charles/claude-hooks

Fork

You've already forked claude-hooks

Code Issues 10 Pull requests Projects Releases Packages 1 Wiki Activity Actions

FM-4 — sync FORGE_TOOLS_ALLOWLIST with real forge-mcp tool names #808

New issue

Closed

opened 2026-05-03 20:08:05 +00:00 by claude-desktop · 0 comments

claude-desktop commented

2026-05-03 20:08:05 +00:00

Collaborator

Copy link

As an operator, I want FORGE_TOOLS_ALLOWLIST in apps/server/src/domain/agent/mcp-config.ts to list the names that apps/forge-mcp/src/tools.ts actually registers, so that agents in containers can invoke mcp__forge__* tools instead of getting "tool not found" from the SDK allowlist filter and falling back to curl with $FORGEJO_ACCESS_TOKEN.

Context — why this is broken today

FM-3 (#687, 2026-05-01) cut over to forge-mcp (FM-2 hand-rolled bun stdio server, apps/forge-mcp/src/). forge-mcp registers tools by their short names (get_issue, list_issues, list_pull_requests, submit_review, request_reviewers, read_file, create_comment, …). forge-mcp/src/main.ts:53 does a strict byName.get(name) lookup with no aliasing. Meanwhile FORGE_TOOLS_ALLOWLIST (apps/server/src/domain/agent/mcp-config.ts:75-96) still carries legacy forgejo-mcp names copied from MF-5: get_issue_by_index, list_repo_issues, list_repo_pull_requests, get_pull_request_by_index, list_pull_reviews, create_review_requests, delete_review_requests, get_file_content, create_issue_comment, list_issue_comments. 11 of 17 names mismatch. The SDK's allowedTools filter rejects every call to a real forge-mcp verb. Result: agents have no working forge MCP path and curl-fall-back via $FORGEJO_ACCESS_TOKEN (which container-reconcile.ts:398 injects).

This story closes the allowlist drift only. Server-side rename (FM-5) and dualMount rip (FM-6) follow.

Acceptance criteria

Allowlist sync

Every entry in FORGE_TOOLS_ALLOWLIST (apps/server/src/domain/agent/mcp-config.ts) matches a name: field exported from apps/forge-mcp/src/tools.ts buildTools().
Mapping (legacy → forge-mcp short name) follows the table in specs/forge-mcp-cutover-followup.md §"Pass 1":
- get_issue_by_index → get_issue
- list_repo_issues → list_issues
- list_issue_comments → list_comments
- create_issue_comment → create_comment
- list_repo_pull_requests → list_pull_requests
- get_pull_request_by_index → get_pull_request
- list_pull_reviews → list_reviews
- submit_pull_review → submit_review
- create_review_requests → request_reviewers
- delete_review_requests → remove_review_request
- get_file_content → read_file
- update_issue, add_issue_labels, remove_issue_labels, create_issue, merge_pull_request, create_pull_request, list_repo_labels, list_workflow_runs, get_workflow_run, list_pull_request_files retained verbatim.

Tests

New unit assertion in mcp-config.test.ts: every name in FORGE_TOOLS_ALLOWLIST is present in the set returned by buildTools() from apps/forge-mcp/src/tools.ts. Cross-package import is fine — same monorepo. The test fails closed if forge-mcp drops or renames a verb.
Existing mcp-config.test.ts assertions covering buildMcpSetup keep passing.

Manual smoke

After landing, dispatch a real ticket. Task transcript shows at least one mcp__forge__* tool call (e.g. mcp__forge__get_issue, mcp__forge__create_pull_request). No mcp__forgejo__* tool calls — those will fail because the binary is gone, but they should not be attempted in this story (server-side instructions still emit them; that is FM-5's job to fix).

Out of scope

Renaming server-side mcp__forgejo__* references in parent-pr.ts, architect.ts, agent-runner.ts, worker.ts — see FM-5.
Removing dualMount, forgejoMcpCommand, FORGEJO_TOOLS_ALLOWLIST, FORGEJO_MCP_TOOLS env wiring — see FM-6.
Adding new tools to forge-mcp — every verb the agents use today already exists.

References

Spec: specs/forge-mcp-cutover-followup.md §Pass 1.
Tool registry: apps/forge-mcp/src/tools.ts:200-583 (name: fields).
Current allowlist: apps/server/src/domain/agent/mcp-config.ts:75-96.
forge-mcp dispatch (no aliasing): apps/forge-mcp/src/main.ts:53.
Parent spec: specs/forge-mcp-multi-forge.md.
Original FM-3 PR: #687.

