roadmap: php-mcp production readiness #34
Labels
No labels
P1
P2
P3
PHP
agent-ready
bug
clotho
discovery
docs
refactor
review
security
testing
athena
athena-gemini
audit
clotho
clotho-gemini
codex
darbs-claude
security
wiki
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: core/php-mcp#34
Loading…
Add table
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
php-mcp Production Readiness Roadmap
This is the master checklist for bringing
host-uk/core-mcpto production readiness. All items were identified by automated discovery scan (issue #2).🧪 Test Coverage (Critical Gaps)
test: add tests for ToolRegistry servicetest: add tests for AuditLogService(security-critical)test: add tests for CircuitBreaker servicetest: add tests for DataRedactor service(security-critical)test: add tests for McpHealthServicetest: add tests for McpMetricsServicetest: add tests for McpWebhookDispatchertest: add tests for OpenApiGeneratortest: add tests for ToolRateLimiter(security-critical)test: add tests for AgentSessionServicetest: add tests for AgentToolRegistrytest: add integration tests for QueryDatabase tool🔒 Security (Must-Fix Before Production)
chore: add CI/CD security regression testssecurity: add monitoring and alerting for suspicious query patternssecurity: review ContentTools for injection and data exposure risks(review required)security: review commerce tools for payment data exposure(review required)🔧 Refactoring (Code Quality)
refactor: extract SQL parser from regex to AST-based validation(architectural)refactor: standardise tool responses with ToolResult DTOrefactor: fix PHPStan level 5 type errors across servicesrefactor: extract McpToolsRegistering tool registration from McpAgentServerCommand📦 Infrastructure / Chores
chore: create missing ToolRegistry YAML server definition files(blocks ToolRegistry usage)chore: add PHPStan and static analysis to dev dependencieschore: add query result streaming for large result sets🚀 Features
feat: add query template systemfeat: add schema exploration tools (ListTables, DescribeTable, ListIndexes)feat: add data export tool (CSV, JSON)feat: add query result cachingfeat: add query history tracking per workspacefeat: add data validation tool for database quality checks📝 Documentation
docs: add inline documentation for ContentTools and commerce toolsCurrent State Summary
Priority Order
Generated by discovery scan on 2026-02-21. See issue #2 for the full scan process.