings.
func ToStringSlice(scopes ...Scope) []string {
-result := make([]string, len(scopes))
-for i, scope := range scopes {
-result[i] = string(scope)
-}
-return result
+ result := make([]string, len(scopes))
+ for i, scope := range scopes {
+ result[i] = string(scope)
+ }
+ return result
}
From 29e93748bac924d540691e1cd4151a4c85ee99c5 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 23 Dec 2025 15:27:33 +0000
Subject: [PATCH 5/5] Simplify scope implementation per feedback
- Replace NewToolWithScopes with updated NewTool that includes scope parameters
- All tools now use the same constructor with explicit scope requirements
- Documentation only shows accepted scopes when they differ from required
- Removed NewToolWithScopes and NewToolFromHandlerWithScopes helper functions
Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
---
README.md | 74 --------------------------
cmd/github-mcp-server/generate_docs.go | 32 +++++++++--
pkg/github/actions.go | 36 ++++++-------
pkg/github/code_scanning.go | 4 +-
pkg/github/context_tools.go | 6 +--
pkg/github/dependabot.go | 4 +-
pkg/github/dependencies.go | 26 +++------
pkg/github/discussions.go | 8 +--
pkg/github/gists.go | 8 +--
pkg/github/git.go | 2 +-
pkg/github/issues.go | 16 +++---
pkg/github/labels.go | 6 +--
pkg/github/notifications.go | 12 ++---
pkg/github/projects.go | 18 +++----
pkg/github/pullrequests.go | 20 +++----
pkg/github/repositories.go | 36 ++++++-------
pkg/github/search.go | 8 +--
pkg/github/secret_scanning.go | 4 +-
pkg/github/security_advisories.go | 8 +--
19 files changed, 131 insertions(+), 197 deletions(-)
diff --git a/README.md b/README.md
index 70fd8fea0..18b317d7e 100644
--- a/README.md
+++ b/README.md
@@ -492,7 +492,6 @@ The following sets of tools are available:
- **actions_get** - Get details of GitHub Actions resources (workflows, workflow runs, jobs, and artifacts)
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `method`: The method to execute (string, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
@@ -505,7 +504,6 @@ The following sets of tools are available:
- **actions_list** - List GitHub Actions workflows in a repository
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `method`: The action to perform (string, required)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (default: 1) (number, optional)
@@ -521,7 +519,6 @@ The following sets of tools are available:
- **actions_run_trigger** - Trigger GitHub Actions workflow actions
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `inputs`: Inputs the workflow accepts. Only used for 'run_workflow' method. (object, optional)
- `method`: The method to execute (string, required)
- `owner`: Repository owner (string, required)
@@ -532,28 +529,24 @@ The following sets of tools are available:
- **cancel_workflow_run** - Cancel workflow run
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **delete_workflow_run_logs** - Delete workflow logs
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **download_workflow_run_artifact** - Download workflow artifact
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `artifact_id`: The unique identifier of the artifact (number, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_job_logs** - Get job logs
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `failed_only`: When true, gets logs for all failed jobs in run_id (boolean, optional)
- `job_id`: The unique identifier of the workflow job (required for single job logs) (number, optional)
- `owner`: Repository owner (string, required)
@@ -564,7 +557,6 @@ The following sets of tools are available:
- **get_job_logs** - Get GitHub Actions workflow job logs
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `failed_only`: When true, gets logs for all failed jobs in the workflow run specified by run_id. Requires run_id to be provided. (boolean, optional)
- `job_id`: The unique identifier of the workflow job. Required when getting logs for a single job. (number, optional)
- `owner`: Repository owner (string, required)
@@ -575,28 +567,24 @@ The following sets of tools are available:
- **get_workflow_run** - Get workflow run
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **get_workflow_run_logs** - Get workflow run logs
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **get_workflow_run_usage** - Get workflow usage
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **list_workflow_jobs** - List workflow jobs
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `filter`: Filters jobs by their completed_at timestamp (string, optional)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -606,7 +594,6 @@ The following sets of tools are available:
- **list_workflow_run_artifacts** - List workflow artifacts
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -615,7 +602,6 @@ The following sets of tools are available:
- **list_workflow_runs** - List workflow runs
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `actor`: Returns someone's workflow runs. Use the login for the user who created the workflow run. (string, optional)
- `branch`: Returns workflow runs associated with a branch. Use the name of the branch. (string, optional)
- `event`: Returns workflow runs for a specific event type (string, optional)
@@ -628,7 +614,6 @@ The following sets of tools are available:
- **list_workflows** - List workflows
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -636,21 +621,18 @@ The following sets of tools are available:
- **rerun_failed_jobs** - Rerun failed jobs
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **rerun_workflow_run** - Rerun workflow run
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `run_id`: The unique identifier of the workflow run (number, required)
- **run_workflow** - Run workflow
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `inputs`: Inputs the workflow accepts (object, optional)
- `owner`: Repository owner (string, required)
- `ref`: The git reference for the workflow. The reference can be a branch or tag name. (string, required)
@@ -729,14 +711,12 @@ The following sets of tools are available:
- **get_discussion** - Get discussion
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `discussionNumber`: Discussion Number (number, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_discussion_comments** - Get discussion comments
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `after`: Cursor for pagination. Use the endCursor from the previous page's PageInfo for GraphQL APIs. (string, optional)
- `discussionNumber`: Discussion Number (number, required)
- `owner`: Repository owner (string, required)
@@ -745,13 +725,11 @@ The following sets of tools are available:
- **list_discussion_categories** - List discussion categories
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name. If not provided, discussion categories will be queried at the organisation level. (string, optional)
- **list_discussions** - List discussions
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `after`: Cursor for pagination. Use the endCursor from the previous page's PageInfo for GraphQL APIs. (string, optional)
- `category`: Optional filter by discussion category ID. If provided, only discussions with this category are listed. (string, optional)
- `direction`: Order direction. (string, optional)
@@ -768,7 +746,6 @@ The following sets of tools are available:
- **create_gist** - Create Gist
- **Required OAuth Scopes**: `gist`
- - **Accepted OAuth Scopes**: `gist`
- `content`: Content for simple single-file gist creation (string, required)
- `description`: Description of the gist (string, optional)
- `filename`: Filename for simple single-file gist creation (string, required)
@@ -785,7 +762,6 @@ The following sets of tools are available:
- **update_gist** - Update Gist
- **Required OAuth Scopes**: `gist`
- - **Accepted OAuth Scopes**: `gist`
- `content`: Content for the file (string, required)
- `description`: Updated description of the gist (string, optional)
- `filename`: Filename to update or create (string, required)
@@ -799,7 +775,6 @@ The following sets of tools are available:
- **get_repository_tree** - Get repository tree
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (username or organization) (string, required)
- `path_filter`: Optional path prefix to filter the tree results (e.g., 'src/' to only show files in the src directory) (string, optional)
- `recursive`: Setting this parameter to true returns the objects or subtrees referenced by the tree. Default is false (boolean, optional)
@@ -814,7 +789,6 @@ The following sets of tools are available:
- **add_issue_comment** - Add comment to issue
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `body`: Comment content (string, required)
- `issue_number`: Issue number to comment on (number, required)
- `owner`: Repository owner (string, required)
@@ -822,21 +796,18 @@ The following sets of tools are available:
- **assign_copilot_to_issue** - Assign Copilot to issue
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `issueNumber`: Issue number (number, required)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_label** - Get a specific label from a repository.
