Skip to content

feat(THU-618): support editing MCP servers in settings#1008

Merged
raivieiraadriano92 merged 8 commits into
mainfrom
raivieiraadriano92/thu-618-allow-editing-mcp-server-config-after-adding
Jul 8, 2026
Merged

feat(THU-618): support editing MCP servers in settings#1008
raivieiraadriano92 merged 8 commits into
mainfrom
raivieiraadriano92/thu-618-allow-editing-mcp-server-config-after-adding

Conversation

@raivieiraadriano92

@raivieiraadriano92 raivieiraadriano92 commented Jun 18, 2026

Copy link
Copy Markdown
Collaborator

Adds an Edit action to the MCP servers settings page so users can update an existing server's config (name, URL, headers, credentials) without deleting and re-adding it.

  • New updateMcpServer DAL helper + tests.
  • useAddServerForm reused for both add and edit; the dialog opens prefilled when editing.

Fixes THU-618.


Note

Medium Risk
Touches MCP connection lifecycle (reconnect, in-flight connect coalescing, credential writes) and local secret handling; well-covered by new tests but mis-sync could leave stale clients or wrong auth.

Overview
Users can edit existing MCP servers from settings (pencil on each card) instead of delete-and-re-add. The shared add dialog runs in Edit mode with prefilled name, URL, transport, and bearer token; JSON bulk-import is hidden while editing.

Persistence: New DAL helpers updateMcpServer / updateMcpServerWithCredentials patch server rows and optionally replace, delete, or leave mcp_secrets credentials unchanged (so OAuth tokens aren’t wiped on rename-only saves).

Save UX: useAddServerForm tracks hasConnectionEdits so metadata-only changes (e.g. rename) can save without a new successful probe; renames no longer clear a passing test result. Connection field changes still require test success before save.

Live connections: updateServerStatus is replaced by updateServer, which patches in-memory config and reconnects when enabled (URL/transport/credential changes). Settings calls it with forceRedial after save so credential-only updates apply even if an initial connect is still in flight. useMcpSync now diffs name/url/type/enabled and calls updateServer, not just enable toggles.

Reviewed by Cursor Bugbot for commit 437a5db. Bugbot is set up for automated code reviews on this repo. Configure here.

@raivieiraadriano92 raivieiraadriano92 self-assigned this Jun 18, 2026
@raivieiraadriano92 raivieiraadriano92 marked this pull request as ready for review June 18, 2026 21:53
@github-actions

Copy link
Copy Markdown

Semgrep Security Scan

No security issues found.

Comment thread src/settings/mcp-servers.tsx
Comment thread src/hooks/use-add-server-form.ts
@github-actions

github-actions Bot commented Jun 18, 2026

Copy link
Copy Markdown

Preview environment destroyed 🧹

Stack preview-pr-1008 and its Cloudflare subdomain have been cleaned up.

@github-actions

github-actions Bot commented Jun 18, 2026

Copy link
Copy Markdown

PR Metrics

Metric Value
Lines changed (prod code) +479 / -112
JS bundle size (gzipped) 🟢 783.6 KB → 630.4 KB (-153.2 KB, -19.6%)
Test coverage 🟢 77.27% → 77.35% (+0.1%)
Performance (preview) Preview not ready — Render deploy may have timed out
Accessibility
Best Practices
SEO

Updated Wed, 08 Jul 2026 11:33:03 GMT · run #2235

Comment thread src/settings/mcp-servers.tsx
Comment thread src/settings/mcp-servers.tsx Outdated
@raivieiraadriano92 raivieiraadriano92 changed the title feat: support editing MCP servers in settings feat(THU-618): support editing MCP servers in settings Jun 19, 2026
Comment thread src/lib/mcp-provider.tsx

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 2 potential issues.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 437a5db. Configure here.

Comment thread src/settings/mcp-servers.tsx
Comment thread src/settings/mcp-servers.tsx Outdated
@raivieiraadriano92 raivieiraadriano92 force-pushed the raivieiraadriano92/thu-618-allow-editing-mcp-server-config-after-adding branch from 437a5db to df0a6dd Compare July 7, 2026 20:44

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔭 thunder-deep-review (advisory)

Complements the other bots — surfaces only what they did not flag. Never approves, never requests changes, never gates merge.
head: df0a6dda88da · mode: deep · deferred 7 item(s) already reported by other bots (best-effort dedup)

Comment thread src/lib/mcp-provider.tsx

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔭 thunder-deep-review (advisory)

Complements the other bots — surfaces only what they did not flag. Never approves, never requests changes, never gates merge.
head: f15675233d52 · mode: deep · deferred 7 item(s) already reported by other bots (best-effort dedup)

Comment thread src/settings/mcp-servers.tsx Outdated
Comment thread src/hooks/use-add-server-form.ts

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔭 thunder-deep-review (advisory)

Complements the other bots — surfaces only what they did not flag. Never approves, never requests changes, never gates merge.
head: a9d67b4b54aa · mode: deep · deferred 7 item(s) already reported by other bots (best-effort dedup)

// the OAuth credential is preserved by the mutation — the
// card's needs-auth flow handles a re-authorize at the new
// endpoint post-save).
(form.hasConnectionEdits &&

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔧 Nit — Save-eligibility logic is duplicated (and inverted) across the button and the Enter handler

The rule for "is this edit saveable?" now lives in two places written in opposite polarity: the Save button's disabled expression here (enabled when hasConnectionEdits is false OR isClearingBearerOnly OR isOAuthEdit OR testResult is success), and the Enter branch in handleUrlKeyDown at line 535 (!form.hasConnectionEdits || form.isClearingBearerOnly || form.isOAuthEdit, notably missing the success case, which then relies on a separate branch below). Keeping two hand-inverted copies of the same gate in sync is exactly the kind of thing that drifts — the missing success arm in the keydown path is a symptom. Could we hoist a single derived const canSaveEdit = ... and have both the button and Enter read it? That collapses the logic to one source of truth and makes the intent obvious.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔭 thunder-deep-review (advisory)

Complements the other bots — surfaces only what they did not flag. Never approves, never requests changes, never gates merge.
head: 1f1cf2a16ce8 · mode: deep · deferred 7 item(s) already reported by other bots (best-effort dedup)

Additional notes (couldn't anchor to a diff line)

  • src/hooks/use-add-server-form.ts — 🚫 Blocking — Blurring the URL field on an OAuth edit bypasses the OAuth-skip guard

@raivieiraadriano92 raivieiraadriano92 merged commit a26735b into main Jul 8, 2026
28 checks passed
@raivieiraadriano92 raivieiraadriano92 deleted the raivieiraadriano92/thu-618-allow-editing-mcp-server-config-after-adding branch July 8, 2026 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant