feat(mcp): copilot-fundament — scope-enforcement + create_idea/list_ideas/dispatch_job/get_job_status (IDEA-118 fase 2) #51

Merged
janpeter merged 22 commits from feat/copilot-mcp-foundation into main 2026-06-11 17:19:18 +02:00
Owner

Spec par 6.3 (v0.4, dubbel GO). Shared-bump ec7950a.

  • Scope-gate in userCanAccessProduct (token-scope eerst, daarna member-check) — dekt automatisch alle bestaande tools; 404-semantiek.
  • COPILOT-token met lege scoped_products → hard geweigerd in getAuth (K11); list_products respecteert de scope (startup-gate-basis).
  • Vier nieuwe shared tools: create_idea (idea-code-port), list_ideas, dispatch_job (canonieke kind/ref-matrix K12; ports van startIdeaJob + startSprintRunCore incl. pre-flight; review-kinds met doc-/repo-scope en mirror-normalisatie; PLAN_CHAT bewust niet dispatchbaar), get_job_status (id-resolutie, geen oracle).
  • Dispatch-helpers: snapshot (job-config), notify (pg_notify, best-effort na commit).

Tests: 803 groen (was 758), tsc schoon. Per batch spec- + kwaliteitsreview gedaan.

LET OP rollout-volgorde (Fase 3.5 van het plan in scrum4me-workers): mergen mag, maar de mcp-RUNTIME pas deployen ná web-migratie (PR Scrum4Me#75) én workers-deploy — anders P2023-risico.

🤖 Generated with Claude Code

Spec par 6.3 (v0.4, dubbel GO). Shared-bump ec7950a. - Scope-gate in userCanAccessProduct (token-scope eerst, daarna member-check) — dekt automatisch alle bestaande tools; 404-semantiek. - COPILOT-token met lege scoped_products → hard geweigerd in getAuth (K11); list_products respecteert de scope (startup-gate-basis). - Vier nieuwe shared tools: create_idea (idea-code-port), list_ideas, dispatch_job (canonieke kind/ref-matrix K12; ports van startIdeaJob + startSprintRunCore incl. pre-flight; review-kinds met doc-/repo-scope en mirror-normalisatie; PLAN_CHAT bewust niet dispatchbaar), get_job_status (id-resolutie, geen oracle). - Dispatch-helpers: snapshot (job-config), notify (pg_notify, best-effort na commit). Tests: 803 groen (was 758), tsc schoon. Per batch spec- + kwaliteitsreview gedaan. LET OP rollout-volgorde (Fase 3.5 van het plan in scrum4me-workers): mergen mag, maar de mcp-RUNTIME pas deployen ná web-migratie (PR Scrum4Me#75) én workers-deploy — anders P2023-risico. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Port van startSprintRunCore uit web-app (actions/sprint-runs.ts:60-220).
Dekt SPRINT_BATCH (1 SPRINT_IMPLEMENTATION-job) en STORY/per-task (N
TASK_IMPLEMENTATION-jobs), inclusief alle 4 pre-flight blocker-types
(task_no_plan, open_question, pbi_blocked, task_cross_repo) en
product-scope-check. source='COPILOT' i.p.v. web-default 'SYSTEM'.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Sign in to join this conversation.
No reviewers
No labels
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
janpeter/scrum4me-mcp!51
No description provided.