php-mcp

core/php-mcp

Fork 0

Commit graph

Author	SHA1	Message	Date
Snider	ac7fe0ea7a	test(mcp): add comprehensive Workspace Context tests (P2-014) Add extensive Pest tests for workspace context security covering: - WorkspaceContext resolution from headers and authentication - Automatic workspace scoping for queries - MissingWorkspaceContextException handling - Workspace boundary enforcement - Cross-workspace data isolation and query prevention - Context injection via middleware - Edge cases including concurrent contexts and request isolation Also update Pest.php to include src/Mcp/Tests/Unit directory. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-29 19:39:24 +00:00
Snider	41b8568d5c	test(mcp): add comprehensive SQL Query Validator tests (P2-013) Add Pest tests for SqlQueryValidator covering: - Allowed SELECT statements with WHERE, ORDER BY, LIMIT - Blocked data modification (INSERT, UPDATE, DELETE, TRUNCATE) - Blocked schema changes (DROP, ALTER, CREATE, RENAME) - Blocked permissions/admin (GRANT, REVOKE, FLUSH, KILL, SET) - Blocked execution (EXECUTE, PREPARE, CALL, DEALLOCATE) - Blocked file operations (INTO OUTFILE/DUMPFILE, LOAD_FILE/DATA) - SQL injection prevention: UNION attacks, stacked queries, time-based (SLEEP/BENCHMARK), encoding (hex/CHAR), subqueries, system table access, comment obfuscation - Query structure validation and whitelist configuration - Exception details and edge cases Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-29 19:38:40 +00:00
Snider	3ac43d834b	Initial commit	2026-01-26 20:49:02 +00:00

Author

SHA1

Message

Date

Snider

ac7fe0ea7a

test(mcp): add comprehensive Workspace Context tests (P2-014)

Add extensive Pest tests for workspace context security covering:
- WorkspaceContext resolution from headers and authentication
- Automatic workspace scoping for queries
- MissingWorkspaceContextException handling
- Workspace boundary enforcement
- Cross-workspace data isolation and query prevention
- Context injection via middleware
- Edge cases including concurrent contexts and request isolation

Also update Pest.php to include src/Mcp/Tests/Unit directory.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-29 19:39:24 +00:00

Snider

41b8568d5c

test(mcp): add comprehensive SQL Query Validator tests (P2-013)

Add Pest tests for SqlQueryValidator covering:
- Allowed SELECT statements with WHERE, ORDER BY, LIMIT
- Blocked data modification (INSERT, UPDATE, DELETE, TRUNCATE)
- Blocked schema changes (DROP, ALTER, CREATE, RENAME)
- Blocked permissions/admin (GRANT, REVOKE, FLUSH, KILL, SET)
- Blocked execution (EXECUTE, PREPARE, CALL, DEALLOCATE)
- Blocked file operations (INTO OUTFILE/DUMPFILE, LOAD_FILE/DATA)
- SQL injection prevention: UNION attacks, stacked queries,
  time-based (SLEEP/BENCHMARK), encoding (hex/CHAR), subqueries,
  system table access, comment obfuscation
- Query structure validation and whitelist configuration
- Exception details and edge cases

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-29 19:38:40 +00:00

Snider

3ac43d834b

Initial commit

2026-01-26 20:49:02 +00:00

3 commits