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `name`: Label name. (string, required)
- `owner`: Repository owner (username or organization name) (string, required)
- `repo`: Repository name (string, required)
- **issue_read** - Get issue details
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `issue_number`: The number of the issue (number, required)
- `method`: The read operation to perform on a single issue.
Options are:
@@ -852,7 +823,6 @@ The following sets of tools are available:
- **issue_write** - Create or update issue.
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `assignees`: Usernames to assign to this issue (string[], optional)
- `body`: Issue body content (string, optional)
- `duplicate_of`: Issue number that this issue is a duplicate of. Only used when state_reason is 'duplicate'. (number, optional)
@@ -878,7 +848,6 @@ The following sets of tools are available:
- **list_issues** - List issues
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `after`: Cursor for pagination. Use the endCursor from the previous page's PageInfo for GraphQL APIs. (string, optional)
- `direction`: Order direction. If provided, the 'orderBy' also needs to be provided. (string, optional)
- `labels`: Filter by labels (string[], optional)
@@ -891,7 +860,6 @@ The following sets of tools are available:
- **search_issues** - Search issues
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order (string, optional)
- `owner`: Optional repository owner. If provided with repo, only issues for this repository are listed. (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -902,7 +870,6 @@ The following sets of tools are available:
- **sub_issue_write** - Change sub-issue
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `after_id`: The ID of the sub-issue to be prioritized after (either after_id OR before_id should be specified) (number, optional)
- `before_id`: The ID of the sub-issue to be prioritized before (either after_id OR before_id should be specified) (number, optional)
- `issue_number`: The number of the parent issue (number, required)
@@ -925,14 +892,12 @@ The following sets of tools are available:
- **get_label** - Get a specific label from a repository.
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `name`: Label name. (string, required)
- `owner`: Repository owner (username or organization name) (string, required)
- `repo`: Repository name (string, required)
- **label_write** - Write operations on repository labels.
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `color`: Label color as 6-character hex code without '#' prefix (e.g., 'f29513'). Required for 'create', optional for 'update'. (string, optional)
- `description`: Label description text. Optional for 'create' and 'update'. (string, optional)
- `method`: Operation to perform: 'create', 'update', or 'delete' (string, required)
@@ -943,7 +908,6 @@ The following sets of tools are available:
- **list_label** - List labels from a repository
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (username or organization name) - required for all operations (string, required)
- `repo`: Repository name - required for all operations (string, required)
@@ -955,18 +919,15 @@ The following sets of tools are available:
- **dismiss_notification** - Dismiss notification
- **Required OAuth Scopes**: `notifications`
- - **Accepted OAuth Scopes**: `notifications`
- `state`: The new state of the notification (read/done) (string, required)
- `threadID`: The ID of the notification thread (string, required)
- **get_notification_details** - Get notification details
- **Required OAuth Scopes**: `notifications`
- - **Accepted OAuth Scopes**: `notifications`
- `notificationID`: The ID of the notification (string, required)
- **list_notifications** - List notifications
- **Required OAuth Scopes**: `notifications`
- - **Accepted OAuth Scopes**: `notifications`
- `before`: Only show notifications updated before the given time (ISO 8601 format) (string, optional)
- `filter`: Filter notifications to, use default unless specified. Read notifications are ones that have already been acknowledged by the user. Participating notifications are those that the user is directly involved in, such as issues or pull requests they have commented on or created. (string, optional)
- `owner`: Optional repository owner. If provided with repo, only notifications for this repository are listed. (string, optional)
@@ -977,20 +938,17 @@ The following sets of tools are available:
- **manage_notification_subscription** - Manage notification subscription
- **Required OAuth Scopes**: `notifications`
- - **Accepted OAuth Scopes**: `notifications`
- `action`: Action to perform: ignore, watch, or delete the notification subscription. (string, required)
- `notificationID`: The ID of the notification thread. (string, required)
- **manage_repository_notification_subscription** - Manage repository notification subscription
- **Required OAuth Scopes**: `notifications`
- - **Accepted OAuth Scopes**: `notifications`
- `action`: Action to perform: ignore, watch, or delete the repository notification subscription. (string, required)
- `owner`: The account owner of the repository. (string, required)
- `repo`: The name of the repository. (string, required)
- **mark_all_notifications_read** - Mark all notifications as read
- **Required OAuth Scopes**: `notifications`
- - **Accepted OAuth Scopes**: `notifications`
- `lastReadAt`: Describes the last point that notifications were checked (optional). Default: Now (string, optional)
- `owner`: Optional repository owner. If provided with repo, only notifications for this repository are marked as read. (string, optional)
- `repo`: Optional repository name. If provided with owner, only notifications for this repository are marked as read. (string, optional)
@@ -1018,7 +976,6 @@ The following sets of tools are available:
- **add_project_item** - Add project item
- **Required OAuth Scopes**: `project`
- - **Accepted OAuth Scopes**: `project`
- `item_id`: The numeric ID of the issue or pull request to add to the project. (number, required)
- `item_type`: The item's type, either issue or pull_request. (string, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
@@ -1027,7 +984,6 @@ The following sets of tools are available:
- **delete_project_item** - Delete project item
- **Required OAuth Scopes**: `project`
- - **Accepted OAuth Scopes**: `project`
- `item_id`: The internal project item ID to delete from the project (not the issue or pull request ID). (number, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
- `owner_type`: Owner type (string, required)
@@ -1091,7 +1047,6 @@ The following sets of tools are available:
- **update_project_item** - Update project item
- **Required OAuth Scopes**: `project`
- - **Accepted OAuth Scopes**: `project`
- `item_id`: The unique identifier of the project item. This is not the issue or pull request ID. (number, required)
- `owner`: If owner_type == user it is the handle for the GitHub user account. If owner_type == org it is the name of the organization. The name is not case sensitive. (string, required)
- `owner_type`: Owner type (string, required)
@@ -1106,7 +1061,6 @@ The following sets of tools are available:
- **add_comment_to_pending_review** - Add review comment to the requester's latest pending pull request review
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `body`: The text of the review comment (string, required)
- `line`: The line of the blob in the pull request diff that the comment applies to. For multi-line comments, the last line of the range (number, optional)
- `owner`: Repository owner (string, required)
@@ -1120,7 +1074,6 @@ The following sets of tools are available:
- **create_pull_request** - Open new pull request
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `base`: Branch to merge into (string, required)
- `body`: PR description (string, optional)
- `draft`: Create as draft PR (boolean, optional)
@@ -1132,7 +1085,6 @@ The following sets of tools are available:
- **list_pull_requests** - List pull requests
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `base`: Filter by base branch (string, optional)
- `direction`: Sort direction (string, optional)
- `head`: Filter by head user/org and branch (string, optional)
@@ -1145,7 +1097,6 @@ The following sets of tools are available:
- **merge_pull_request** - Merge pull request
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `commit_message`: Extra detail for merge commit (string, optional)
- `commit_title`: Title for merge commit (string, optional)
- `merge_method`: Merge method (string, optional)
@@ -1155,7 +1106,6 @@ The following sets of tools are available:
- **pull_request_read** - Get details for a single pull request
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `method`: Action to specify what pull request data needs to be retrieved from GitHub.
Possible options:
1. get - Get details of a specific pull request.
@@ -1174,7 +1124,6 @@ The following sets of tools are available:
- **pull_request_review_write** - Write operations (create, submit, delete) on pull request reviews.
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `body`: Review comment text (string, optional)
- `commitID`: SHA of commit to review (string, optional)
- `event`: Review action to perform. (string, optional)
@@ -1185,14 +1134,12 @@ The following sets of tools are available:
- **request_copilot_review** - Request Copilot review
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `pullNumber`: Pull request number (number, required)
- `repo`: Repository name (string, required)
- **search_pull_requests** - Search pull requests
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order (string, optional)
- `owner`: Optional repository owner. If provided with repo, only pull requests for this repository are listed. (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1203,7 +1150,6 @@ The following sets of tools are available:
- **update_pull_request** - Edit pull request
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `base`: New base branch name (string, optional)
- `body`: New description (string, optional)
- `draft`: Mark pull request as draft (true) or ready for review (false) (boolean, optional)
@@ -1217,7 +1163,6 @@ The following sets of tools are available:
- **update_pull_request_branch** - Update pull request branch
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `expectedHeadSha`: The expected SHA of the pull request's HEAD ref (string, optional)
- `owner`: Repository owner (string, required)
- `pullNumber`: Pull request number (number, required)
@@ -1231,7 +1176,6 @@ The following sets of tools are available:
- **create_branch** - Create branch
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `branch`: Name for new branch (string, required)
- `from_branch`: Source branch (defaults to repo default) (string, optional)
- `owner`: Repository owner (string, required)
@@ -1239,7 +1183,6 @@ The following sets of tools are available:
- **create_or_update_file** - Create or update file
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `branch`: Branch to create/update the file in (string, required)
- `content`: Content of the file (string, required)
- `message`: Commit message (string, required)
@@ -1250,7 +1193,6 @@ The following sets of tools are available:
- **create_repository** - Create repository
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `autoInit`: Initialize with README (boolean, optional)
- `description`: Repository description (string, optional)
- `name`: Repository name (string, required)
@@ -1259,7 +1201,6 @@ The following sets of tools are available:
- **delete_file** - Delete file
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `branch`: Branch to delete the file from (string, required)
- `message`: Commit message (string, required)
- `owner`: Repository owner (username or organization) (string, required)
@@ -1268,14 +1209,12 @@ The following sets of tools are available:
- **fork_repository** - Fork repository
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `organization`: Organization to fork to (string, optional)
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_commit** - Get commit details
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `include_diff`: Whether to include file diffs and stats in the response. Default is true. (boolean, optional)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1285,7 +1224,6 @@ The following sets of tools are available:
- **get_file_contents** - Get file or directory contents
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (username or organization) (string, required)
- `path`: Path to file/directory (string, optional)
- `ref`: Accepts optional git refs such as `refs/tags/{tag}`, `refs/heads/{branch}` or `refs/pull/{pr_number}/head` (string, optional)
@@ -1294,27 +1232,23 @@ The following sets of tools are available:
- **get_latest_release** - Get latest release
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- **get_release_by_tag** - Get a release by tag name
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `tag`: Tag name (e.g., 'v1.0.0') (string, required)
- **get_tag** - Get tag details
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `repo`: Repository name (string, required)
- `tag`: Tag name (string, required)
- **list_branches** - List branches
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -1322,7 +1256,6 @@ The following sets of tools are available:
- **list_commits** - List commits
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `author`: Author username or email address to filter commits by (string, optional)
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1332,7 +1265,6 @@ The following sets of tools are available:
- **list_releases** - List releases
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -1340,7 +1272,6 @@ The following sets of tools are available:
- **list_tags** - List tags
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `owner`: Repository owner (string, required)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -1348,7 +1279,6 @@ The following sets of tools are available:
- **push_files** - Push files to repository
