Stage #9275
Merged
Stage #9275
+2,053
−674
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The postinstall.js script is plain JavaScript and doesn't require ts-node. This fixes the Docker build error where ts-node was not available to the node user.
Contributor
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the ✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Contributor
Greptile SummaryThis PR refactors the MCP server to resolve TypeScript compilation memory issues by removing the Key Changes
Critical Issues Found
ImpactWhile this PR aims to solve TypeScript compilation issues, the critical bug in Confidence Score: 0/5
Important Files Changed
Sequence DiagramsequenceDiagram
participant Client as MCP Client
participant Server as MCP Server
participant Helper as tool-helper.ts
participant Auth as auth-types.ts
participant ErrorUtil as error-utils.ts
participant Security as security-logger.ts
participant API as Gauzy API
Note over Server,Helper: Refactored Architecture
Client->>Server: Initialize MCP Server
Server->>Server: createMcpServer()
Note over Server: Changed constructor params<br/>to match SDK signature
Server->>Helper: registerTool(name, desc, schema, callback)
Note over Helper: CRITICAL ISSUE<br/>Uses incorrect method name<br/>server.registerTool vs server.tool
Helper->>Server: Attempt tool registration
Client->>Server: Invoke tool (e.g., login)
Note over Server: May fail at runtime<br/>due to incorrect registration
Server->>Auth: Extract and validate bearer
Auth->>ErrorUtil: sanitizeErrorMessage()
ErrorUtil-->>Auth: Cleaned error text
Server->>Security: logSecurityEvent()
Security->>Security: Store event in memory
Server->>API: Make authenticated request
API-->>Server: Response or error
Server->>ErrorUtil: sanitizeForLogging()
ErrorUtil-->>Server: Safe log data
Server-->>Client: Tool execution result
Note over Server,Helper: Removed external auth dependency<br/>Duplicated utilities locally<br/>Added type suppressions to files
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Additional Comments (1)
-
packages/mcp-server/src/lib/tools/auth.ts, line 487 (link)syntax: closing brace doesn't match function signature
47 files reviewed, 6 comments
Comment on lines
+449
to
+451
| registerTool( | ||
| server, | ||
| 'cleanup_sessions', 'Cleanup expired sessions and get session statistics', {}, async () => { |
Contributor
There was a problem hiding this comment.
syntax: incorrect function call - should use registerNoArgsTool for tools with no parameters
registerTool expects 5 parameters (server, name, description, schema, callback) but here all arguments are being passed on one line. Since the schema is empty {}, this should use registerNoArgsTool instead:
Suggested change
| registerTool( | |
| server, | |
| 'cleanup_sessions', 'Cleanup expired sessions and get session statistics', {}, async () => { | |
| registerNoArgsTool( | |
| server, | |
| 'cleanup_sessions', | |
| 'Cleanup expired sessions and get session statistics', | |
| async () => { |
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
Prompt To Fix With AI
This is a comment left during a code review.
Path: packages/mcp-server/src/lib/tools/auth.ts
Line: 449:451
Comment:
**syntax:** incorrect function call - should use `registerNoArgsTool` for tools with no parameters
`registerTool` expects 5 parameters `(server, name, description, schema, callback)` but here all arguments are being passed on one line. Since the schema is empty `{}`, this should use `registerNoArgsTool` instead:
```suggestion
registerNoArgsTool(
server,
'cleanup_sessions',
'Cleanup expired sessions and get session statistics',
async () => {
```
<sub>Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!</sub>
How can I resolve this? If you propose a fix, please make it concise.
Comment on lines
+69
to
+76
| (server.registerTool as any)( | ||
| name, | ||
| { | ||
| description, | ||
| inputSchema: z.object(schema) | ||
| }, | ||
| callback | ||
| ); |
Contributor
There was a problem hiding this comment.
logic: using server.registerTool instead of server.tool
the MCP SDK method is server.tool(), not server.registerTool(). This will cause runtime errors.
Suggested change
| (server.registerTool as any)( | |
| name, | |
| { | |
| description, | |
| inputSchema: z.object(schema) | |
| }, | |
| callback | |
| ); | |
| (server.tool as any)( | |
| name, | |
| { | |
| description, | |
| inputSchema: z.object(schema) | |
| }, | |
| callback | |
| ); |
Prompt To Fix With AI
This is a comment left during a code review.
