v0.4.0

[github-actions]

Release v0.4.0

Summary by CodeRabbit

Release Notes

• New Features

  • OpenAPI adapter now powered by mcp-from-openapi with inherited request mappers and security validation.
  • Tool output schemas now support literal primitives, resource descriptors, and tuple-style arrays for structured responses.
  • Added authentication strategies documentation including static headers and custom security flows.

• Documentation

  • Comprehensive contributor guidelines and updated tool reference documentation.
  • Expanded installation and quickstart guides with step-by-step instructions.

• Chores

  • Version bumped to 1.1.0; automated release workflows and linting enhancements added.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Version 0.4.0 release introducing mcp-from-openapi generator for the OpenAPI adapter, expanding Tool output schemas to support literal primitives and arrays, bumping package versions across all libraries, removing a PR trigger from CI workflows, and extensively updating documentation and contributor guidelines.

Changes

Cohort / File(s)	Summary
CI/CD Configuration \.github/workflows/codex-mintlify-docs\.yml	Removed pull_request trigger block that gated PRs into main; standardized node setup quoting from single to double quotes for node-version-file, cache, and registry-url.
Package Version Bumps package\.json, libs/sdk/package\.json, libs/adapters/package\.json, libs/cli/package\.json, libs/plugins/package\.json, libs/json-schema-to-zod-v3/package\.json, libs/mcp-from-openapi/package\.json	Bumped root version 0.3.1→0.4.0; bumped library versions to 1.1.0 (sdk, adapters, cli, plugins) or 1.0.0→1.1.0 (json-schema-to-zod-v3, mcp-from-openapi); updated cross-library dependency versions; removed json-schema-to-zod-v3 from root dependencies.
Release & Changelog CHANGELOG\.md, docs/updates\.mdx	Added v0.4.0 changelog entry documenting mcp-from-openapi adapter, literal output schemas, authentication strategies, and CI/CD workflow improvements; added corresponding update block with Features, Docs, and Build/CI sections.
Core Documentation Updates README\.md, CONTRIBUTING\.md	Rewrote README with updated installation, quickstart, and tool examples reflecting new LogLevel enum and schema handling; added new CONTRIBUTING.md with contributor guidelines, workspace layout, day-to-day commands, coding standards, PR checklist, and communication protocols.
OpenAPI Adapter Documentation docs/docs/adapters/openapi-adapter\.mdx, docs/docs/guides/add-openapi-adapter\.mdx	Comprehensive restructure documenting mcp-from-openapi generator, request mappers, multi-auth strategies (authProviderMapper, securityResolver), parameter conflict resolution, security validation, includeSecurityInInput guidance, and concrete initialization/configuration examples.
Tool Schema Documentation docs/docs/servers/tools\.mdx	Expanded inputSchema and outputSchema type documentation to support literal primitives ('string', 'number', 'boolean', 'date', 'image', 'audio', 'resource', 'resource_link'), any Zod schema, or readonly arrays of those options; added examples for tuple-style arrays and structured outputs.
Draft Documentation Formatting docs/draft/docs/adapters/overview\.mdx, docs/draft/docs/adapters/openapi-adapter\.mdx, docs/draft/docs/getting-started/quickstart\.mdx, docs/draft/docs/guides/add-openapi-adapter\.mdx, docs/draft/docs/guides/caching-and-cache-miss\.mdx, docs/draft/docs/guides/customize-flow-stages\.mdx, docs/draft/docs/plugins/cache-plugin\.mdx	Line-wrapping, spacing, and MDX/JSX component reformatting (multi-line→single-line or inline variants, {' '} wrapping, blank line adjustments) without semantic or functional changes.
Adapter Library & Blog libs/adapters/README\.md, docs/blog/11-2025/mcp-run-out-of-socket\.mdx, docs/blog/external-links\.mdx	Updated adapter README to reference mcp-from-openapi generator; reformatted self-closing img tags and Card invocations from single-line to multi-line JSX for consistency.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Version consistency: Verify all package.json bumps align (0.4.0 root, 1.1.0 libraries) and dependency version constraints are correct across sdk, adapters, cli, plugins.
• OpenAPI adapter docs accuracy: Review comprehensiveness of authentication strategies, authProviderMapper vs. securityResolver guidance, and mcp-from-openapi integration examples.
• Tool schema type expansion: Confirm Tool metadata outputSchema changes (literal strings, Zod schemas, readonly arrays) are properly documented and align with actual implementation.
• CI/CD workflow impact: Verify removal of pull_request trigger doesn't break intended documentation deployment flow or introduce merge conflicts.

