Skip to content

fix: restore MCP auto-approval behavior to approve all tools when enabled #9191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
roomote wants to merge 1 commit into from
Closed

fix: restore MCP auto-approval behavior to approve all tools when enabled #9191

roomote wants to merge 1 commit into from

Conversation

@roomote
Copy link
Contributor

@roomote roomote bot commented Nov 12, 2025
edited by ellipsis-dev bot
Loading

This PR attempts to address Issue #9190. Feedback and guidance are welcome.

Problem

After the recent refactoring that moved auto-approval logic from ChatView to Task (#9157), the MCP auto-approval behavior changed. Previously, when alwaysAllowMcp was enabled, ALL MCP tools would be auto-approved. After the refactor, both alwaysAllowMcp AND the individual tool alwaysAllow flag had to be true, which broke the expected behavior.

Solution

Changed the logic from AND to OR condition:

  • When alwaysAllowMcp is enabled → auto-approve all MCP tools
  • When a specific tool has alwaysAllow flag → auto-approve that specific tool
  • Either condition can trigger auto-approval independently

Changes

  • Modified src/core/auto-approval/index.ts to use OR logic instead of AND
  • Added comprehensive test coverage in src/core/auto-approval/__tests__/index.spec.ts

Testing

  • ✅ All new tests pass
  • ✅ All existing tests pass
  • ✅ Linting passes
  • ✅ Type checking passes

Fixes #9190

Important

Fixes MCP auto-approval logic to approve tools if either global or individual flags are set, with added tests.

  • Behavior:
    • Changes MCP auto-approval logic in checkAutoApproval() in index.ts to use OR condition.
    • Auto-approves all MCP tools if alwaysAllowMcp is true or if the tool's alwaysAllow flag is true.
  • Testing:
    • Adds tests in index.spec.ts to cover scenarios for MCP tool and resource auto-approval.
    • Tests handle cases with missing or invalid JSON, and when neither flag is set.
  • Misc:

This description was created by Ellipsis for 00102b6. You can customize this summary. It will automatically update as commits are pushed.

@roomote
fix: restore MCP auto-approval behavior to approve all tools when ena…
00102b6 
…bled

- Changed MCP auto-approval logic from AND to OR condition
- When alwaysAllowMcp is enabled, all MCP tools are auto-approved
- Individual tool alwaysAllow flag can still approve specific tools
- Added comprehensive tests for MCP auto-approval scenarios

Fixes #9190
@roomote roomote bot requested review from cte, jr and mrubens as code owners November 12, 2025 06:56
@dosubot dosubot bot added the size:L This PR changes 100-499 lines, ignoring generated files. label Nov 12, 2025
@roomote roomote bot mentioned this pull request Nov 12, 2025
Closed
@dosubot dosubot bot added the bug Something isn't working label Nov 12, 2025
@roomote
Copy link
Contributor Author

roomote bot commented Nov 12, 2025
edited
Loading

Rooviewer Clock   See task on Roo Cloud

Review completed. The changes look good - the fix correctly restores the MCP auto-approval behavior by changing from AND to OR logic. When alwaysAllowMcp is enabled, all MCP tools will be auto-approved as expected. Individual tools can still be approved via their alwaysAllow flag. The test coverage is comprehensive and validates all scenarios.

Mention @roomote in a comment to request specific changes to this pull request or fix all unresolved issues.

@hannesrudolph hannesrudolph added the Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. label Nov 12, 2025
@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Nov 12, 2025
@daniel-lxs daniel-lxs moved this from Triage to PR [Needs Review] in Roo Code Roadmap Nov 12, 2025
@hannesrudolph hannesrudolph added PR - Needs Review and removed Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. labels Nov 12, 2025
@nonsleepr
Copy link

nonsleepr commented Nov 12, 2025

Tested the fix, it's bad. Auto-approves even if the tool is configured NOT to auto-approve.

@mrubens mrubens closed this Nov 15, 2025
@github-project-automation github-project-automation bot moved this from New to Done in Roo Code Roadmap Nov 15, 2025
@github-project-automation github-project-automation bot moved this from PR [Needs Review] to Done in Roo Code Roadmap Nov 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@daniel-lxs daniel-lxs daniel-lxs approved these changes

@mrubens mrubens Awaiting requested review from mrubens mrubens is a code owner

@cte cte Awaiting requested review from cte cte is a code owner

@jr jr Awaiting requested review from jr jr is a code owner

Assignees

No one assigned

Labels

bug Something isn't working lgtm This PR has been approved by a maintainer PR - Needs Review size:L This PR changes 100-499 lines, ignoring generated files.

Projects

Roo Code Roadmap
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] auto approuve no more working

6 participants

@nonsleepr @daniel-lxs @mrubens @hannesrudolph @roomote