[codex] add cloud gateway account management#402
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
🔴 PR Risk Report — CRITICAL
Affected Systems
File Breakdown
|
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is ON. A cloud agent has been kicked off to fix the reported issues.
Reviewed by Cursor Bugbot for commit beb1592. Configure here.
|
Accepted — queued for a code change. |
|
All alerts resolved. Learn more about Socket for GitHub. This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
0515360 to
52ebbc7
Compare
|
Accepted — queued for a code change. |
|
Started an automated PR update. Merge conflicts were detected while updating this branch from the base branch. Conflicted files:
An automatic resolution attempt is running. If it cannot complete safely, this PR will be marked for manual follow-up. |
900cec2 to
44cea75
Compare
|
Started an automated PR update. Merge conflicts were detected while updating this branch from the base branch. Conflicted files:
An automatic resolution attempt is running. If it cannot complete safely, this PR will be marked for manual follow-up. |
|
Re: the latest Cursor Bugbot review (commit
Verification at HEAD: |
44cea75 to
c260f84
Compare
|
Started an automated PR update. Accepted review feedback is being applied. |
…onal sentinel - Replace `===` bearer token comparison in mcp-server http.ts with timingSafeEqual (mirrors the cloud-mcp-gateway tokenMatches helper) - Fix readLimit in usage-limits.ts: values in (0, 1) no longer silently map to unlimited via `Math.floor(x) || undefined`; they now resolve to a minimum limit of 1. Only an explicit `0` maps to unlimited. - Add test case covering the fractional readLimit behaviour Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
c9770ac to
3b88520
Compare
|
Started an automated PR update. Merge conflicts were detected while updating this branch from the base branch. Conflicted files:
An automatic resolution attempt is running. If it cannot complete safely, this PR will be marked for manual follow-up. |

Summary
gsd-mcp-server --httpplus README coverage for cloud/remote setupWhy
Remote MCP clients need a safer hosted gateway surface: operators need users, tokens, runtime visibility, usage accounting, and quotas, while local runtimes need a way to expose browser and other stdio MCP tools without exposing local websocket endpoints.
Validation
pnpm install --lockfile-only --ignore-scriptspnpm install --ignore-scriptspnpm --filter @opengsd/contracts buildpnpm --filter @opengsd/rpc-client buildpnpm --filter @opengsd/mcp-server buildpnpm --filter @opengsd/cloud-mcp-gateway testpnpm --filter @opengsd/mcp-server testpnpm --filter @opengsd/daemon buildpnpm --filter @opengsd/daemon testNeed help on this PR? Tag
/codesmithwith what you need. Autofix is disabled.Note
High Risk
Touches authentication, token lifecycle, Clerk integration, and quota enforcement on the public
/mcppath—misconfiguration could lock out users or expose endpoints; large surface area across gateway, daemon, and mcp-server.Overview
This PR turns the Cloud MCP Gateway into an operable hosted product: admin (
/admin) and Clerk-backed account (/account) UIs, REST APIs for users/tokens/pairing/runtimes/usage, persisted auth and usage stores, and plan-based quotas that block/mcptool calls before they hit the local runtime (throttled calls logged as non-billable).The gateway MCP layer now merges runtime-advertised tools (with
runtimeId/projectAliasrouting) alongside built-in GSD tools, records per-call metrics, and enforces limits via a new usage limiter. Auth grows into a full user registry (roles, plans, revocablegsd_usr_tokens, disabled users, optionalPOST /register).On the daemon side, cloud runtimes can bridge stdio MCP servers (default
gsd-browser mcp, configurable via env) and advertise those tools upstream; LocalToolExecutor delegates unknown tool names to that bridge.gsd-mcp-servergains--httpStreamable HTTP on/mcpwith bearer auth defaults that refuse public unauthenticated binds unless loopback or--no-auth.Reviewed by Cursor Bugbot for commit beb1592. Bugbot is set up for automated code reviews on this repo. Configure here.