Merge pull request #54 from syncable-dev/feature/langgraph-integration

LishuaiJing3 · web-flow · commit a3b23353b20f · 2025-09-20T22:45:04.000+02:00
Feature/langgraph integration
diff --git a/mcp-python-server-client/src/langgraph_sse_demo.py b/mcp-python-server-client/src/langgraph_sse_demo.py
@@ -30,6 +30,7 @@ async def main():
     prompts = [
         ("about_info",     "Call the 'about_info' tool."),
         ("analysis_scan",  "Call the 'analysis_scan' tool on path '../' with display 'matrix'."),
+        ("vulnerability_scan",  "Call the 'vulnerability_scan' tool on path '../'."),
         ("security_scan",  "Call the 'security_scan' tool on path '../'."),
         ("dependency_scan","Call the 'dependency_scan' tool on path '../'."),
     ]
diff --git a/rust-mcp-server-syncable-cli/src/handler.rs b/rust-mcp-server-syncable-cli/src/handler.rs
@@ -43,6 +43,7 @@ impl ServerHandler for MyServerHandler {
             ServerTools::AnalysisScanTool(tool) => tool.call_tool().await,
             ServerTools::SecurityScanTool(tool) => tool.call_tool(),
             ServerTools::DependencyScanTool(tool) => tool.call_tool().await,
+            ServerTools::VulnerabilityScanTool(tool) => tool.call_tool().await,
         }
     }
 }
diff --git a/rust-mcp-server-syncable-cli/src/tools.rs b/rust-mcp-server-syncable-cli/src/tools.rs
@@ -5,6 +5,7 @@ use rust_mcp_sdk::{
     macros::{mcp_tool, JsonSchema},
     tool_box,
 };
+use syncable_cli::cli::SeverityThreshold;
 use std::error::Error;
 use std::fmt;
 use std::path::Path;
@@ -136,6 +137,79 @@ impl AnalysisScanTool {
     }
 }
 
+#[mcp_tool(
+    name = "vulnerability_scan",
+    description = "Scans a project for known vulnerabilities."
+)]
+
+#[derive(Debug, ::serde::Deserialize, ::serde::Serialize, JsonSchema)]
+pub struct VulnerabilityScanTool {
+    path: Option<String>,
+}
+
+impl VulnerabilityScanTool {
+    pub async fn call_tool(&self) -> Result<CallToolResult, CallToolError> {
+        let project_path_str = self.path.as_deref().unwrap_or(".");
+        
+        // Log to stderr so we don't interfere with MCP stdout JSON messages
+        eprintln!("🛡️  Scanning project for vulnerabilities: {}", project_path_str);
+        eprintln!("➡️  Calling syncable_cli::handle_vulnerabilities...");
+        
+        let vulnerability_results = tokio::task::spawn_blocking({
+            let project_path = Path::new(project_path_str).to_path_buf();
+            move || {
+                // Create a runtime for the blocking task to handle the async function
+                let rt = tokio::runtime::Runtime::new().unwrap();
+                rt.block_on(async {
+                    syncable_cli::handle_vulnerabilities(
+                        project_path,
+                        None,
+                        syncable_cli::cli::OutputFormat::Json,
+                        None,
+                    ).await
+                })
+            }
+        }).await;
+
+        let vulnerability_results = match vulnerability_results {
+            Ok(result) => result,
+            Err(e) => return Err(CallToolError::new(AnalyzeToolError(format!("Task panicked: {}", e)))),
+        };
+
+        match vulnerability_results {
+            Ok(analysis) => {
+                let json_output = serde_json::to_string_pretty(&analysis).unwrap_or_else(|e| {
+                    format!(
+                        "{{\"error\": \"Failed to serialize analysis result: {}\"}}",
+                        e
+                    )
+                });
+
+                eprintln!("✅ handle_vulnerabilities returned ({} bytes)", json_output.len());
+
+                // Validate JSON to ensure it's well-formed
+                match serde_json::from_str::<serde_json::Value>(&json_output) {
+                    Ok(_) => {
+                        eprintln!("✅ JSON validation passed");
+                        eprintln!("📤 Sending full response ({} bytes)", json_output.len());
+                        Ok(CallToolResult::text_content(vec![TextContent::new(json_output, None, None)]))
+                    }
+                    Err(e) => {
+                        eprintln!("⚠️  JSON validation failed: {}", e);
+                        eprintln!("First 500 chars: {}", &json_output[..std::cmp::min(500, json_output.len())]);
+                        Err(CallToolError::new(AnalyzeToolError(format!("Invalid JSON response: {}", e))))
+                    }
+                }
+            }
+            Err(e) => {
+                let error_message = format!("Failed to analyze project for vulnerabilities: {}", e);
+                eprintln!("❌ handle_vulnerabilities error: {}", &error_message);
+                Err(CallToolError::new(AnalyzeToolError(error_message)))
+            }
+        }
+    }
+}
+
 #[mcp_tool(
     name = "security_scan",
     description = "Scans a project for security vulnerabilities and secret leaks."
@@ -267,6 +341,7 @@ tool_box!(
     [
         AboutInfoTool,
         AnalysisScanTool,
+        VulnerabilityScanTool,
         SecurityScanTool,
         DependencyScanTool
     ]

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,7 @@ async def main():`
`30`	`30`	`prompts = [`
`31`	`31`	`("about_info", "Call the 'about_info' tool."),`
`32`	`32`	`("analysis_scan", "Call the 'analysis_scan' tool on path '../' with display 'matrix'."),`
	`33`	`+ ("vulnerability_scan", "Call the 'vulnerability_scan' tool on path '../'."),`
`33`	`34`	`("security_scan", "Call the 'security_scan' tool on path '../'."),`
`34`	`35`	`("dependency_scan","Call the 'dependency_scan' tool on path '../'."),`
`35`	`36`	`]`
Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,7 @@ impl ServerHandler for MyServerHandler {`
`43`	`43`	`ServerTools::AnalysisScanTool(tool) => tool.call_tool().await,`
`44`	`44`	`ServerTools::SecurityScanTool(tool) => tool.call_tool(),`
`45`	`45`	`ServerTools::DependencyScanTool(tool) => tool.call_tool().await,`
	`46`	`+ ServerTools::VulnerabilityScanTool(tool) => tool.call_tool().await,`
`46`	`47`	`}`
`47`	`48`	`}`
`48`	`49`	`}`