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `branch`: Branch to push to (string, required)
- `files`: Array of file objects to push, each object with path (string) and content (string) (object[], required)
- `message`: Commit message (string, required)
@@ -1357,7 +1287,6 @@ The following sets of tools are available:
- **search_code** - Search code
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order for results (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -1366,7 +1295,6 @@ The following sets of tools are available:
- **search_repositories** - Search repositories
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `minimal_output`: Return minimal repository information (default: true). When false, returns full GitHub API repository objects. (boolean, optional)
- `order`: Sort order (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
@@ -1447,7 +1375,6 @@ The following sets of tools are available:
- **list_starred_repositories** - List starred repositories
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `direction`: The direction to sort the results by. (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
@@ -1474,7 +1401,6 @@ The following sets of tools are available:
- **search_users** - Search users
- **Required OAuth Scopes**: `repo`
- - **Accepted OAuth Scopes**: `repo`
- `order`: Sort order (string, optional)
- `page`: Page number for pagination (min 1) (number, optional)
- `perPage`: Results per page for pagination (min 1, max 100) (number, optional)
diff --git a/cmd/github-mcp-server/generate_docs.go b/cmd/github-mcp-server/generate_docs.go
index 8d10018dd..c70fcefa0 100644
--- a/cmd/github-mcp-server/generate_docs.go
+++ b/cmd/github-mcp-server/generate_docs.go
@@ -228,11 +228,11 @@ func writeToolDoc(buf *strings.Builder, tool inventory.ServerTool) {
fmt.Fprintf(buf, "- **%s** - %s\n", tool.Tool.Name, tool.Tool.Annotations.Title)
// OAuth scopes if present
- if len(tool.RequiredScopes) > 0 || len(tool.AcceptedScopes) > 0 {
- if len(tool.RequiredScopes) > 0 {
- fmt.Fprintf(buf, " - **Required OAuth Scopes**: `%s`\n", strings.Join(tool.RequiredScopes, "`, `"))
- }
- if len(tool.AcceptedScopes) > 0 {
+ if len(tool.RequiredScopes) > 0 {
+ fmt.Fprintf(buf, " - **Required OAuth Scopes**: `%s`\n", strings.Join(tool.RequiredScopes, "`, `"))
+
+ // Only show accepted scopes if they differ from required scopes
+ if len(tool.AcceptedScopes) > 0 && !scopesEqual(tool.RequiredScopes, tool.AcceptedScopes) {
fmt.Fprintf(buf, " - **Accepted OAuth Scopes**: `%s`\n", strings.Join(tool.AcceptedScopes, "`, `"))
}
}
@@ -291,6 +291,28 @@ func writeToolDoc(buf *strings.Builder, tool inventory.ServerTool) {
}
}
+// scopesEqual checks if two scope slices contain the same elements (order-independent)
+func scopesEqual(a, b []string) bool {
+ if len(a) != len(b) {
+ return false
+ }
+
+ // Create a map for quick lookup
+ aMap := make(map[string]bool, len(a))
+ for _, scope := range a {
+ aMap[scope] = true
+ }
+
+ // Check if all elements in b are in a
+ for _, scope := range b {
+ if !aMap[scope] {
+ return false
+ }
+ }
+
+ return true
+}
+
func contains(slice []string, item string) bool {
for _, s := range slice {
if s == item {
diff --git a/pkg/github/actions.go b/pkg/github/actions.go
index 8e31ce843..8e3382acf 100644
--- a/pkg/github/actions.go
+++ b/pkg/github/actions.go
@@ -51,7 +51,7 @@ const (
// ListWorkflows creates a tool to list workflows in a repository
func ListWorkflows(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflows",
@@ -124,7 +124,7 @@ func ListWorkflows(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListWorkflowRuns creates a tool to list workflow runs for a specific workflow
func ListWorkflowRuns(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflow_runs",
@@ -280,7 +280,7 @@ func ListWorkflowRuns(t translations.TranslationHelperFunc) inventory.ServerTool
// RunWorkflow creates a tool to run an Actions workflow
func RunWorkflow(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "run_workflow",
@@ -394,7 +394,7 @@ func RunWorkflow(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetWorkflowRun creates a tool to get details of a specific workflow run
func GetWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_workflow_run",
@@ -464,7 +464,7 @@ func GetWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetWorkflowRunLogs creates a tool to download logs for a specific workflow run
func GetWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_workflow_run_logs",
@@ -544,7 +544,7 @@ func GetWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.ServerTo
// ListWorkflowJobs creates a tool to list jobs for a specific workflow run
func ListWorkflowJobs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflow_jobs",
@@ -646,7 +646,7 @@ func ListWorkflowJobs(t translations.TranslationHelperFunc) inventory.ServerTool
// GetJobLogs creates a tool to download logs for a specific workflow job or efficiently get all failed job logs for a workflow run
func GetJobLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_job_logs",
@@ -913,7 +913,7 @@ func downloadLogContent(ctx context.Context, logURL string, tailLines int, maxLi
// RerunWorkflowRun creates a tool to re-run an entire workflow run
func RerunWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "rerun_workflow_run",
@@ -990,7 +990,7 @@ func RerunWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool
// RerunFailedJobs creates a tool to re-run only the failed jobs in a workflow run
func RerunFailedJobs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "rerun_failed_jobs",
@@ -1067,7 +1067,7 @@ func RerunFailedJobs(t translations.TranslationHelperFunc) inventory.ServerTool
// CancelWorkflowRun creates a tool to cancel a workflow run
func CancelWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "cancel_workflow_run",
@@ -1146,7 +1146,7 @@ func CancelWorkflowRun(t translations.TranslationHelperFunc) inventory.ServerToo
// ListWorkflowRunArtifacts creates a tool to list artifacts for a workflow run
func ListWorkflowRunArtifacts(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "list_workflow_run_artifacts",
@@ -1228,7 +1228,7 @@ func ListWorkflowRunArtifacts(t translations.TranslationHelperFunc) inventory.Se
// DownloadWorkflowRunArtifact creates a tool to download a workflow run artifact
func DownloadWorkflowRunArtifact(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "download_workflow_run_artifact",
@@ -1307,7 +1307,7 @@ func DownloadWorkflowRunArtifact(t translations.TranslationHelperFunc) inventory
// DeleteWorkflowRunLogs creates a tool to delete logs for a workflow run
func DeleteWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "delete_workflow_run_logs",
@@ -1385,7 +1385,7 @@ func DeleteWorkflowRunLogs(t translations.TranslationHelperFunc) inventory.Serve
// GetWorkflowRunUsage creates a tool to get usage metrics for a workflow run
func GetWorkflowRunUsage(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_workflow_run_usage",
@@ -1455,7 +1455,7 @@ func GetWorkflowRunUsage(t translations.TranslationHelperFunc) inventory.ServerT
// ActionsList returns the tool and handler for listing GitHub Actions resources.
func ActionsList(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "actions_list",
@@ -1652,7 +1652,7 @@ Use this tool to list workflows in a repository, or list workflow runs, jobs, an
// ActionsGet returns the tool and handler for getting GitHub Actions resources.
func ActionsGet(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "actions_get",
@@ -1762,7 +1762,7 @@ Use this tool to get details about individual workflows, workflow runs, jobs, an
// ActionsRunTrigger returns the tool and handler for triggering GitHub Actions workflows.
func ActionsRunTrigger(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "actions_run_trigger",
@@ -1882,7 +1882,7 @@ func ActionsRunTrigger(t translations.TranslationHelperFunc) inventory.ServerToo
// ActionsGetJobLogs returns the tool and handler for getting workflow job logs.
func ActionsGetJobLogs(t translations.TranslationHelperFunc) inventory.ServerTool {
- tool := NewToolWithScopes(
+ tool := NewTool(
ToolsetMetadataActions,
mcp.Tool{
Name: "get_job_logs",
diff --git a/pkg/github/code_scanning.go b/pkg/github/code_scanning.go
index af232937c..99ab8ad4f 100644
--- a/pkg/github/code_scanning.go
+++ b/pkg/github/code_scanning.go
@@ -17,7 +17,7 @@ import (
)
func GetCodeScanningAlert(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataCodeSecurity,
mcp.Tool{
Name: "get_code_scanning_alert",
@@ -95,7 +95,7 @@ func GetCodeScanningAlert(t translations.TranslationHelperFunc) inventory.Server
}
func ListCodeScanningAlerts(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataCodeSecurity,
mcp.Tool{
Name: "list_code_scanning_alerts",
diff --git a/pkg/github/context_tools.go b/pkg/github/context_tools.go
index 77c9ce10a..ad3c8daa4 100644
--- a/pkg/github/context_tools.go
+++ b/pkg/github/context_tools.go
@@ -39,7 +39,7 @@ type UserDetails struct {
// GetMe creates a tool to get details of the authenticated user.
func GetMe(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataContext,
mcp.Tool{
Name: "get_me",
@@ -113,7 +113,7 @@ type OrganizationTeams struct {
}
func GetTeams(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataContext,
mcp.Tool{
Name: "get_teams",
@@ -212,7 +212,7 @@ func GetTeams(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func GetTeamMembers(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataContext,
mcp.Tool{
Name: "get_team_members",
diff --git a/pkg/github/dependabot.go b/pkg/github/dependabot.go
index 9a0c09a8f..5c86d9709 100644
--- a/pkg/github/dependabot.go
+++ b/pkg/github/dependabot.go
@@ -18,7 +18,7 @@ import (
)
func GetDependabotAlert(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataDependabot,
mcp.Tool{
Name: "get_dependabot_alert",
@@ -96,7 +96,7 @@ func GetDependabotAlert(t translations.TranslationHelperFunc) inventory.ServerTo
}
func ListDependabotAlerts(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataDependabot,
mcp.Tool{
Name: "list_dependabot_alerts",
diff --git a/pkg/github/dependencies.go b/pkg/github/dependencies.go
index e15efb1d5..d5a5e30aa 100644
--- a/pkg/github/dependencies.go
+++ b/pkg/github/dependencies.go
@@ -148,16 +148,9 @@ func (d BaseDeps) GetContentWindowSize() int { return d.ContentWindowSize }
//
// The handler function receives deps extracted from context via MustDepsFromContext.
// Ensure ContextWithDeps is called to inject deps before any tool handlers are invoked.
-func NewTool[In, Out any](toolset inventory.ToolsetMetadata, tool mcp.Tool, handler func(ctx context.Context, deps ToolDependencies, req *mcp.CallToolRequest, args In) (*mcp.CallToolResult, Out, error)) inventory.ServerTool {
- return inventory.NewServerToolWithContextHandler(tool, toolset, func(ctx context.Context, req *mcp.CallToolRequest, args In) (*mcp.CallToolResult, Out, error) {
- deps := MustDepsFromContext(ctx)
- return handler(ctx, deps, req, args)
- })
-}
-
-// NewToolWithScopes creates a ServerTool with OAuth scope requirements.
-// This is like NewTool but also accepts required and accepted scopes.
-func NewToolWithScopes[In, Out any](
+//
+// All tools must explicitly specify their OAuth scope requirements, even if empty (nil).
+func NewTool[In, Out any](
toolset inventory.ToolsetMetadata,
tool mcp.Tool,
requiredScopes []string,
@@ -178,16 +171,9 @@ func NewToolWithScopes[In, Out any](
//
// The handler function receives deps extracted from context via MustDepsFromContext.
// Ensure ContextWithDeps is called to inject deps before any tool handlers are invoked.
-func NewToolFromHandler(toolset inventory.ToolsetMetadata, tool mcp.Tool, handler func(ctx context.Context, deps ToolDependencies, req *mcp.CallToolRequest) (*mcp.CallToolResult, error)) inventory.ServerTool {
- return inventory.NewServerToolWithRawContextHandler(tool, toolset, func(ctx context.Context, req *mcp.CallToolRequest) (*mcp.CallToolResult, error) {
- deps := MustDepsFromContext(ctx)
- return handler(ctx, deps, req)
- })
-}
-
-// NewToolFromHandlerWithScopes creates a ServerTool with OAuth scope requirements.
-// This is like NewToolFromHandler but also accepts required and accepted scopes.
-func NewToolFromHandlerWithScopes(
+//
+// All tools must explicitly specify their OAuth scope requirements, even if empty (nil).
+func NewToolFromHandler(
toolset inventory.ToolsetMetadata,
tool mcp.Tool,
requiredScopes []string,
diff --git a/pkg/github/discussions.go b/pkg/github/discussions.go
index d91722e6e..270228c73 100644
--- a/pkg/github/discussions.go
+++ b/pkg/github/discussions.go
@@ -124,7 +124,7 @@ func getQueryType(useOrdering bool, categoryID *githubv4.ID) any {
}
func ListDiscussions(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "list_discussions",
@@ -278,7 +278,7 @@ func ListDiscussions(t translations.TranslationHelperFunc) inventory.ServerTool
}
func GetDiscussion(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "get_discussion",
@@ -383,7 +383,7 @@ func GetDiscussion(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func GetDiscussionComments(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "get_discussion_comments",
@@ -511,7 +511,7 @@ func GetDiscussionComments(t translations.TranslationHelperFunc) inventory.Serve
}
func ListDiscussionCategories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataDiscussions,
mcp.Tool{
Name: "list_discussion_categories",
diff --git a/pkg/github/gists.go b/pkg/github/gists.go
index cd268c6a1..0509220e3 100644
--- a/pkg/github/gists.go
+++ b/pkg/github/gists.go
@@ -19,7 +19,7 @@ import (
// ListGists creates a tool to list gists for a user
func ListGists(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataGists,
mcp.Tool{
Name: "list_gists",
@@ -107,7 +107,7 @@ func ListGists(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetGist creates a tool to get the content of a gist
func GetGist(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataGists,
mcp.Tool{
Name: "get_gist",
@@ -166,7 +166,7 @@ func GetGist(t translations.TranslationHelperFunc) inventory.ServerTool {
// CreateGist creates a tool to create a new gist
func CreateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataGists,
mcp.Tool{
Name: "create_gist",
@@ -270,7 +270,7 @@ func CreateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
// UpdateGist creates a tool to edit an existing gist
func UpdateGist(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataGists,
mcp.Tool{
Name: "update_gist",
diff --git a/pkg/github/git.go b/pkg/github/git.go
index 06c766163..8e632c1af 100644
--- a/pkg/github/git.go
+++ b/pkg/github/git.go
@@ -40,7 +40,7 @@ type TreeResponse struct {
// GetRepositoryTree creates a tool to get the tree structure of a GitHub repository.
func GetRepositoryTree(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataGit,
mcp.Tool{
Name: "get_repository_tree",
diff --git a/pkg/github/issues.go b/pkg/github/issues.go
index 657ab6815..aec4783d8 100644
--- a/pkg/github/issues.go
+++ b/pkg/github/issues.go
@@ -264,7 +264,7 @@ Options are:
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "issue_read",
@@ -548,7 +548,7 @@ func GetIssueLabels(ctx context.Context, client *githubv4.Client, owner string,
// ListIssueTypes creates a tool to list defined issue types for an organization. This can be used to understand supported issue type values for creating or updating issues.
func ListIssueTypes(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "list_issue_types",
@@ -605,7 +605,7 @@ func ListIssueTypes(t translations.TranslationHelperFunc) inventory.ServerTool {
// AddIssueComment creates a tool to add a comment to an issue.
func AddIssueComment(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "add_issue_comment",
@@ -690,7 +690,7 @@ func AddIssueComment(t translations.TranslationHelperFunc) inventory.ServerTool
// SubIssueWrite creates a tool to add a sub-issue to a parent issue.
func SubIssueWrite(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "sub_issue_write",
@@ -961,7 +961,7 @@ func SearchIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "search_issues",
@@ -982,7 +982,7 @@ func SearchIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
// IssueWrite creates a tool to create a new or update an existing issue in a GitHub repository.
func IssueWrite(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "issue_write",
@@ -1383,7 +1383,7 @@ func ListIssues(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithCursorPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "list_issues",
@@ -1619,7 +1619,7 @@ func AssignCopilotToIssue(t translations.TranslationHelperFunc) inventory.Server
},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "assign_copilot_to_issue",
diff --git a/pkg/github/labels.go b/pkg/github/labels.go
index d55b605fe..e85dee450 100644
--- a/pkg/github/labels.go
+++ b/pkg/github/labels.go
@@ -18,7 +18,7 @@ import (
// GetLabel retrieves a specific label by name from a GitHub repository
func GetLabel(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataIssues,
mcp.Tool{
Name: "get_label",
@@ -121,7 +121,7 @@ func GetLabelForLabelsToolset(t translations.TranslationHelperFunc) inventory.Se
// ListLabels lists labels from a repository
func ListLabels(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetLabels,
mcp.Tool{
Name: "list_label",
@@ -213,7 +213,7 @@ func ListLabels(t translations.TranslationHelperFunc) inventory.ServerTool {
// LabelWrite handles create, update, and delete operations for GitHub labels
func LabelWrite(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetLabels,
mcp.Tool{
Name: "label_write",
diff --git a/pkg/github/notifications.go b/pkg/github/notifications.go
index b3008362b..87026e2cb 100644
--- a/pkg/github/notifications.go
+++ b/pkg/github/notifications.go
@@ -27,7 +27,7 @@ const (
// ListNotifications creates a tool to list notifications for the current user.
func ListNotifications(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "list_notifications",
@@ -165,7 +165,7 @@ func ListNotifications(t translations.TranslationHelperFunc) inventory.ServerToo
// DismissNotification creates a tool to mark a notification as read/done.
func DismissNotification(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "dismiss_notification",
@@ -248,7 +248,7 @@ func DismissNotification(t translations.TranslationHelperFunc) inventory.ServerT
// MarkAllNotificationsRead creates a tool to mark all notifications as read.
func MarkAllNotificationsRead(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "mark_all_notifications_read",
@@ -341,7 +341,7 @@ func MarkAllNotificationsRead(t translations.TranslationHelperFunc) inventory.Se
// GetNotificationDetails creates a tool to get details for a specific notification.
func GetNotificationDetails(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "get_notification_details",
@@ -411,7 +411,7 @@ const (
// ManageNotificationSubscription creates a tool to manage a notification subscription (ignore, watch, delete)
func ManageNotificationSubscription(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "manage_notification_subscription",
@@ -508,7 +508,7 @@ const (
// ManageRepositoryNotificationSubscription creates a tool to manage a repository notification subscription (ignore, watch, delete)
func ManageRepositoryNotificationSubscription(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataNotifications,
mcp.Tool{
Name: "manage_repository_notification_subscription",
diff --git a/pkg/github/projects.go b/pkg/github/projects.go
index 4edef178e..3204243f7 100644
--- a/pkg/github/projects.go
+++ b/pkg/github/projects.go
@@ -27,7 +27,7 @@ const (
)
func ListProjects(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "list_projects",
@@ -146,7 +146,7 @@ func ListProjects(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func GetProject(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "get_project",
@@ -236,7 +236,7 @@ func GetProject(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func ListProjectFields(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "list_project_fields",
@@ -344,7 +344,7 @@ func ListProjectFields(t translations.TranslationHelperFunc) inventory.ServerToo
}
func GetProjectField(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "get_project_field",
@@ -438,7 +438,7 @@ func GetProjectField(t translations.TranslationHelperFunc) inventory.ServerTool
}
func ListProjectItems(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "list_project_items",
@@ -576,7 +576,7 @@ func ListProjectItems(t translations.TranslationHelperFunc) inventory.ServerTool
}
func GetProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "get_project_item",
@@ -684,7 +684,7 @@ func GetProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func AddProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "add_project_item",
@@ -797,7 +797,7 @@ func AddProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
}
func UpdateProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "update_project_item",
@@ -911,7 +911,7 @@ func UpdateProjectItem(t translations.TranslationHelperFunc) inventory.ServerToo
}
func DeleteProjectItem(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataProjects,
mcp.Tool{
Name: "delete_project_item",
diff --git a/pkg/github/pullrequests.go b/pkg/github/pullrequests.go
index e81f87ca0..91145f61d 100644
--- a/pkg/github/pullrequests.go
+++ b/pkg/github/pullrequests.go
@@ -59,7 +59,7 @@ Possible options:
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "pull_request_read",
@@ -510,7 +510,7 @@ func CreatePullRequest(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner", "repo", "title", "head", "base"},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "create_pull_request",
@@ -663,7 +663,7 @@ func UpdatePullRequest(t translations.TranslationHelperFunc) inventory.ServerToo
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "update_pull_request",
@@ -946,7 +946,7 @@ func ListPullRequests(t translations.TranslationHelperFunc) inventory.ServerTool
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "list_pull_requests",
@@ -1083,7 +1083,7 @@ func MergePullRequest(t translations.TranslationHelperFunc) inventory.ServerTool
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "merge_pull_request",
@@ -1203,7 +1203,7 @@ func SearchPullRequests(t translations.TranslationHelperFunc) inventory.ServerTo
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "search_pull_requests",
@@ -1247,7 +1247,7 @@ func UpdatePullRequestBranch(t translations.TranslationHelperFunc) inventory.Ser
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "update_pull_request_branch",
@@ -1369,7 +1369,7 @@ func PullRequestReviewWrite(t translations.TranslationHelperFunc) inventory.Serv
Required: []string{"method", "owner", "repo", "pullNumber"},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "pull_request_review_write",
@@ -1700,7 +1700,7 @@ func AddCommentToPendingReview(t translations.TranslationHelperFunc) inventory.S
Required: []string{"owner", "repo", "pullNumber", "path", "body", "subjectType"},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "add_comment_to_pending_review",
@@ -1853,7 +1853,7 @@ func RequestCopilotReview(t translations.TranslationHelperFunc) inventory.Server
Required: []string{"owner", "repo", "pullNumber"},
}
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataPullRequests,
mcp.Tool{
Name: "request_copilot_review",
diff --git a/pkg/github/repositories.go b/pkg/github/repositories.go
index f4641aaac..b4316afa8 100644
--- a/pkg/github/repositories.go
+++ b/pkg/github/repositories.go
@@ -22,7 +22,7 @@ import (
)
func GetCommit(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_commit",
@@ -121,7 +121,7 @@ func GetCommit(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListCommits creates a tool to get commits of a branch in a repository.
func ListCommits(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_commits",
@@ -230,7 +230,7 @@ func ListCommits(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListBranches creates a tool to list branches in a GitHub repository.
func ListBranches(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_branches",
@@ -318,7 +318,7 @@ func ListBranches(t translations.TranslationHelperFunc) inventory.ServerTool {
// CreateOrUpdateFile creates a tool to create or update a file in a GitHub repository.