Possibly related PRs

• PR #54: Integrates mcp-from-openapi library as the new OpenAPI adapter backend with request mappers, security validators, and schema generation.
• PR #11: Modifies Tool metadata in docs/docs/servers/tools.mdx for inputSchema/outputSchema type shapes, directly related to schema expansion.
• PR #7: Adds AuthInfo and request/body/input-schema mappers to OpenAPI adapter types, complementing the mcp-from-openapi integration.

Poem

🐰 Version bumps align with grace,
mcp-from-openapi takes its place,
Schemas blossom, docs unfold,
Contributors welcome, stories told,
0.4.0 hops ahead so fast! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'v0.4.0' is vague and generic, using only a version number without describing what the release contains or the main changes.	Consider using a more descriptive title that summarizes the main features or changes, such as 'Release v0.4.0: OpenAPI adapter upgrade and improved tool schemas' to clarify the primary changes in this release.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[frontegg-david]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 5

🧹 Nitpick comments (2)

CONTRIBUTING.md (1)

38-42: Address LanguageTool style suggestion on repeated sentence structures.

Line 42 contains three bullet points that begin with backtick-wrapped code references (`). Consider rewording one or two to improve readability:

- `README.md` for a high-level overview and quickstart.
- `CHANGELOG.md` for release notes—update it when user-facing behavior changes.
- `docs/` for the Mintlify-based documentation site (`yarn docs:local` runs a local preview).
+ For a high-level overview and quickstart, see `README.md`.
+ Consult `CHANGELOG.md` for release notes—update it when user-facing behavior changes.
+ The `docs/` folder hosts Mintlify-based documentation; run `yarn docs:local` to preview locally.

docs/docs/servers/tools.mdx (1)

85-95: Minor grammar issue—add subject for clarity. Line 87 starts with a dependent clause. Consider: "The inputSchema parameter can be either a full z.object({...}) or a raw shape ({ name: z.string() }). The SDK wraps raw shapes in an object internally, so you can keep declarations terse."

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e051e81 and 699bf11.

📒 Files selected for processing (25)

• .github/workflows/codex-mintlify-docs.yml (1 hunks)
• CHANGELOG.md (1 hunks)
• CONTRIBUTING.md (1 hunks)
• README.md (9 hunks)
• docs/blog/11-2025/mcp-run-out-of-socket.mdx (1 hunks)
• docs/blog/external-links.mdx (1 hunks)
• docs/docs/adapters/openapi-adapter.mdx (2 hunks)
• docs/docs/guides/add-openapi-adapter.mdx (1 hunks)
• docs/docs/servers/tools.mdx (2 hunks)
• docs/draft/docs/adapters/openapi-adapter.mdx (24 hunks)
• docs/draft/docs/adapters/overview.mdx (8 hunks)
• docs/draft/docs/getting-started/quickstart.mdx (16 hunks)
• docs/draft/docs/guides/add-openapi-adapter.mdx (14 hunks)
• docs/draft/docs/guides/caching-and-cache-miss.mdx (26 hunks)
• docs/draft/docs/guides/customize-flow-stages.mdx (15 hunks)
• docs/draft/docs/plugins/cache-plugin.mdx (16 hunks)
• docs/updates.mdx (1 hunks)
• libs/adapters/README.md (1 hunks)
• libs/adapters/package.json (2 hunks)
• libs/cli/package.json (2 hunks)
• libs/json-schema-to-zod-v3/package.json (1 hunks)
• libs/mcp-from-openapi/package.json (1 hunks)
• libs/plugins/package.json (2 hunks)
• libs/sdk/package.json (2 hunks)
• package.json (1 hunks)

🧰 Additional context used

📓 Path-based instructions (4)

libs/**

⚙️ CodeRabbit configuration file

libs/**: Contains publishable SDK libraries. Review for API correctness, breaking changes, and consistency with docs. When public APIs change, ensure there is a matching docs/draft/docs/** update (not direct edits under docs/docs/**).

Files:

• libs/mcp-from-openapi/package.json
• libs/sdk/package.json
• libs/cli/package.json
• libs/plugins/package.json
• libs/adapters/package.json
• libs/json-schema-to-zod-v3/package.json
• libs/adapters/README.md

docs/draft/docs/**

⚙️ CodeRabbit configuration file

docs/draft/docs/**: This folder holds the draft/source docs that humans are expected to edit. When authors want to add or change documentation, they should do it here. The Codex workflow uses these drafts, together with the code diff, to generate the latest docs under docs/docs/. As a reviewer: - Encourage contributors to add/update content here instead of docs/docs/. - It is fine to do structural/content feedback here (clarity, examples, etc).

Files:

• docs/draft/docs/plugins/cache-plugin.mdx
• docs/draft/docs/guides/add-openapi-adapter.mdx
• docs/draft/docs/adapters/overview.mdx
• docs/draft/docs/getting-started/quickstart.mdx
• docs/draft/docs/guides/caching-and-cache-miss.mdx
• docs/draft/docs/guides/customize-flow-stages.mdx
• docs/draft/docs/adapters/openapi-adapter.mdx

docs/**

⚙️ CodeRabbit configuration file

docs/**: Repository documentation for the SDK, using MDX and hosted by Mintlify. See more specific rules for: - docs/docs/** (latest rendered docs, automation-only) - docs/v/** (archived versions, read-only) - docs/draft/docs/** (human-editable drafts) - docs/blogs/** (blogs, human edited) - docs/docs.json (Mintlify navigation)

Files:

• docs/draft/docs/plugins/cache-plugin.mdx
• docs/draft/docs/guides/add-openapi-adapter.mdx
• docs/blog/11-2025/mcp-run-out-of-socket.mdx
• docs/draft/docs/adapters/overview.mdx
• docs/docs/guides/add-openapi-adapter.mdx
• docs/draft/docs/getting-started/quickstart.mdx
• docs/blog/external-links.mdx
• docs/draft/docs/guides/caching-and-cache-miss.mdx
• docs/docs/adapters/openapi-adapter.mdx
• docs/draft/docs/guides/customize-flow-stages.mdx
• docs/updates.mdx
• docs/docs/servers/tools.mdx
• docs/draft/docs/adapters/openapi-adapter.mdx

docs/docs/**

⚙️ CodeRabbit configuration file

docs/docs/**: This folder contains the latest Mintlify documentation for the CURRENT minor version, using SEO-friendly paths (e.g. "docs/getting-started/welcome"). These files are generated/updated by the Codex GitHub Action, NOT manually. When reviewing a PR: - If a contributor edits files under docs/docs/** directly, ask them to revert
those changes and instead update the corresponding draft under docs/draft/docs/**.

• Do NOT suggest manual edits here; suggest editing drafts and letting automation
  regenerate docs/docs/**.
• The release process for a new minor is:
  1. Copy the current docs/docs/** into docs/v/{previous-minor}/** to freeze them.
  2. Update docs/docs/** based on docs/draft/docs/** and the code changes.

