PR4: A2A agent card endpoints#8
Conversation
076e4f6 to
42b3f84
Compare
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
| for (const tool of tools) { | ||
| const handler = handlers.get(tool.name); | ||
| expect(handler).toBeDefined(); | ||
| if (!handler) continue; |
There was a problem hiding this comment.
Richard's Claude Code
The if (!handler) continue guard prevents a crash when a handler is missing, but the test still asserts expect(spy).toHaveBeenCalled() (line 72) for every handler that returns a successful (non-error) response. get_agent_card_details reads from the in-memory tools array and never calls TruveraClient.request, so its handler succeeds with isError: false, the early-exit at line 69 is not taken, and the spy assertion at line 72 fires and fails.
The test describe block is titled "every tool handler should call TruveraClient.request" — a false assumption for this tool.
Fix: add a tool-name guard before the spy assertion, e.g.:
const NO_REQUEST_TOOLS = new Set(['get_agent_card_details']);
if (!NO_REQUEST_TOOLS.has(tool.name)) {
expect(spy).toHaveBeenCalled();
}|
Richard's Claude Code Bug: AP2 in-source fallback defaults not updated — schema-fetcher.ts:85 The PR correctly updates // schema-fetcher.ts lines 85-87 — still ap2-protocol.org:
const cartUrl = process.env.AP2_CART_MANDATE_SCHEMA_URL || "https://ap2-protocol.org/schemas/cart-mandate/v1";
const intentUrl = process.env.AP2_INTENT_MANDATE_SCHEMA_URL || "https://ap2-protocol.org/schemas/intent-mandate/v1";
const paymentUrl = process.env.AP2_PAYMENT_MANDATE_SCHEMA_URL || "https://ap2-protocol.org/schemas/payment-mandate/v1";The same three fallbacks also appear in Fix: update the six |
| "http://localhost:3000/mcp", | ||
| "--insecure" | ||
| ] | ||
| "type": "http", |
There was a problem hiding this comment.
Richard's Claude Code
The switch from mcp-remote to native type: "http" requires VS Code 1.99+ (released March 2025). Older installs fail silently — no error is surfaced to the user, the tools just don't appear. The README doesn't mention a minimum version.
Worth adding a one-liner to the VS Code setup section, e.g.: "Requires VS Code 1.99 or later. Earlier versions should use the manual mcp-remote config."
| | SQLite persistence | ✅ Implemented (via `WALLET_DB_PATH`) | | ||
| | Tests | ⏳ Minimal | | ||
| | Docker support | ✅ Included | | ||
| | Production hardening | ⏳ Not yet | |
There was a problem hiding this comment.
Richard's Claude Code
The Docker support | ✅ Included row was removed from the status table just above here, implying Docker is gone. But docker:build and docker:run scripts still exist in package.json, and a Dockerfile still exists in the repo. A developer reading this table will conclude Docker is unsupported and either avoid it or re-implement it unnecessarily.
Suggest restoring the row (perhaps updated to reflect current state), or adding a note in the Known Limitations section if Docker support is intentionally being deprecated.
f40b9bc to
1f295fc
Compare
- Fix AP2 schema fallback URLs in schema-fetcher.ts and schemas.ts to use schema.truvera.io instead of placeholder ap2-protocol.org URLs - Skip TruveraClient.request spy assertion for get_agent_card_details in integration test (tool reads in-memory list, never calls the API) - Add VS Code 1.99+ minimum version note to README (native type:http MCP format requires 1.99+) - Restore Docker support row to wallet-server README status table Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
6655142 to
3bc4da1
Compare
…equest tools The previous fix only guarded spy.toHaveBeenCalled() but the lastCall property access below still ran and threw on an empty spy.mock.calls array. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Reusable workflows do not inherit secrets automatically — the caller must pass secrets: inherit. Both docker-publish-wallet.yml and docker-publish.yml were calling the reusable workflow without this, causing DOCKER_HUB_USERNAME and DOCKER_HUB_ACCESS_TOKEN to arrive as empty strings. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
No description provided.