Skip to content

Feature/per mode mcp filtering#12073

Open
GreatSUN wants to merge 3 commits intoRooCodeInc:mainfrom
GreatSUN:feature/per-mode-mcp-filtering
Open

Feature/per mode mcp filtering#12073
GreatSUN wants to merge 3 commits intoRooCodeInc:mainfrom
GreatSUN:feature/per-mode-mcp-filtering

Conversation

@GreatSUN
Copy link
Copy Markdown

@GreatSUN GreatSUN commented Apr 7, 2026
edited by roomote-v0 bot
Loading

Related GitHub Issue

Closes: #

Roo Code Task Context (Optional)

Description

Test Procedure

Pre-Submission Checklist

  • Issue Linked: This PR is linked to an approved GitHub Issue (see "Related GitHub Issue" above).
  • Scope: My changes are focused on the linked issue (one major feature/fix per PR).
  • Self-Review: I have performed a thorough self-review of my code.
  • Testing: New and/or updated tests have been added to cover my changes (if applicable).
  • Documentation Impact: I have considered if my changes require documentation updates (see "Documentation Updates" section below).
  • Contribution Guidelines: I have read and agree to the Contributor Guidelines.

Screenshots / Videos

Documentation Updates

Additional Notes

Get in Touch

Interactively review PR in Roo Code Cloud

@sap-svetter
feat: implement per-mode MCP server/tool filtering
79de65a 
Adds granular per-mode control over which MCP servers and tools are available, replacing the previous all-or-nothing 'mcp' group behavior.

Schema (packages/types/src/mode.ts): - Add mcpServerFilterSchema with disabled/allowedTools/disabledTools - Add mcpDefaultPolicy ('allow'|'deny') for deny-by-default support - Add mcpGroupOptionsSchema extending group options for MCP tuples - Add superRefine validation rejecting MCP options on non-mcp groups

Core filtering (src/utils/mcp-filter.ts): - getMcpFilterForMode() resolves MCP config for a mode - isMcpServerAllowedForMode() checks server access with policy - isMcpToolAllowedForMode() checks tool access with allowlist/blocklist - Inlined getGroupName to avoid vscode import chain (ISSUE-16)

Prerequisite fix (src/utils/mcp-name.ts): - Fix normalizeForComparison regex: /[-\s]+/g -> /[-\s]/g (ISSUE-10) - Add toLowerCase() for case-insensitive matching

Prompt-level filtering: - filter-tools-for-mode.ts: Filter MCP tools from system prompt - build-tools.ts: Filter MCP tools for Gemini native function calling - ISSUE-19: Document native tools remain unfiltered for Gemini

Execution-time guards: - validateToolUse.ts: Replace blanket MCP allow with filter checks   - Server-level guard for use_mcp_tool/access_mcp_resource   - Tool-level guard for dynamic mcp--server--tool names   - ISSUE-21: Tool-level check for use_mcp_tool when tool_name available - presentAssistantMessage.ts mcp_tool_use: Add filter using cline.taskMode - ISSUE-17: validateToolUse call uses cline.taskMode (frozen at task start)   instead of state.mode (live UI mode) - ISSUE-20: Remove dead ?? defaultModeSlug fallback

Defense-in-depth: - UseMcpToolTool.execute(): Server + tool level filter before execution - AccessMcpResourceTool.execute(): Server level filter before execution - FLAG-E: Document 10-second TTL cache in CustomModesManager

UI fix (webview-ui): - ModesView.tsx: Cache group tuple options on toggle-off, restore on   toggle-on to prevent MCP config data loss (ISSUE-9/ISSUE-13) - Extract pure caching functions to groupOptionsCache.ts

Tests: 89 new tests across 11 files, all passing
@sap-svetter
feat: add MCP filter configuration UI for per-mode MCP server/tool fi…
08c5012 
…ltering

Adds UI components to the mode editor for configuring which MCP servers and tools are available per mode, completing the MCP filtering feature.

New components: - McpFilterConfig.tsx: Main panel with default policy selector (allow/deny)   and server list, shown when 'mcp' group is enabled in mode editor - McpServerFilterRow.tsx: Per-server row with enable/disable toggle and   expandable tool-level filtering (allowlist/blocklist/allow-all modes)

ModesView.tsx integration: - Edit mode: McpFilterConfig renders below mcp checkbox when checked - Read-only mode: Shows filter summary via McpFilterConfig - Helper functions getMcpOptionsFromGroups/updateMcpOptionsInGroups   for extracting/updating MCP tuple options in groups array - groupOptionsCache sync ensures filter config survives toggle cycles

Version bump: 3.51.1 -> 3.52.0
@sap-svetter
feat: per-mode MCP filtering enhancements v3.52.0
8fbd3ac 
- SE-1: deny-by-default guard for unavailable custom mode config

- SE-2: groupOptionsCache mode-scoped keys to prevent cross-mode contamination

- SE-3: recordToolUsage moved after MCP filter check

- Loading spinner for MCP servers/tools list while data loads
@dosubot dosubot bot added size:XXL This PR changes 1000+ lines, ignoring generated files. Enhancement New feature or request labels Apr 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrubens mrubens Awaiting requested review from mrubens mrubens is a code owner

@cte cte Awaiting requested review from cte cte is a code owner

@jr jr Awaiting requested review from jr jr is a code owner

@hannesrudolph hannesrudolph Awaiting requested review from hannesrudolph hannesrudolph is a code owner

@daniel-lxs daniel-lxs Awaiting requested review from daniel-lxs daniel-lxs is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Enhancement New feature or request size:XXL This PR changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@GreatSUN @sap-svetter