Skip to content

test(standards): strengthen coding-standards guardrails and verify PR #581 compliance#583

Draft
cursor[bot] wants to merge 2 commits into
cursor/harness-mcp-v2-bug-resolution-381bfrom
cursor/mcp-server-coding-standards-d95b
Draft

test(standards): strengthen coding-standards guardrails and verify PR #581 compliance#583
cursor[bot] wants to merge 2 commits into
cursor/harness-mcp-v2-bug-resolution-381bfrom
cursor/mcp-server-coding-standards-d95b

Conversation

@cursor

@cursor cursor Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Description

Coding-standards compliance review for PR #581 and the broader codebase. The audit confirmed the registry-driven MCP architecture is followed; this PR adds automated guardrails for safety/security rules that were documented but not yet enforced by tests.

Compliance review (PR #581)

PR #581 (test: unit coverage for diagnose terminal-status guard) is standards-compliant:

  • Test-only changes in tests/tools/diagnose/ and tests/utils/
  • No new MCP tools, handler files, or toolset violations
  • Diagnose handler follows the error-handling pattern (toMcpError, user-facing rejection for non-terminal executions)

New guardrails

  • tests/coding-standards/security.test.ts — enforces §9 safety rules:
    • Secret resource is read-only metadata (no create/update/delete)
    • HarnessClient uses RateLimiter
    • Error logs redact request/response bodies by default
    • Write handlers use formatBodyPreview for elicitation redaction
  • Expanded docs-consistency.test.ts — prevents docs drift on logging, singleton client, pure-data toolsets, and write confirmation
  • AGENTS.md — links to docs/coding-standards.md and documents pnpm standards:check

Note on canonical standards

The canonical docs use 11 consolidated tools (includes harness_schema), Zod v4 (zod/v4), and registerTool() (not deprecated server.tool()). Write safety uses confirm + confirmViaElicitation.

Type of Change

  • Bug fix
  • New feature
  • Refactor
  • Documentation
  • Other (standards enforcement tests)

Checklist

  • pnpm test passes (2476 tests)
  • pnpm typecheck passes
  • pnpm build passes
  • pnpm standards:check passes (88 guardrail tests)
  • pnpm docs:check passes (if registry/tool counts changed)

Coding Standards (registry-driven MCP model)

  • No new server.registerTool() calls
  • No console.log() in src/
  • No new handler or toolset files
Open in Web View Automation 

cursoragent and others added 2 commits July 7, 2026 19:34
Add pipelineHandler unit tests that verify non-terminal executions are
rejected before YAML/log fetches and that the error propagates instead of
being swallowed into execution_error. Extend poll-execution tests so
ApprovalRejected and Suspended stop wait-mode polling and Suspended is
explicitly non-failure.

Co-authored-by: Rohan Gupta <thisrohangupta@users.noreply.github.com>
Strengthen automated enforcement of coding-standards.md:
- Secret resource remains read-only metadata (no create/update/delete)
- HarnessClient uses RateLimiter and redacts error log bodies by default
- Write handlers use formatBodyPreview for confirmation prompts
- Docs-consistency tests lock key architecture and safety rules in AGENTS.md

Co-authored-by: Rohan Gupta <thisrohangupta@users.noreply.github.com>
@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants