feat(github): add MINT_REPO_TOKEN repo-scoped token tool#448
Merged
Conversation
Mint a GitHub App installation access token scoped to a single repository with least-privilege permissions, so an imported agent can touch only its own repo. Minting is gated on the caller's own GitHub entitlement (GET /user/installations + /repositories) and uses repository_ids (rename-proof); permissions are capped to a repo-content/PR/issue allowlist. Refactors github-app-auth to share a mintInstallationAccessToken primitive (reused by getAppInstallationToken). Transient GitHub failures (5xx / 429 / 403 rate-limit) are classified as a retryable upstream_error rather than a hard authorization denial. The minted token is never logged or echoed. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The checks job type-checks every MCP whose folder name contains a changed
folder, so a `github` change also type-checks `github-repo-reports`. Both
had pre-existing tsc failures surfaced by this PR:
- github/server/lib/mcp-proxy.ts cast ctx to `AppContext<Env>`, whose
`DefaultEnv` constraint the github `Env` (shared Registry) does not
satisfy. Cast to the `{ env: Env }` shape actually used instead — no
runtime/behavior change.
- github-repo-reports pinned `@decocms/runtime` 1.2.5, whose .ts source no
longer type-checks under current TypeScript. Bumped to ^1.6.0 (same as
github); the MCP only uses stable APIs (withRuntime, createPrivateTool,
DefaultEnv, PKCE OAuth), and its typecheck, tests and build all pass.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a
MINT_REPO_TOKENtool to the GitHub MCP that mints a GitHub App installation access token scoped to a single repository with least-privilege permissions, so an imported agent (e.g. in Deco Studio) can touch only its own repo. Minting is gated on the caller's own GitHub entitlement (GET /user/installations+/repositories) and usesrepository_ids(rename-proof); requested permissions are capped to a repo-content/PR/issue allowlist, and the minted token is never logged or echoed (401/403 surface a generic config error). It also refactorsgithub-app-authto share amintInstallationAccessTokenprimitive (reused bygetAppInstallationToken) and classifies transient GitHub failures (5xx / 429 / 403 rate-limit) as a retryable error rather than a hard authorization denial. Output fields are exactlytoken,expiresAt,permissions,repository:{owner,name},installationId, and the change is covered by 37 new tests (all green).🤖 Generated with Claude Code
Summary by cubic
Adds a new
MINT_REPO_TOKENtool that mints a short-lived, repo-scoped GitHub App token with least-privilege, gated by the caller’s own GitHub access. Also fixes CI typecheck by correcting a context cast and updating@decocms/runtimeingithub-repo-reports.New Features
MINT_REPO_TOKENtool that mints a token for exactly one repository usingrepository_ids, gated viaGET /user/installationsand/repositories(case-insensitive) and resolving the numeric repo id.mintInstallationAccessToken(reused bygetAppInstallationToken) and exportedcreateAppJWT; transient 5xx/429/403 rate-limit are treated as retryable and 401/403 as config errors.Bug Fixes
ctxto{ env: Env }ingithub/server/lib/mcp-proxy.ts(no behavior change).@decocms/runtimeto^1.6.0ingithub-repo-reportsto resolve TypeScript issues.Written for commit 195eac1. Summary will update on new commits.