Thank you for considering contributing! This document provides guidelines for developers working on the codebase.
-
Clone and install:
git clone https://github.com/davidruzicka/mcp4openapi.git cd mcp4openapi npm install -
Build:
npm run build
-
Run tests:
npm test -
Run with example:
export MCP4_OPENAPI_SPEC_PATH=./profiles/gitlab/openapi.yaml export MCP4_PROFILE_PATH=./profiles/gitlab/developer-profile-oauth.json export MCP4_API_BASE_URL=https://your-gitlab-instance/api/v4 export MCP4_API_TOKEN=your-token npm start
- Follow existing TypeScript conventions
- Use meaningful variable names
- Add JSDoc comments for public APIs
- Include "Why" comments for non-obvious decisions
- Write tests for new important features
- Maintain test coverage above 80%
- Run
npm testbefore submitting PR - Integration tests in
src/testing/ - Unit tests alongside source files (
*.test.ts) - Adding a profile requires a matching
*.test.jsonin the same directory (coverage gate enforces this).
When modifying profile schema structure (adding fields to ToolDefinition or Profile):
-
TypeScript Types (
src/types/profile.ts) - Source of Truthexport interface ToolDefinition { // ... existing fields ... new_field?: SomeType; }
-
JSON Schema (
profile-schema.json) - Manual Update Required{ "properties": { "new_field": { "type": "...", "description": "..." } } } -
Zod Schema (
src/generated-schemas.ts) - Auto-generated- Automatically generated from TypeScript types
- Run
npm run generate-schemasornpm run build - No manual updates needed!
- Edit
src/types/profile.ts(add/modify interface) - Run
npm run generate-schemas(auto-generates Zod schemas) - Update
profile-schema.jsonmanually (for IDE autocomplete) - Test with
npm test
- TypeScript Types: Single source of truth, compile-time checking
- JSON Schema: Enhanced IDE autocomplete for
.jsonfiles (better than generated) - Zod Schema: Runtime validation, auto-generated = always in sync!
The npm run generate-schemas script:
- Uses
ts-to-zodto convert TypeScript → Zod - Writes to
src/generated-schemas.ts - Runs automatically during
npm run build - Skips JSON Schema (maintained manually for better IDE experience)
If a profile field is ignored at runtime:
- Check TypeScript interface in
src/types/profile.ts - Run
npm run generate-schemasto regenerate Zod schemas ⚠️ Check JSON Schema inprofile-schema.json← Manual updates may lag⚠️ Check for custom Zod refinements insrc/profile-loader.ts(edge cases)
See IMPLEMENTATION.md for detailed architecture and design decisions.
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes
- Run tests (
npm test) - Build (
npm run build) - Commit with clear message
- Push to your fork
- Open a Pull Request
This repository uses a small label taxonomy so maintainers and autonomous agents can make low-risk decisions without re-triaging every issue from scratch. See docs/AUTONOMOUS-AGENTS.md for the current multi-agent workflow, metadata format, evaluator behavior, and merge gates.
Issue labels:
agent:safe: Issue is currently eligible for autonomous handling.agent:needs-plan: Eligible issue is waiting for planner output.agent:planned: Planner produced a current acceptable plan and the issue remains eligible.agent:implementing: Implementor lease is active.agent:blocked: Automation should stop pending human help or an external dependency.human:hold: Human explicitly paused automation.
PR labels:
agent:created: PR was opened by automation.agent:review:required: PR needs reviewer processing.agent:review:in-progress: Reviewer lease is active.agent:review:done: Review completed for the current lane; metadata must still match the current head SHA.agent:ready-to-merge: Deterministic merge gates currently pass.agent:blocked: PR is blocked for automation.human:hold: Human explicitly paused merge automation.
Legacy review labels still tolerated during migration:
agent:reviewingagent:reviewed
security: Security bug, hardening gap, or validation/auth correctness issue.refactor: Localized structural cleanup that reduces complexity without changing intended behavior.duplication: Repeated logic, duplicated constraints, or parallel implementations that should be consolidated.tests: Missing regression coverage, edge-case coverage, or weak failure-path validation.architecture: Separation-of-concerns, boundary, dependency-direction, or extensibility problem.
The minimum recommended label model for issue triage and multi-agent maintenance is:
- Issue shape:
bug,enhancement,documentation,question - Agent routing:
agent:safe,agent:needs-plan - Dominant problem type:
security,architecture,duplication - Resolution / closure:
duplicate,invalid,wontfix - Human / community only:
good first issue,help wanted
refactor and tests are useful optional refinements when maintainers want tighter routing for small implementation-ready issues.
- Autonomous issue-to-PR automation should only advance issues that satisfy the state-machine rules in
docs/AUTONOMOUS-AGENTS.md. - Planner / implementor / reviewer / merger behavior should follow the metadata, migration, and merge-gate rules in
docs/AUTONOMOUS-AGENTS.md. - The current implementor workflow runtime is a safe orchestration layer that expects a configured external command/backend via
IMPLEMENTOR_COMMAND; the default workflow backend is the built-in Codex wrapper (node dist/scripts/run-implementor-codex.js), and if any backend omits visible PR disclosure, the runtime backfills it before review. - Evaluator comments are non-operational and must be ignored by other automation when
agent-id: evaluatororignore-for-workflow: trueis present. - Newly discovered low-risk improvement issues should include
agent:safeplus exactly one dominant problem-type label when possible. - If a finding is worthwhile but still needs deeper analysis or design, prefer
agent:needs-planoragent:blockedinstead of forcing it into an implementation-ready state. - Reserve
good first issueandhelp wantedfor human/community coordination, not as automation gates. - When in doubt, leave the issue for human triage instead of over-labeling it as safe.
For maintainers releasing new versions, see docs/RELEASING.md.
When adding features:
- Update
IMPLEMENTATION.mdfor architectural changes - Keep
docs/PROFILE-GUIDE.mdin sync with profile schema - Add or update examples in
profiles/if applicable - Update relevant docs in
README.mdand otherdocs/files - Remove implemented feature from
TODO.md
- Check
IMPLEMENTATION.mdfor architecture details - Check
docs/PROFILE-GUIDE.mdfor profile creation - Open an issue for discussion
By contributing, you agree that your contributions will be licensed under the MIT License.