Path: packages/mcp-server/src/lib/tools/tool-helper.ts
Line: 69:76
Comment:
**logic:** using `server.registerTool` instead of `server.tool`
the MCP SDK method is `server.tool()`, not `server.registerTool()`. This will cause runtime errors.
```suggestion
(server.tool as any)(
name,
{
description,
inputSchema: z.object(schema)
},
callback
);
```
How can I resolve this? If you propose a fix, please make it concise.| description: string, | ||
| callback: () => Promise<ToolResult> | ||
| ): void { | ||
| (server.registerTool as any)(name, { description }, callback); |
Contributor
There was a problem hiding this comment.
logic: using server.registerTool instead of server.tool
the MCP SDK method is server.tool(), not server.registerTool(). This will cause runtime errors.
Suggested change
| (server.registerTool as any)(name, { description }, callback); | |
| (server.tool as any)(name, { description }, callback); |
Prompt To Fix With AI
This is a comment left during a code review.
Path: packages/mcp-server/src/lib/tools/tool-helper.ts
Line: 93:93
Comment:
**logic:** using `server.registerTool` instead of `server.tool`
the MCP SDK method is `server.tool()`, not `server.registerTool()`. This will cause runtime errors.
```suggestion
(server.tool as any)(name, { description }, callback);
```
How can I resolve this? If you propose a fix, please make it concise.| "strictBindCallApply": false, | ||
| "forceConsistentCasingInFileNames": true, | ||
| "noFallthroughCasesInSwitch": false | ||
| "noFallthroughCasesInSwitch": false, |
Contributor
There was a problem hiding this comment.
style: using skipLibCheck: true hides type errors
while this helps with compilation performance, it masks type errors in node_modules and declaration files which could lead to runtime issues
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
Prompt To Fix With AI
This is a comment left during a code review.
Path: packages/mcp-server/tsconfig.lib.json
Line: 19:19
Comment:
**style:** using `skipLibCheck: true` hides type errors
while this helps with compilation performance, it masks type errors in node_modules and declaration files which could lead to runtime issues
<sub>Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!</sub>
How can I resolve this? If you propose a fix, please make it concise.| @@ -1,15 +1,11 @@ | |||
| // @ts-nocheck | |||
Contributor
There was a problem hiding this comment.
style: @ts-nocheck disables all type checking for this entire file
this suppresses legitimate type errors throughout the file. Better to fix type issues individually or add targeted @ts-expect-error comments
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
Prompt To Fix With AI
This is a comment left during a code review.
Path: packages/mcp-server/src/lib/tools/tasks.ts
Line: 1:1
Comment:
**style:** `@ts-nocheck` disables all type checking for this entire file
this suppresses legitimate type errors throughout the file. Better to fix type issues individually or add targeted `@ts-expect-error` comments
<sub>Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!</sub>
How can I resolve this? If you propose a fix, please make it concise.![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
13 issues found across 47 files
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="packages/mcp-server/src/lib/tools/incomes.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/incomes.ts:273">
P2: Using `z.record(z.string(), z.any())` provides no meaningful validation - it accepts any arbitrary object. This weakens data validation and could allow unexpected/malicious fields to pass through to the API. Consider defining a proper schema with expected fields.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/goals.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/goals.ts:171">
P2: Inconsistent validation: `level` field uses `z.string()` instead of `GoalLevelEnum` which is used elsewhere in this file. This allows invalid level values to pass client-side validation, leading to confusing server-side errors.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/payments.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/payments.ts:1">
P1: Adding `// @ts-nocheck` disables TypeScript checking for the entire file, hiding potential type errors and bugs. This defeats the purpose of using TypeScript and can lead to runtime errors that would otherwise be caught at compile time. Consider fixing the underlying type issues instead of suppressing all checks.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/key-results.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/key-results.ts:163">
P2: `goalId` should use `.uuid()` validation for consistency with other tool definitions in this file (e.g., `get_key_results_by_goal` uses `z.string().uuid()`).</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/comments.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/comments.ts:152">
P2: Missing `.uuid()` validation on `entityId`. Other tools in this file consistently validate `entityId` as UUID (e.g., `get_comments_by_entity`, `reply_to_comment`). This inconsistency could allow invalid entity IDs.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/invoices.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/invoices.ts:219">
P2: `z.record(z.string(), z.any())` provides no validation - it accepts any keys and values. Consider defining expected update fields with proper types, or at minimum use a more restrictive schema like `z.record(z.string(), z.unknown())` and validate on the server side.</violation>
</file>
<file name="packages/mcp-server/package.json">
<violation number="1" location="packages/mcp-server/package.json:20">
P2: The `main` and `types` paths use fragile relative paths (`../../../dist/...`) that traverse outside the package directory. This is inconsistent with other packages in the monorepo (e.g., `packages/common`, `packages/core`) which use `./src/index.js`. Consider keeping the same pattern or ensuring the build outputs to a local `dist/` folder within the package.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/daily-plan.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/daily-plan.ts:326">
P2: The `status` field should use `DailyPlanStatusEnum` instead of `z.string()` for proper validation. The enum is already imported and used elsewhere in this file for filtering.</violation>
<violation number="2" location="packages/mcp-server/src/lib/tools/daily-plan.ts:723">
P2: The `id` field should use `z.string().uuid()` for UUID validation to be consistent with other ID fields in this file and ensure valid UUIDs are passed.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/candidates.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/candidates.ts:171">
P1: Schema validation significantly weakened. Using `.passthrough()` allows any additional properties without validation. The userId field also lost its UUID validation. Consider maintaining proper schema validation to prevent invalid/malicious data from being submitted.</violation>
<violation number="2" location="packages/mcp-server/src/lib/tools/candidates.ts:208">
P1: Using `z.record(z.string(), z.any())` removes all meaningful validation for update data. Any key-value pairs will be accepted without type checking. This is a security concern and could allow invalid or malicious data to be passed to the API.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/products.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/products.ts:384">
P1: `z.record(z.string(), z.any())` provides no validation on the product data structure. This is extremely permissive and removes type safety for product updates. Consider using a proper schema (like `ProductInputSchema.partial()`) to validate the update payload.</violation>
</file>
<file name="packages/mcp-server/src/lib/tools/equipment.ts">
<violation number="1" location="packages/mcp-server/src/lib/tools/equipment.ts:1">
P1: Adding `// @ts-nocheck` disables TypeScript checking for the entire file. This hides potential type errors and reduces code quality. Consider fixing the underlying type issues instead of suppressing all type checking.</violation>
</file>
Reply to cubic to teach it or ask questions. Re-run a review with @cubic-dev-ai review this PR
| { | ||
| id: z.string().uuid().describe('The income ID'), | ||
| income_data: IncomeSchemaFull.partial().describe('The data for updating the income') | ||
| income_data: z.record(z.string(), z.any()).describe('The data for updating the income') |
Contributor
There was a problem hiding this comment.
P2: Using z.record(z.string(), z.any()) provides no meaningful validation - it accepts any arbitrary object. This weakens data validation and could allow unexpected/malicious fields to pass through to the API. Consider defining a proper schema with expected fields.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/incomes.ts, line 273:
<comment>Using `z.record(z.string(), z.any())` provides no meaningful validation - it accepts any arbitrary object. This weakens data validation and could allow unexpected/malicious fields to pass through to the API. Consider defining a proper schema with expected fields.</comment>
<file context>
@@ -255,12 +264,13 @@ export const registerIncomeTools = (server: McpServer) => {
{
id: z.string().uuid().describe('The income ID'),
- income_data: IncomeSchemaFull.partial().describe('The data for updating the income')
+ income_data: z.record(z.string(), z.any()).describe('The data for updating the income')
},
async ({ id, income_data }) => {
</file context>
| .object({ | ||
| name: z.string().describe('The goal name (required)'), | ||
| deadline: z.string().describe('The deadline (required)'), | ||
| level: z.string().describe('The level (required)') |
Contributor
There was a problem hiding this comment.
P2: Inconsistent validation: level field uses z.string() instead of GoalLevelEnum which is used elsewhere in this file. This allows invalid level values to pass client-side validation, leading to confusing server-side errors.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/goals.ts, line 171:
<comment>Inconsistent validation: `level` field uses `z.string()` instead of `GoalLevelEnum` which is used elsewhere in this file. This allows invalid level values to pass client-side validation, leading to confusing server-side errors.</comment>
<file context>
@@ -154,16 +159,18 @@ export const registerGoalTools = (server: McpServer) => {
+ .object({
+ name: z.string().describe('The goal name (required)'),
+ deadline: z.string().describe('The deadline (required)'),
+ level: z.string().describe('The level (required)')
})
+ .passthrough()
</file context>
Suggested change
| level: z.string().describe('The level (required)') | |
| level: GoalLevelEnum.describe('The level (required)') |
| @@ -1,11 +1,13 @@ | |||
| // @ts-nocheck | |||
Contributor
There was a problem hiding this comment.
P1: Adding // @ts-nocheck disables TypeScript checking for the entire file, hiding potential type errors and bugs. This defeats the purpose of using TypeScript and can lead to runtime errors that would otherwise be caught at compile time. Consider fixing the underlying type issues instead of suppressing all checks.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/payments.ts, line 1:
<comment>Adding `// @ts-nocheck` disables TypeScript checking for the entire file, hiding potential type errors and bugs. This defeats the purpose of using TypeScript and can lead to runtime errors that would otherwise be caught at compile time. Consider fixing the underlying type issues instead of suppressing all checks.</comment>
<file context>
@@ -1,11 +1,13 @@
+// @ts-nocheck
import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
import { Logger } from '@nestjs/common';
</file context>
| key_result_data: z | ||
| .object({ | ||
| name: z.string().describe('The key result name (required)'), | ||
| goalId: z.string().describe('The goal ID (required)'), |
Contributor
There was a problem hiding this comment.
P2: goalId should use .uuid() validation for consistency with other tool definitions in this file (e.g., get_key_results_by_goal uses z.string().uuid()).
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/key-results.ts, line 163:
<comment>`goalId` should use `.uuid()` validation for consistency with other tool definitions in this file (e.g., `get_key_results_by_goal` uses `z.string().uuid()`).</comment>
<file context>
@@ -147,16 +152,18 @@ export const registerKeyResultTools = (server: McpServer) => {
+ key_result_data: z
+ .object({
+ name: z.string().describe('The key result name (required)'),
+ goalId: z.string().describe('The goal ID (required)'),
+ deadline: z.string().describe('The deadline (required)')
})
</file context>
Suggested change
| goalId: z.string().describe('The goal ID (required)'), | |
| goalId: z.string().uuid().describe('The goal ID (required)'), |
| .object({ | ||
| comment: z.string().describe('The comment text (required)'), | ||
| entity: z.string().describe('The entity type (required)'), | ||
| entityId: z.string().describe('The entity ID (required)') |
Contributor
There was a problem hiding this comment.
P2: Missing .uuid() validation on entityId. Other tools in this file consistently validate entityId as UUID (e.g., get_comments_by_entity, reply_to_comment). This inconsistency could allow invalid entity IDs.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/comments.ts, line 152:
<comment>Missing `.uuid()` validation on `entityId`. Other tools in this file consistently validate `entityId` as UUID (e.g., `get_comments_by_entity`, `reply_to_comment`). This inconsistency could allow invalid entity IDs.</comment>
<file context>
@@ -135,16 +140,18 @@ export const registerCommentTools = (server: McpServer) => {
+ .object({
+ comment: z.string().describe('The comment text (required)'),
+ entity: z.string().describe('The entity type (required)'),
+ entityId: z.string().describe('The entity ID (required)')
})
+ .passthrough()
</file context>
Suggested change
| entityId: z.string().describe('The entity ID (required)') | |
| entityId: z.string().uuid().describe('The entity ID (required)') |
| .object({ | ||
| date: z.string().describe('The date (required)'), | ||
| workTimePlanned: z.number().describe('Work time planned (required)'), | ||
| status: z.string().describe('The status (required)') |
Contributor
There was a problem hiding this comment.
P2: The status field should use DailyPlanStatusEnum instead of z.string() for proper validation. The enum is already imported and used elsewhere in this file for filtering.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/daily-plan.ts, line 326:
<comment>The `status` field should use `DailyPlanStatusEnum` instead of `z.string()` for proper validation. The enum is already imported and used elsewhere in this file for filtering.</comment>
<file context>
@@ -306,16 +314,18 @@ export const registerDailyPlanTools = (server: McpServer) => {
+ .object({
+ date: z.string().describe('The date (required)'),
+ workTimePlanned: z.number().describe('Work time planned (required)'),
+ status: z.string().describe('The status (required)')
})
+ .passthrough()
</file context>
Suggested change
| status: z.string().describe('The status (required)') | |
| status: DailyPlanStatusEnum.describe('The status (required)') |
| { | ||
| id: z.string().uuid().describe('The candidate ID'), | ||
| candidate_data: CandidateSchema.partial().describe('The data for updating the candidate') | ||
| candidate_data: z.record(z.string(), z.any()).describe('The data for updating the candidate') |
Contributor
There was a problem hiding this comment.
P1: Using z.record(z.string(), z.any()) removes all meaningful validation for update data. Any key-value pairs will be accepted without type checking. This is a security concern and could allow invalid or malicious data to be passed to the API.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/candidates.ts, line 208:
<comment>Using `z.record(z.string(), z.any())` removes all meaningful validation for update data. Any key-value pairs will be accepted without type checking. This is a security concern and could allow invalid or malicious data to be passed to the API.</comment>
<file context>
@@ -196,12 +199,13 @@ export const registerCandidateTools = (server: McpServer) => {
{
id: z.string().uuid().describe('The candidate ID'),
- candidate_data: CandidateSchema.partial().describe('The data for updating the candidate')
+ candidate_data: z.record(z.string(), z.any()).describe('The data for updating the candidate')
},
async ({ id, candidate_data }) => {
</file context>
| .required({ | ||
| userId: true | ||
| }) | ||
| candidate_data: z.object({ userId: z.string().describe('The userId (required)') }).passthrough() |
Contributor
There was a problem hiding this comment.
P1: Schema validation significantly weakened. Using .passthrough() allows any additional properties without validation. The userId field also lost its UUID validation. Consider maintaining proper schema validation to prevent invalid/malicious data from being submitted.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/candidates.ts, line 171:
<comment>Schema validation significantly weakened. Using `.passthrough()` allows any additional properties without validation. The userId field also lost its UUID validation. Consider maintaining proper schema validation to prevent invalid/malicious data from being submitted.</comment>
<file context>
@@ -158,14 +163,12 @@ export const registerCandidateTools = (server: McpServer) => {
- .required({
- userId: true
- })
+ candidate_data: z.object({ userId: z.string().describe('The userId (required)') }).passthrough()
.describe('The data for creating the candidate')
},
</file context>
| { | ||
| id: z.string().uuid().describe('The product ID'), | ||
| product_data: ProductSchema.partial().describe('The data for updating the product') | ||
| product_data: z.record(z.string(), z.any()).describe('The data for updating the product') |
Contributor
There was a problem hiding this comment.
P1: z.record(z.string(), z.any()) provides no validation on the product data structure. This is extremely permissive and removes type safety for product updates. Consider using a proper schema (like ProductInputSchema.partial()) to validate the update payload.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/products.ts, line 384:
<comment>`z.record(z.string(), z.any())` provides no validation on the product data structure. This is extremely permissive and removes type safety for product updates. Consider using a proper schema (like `ProductInputSchema.partial()`) to validate the update payload.</comment>
<file context>
@@ -365,17 +375,18 @@ export const registerProductTools = (server: McpServer) => {
{
id: z.string().uuid().describe('The product ID'),
- product_data: ProductSchema.partial().describe('The data for updating the product')
+ product_data: z.record(z.string(), z.any()).describe('The data for updating the product')
},
async ({ id, product_data }) => {
</file context>
Suggested change
| product_data: z.record(z.string(), z.any()).describe('The data for updating the product') | |
| product_data: ProductInputSchema.partial().describe('The data for updating the product') |
| @@ -1,11 +1,13 @@ | |||
| // @ts-nocheck | |||
Contributor
There was a problem hiding this comment.
P1: Adding // @ts-nocheck disables TypeScript checking for the entire file. This hides potential type errors and reduces code quality. Consider fixing the underlying type issues instead of suppressing all type checking.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At packages/mcp-server/src/lib/tools/equipment.ts, line 1:
<comment>Adding `// @ts-nocheck` disables TypeScript checking for the entire file. This hides potential type errors and reduces code quality. Consider fixing the underlying type issues instead of suppressing all type checking.</comment>
<file context>
@@ -1,11 +1,13 @@
+// @ts-nocheck
import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
import { Logger } from '@nestjs/common';
</file context>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR
Please note: we will close your PR without comment if you do not check the boxes above and provide ALL requested information.
Summary by cubic
Decoupled mcp-server from @gauzy/auth and simplified type usage to stop TypeScript OOMs, speed up builds, and stabilize Docker builds. Added local auth, security, and error utilities, plus lightweight input schemas and a tool registration helper.
Refactors
Bug Fixes
Written for commit 9da1d7a. Summary will update automatically on new commits.