feat(adapter-x): use auth-sensitive session lifecycle#19
Conversation
There was a problem hiding this comment.
Pull request overview
This PR updates the X adapter and related docs/tests to use local-mcp’s auth-sensitive managed-profile lifecycle (authPolicy.mode = bootstrap_then_attach), aligning startup and skill guidance with the bootstrap/attach session control flow.
Changes:
- Switch
@webmcp-bridge/adapter-xtoauthPolicy.mode = bootstrap_then_attach(withallowAnonymousTools). - Update local-mcp tests to assert the built-in
xpreset exposes the expectedauthPolicy. - Refresh docs/skill references (README, migration notes, bridge skill references, adapter docs) to use managed-profile startup examples.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| skills/webmcp-bridge/references/usage-patterns.md | Adds session-control usage (bridge.session.status / bootstrap) and notes about first-run sign-in. |
| skills/webmcp-bridge/references/link-patterns.md | Documents that auth-sensitive sites must keep --user-data-dir for bootstrap/attach reuse. |
| packages/local-mcp/test/sites.test.ts | Asserts built-in x manifest now includes the auth-sensitive authPolicy. |
| packages/local-mcp/test/cli.test.ts | Asserts resolveSiteDefinition("x") returns the expected authPolicy. |
| packages/adapter-x/src/index.ts | Changes X adapter manifest authPolicy.mode to bootstrap_then_attach and enables allowAnonymousTools. |
| docs/migration.md | Updates X startup example to include headed managed-profile flags; adds migration note about auth-sensitive lifecycle. |
| docs/adapters/x.md | Documents the auth-sensitive session model and recommended startup path for X. |
| README.md | Updates quick start example(s) for X to use headed managed-profile invocation. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
README.md
Outdated
|
|
||
| ```bash | ||
| webmcp-local-mcp --site x --headless | ||
| webmcp-local-mcp --site x --no-headless --user-data-dir ~/.uxc/webmcp-profile/x |
There was a problem hiding this comment.
README now shows the exact same webmcp-local-mcp --site x --no-headless --user-data-dir ... command twice (once under “Built-in fallback adapter mode” and again immediately under the auth-sensitive guidance). This duplication makes the quick-start harder to scan; consider removing one block or making the first example the “normal” invocation and the second specifically the initial headed bootstrap/sign-in step.
| webmcp-local-mcp --site x --no-headless --user-data-dir ~/.uxc/webmcp-profile/x | |
| webmcp-local-mcp --site x --headless --user-data-dir ~/.uxc/webmcp-profile/x |
There was a problem hiding this comment.
Removed the duplicate headed example. The generic built-in adapter example now stays headless, and the auth-sensitive note keeps the explicit headed bootstrap step.
| hostPatterns: ["x.com", "www.x.com", "*.x.com"], | ||
| authPolicy: { | ||
| mode: "none", | ||
| mode: "bootstrap_then_attach", | ||
| authProbeTool: "auth.get", | ||
| allowAnonymousTools: true, |
There was a problem hiding this comment.
@webmcp-bridge/adapter-x’s manifest reports version: "0.4.0", but the package.json version is 0.5.0. If consumers rely on manifest.version for diagnostics or compatibility checks, this mismatch can be misleading; consider keeping manifest.version in sync with the package version.
There was a problem hiding this comment.
Aligned manifest.version with packages/adapter-x/package.json in follow-up commit 6a697be.
Summary
authPolicy.mode = bootstrap_then_attachTesting
pnpm --filter @webmcp-bridge/local-mcp testpnpm --filter @webmcp-bridge/adapter-x testpnpm lint