Files:

• docs/docs/guides/add-openapi-adapter.mdx
• docs/docs/adapters/openapi-adapter.mdx
• docs/docs/servers/tools.mdx

🧠 Learnings (1)

📚 Learning: 2025-11-16T22:47:05.139Z

Learnt from: frontegg-david
Repo: agentfront/frontmcp PR: 50
File: docs/docs/v/0.1/getting-started/welcome.mdx:2-3
Timestamp: 2025-11-16T22:47:05.139Z
Learning: In the agentfront/frontmcp repository, the docs/docs/v/** directory governance rule prohibiting manual edits applies to already-frozen releases, but does not preclude initial setup and bootstrap commits that establish the versioned docs structure.

Applied to files:

• CONTRIBUTING.md
• README.md
• docs/updates.mdx

🪛 LanguageTool

CONTRIBUTING.md

[style] ~42-~42: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...user-facing behavior changes. - docs/ for the Mintlify-based documentation site (...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

---

[style] ~106-~106: The wording of this phrase can be improved.
Context: ...eciate every contribution—thank you for making FrontMCP better!

(MAKE_STYLE_BETTER)

docs/draft/docs/adapters/overview.mdx

[uncategorized] ~233-~233: The official name of this software platform is spelled with a capital “H”.
Context: ...and adapter interfaces {' '} <Card title="Source Code" icon="github" href="https://github.com/agentfront/fr...

(GITHUB)

docs/docs/servers/tools.mdx

[style] ~87-~87: To form a complete sentence, be sure to include a subject or ‘there’.
Context: ...t & output schema shapes inputSchema can be a full z.object({...}) or a raw sh...

(MISSING_IT_THERE)

🪛 markdownlint-cli2 (0.18.1)

libs/adapters/README.md

17-17: Bare URL used

(MD034, no-bare-urls)

🔇 Additional comments (30)

docs/draft/docs/guides/customize-flow-stages.mdx (4)

17-20: MDX formatting changes look good.

The {' '} spacing wraps between Card components are a standard MDX pattern for managing whitespace in JSX rendering. These changes improve visual consistency without affecting content.

Also applies to: 22-25, 637-640

---

248-248: Code example formatting improves readability.

Reformatting the withRetry method signature to a single line maintains clarity while reducing visual bulk in the code sample. The example remains functionally correct.

---

542-542: Arrow function parentheses improve consistency.

Adding parentheses around the parameter h is a minor style improvement that aligns with common TypeScript conventions. The logic remains identical.

---

549-551: Warning clarification is helpful.

The updated text clearly signals this as an advanced feature, improving guidance for users on whether they should use the Hook Registry API. The messaging is appropriate.

libs/mcp-from-openapi/package.json (1)

3-3: Version bump is well-aligned with release objectives.

Minor version bump (1.0.0 → 1.1.0) aligns with the v0.4.0 release and coordinated dependency updates across adapters and SDK. No API or export changes; backward compatible.

docs/blog/11-2025/mcp-run-out-of-socket.mdx (1)

7-12: Formatting improvement; no changes to content or behavior.

Reformatting the self-closing img tag to multi-line JSX improves readability without altering semantics or functionality.

libs/json-schema-to-zod-v3/package.json (1)

3-3: Version bump aligns with coordinated ecosystem upgrade.

Minor version bump (1.0.0 → 1.1.0) is consistent with the coordinated upgrade path across adapters and SDK libraries for the v0.4.0 release.

docs/blog/external-links.mdx (1)

24-30: Formatting improvement for consistency and readability.

Multi-line Card component structure improves maintainability while preserving all prop values and behavior.

.github/workflows/codex-mintlify-docs.yml (1)

51-53: Quoting normalization improves consistency.

Standardizing node setup options from single to double quotes aligns with YAML conventions and improves consistency across the workflow file.

docs/draft/docs/guides/caching-and-cache-miss.mdx (1)

1-50: Documentation improvements are in the correct location.

Changes to docs/draft/docs/** are appropriately placed for human-editable draft content per coding guidelines. Formatting improvements (bullet lists, inline MDX components, step-by-step restructuring) enhance clarity and readability without altering guide substance.

docs/draft/docs/plugins/cache-plugin.mdx (1)

1-50: Documentation improvements are properly placed in draft docs.

Changes to docs/draft/docs/** are appropriate for human-editable source docs per coding guidelines. Formatting refinements (inline components with spacing, Warning/Check callouts, table restructuring) maintain MDX validity and improve readability and user guidance.

CONTRIBUTING.md (1)

1-106: Comprehensive contributor guide aligns well with Nx monorepo structure and project standards.

The guide covers prerequisites, workspace layout, day-to-day commands, coding standards, testing, documentation, PR workflows, and communication clearly. Tone is professional and actionable. Links are in place, and examples are practical.

Minor notes:

• Lines 56–57: Mention Inspector flow verification is good DX guidance; consider also noting npx frontmcp doctor as a first troubleshooting step.
• Line 65: Husky + lint-staged reference is accurate; the setup aligns with modern TypeScript projects.
• Line 103: Email address for security issues is hardcoded; ensure it's monitored or rotate if team changes.

docs/draft/docs/adapters/overview.mdx (1)

18-21: Formatting changes (MDX whitespace/inline wrapping) are minor and presentational.

The inline {' '} wrapping and line-wrapping adjustments don't alter semantics or rendering. However, the pattern is inconsistently applied:

• Lines 18–21, 49, 74–77: Added {' '} before Card/Step blocks
• Lines 150–166, 216–217: Added {' '} before Card/Accordion blocks
• Some similar blocks unchanged (e.g., lines 28–30, 228–231)

If these changes are part of an automated formatter or style standardization pass, consider applying them uniformly across the file for consistency.

Also applies to: 49-49, 53-53, 74-77, 150-166, 216-217, 233-241

docs/draft/docs/getting-started/quickstart.mdx (1)

44-50: Formatting changes are purely presentational and consistent with other doc updates in this PR.

These adjustments (line wrapping, {' '} wrapping, block collapsing) do not affect rendering or content. They align with similar edits in docs/draft/docs/adapters/overview.mdx. Assuming these changes support a docs formatter or automated linting pass, they are acceptable.

Also applies to: 78-78, 158-174, 247-261, 272-290, 301-308

CHANGELOG.md (1)

1-20: v0.4.0 changelog entry is clear and well-formatted, accurately summarizing major updates.

The entry captures the three major themes:

1. feat: OpenAPI adapter migration to mcp-from-openapi + enhanced output schemas
2. docs: Updated authentication and mapper guidance
3. build: Workflow improvements (publish-on-next-close, lint-staged, push workflow)

This aligns with the PR objectives and related file updates (docs/draft/docs/adapters/openapi-adapter.mdx, package version bumps, etc.).

docs/draft/docs/adapters/openapi-adapter.mdx (2)

513-517: Security risk levels table is clear and well-categorized.

The table correctly maps configuration patterns to security risk levels (LOW / MEDIUM / HIGH), with accurate descriptions. The guidance to use authProviderMapper or securityResolver for LOW risk and warnings against includeSecurityInInput for HIGH risk are sound.

---

129-131: Code examples show proper authentication patterns and are well-formatted.

Examples demonstrate:

• Static headers (with security reminder)
• Auth provider mapper (recommended approach)
• Custom security resolver
• Dynamic headers/body mapping (multi-tenant use case)
• Real-world scenarios (GitHub, Slack, SaaS, expense management)

All examples appear syntactically correct and align with the mcp-from-openapi backend. Quote style in line 129 (authorization instead of 'authorization') is consistent with JavaScript object literal shorthand.

Also applies to: 149-157, 289-302, 357-362, 399-410

README.md (2)

188-222: Function and Class Tools section clearly contrasts approaches and emphasizes Zod field shapes.

