chore: finish proposal_id hardening + document MCP initTimeout#264
Merged
Conversation
Completes work the 2026-06-18 self-merged batch left half-applied:
- Tighten the mandate proposal_id relay/preview parsers in api_server.py
and cli/_legacy.py to the strict mp_[0-9a-f]{32} format already enforced
by commit.py (#256), so the relay and the commit gate agree on format.
- Document the MCP initTimeout config key (shipped in #263) in README and
wire its base-default passthrough in config/loader.py.
- Add the registered pytest.mark.unit marker to test_mandate_commit_security.py.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Finishes work the 2026-06-18 self-merged batch left half-applied (found while auditing that batch).
What & why
mandate/commit.pyto enforce the strict^mp_[0-9a-f]{32}$proposal-id format, but the relay/preview parsers inapi_server.pyandcli/_legacy.pywere left on the loosemp_[0-9a-zA-Z]+. This aligns them so the relay and the commit gate agree on the format. (Not exploitable on its own — the loose regex already excludes path separators andcommit.pybackstops — but it was an inconsistent half-change.)initTimeout. The key shipped in fix(live): extend Robinhood OAuth init timeout #263 (schema +mcp.py+ CLI) but was undocumented; add the README config-table row and wire its base-default passthrough inconfig/loader.py.pytest.mark.unitmarker totest_mandate_commit_security.py(used by 13 other test files; the merged copy was missing it).Test plan
pytest tests/test_api_live_runtime.py tests/test_cli_live.py tests/test_mandate_commit_security.py tests/test_consent_commit.py tests/test_mcp_oauth_schema.py→ 125 passedgit grep mp_\[0-9a-zA-Z\]\+→ no loose proposal-id regex remains anywhere