chore: delete MCP runtime + enforce topology in CLI#92
Merged
KailasMahavarkar merged 5 commits intomainfrom Apr 22, 2026
Merged
chore: delete MCP runtime + enforce topology in CLI#92KailasMahavarkar merged 5 commits intomainfrom
KailasMahavarkar merged 5 commits intomainfrom
Conversation
…oolServer shim
Introduces src/shared/tool-types.ts with a minimal ToolServer/ToolHandler/ToolResult/Plugin type surface that matches the signatures the plugin tools use. Replaces every `import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"` across 95 plugin tool, plugin index, registry, and tool-bridge files with `import type { ToolServer } from "...shared/tool-types.js"`. Removes the two remaining value imports of McpServer in hyperstack/index.ts and hyperstack/tools/setup.ts.
This severs the MCP SDK from the runtime code paths without changing any observable behavior. The shim keeps server.tool/server.resource/server.prompt signatures compatible with existing plugin registration, and tool-bridge continues to capture the handler through the same `as unknown as ToolServer` pattern.
Prepares for the next commit which deletes the MCP server entrypoint, docker scripts, and the @modelcontextprotocol/sdk dependency entirely.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
… retire docker path
Removes every file that existed solely to run Hyperstack as an MCP server and replaces the installation flow with the plain CLI entrypoint.
Deleted:
- src/index.ts - MCP stdio server boot
- src/registry.ts - plugin aggregator used only by the MCP boot
- src/plugins/<plugin>/index.ts for all 11 plugins - the aggregator wrappers around individual tool files. The stable tool names keep working because scripts/generate-local-tool-registry.ts scans src/plugins/<plugin>/tools/*.ts directly for `server.tool("name", ...)` matches.
- src/plugins/hyperstack/ entirely - only hosted the hyperstack_setup tool which generated MCP config patches
- src/internal/setup-hyperstack.ts - MCP config detection + generation helper
- scripts/setup.ts - interactive MCP installer
- scripts/start-mcp.ts - MCP stdio server launcher
- scripts/ensure-singleton.ts - docker singleton guard
- Dockerfile and .dockerignore
package.json:
- removes @modelcontextprotocol/sdk dependency
- drops start, dev, docker:run, mcp:start, setup scripts
- bumps version to 2.0.0 and retitles description to reflect the topology-driven CLI surface
- bun install confirmed the SDK is no longer referenced anywhere
Verified:
- bun run build - typecheck exit 0
- bun run generate:local-tools - regenerates registry (76 tools; hyperstack_setup removed)
- bun run generate:topology - topology bootstrap + allow/deny markdown regenerated clean
- hyperstack tool designer_resolve_intent --json '{...}' returns the expected result
- hyperstack route --json '{...}' returns a routed agent with required artifacts
Topology CLI is now the sole runtime. Plugin tools stay stable through the generated local-tool-registry; the MCP transport is retired.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ver, skill-enforcer) Audit showed these modules are not imported by cli.ts, the router, the artifact validator, the tool bridge, or any script. They remained from the earlier exploration phase. Deleted: - src/engine/navigation.ts (getBundle, listAgentRouting - zero consumers) - src/engine/injector.ts (buildInjectionSlice - zero consumers) - src/engine/resolver.ts (resolveCapabilityContext - zero consumers outside itself) - src/engine/skill-enforcer.ts (assertSkillAllowedForAgent - zero consumers) Trimmed: - src/engine/policy.ts no longer exports getBundleByCapability; BundlePolicy import removed along with it. Only getAgent, getDomain, and getStrictestProofMode remain, all of which are consumed by the router. Typecheck still exits 0. Router, artifact validator, and CLI tool path unchanged. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Reverts the 12 corpus-aware tool handlers back to in-file-only dispatch after PR #91 deleted the corpus/ directory. Each file had a 40-80 line loadCorpusX loader that read YAML files from a corpus tree that no longer exists, caught the ENOENT, and fell through to the plugin data. Net effect was dead code that re-read and parsed the corpus tree on every cold call path. Files simplified: - src/plugins/echo/tools/get-recipe.ts - src/plugins/rust/tools/get-practice.ts - src/plugins/golang/tools/get-practice.ts - src/plugins/react/tools/get-pattern.ts - src/plugins/ui-ux/tools/get-principle.ts - src/plugins/shadcn/tools/get-component.ts - src/plugins/motion/tools/get-api.ts - src/plugins/motion/tools/get-examples.ts - src/plugins/reactflow/tools/get-api.ts - src/plugins/designer/tools/get-page-template.ts - src/plugins/design-tokens/tools/get-procedure.ts - src/plugins/lenis/tools/get-pattern.ts Each tool now: zod-typed args -> in-file data lookup -> render. No YAML, no fs reads, no cache, no corpus namespace. Verified: - bun run build - typecheck exit 0 - bin/hyperstack.mjs tool designer_resolve_intent --json '{"product":"test"}' returns the expected output - bin/hyperstack.mjs tool design_tokens_get_procedure --json '{"step":2}' returns the step 2 procedure (confirming plugin data path still works for a tool that was most corpus-backed under the old layout) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…CK_AGENT
Wires the bundle allow/deny policy that topology already declares into the actual tool dispatch path. Tools can now be rejected before any handler runs when the caller is acting as an agent that is not permitted to touch their bundle.
Engine:
- src/engine/policy.ts adds getBundleForTool which resolves a tool name to a bundle by longest matching tool_prefixes entry and assertToolAllowedForAgent which rejects with a precise error when the bundle is forbidden, not allowed, or the tool is not mapped at all.
CLI (src/cli.ts):
- rewrites arg parsing with a small flag parser so `--agent <id>` and `--json '{...}'` can appear in any order after the positional command/tool
- accepts HYPERSTACK_AGENT env as fallback for the agent identity
- when an agent is supplied, the tool command runs getAgent + assertToolAllowedForAgent before invoking the tool; emits a single [topology] breadcrumb to stderr on success
- usage text documents the new enforcement behavior
- route and artifact validate paths unchanged
Behavior verified:
- `hyperstack tool designer_resolve_intent --json '{}'` (no agent) runs permissively (back-compat)
- `--agent frontend-builder` on a designer_ tool allows it and logs bundle=frontend.design
- `--agent frontend-builder` on a golang_ tool rejects with "forbidden from bundle backend.lang.go"
- `--agent backend-builder` on a golang_ tool allows it (bundle=backend.lang.go)
- `--agent ghost` errors with "Unknown agent: ghost"
- unmapped tool name errors with "not mapped to any bundle"
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
KailasMahavarkar
added a commit
that referenced
this pull request
Apr 22, 2026
Destructive reset of repo tree to 62f487e (feat: expand platform support to 12 IDEs/CLIs with format-aware patching) from 2026-04-15. Wipes all work merged to main after 62f487e including PRs #63..#92: docker-primary fixes, topology manifest introduction, routing/artifact contracts, workspace-first routing, all corpus-backed slice PRs (#81..#90), corpus/tests removal (#91), MCP runtime deletion + topology enforcement (#92). Tree equals 62f487e exactly. This is a destructive reset expressed as a single forward commit because branch protection on main forbids non-fast-forward push; the admin-merge path is used instead. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes the MCP server entrypoint and every file that only existed to serve the MCP transport, then wires the topology bundle allow/deny policy into the CLI tool dispatch path so policy is actually enforced at call time.
Commits
start,dev,docker:run,mcp:start,setupscripts from package.json. Bumps version to 2.0.0.--agent <id>flag (orHYPERSTACK_AGENTenv var). NewgetBundleForTool+assertToolAllowedForAgenthelpers in policy.ts. CLI rewrites arg parsing so agent and json flags can appear in any order. Forbidden/unlisted bundle calls are rejected before the handler runs.Behavior after merge
No MCP path remains. Plugin snippets are untouched.
bun run build/bun run compile:context/bun run skills:index/bun run generate:local-tools/bun run generate:topologyall exit 0.Test plan