Skip to content

test(standards): strengthen coding standards guardrails to 93 checks#585

Draft
cursor[bot] wants to merge 3 commits into
mainfrom
cursor/mcp-server-coding-standards-561d
Draft

test(standards): strengthen coding standards guardrails to 93 checks#585
cursor[bot] wants to merge 3 commits into
mainfrom
cursor/mcp-server-coding-standards-561d

Conversation

@cursor

@cursor cursor Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Description

Audited the codebase against docs/coding-standards.md architecture rules. The baseline already passed 80 automated guardrails via pnpm standards:check; this PR strengthens enforcement and prevents documentation drift.

Note on the standards snapshot: The pasted standards listed 10 consolidated tools and Zod v3. The canonical architecture is 11 tools (includes harness_schema) and Zod v4 (import * as z from "zod/v4"). docs/coding-standards.md and AGENTS.md already reflect this; new tests lock it in.

Changes

  • Add tests/coding-standards/allowed-tools.ts — single source of truth for the 11 handler allowlists (DRY across standards tests)
  • Add tests/coding-standards/agents-md-consistency.test.ts — prevents AGENTS.md reverting to stale 10-tool / Zod v3 docs
  • Add tests/coding-standards/security.test.ts — enforces secret read-only metadata, RateLimiter in HarnessClient, default log redaction, and formatBodyPreview on write confirmations
  • Expand docs-consistency.test.ts — locks stderr logging, singleton client, pure-data toolsets, and write-confirmation safety rules in docs
  • Add Coding Standards section to AGENTS.md pointing contributors to docs/coding-standards.md

Compliance summary (no production code violations found)

Rule Status
11 fixed MCP tools (registry dispatch) Enforced
Pure-data toolsets Enforced
Shared response extractors Enforced
Scope injection model Enforced
stderr-only logging Enforced
Singleton HarnessClient Enforced
Zod v4 + .describe() chaining Enforced
Write confirmation / elicitation Enforced
Secret metadata read-only Enforced (new)

Type of Change

  • Bug fix
  • New feature
  • Refactor
  • Documentation
  • Other

Checklist

  • pnpm test passes (2483 tests)
  • pnpm typecheck passes
  • pnpm build passes
  • pnpm standards:check passes (93 tests, up from 80)
  • pnpm docs:check passes (no registry/tool count changes)

Coding Standards (registry-driven MCP model)

  • No new server.registerTool() calls
  • No production code changes — test-only guardrail expansion
Open in Web View Automation 

thisrohangupta and others added 3 commits July 8, 2026 00:37
…uards

- Add tests/coding-standards/allowed-tools.ts as single source of truth for
  the 11 consolidated MCP tool handlers
- Refactor coding-standards tests to import shared allowlists (DRY)
- Add agents-md-consistency.test.ts to prevent reverting to stale 10-tool
  or Zod v3 architecture in AGENTS.md

Co-authored-by: Rohan Gupta <thisrohangupta@users.noreply.github.com>
Strengthen automated enforcement of coding-standards.md:
- Secret resource remains read-only metadata (no create/update/delete)
- HarnessClient uses RateLimiter and redacts error log bodies by default
- Write handlers use formatBodyPreview for confirmation prompts
- Docs-consistency tests lock key architecture and safety rules
- AGENTS.md points contributors to docs/coding-standards.md and standards:check

Co-authored-by: Rohan Gupta <thisrohangupta@users.noreply.github.com>
@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ thisrohangupta
❌ cursoragent
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants