core/php-mcp
8
0
Fork 0
Code Issues 32 Pull requests Projects Releases Packages Wiki Activity Actions
10 commits 4 branches 0 tags 412 KiB
Commit graph

5 commits

Author SHA1 Message Date
Snider
64ce1ee324 test(mcp): add comprehensive Tool Analytics tests (P2-015) 
Add Pest tests for ToolAnalyticsService covering:
- Usage tracking (recording successful/failed executions)
- ToolStats DTO calculations and formatting
- Error rate calculations
- Daily trend aggregation
- Reporting functions (popular tools, error-prone tools, workspace stats)
- Tool combination tracking within sessions
- Date range filtering
- ToolMetric model methods and scopes

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:44:32 +00:00
Snider
ac7fe0ea7a test(mcp): add comprehensive Workspace Context tests (P2-014) 
Add extensive Pest tests for workspace context security covering:
- WorkspaceContext resolution from headers and authentication
- Automatic workspace scoping for queries
- MissingWorkspaceContextException handling
- Workspace boundary enforcement
- Cross-workspace data isolation and query prevention
- Context injection via middleware
- Edge cases including concurrent contexts and request isolation

Also update Pest.php to include src/Mcp/Tests/Unit directory.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:39:24 +00:00
Snider
41b8568d5c test(mcp): add comprehensive SQL Query Validator tests (P2-013) 
Add Pest tests for SqlQueryValidator covering:
- Allowed SELECT statements with WHERE, ORDER BY, LIMIT
- Blocked data modification (INSERT, UPDATE, DELETE, TRUNCATE)
- Blocked schema changes (DROP, ALTER, CREATE, RENAME)
- Blocked permissions/admin (GRANT, REVOKE, FLUSH, KILL, SET)
- Blocked execution (EXECUTE, PREPARE, CALL, DEALLOCATE)
- Blocked file operations (INTO OUTFILE/DUMPFILE, LOAD_FILE/DATA)
- SQL injection prevention: UNION attacks, stacked queries,
  time-based (SLEEP/BENCHMARK), encoding (hex/CHAR), subqueries,
  system table access, comment obfuscation
- Query structure validation and whitelist configuration
- Exception details and edge cases

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:38:40 +00:00
Snider
e536e4586f feat(mcp): add query security features (P1-007, P1-008, P1-009) 
- P1-007: Tier-based query result size limits with truncation warnings
- P1-008: Per-tier query timeout enforcement (MySQL/PostgreSQL/SQLite)
- P1-009: Comprehensive audit logging for all query attempts

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 13:15:39 +00:00
Snider
afb3dacd98 monorepo sepration 2026-01-26 20:57:41 +00:00