mcilspy

MCP/mcilspy

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ryan Malloy	70c4a4a39a	test: comprehensive test suite for mcilspy MCP server Add complete test coverage for the mcilspy package: - T7: Create TestAssembly.dll fixture with known types/members - T1: Integration tests using real assembly (metadata reader + ILSpy wrapper) - T2: MCP tool tests with mocked wrapper for each @mcp.tool() - T3: Error path tests for regex, file not found, invalid assemblies - T4: Concurrency tests with asyncio.gather() for parallel operations - T5: Docstring coverage tests using AST introspection - T6: Timeout behavior tests for 5-minute subprocess timeout Test summary: - 147 tests passing - 14 skipped (ilspycmd-dependent integration tests) - 73% code coverage - All ruff linting checks pass	2026-02-08 11:40:57 -07:00
Ryan Malloy	16854b77ee	security: implement path validation, temp dir safety, and size limits (S1-S4) S1 - Path Traversal Prevention: - Add _validate_assembly_path() helper in server.py - Validates: non-empty path, file exists, is regular file, .dll/.exe extension - Resolves to absolute path to prevent path traversal attacks - Applied to all 12 tools that accept assembly_path S2 - Temp Directory Race Condition Fix: - Replace tempfile.mkdtemp() with TemporaryDirectory context manager - Guarantees cleanup even on exceptions - Refactor decompile() to use _decompile_to_dir() helper S3 - Subprocess Output Size Limits: - Add MAX_OUTPUT_BYTES constant (50MB) - Truncate stdout/stderr if exceeded to prevent memory exhaustion - Add truncation warning to output when limit is hit S4 - Assembly File Size Limits: - Add MAX_ASSEMBLY_SIZE_MB constant (500MB) in metadata_reader.py - Check file size before loading with dnfile - Add AssemblySizeError exception for clear error messages Tests: - Add tests/test_security.py with 18 unit tests covering all validations - All 53 tests pass (security tests + existing tests)	2026-02-08 11:28:39 -07:00
Ryan Malloy	7d784af17c	refactor: address major code review findings - Use importlib.metadata for dynamic version (single source in pyproject.toml) - Clean up duplicate `import re` statements across modules - Add missing type hints to all public methods - Fix PATH auto-discovery for ilspycmd (~/.dotnet/tools) - Add pytest test suite with 35 tests covering models, metadata reader, wrapper - Bump version to 0.2.0, add CHANGELOG.md	2026-02-07 02:05:57 -07:00

Author

SHA1

Message

Date

Ryan Malloy

70c4a4a39a

test: comprehensive test suite for mcilspy MCP server

Add complete test coverage for the mcilspy package:

- T7: Create TestAssembly.dll fixture with known types/members
- T1: Integration tests using real assembly (metadata reader + ILSpy wrapper)
- T2: MCP tool tests with mocked wrapper for each @mcp.tool()
- T3: Error path tests for regex, file not found, invalid assemblies
- T4: Concurrency tests with asyncio.gather() for parallel operations
- T5: Docstring coverage tests using AST introspection
- T6: Timeout behavior tests for 5-minute subprocess timeout

Test summary:
- 147 tests passing
- 14 skipped (ilspycmd-dependent integration tests)
- 73% code coverage
- All ruff linting checks pass

2026-02-08 11:40:57 -07:00

Ryan Malloy

16854b77ee

security: implement path validation, temp dir safety, and size limits (S1-S4)

S1 - Path Traversal Prevention:
- Add _validate_assembly_path() helper in server.py
- Validates: non-empty path, file exists, is regular file, .dll/.exe extension
- Resolves to absolute path to prevent path traversal attacks
- Applied to all 12 tools that accept assembly_path

S2 - Temp Directory Race Condition Fix:
- Replace tempfile.mkdtemp() with TemporaryDirectory context manager
- Guarantees cleanup even on exceptions
- Refactor decompile() to use _decompile_to_dir() helper

S3 - Subprocess Output Size Limits:
- Add MAX_OUTPUT_BYTES constant (50MB)
- Truncate stdout/stderr if exceeded to prevent memory exhaustion
- Add truncation warning to output when limit is hit

S4 - Assembly File Size Limits:
- Add MAX_ASSEMBLY_SIZE_MB constant (500MB) in metadata_reader.py
- Check file size before loading with dnfile
- Add AssemblySizeError exception for clear error messages

Tests:
- Add tests/test_security.py with 18 unit tests covering all validations
- All 53 tests pass (security tests + existing tests)

2026-02-08 11:28:39 -07:00

Ryan Malloy

7d784af17c

refactor: address major code review findings

- Use importlib.metadata for dynamic version (single source in pyproject.toml)
- Clean up duplicate `import re` statements across modules
- Add missing type hints to all public methods
- Fix PATH auto-discovery for ilspycmd (~/.dotnet/tools)
- Add pytest test suite with 35 tests covering models, metadata reader, wrapper
- Bump version to 0.2.0, add CHANGELOG.md

2026-02-07 02:05:57 -07:00

3 Commits