The section now explicitly states: "Pass Zod fields directly (no z.object({...}))" and provides side-by-side examples. This aligns with the coding guidelines referenced in the PR (Zod field shapes). Examples are accurate and readable.

---

436-448: Documentation reference links updated consistently.

All cross-references (anchor links [1]–[13]) are updated to reflect docs.agentfront.dev paths and new doc structure. Links are clear and should remain stable if documentation routing is consistent.

package.json (2)

3-3: Version bump to 0.4.0 is correct and aligns with CHANGELOG entry.

---

15-25: Dependency removal verified as appropriate.

Verification confirms the json-schema-to-zod-v3 removal from root dependencies is correct:

• Package is properly located in libs/sdk/package.json
• No root-level code imports this package
• Root build/dev scripts (yarn dev, yarn build, yarn docs:local) use nx, which automatically resolves workspace dependencies
• No breaking references detected

libs/plugins/package.json (1)

3-3: LGTM. Version alignment with adapters package is consistent at 1.1.0, and SDK dependency updated with caret constraint.

Also applies to: 35-36

docs/draft/docs/guides/add-openapi-adapter.mdx (2)

8-22: Well-structured comprehensive guide update. The expanded guide provides step-by-step instructions, authentication strategies, and advanced configuration. Aligns well with the new mcp-from-openapi migration.

---

450-456: Documentation cross-references verified.

Both paths referenced in the guide exist and are valid:

• /docs/servers/authentication/overview → docs/docs/servers/authentication/overview.mdx ✓
• /docs/servers/extensibility/plugins → docs/docs/servers/extensibility/plugins.mdx ✓

libs/cli/package.json (1)

3-3: LGTM. CLI package version bumped to 1.1.0 with matching dependencies on SDK, plugins, and adapters using appropriate caret constraints.

Also applies to: 33-35

docs/updates.mdx (1)

8-31: Release notes accurately capture v0.4.0 changes. The Features, Docs, and Build/CI sections provide a good high-level summary of the mcp-from-openapi migration, enhanced tool schemas, and process improvements. Consider clarifying that the OpenAPI adapter is being upgraded (not newly created) if that's the case.

docs/docs/servers/tools.mdx (1)

63-63: Excellent documentation of new Tool output schema capabilities. The updated metadata section clearly explains literal primitives, resource descriptors, Zod schemas, and tuple-style arrays. The example with ['string', 'number'] effectively demonstrates the new feature. Aligns well with the PR's goal of expanding output schema support.

Also applies to: 65-65, 89-94, 101-101

docs/docs/adapters/openapi-adapter.mdx (1)

9-9: Well-documented mcp-from-openapi integration. The adapter documentation thoroughly covers the new features: automatic parameter conflict resolution, mapper visibility, multi-auth support, and risk scoring. The three authentication strategy examples (static headers, authProviderMapper, securityResolver) are clear and practical.

Also applies to: 13-17

docs/docs/guides/add-openapi-adapter.mdx (1)

1-131: File is correctly auto-generated—no issues found. The git history confirms this file was updated via the Codex GitHub Action (commit cf038c6 marked [auto]), not manually edited. The corresponding draft file exists at docs/draft/docs/guides/add-openapi-adapter.mdx. The automation workflow is functioning as intended.

libs/adapters/package.json (1)

3-3: The versioning strategy is intentional and correct—no changes needed.

The monorepo is properly configured with:

• Workspace root (@frontmcp/source) at version 0.4.0
• All publishable libraries (6 total) uniformly versioned at 1.1.0
• Internal dependencies precisely pinned (1.1.0), SDK dependency flexibly versioned (^1.1.0)

This is standard monorepo practice: workspace roots and publishable packages maintain separate version tracks. The unified 1.1.0 across all libs demonstrates this is an intentional, coordinated release of the library suite—not a misalignment.

Likely an incorrect or invalid review comment.