As an operator, I want `FORGE_TOOLS_ALLOWLIST` in `apps/server/src/domain/agent/mcp-config.ts` to list the names that `apps/forge-mcp/src/tools.ts` actually registers, so that agents in containers can invoke `mcp__forge__*` tools instead of getting "tool not found" from the SDK allowlist filter and falling back to curl with `$FORGEJO_ACCESS_TOKEN`. ## Context — why this is broken today FM-3 (#687, 2026-05-01) cut over to `forge-mcp` (FM-2 hand-rolled bun stdio server, `apps/forge-mcp/src/`). `forge-mcp` registers tools by their **short names** (`get_issue`, `list_issues`, `list_pull_requests`, `submit_review`, `request_reviewers`, `read_file`, `create_comment`, …). `forge-mcp/src/main.ts:53` does a strict `byName.get(name)` lookup with no aliasing. Meanwhile `FORGE_TOOLS_ALLOWLIST` (`apps/server/src/domain/agent/mcp-config.ts:75-96`) still carries **legacy forgejo-mcp names** copied from MF-5: `get_issue_by_index`, `list_repo_issues`, `list_repo_pull_requests`, `get_pull_request_by_index`, `list_pull_reviews`, `create_review_requests`, `delete_review_requests`, `get_file_content`, `create_issue_comment`, `list_issue_comments`. 11 of 17 names mismatch. The SDK's `allowedTools` filter rejects every call to a real `forge-mcp` verb. Result: agents have no working forge MCP path and curl-fall-back via `$FORGEJO_ACCESS_TOKEN` (which `container-reconcile.ts:398` injects). This story closes the allowlist drift only. Server-side rename (FM-5) and dualMount rip (FM-6) follow. ## Acceptance criteria ### Allowlist sync - [ ] Every entry in `FORGE_TOOLS_ALLOWLIST` (`apps/server/src/domain/agent/mcp-config.ts`) matches a `name:` field exported from `apps/forge-mcp/src/tools.ts` `buildTools()`. - [ ] Mapping (legacy → forge-mcp short name) follows the table in `specs/forge-mcp-cutover-followup.md` §"Pass 1": - [ ] `get_issue_by_index` → `get_issue` - [ ] `list_repo_issues` → `list_issues` - [ ] `list_issue_comments` → `list_comments` - [ ] `create_issue_comment` → `create_comment` - [ ] `list_repo_pull_requests` → `list_pull_requests` - [ ] `get_pull_request_by_index` → `get_pull_request` - [ ] `list_pull_reviews` → `list_reviews` - [ ] `submit_pull_review` → `submit_review` - [ ] `create_review_requests` → `request_reviewers` - [ ] `delete_review_requests` → `remove_review_request` - [ ] `get_file_content` → `read_file` - [ ] `update_issue`, `add_issue_labels`, `remove_issue_labels`, `create_issue`, `merge_pull_request`, `create_pull_request`, `list_repo_labels`, `list_workflow_runs`, `get_workflow_run`, `list_pull_request_files` retained verbatim. ### Tests - [ ] New unit assertion in `mcp-config.test.ts`: every name in `FORGE_TOOLS_ALLOWLIST` is present in the set returned by `buildTools()` from `apps/forge-mcp/src/tools.ts`. Cross-package import is fine — same monorepo. The test fails closed if forge-mcp drops or renames a verb. - [ ] Existing `mcp-config.test.ts` assertions covering `buildMcpSetup` keep passing. ### Manual smoke - [ ] After landing, dispatch a real ticket. Task transcript shows at least one `mcp__forge__*` tool call (e.g. `mcp__forge__get_issue`, `mcp__forge__create_pull_request`). No `mcp__forgejo__*` tool calls — those will fail because the binary is gone, but they should not be attempted in this story (server-side instructions still emit them; that is FM-5's job to fix). ## Out of scope - Renaming server-side `mcp__forgejo__*` references in `parent-pr.ts`, `architect.ts`, `agent-runner.ts`, `worker.ts` — see **FM-5**. - Removing `dualMount`, `forgejoMcpCommand`, `FORGEJO_TOOLS_ALLOWLIST`, `FORGEJO_MCP_TOOLS` env wiring — see **FM-6**. - Adding new tools to `forge-mcp` — every verb the agents use today already exists. ## References - Spec: `specs/forge-mcp-cutover-followup.md` §Pass 1. - Tool registry: `apps/forge-mcp/src/tools.ts:200-583` (`name:` fields). - Current allowlist: `apps/server/src/domain/agent/mcp-config.ts:75-96`. - forge-mcp dispatch (no aliasing): `apps/forge-mcp/src/main.ts:53`. - Parent spec: `specs/forge-mcp-multi-forge.md`. - Original FM-3 PR: #687.

claude-desktop added the

area:agents

type:user-story

labels

2026-05-03 20:09:04 +00:00

claude-desktop added this to the Forge MCP — multi-forge milestone

2026-05-03 20:09:07 +00:00

charles referenced this issue from a commit

2026-05-03 20:10:11 +00:00

docs(spec): forge-mcp cutover follow-up — close FM-3 gap

claude-desktop referenced this issue

2026-05-03 20:10:54 +00:00

docs(spec): forge-mcp cutover follow-up — close FM-3 gap #812

charles referenced this issue from a commit

2026-05-03 20:18:40 +00:00

docs(spec): forge-mcp cutover follow-up — close FM-3 gap (#812)

dev was assigned by claude-desktop

2026-05-03 22:01:37 +00:00

dev referenced this issue from a pull request that will close it,

2026-05-03 22:25:42 +00:00

fix(mcp): sync FORGE_TOOLS_ALLOWLIST with real forge-mcp tool names (FM-4) #815

reviewer closed this issue

2026-05-03 22:33:44 +00:00

No Branch/Tag specified

main

chore/sync-pre-push-from-forge-base

fix/flows-yaml-dispatch-identity

feat/board-tap-to-assign

dev/1107

code-lead/1106

code-lead/1108

dev/1104

code-lead/1103

code-lead/1080

dev/1087

feat/flows-yaml-ci-events

chore/board-drop-stalled-and-density-controls

fix/flows-yaml-routes-always-register

flows-yaml/api-defaults

dev/1023

fix/event-log-history-bleed

fix/janitor-fix-ci-logs-and-cap

dev/1022

fix/board-card-provider

code-lead/1036

dev/1025

code-lead/1020

dev/1017

code-lead/1026

feat/web-shortcut-registry-1018

dev/1015

code-lead/1009

code-lead/1008

dev/975

dev/969

dev/973

dev/967

code-lead/968

code-lead/953

dev/970

dev/976

code-lead/966

code-lead/956

code-lead/951

dev/962

dev/963

dev/977

dev/955

dev/983

dev/961

dev/974

code-lead/950

code-lead/939

dev/941

dev/940

dev/937

dev/938

dev/936

dev/935

feat/web-i18n-fr-locale

feat/spec-editor-ui-polish

chore/drop-legacy-compat

fix/skills-drop-preview-pane

fix/882-skills-safety-rail

dev/911

dev/909

dev/923

dev/917

dev/915

feat/879-sr11-m2-drop-legacy-skill

code-lead/873

dev/881

code-lead/869

dev/867

code-lead/845

code-lead/843

code-lead/844

dev/837

dev/861

dev/849

code-lead/837

code-lead/842

fix/dedup-rebase-inflight

dev/838

code-lead/847

dev/833

code-lead/848

pr/838

code-lead/841

feat/settings-save-bar/836

code-lead/840

dev/846

code-lead/839

dev/832

fix/board-sse-stale-cache

dev/834

dev/835

feat/settings-breadcrumbs

feat/forge-oauth-credentials

refactor/service-config-consolidation

feat/agent-tokens-to-secrets

feat/gitlab-oauth-to-db

feat/authelia-rip-and-voice-fixes

fix/rebase-storm-and-dead-letter

code-lead/797

code-lead/796

dev/811

code-lead/798

dev/810

code-lead/795

dev/808

code-lead/794

dev/805

dev/802

dev/803

feat/avatar-menu-settings-entry

feat/per-agent-token-tracking

dev/793

dev/747

dev/752

code-lead/790

code-lead/759

dev/756

dev/760

dev/741

dev/767

dev/740

dev/709

dev/644

dev/637

boss/614

dev/600

dev/611

dev/585

fix/login-bonus-fixes

boss/544

dev/542

refactor/api-prefix-and-session-gate

dev/489

boss/531

boss/518

dev/499

boss/516

dev/530

dev/517

dev/519

dev/515

dev/522

dev/503

dev/471

boss/329

dev/417

dev/418

dev/402

boss/327

dev/334

dev/332

boss/326

boss/325

dev/331

boss/324

boss/323

boss/322

dev/294

test/s11-task-analytics

dev/262

boss/270

dev/268

foreman/ui-consolidation-spec

dev/234

boss/196

boss/176

boss/164

fix/124-session-persist-bind

boss/52

dev/87

boss/73

dev/77

dev/81

dev/82

boss/79

dev/42

dev/35

boss/7

No results found.

Labels

Clear labels

area:agents

Agent types, pool scheduling, per-instance config

area:dashboard

Dashboard UI and observability surfaces

area:database

DB layer — schema, migrations, ORM, raw SQL

area:design

UI/UX mockup work — routes to designer agent

area:design-review

Design review dispatch — routes to design-reviewer agent

area:flows

Flow runner — YAML loader, executor, op registry, expression eval

area:infra

Deployment, isolation, containers, systemd units

area:meta

Tracking, scaffolding, project setup

area:security

Security — routes to reviewer-security (opus)

area:sessions

Session-id store, Claude SDK resume logic

area:webhook

Forgejo webhook routing and handlers

area:workdir

Clone cache, worktrees, git identity

security

Security-sensitive issue

Tracking or decisions, not implementation work

No labels

Milestone

Clear milestone

No items

No milestone

Forge MCP — multi-forge

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

dev

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

charles/claude-hooks#808

Reference in a new issue

Repository

charles/claude-hooks

Title

Body

No description provided.

Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?

Rows
Columns