func CreateOrUpdateFile(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "create_or_update_file",
@@ -518,7 +518,7 @@ If the SHA is not provided, the tool will attempt to acquire it by fetching the
// CreateRepository creates a tool to create a new GitHub repository.
func CreateRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "create_repository",
@@ -625,7 +625,7 @@ func CreateRepository(t translations.TranslationHelperFunc) inventory.ServerTool
// GetFileContents creates a tool to get the contents of a file or directory from a GitHub repository.
func GetFileContents(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_file_contents",
@@ -818,7 +818,7 @@ func GetFileContents(t translations.TranslationHelperFunc) inventory.ServerTool
// ForkRepository creates a tool to fork a repository.
func ForkRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "fork_repository",
@@ -918,7 +918,7 @@ func ForkRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
// The approach implemented here gets automatic commit signing when used with either the github-actions user or as an app,
// both of which suit an LLM well.
func DeleteFile(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "delete_file",
@@ -1104,7 +1104,7 @@ func DeleteFile(t translations.TranslationHelperFunc) inventory.ServerTool {
// CreateBranch creates a tool to create a new branch.
func CreateBranch(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "create_branch",
@@ -1218,7 +1218,7 @@ func CreateBranch(t translations.TranslationHelperFunc) inventory.ServerTool {
// PushFiles creates a tool to push multiple files in a single commit to a GitHub repository.
func PushFiles(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "push_files",
@@ -1403,7 +1403,7 @@ func PushFiles(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListTags creates a tool to list tags in a GitHub repository.
func ListTags(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_tags",
@@ -1483,7 +1483,7 @@ func ListTags(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetTag creates a tool to get details about a specific tag in a GitHub repository.
func GetTag(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_tag",
@@ -1582,7 +1582,7 @@ func GetTag(t translations.TranslationHelperFunc) inventory.ServerTool {
// ListReleases creates a tool to list releases in a GitHub repository.
func ListReleases(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "list_releases",
@@ -1658,7 +1658,7 @@ func ListReleases(t translations.TranslationHelperFunc) inventory.ServerTool {
// GetLatestRelease creates a tool to get the latest release in a GitHub repository.
func GetLatestRelease(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_latest_release",
@@ -1724,7 +1724,7 @@ func GetLatestRelease(t translations.TranslationHelperFunc) inventory.ServerTool
}
func GetReleaseByTag(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "get_release_by_tag",
@@ -2041,7 +2041,7 @@ func resolveDefaultBranch(ctx context.Context, githubClient *github.Client, owne
// ListStarredRepositories creates a tool to list starred repositories for the authenticated user or a specified user.
func ListStarredRepositories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataStargazers,
mcp.Tool{
Name: "list_starred_repositories",
@@ -2174,7 +2174,7 @@ func ListStarredRepositories(t translations.TranslationHelperFunc) inventory.Ser
// StarRepository creates a tool to star a repository.
func StarRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataStargazers,
mcp.Tool{
Name: "star_repository",
@@ -2241,7 +2241,7 @@ func StarRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
// UnstarRepository creates a tool to unstar a repository.
func UnstarRepository(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataStargazers,
mcp.Tool{
Name: "unstar_repository",
diff --git a/pkg/github/search.go b/pkg/github/search.go
index d95214e55..b662cecdd 100644
--- a/pkg/github/search.go
+++ b/pkg/github/search.go
@@ -46,7 +46,7 @@ func SearchRepositories(t translations.TranslationHelperFunc) inventory.ServerTo
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "search_repositories",
@@ -190,7 +190,7 @@ func SearchCode(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataRepos,
mcp.Tool{
Name: "search_code",
@@ -373,7 +373,7 @@ func SearchUsers(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataUsers,
mcp.Tool{
Name: "search_users",
@@ -416,7 +416,7 @@ func SearchOrgs(t translations.TranslationHelperFunc) inventory.ServerTool {
}
WithPagination(schema)
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataOrgs,
mcp.Tool{
Name: "search_orgs",
diff --git a/pkg/github/secret_scanning.go b/pkg/github/secret_scanning.go
index fb259758e..2f3c00877 100644
--- a/pkg/github/secret_scanning.go
+++ b/pkg/github/secret_scanning.go
@@ -18,7 +18,7 @@ import (
)
func GetSecretScanningAlert(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataSecretProtection,
mcp.Tool{
Name: "get_secret_scanning_alert",
@@ -96,7 +96,7 @@ func GetSecretScanningAlert(t translations.TranslationHelperFunc) inventory.Serv
}
func ListSecretScanningAlerts(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataSecretProtection,
mcp.Tool{
Name: "list_secret_scanning_alerts",
diff --git a/pkg/github/security_advisories.go b/pkg/github/security_advisories.go
index 44858dbd9..3bbb0d1f7 100644
--- a/pkg/github/security_advisories.go
+++ b/pkg/github/security_advisories.go
@@ -18,7 +18,7 @@ import (
)
func ListGlobalSecurityAdvisories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "list_global_security_advisories",
@@ -210,7 +210,7 @@ func ListGlobalSecurityAdvisories(t translations.TranslationHelperFunc) inventor
}
func ListRepositorySecurityAdvisories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "list_repository_security_advisories",
@@ -315,7 +315,7 @@ func ListRepositorySecurityAdvisories(t translations.TranslationHelperFunc) inve
}
func GetGlobalSecurityAdvisory(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "get_global_security_advisory",
@@ -373,7 +373,7 @@ func GetGlobalSecurityAdvisory(t translations.TranslationHelperFunc) inventory.S
}
func ListOrgRepositorySecurityAdvisories(t translations.TranslationHelperFunc) inventory.ServerTool {
- return NewToolWithScopes(
+ return NewTool(
ToolsetMetadataSecurityAdvisories,
mcp.Tool{
Name: "list_org_repository_security_advisories",