Skip to content

PR4: A2A agent card endpoints#8

Open
mike-parkhill wants to merge 16 commits into
feature/pr3-didcommfrom
feature/mcp-wallet-3
Open

PR4: A2A agent card endpoints#8
mike-parkhill wants to merge 16 commits into
feature/pr3-didcommfrom
feature/mcp-wallet-3

Conversation

@mike-parkhill

Copy link
Copy Markdown
Contributor

No description provided.

Comment thread .github/workflows/ci-server-reusable.yml Fixed
Comment thread .github/workflows/docker-publish-reusable.yml Fixed
@github-advanced-security

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

Comment thread scripts/run-wallet-docker.js Fixed
Comment thread scripts/run-wallet-docker.js Fixed
Comment thread scripts/run-wallet-docker.js Fixed
@mike-parkhill mike-parkhill changed the base branch from master to feature/pr3-didcomm June 19, 2026 16:23
@mike-parkhill mike-parkhill changed the title get wallet server running with Node v25.9.0 A2A agent card endpoints Jun 19, 2026
@mike-parkhill mike-parkhill changed the title A2A agent card endpoints PR4: A2A agent card endpoints Jun 19, 2026
for (const tool of tools) {
const handler = handlers.get(tool.name);
expect(handler).toBeDefined();
if (!handler) continue;

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Richard's Claude Code

The if (!handler) continue guard prevents a crash when a handler is missing, but the test still asserts expect(spy).toHaveBeenCalled() (line 72) for every handler that returns a successful (non-error) response. get_agent_card_details reads from the in-memory tools array and never calls TruveraClient.request, so its handler succeeds with isError: false, the early-exit at line 69 is not taken, and the spy assertion at line 72 fires and fails.

The test describe block is titled "every tool handler should call TruveraClient.request" — a false assumption for this tool.

Fix: add a tool-name guard before the spy assertion, e.g.:

const NO_REQUEST_TOOLS = new Set(['get_agent_card_details']);
if (!NO_REQUEST_TOOLS.has(tool.name)) {
  expect(spy).toHaveBeenCalled();
}

@esplinr

esplinr commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Richard's Claude Code

Bug: AP2 in-source fallback defaults not updatedschema-fetcher.ts:85

The PR correctly updates .env.example to use real schema.truvera.io schema URLs, but the in-source fallback strings in two files were not updated and still point to the old ap2-protocol.org placeholders:

// schema-fetcher.ts lines 85-87 — still ap2-protocol.org:
const cartUrl = process.env.AP2_CART_MANDATE_SCHEMA_URL || "https://ap2-protocol.org/schemas/cart-mandate/v1";
const intentUrl = process.env.AP2_INTENT_MANDATE_SCHEMA_URL || "https://ap2-protocol.org/schemas/intent-mandate/v1";
const paymentUrl = process.env.AP2_PAYMENT_MANDATE_SCHEMA_URL || "https://ap2-protocol.org/schemas/payment-mandate/v1";

The same three fallbacks also appear in schemas.ts. Any deployment that doesn't copy .env.example (Docker, CI, new developer) will embed the placeholder ap2-protocol.org URLs into issued credentials instead of the real hosted schemas.

Fix: update the six || "https://ap2-protocol.org/..." fallback strings in schema-fetcher.ts and schemas.ts to match the schema.truvera.io URLs now in .env.example.

Comment thread .vscode/mcp.json
"http://localhost:3000/mcp",
"--insecure"
]
"type": "http",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Richard's Claude Code

The switch from mcp-remote to native type: "http" requires VS Code 1.99+ (released March 2025). Older installs fail silently — no error is surfaced to the user, the tools just don't appear. The README doesn't mention a minimum version.

Worth adding a one-liner to the VS Code setup section, e.g.: "Requires VS Code 1.99 or later. Earlier versions should use the manual mcp-remote config."

| SQLite persistence | ✅ Implemented (via `WALLET_DB_PATH`) |
| Tests | ⏳ Minimal |
| Docker support | ✅ Included |
| Production hardening | ⏳ Not yet |

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Richard's Claude Code

The Docker support | ✅ Included row was removed from the status table just above here, implying Docker is gone. But docker:build and docker:run scripts still exist in package.json, and a Dockerfile still exists in the repo. A developer reading this table will conclude Docker is unsupported and either avoid it or re-implement it unnecessarily.

Suggest restoring the row (perhaps updated to reflect current state), or adding a note in the Known Limitations section if Docker support is intentionally being deprecated.

mike-parkhill and others added 5 commits June 30, 2026 15:42
- Fix AP2 schema fallback URLs in schema-fetcher.ts and schemas.ts to use schema.truvera.io instead of placeholder ap2-protocol.org URLs
- Skip TruveraClient.request spy assertion for get_agent_card_details in integration test (tool reads in-memory list, never calls the API)
- Add VS Code 1.99+ minimum version note to README (native type:http MCP format requires 1.99+)
- Restore Docker support row to wallet-server README status table

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@mike-parkhill mike-parkhill force-pushed the feature/mcp-wallet-3 branch from 6655142 to 3bc4da1 Compare June 30, 2026 19:52
mike-parkhill and others added 11 commits June 30, 2026 16:08
…equest tools

The previous fix only guarded spy.toHaveBeenCalled() but the lastCall property
access below still ran and threw on an empty spy.mock.calls array.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Reusable workflows do not inherit secrets automatically — the caller must
pass secrets: inherit. Both docker-publish-wallet.yml and docker-publish.yml
were calling the reusable workflow without this, causing DOCKER_HUB_USERNAME
and DOCKER_HUB_ACCESS_TOKEN to arrive as empty strings.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants