Add //nolint:errcheck comments to intentionally unchecked error returns:
- defer X.Close() calls: errors from closing read-only resources, rows
after iteration, files, response bodies, and gzip readers are not
actionable and don't affect correctness
- defer tx.Rollback(): standard Go pattern where rollback after
successful commit returns an error, which is expected behavior
- defer stmt.Close(): statements are closed with their transactions
- Cleanup operations: DeleteRevision on failure and os.RemoveAll for
temp directories are best-effort cleanup
- HTTP response encoding: if JSON encoding fails at response time,
there's nothing useful we can do
- Test/benchmark code: unchecked errors in test setup/cleanup where
failures will surface through test assertions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add configurable MaxSessions limit (default: 10000) to SessionStore.
When the limit is reached, new session creation returns ErrTooManySessions
and HTTP transport responds with 503 Service Unavailable.
This prevents attackers from exhausting server memory by creating
unlimited sessions through repeated initialize requests.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Configure HTTP server with sensible timeouts:
- ReadTimeout: 30s (time to read entire request)
- WriteTimeout: 30s (time to write response)
- IdleTimeout: 120s (keep-alive connection timeout)
- ReadHeaderTimeout: 10s (time to read request headers)
For SSE connections, use http.ResponseController to extend write
deadlines before each write, preventing timeout on long-lived streams
while still protecting against slow clients.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add MaxRequestSize configuration to HTTPConfig with a default of 1MB.
Use http.MaxBytesReader to enforce the limit, returning 413 Request
Entity Too Large when exceeded.
This prevents memory exhaustion attacks where an attacker sends
arbitrarily large request bodies.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add support for running the MCP server over HTTP with Server-Sent Events
(SSE) using the MCP Streamable HTTP specification, alongside the existing
STDIO transport.
New features:
- Transport abstraction with Transport interface
- HTTP transport with session management
- SSE support for server-initiated notifications
- CORS security with configurable allowed origins
- Optional TLS support
- CLI flags for HTTP configuration (--transport, --http-address, etc.)
- NixOS module options for HTTP transport
The HTTP transport implements:
- POST /mcp: JSON-RPC requests with session management
- GET /mcp: SSE stream for server notifications
- DELETE /mcp: Session termination
- Origin validation (localhost-only by default)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
