github/github-mcp-server

Pattern Findings

43 matches across 4 categories. Click a row to expand file-level details.

Over-Commented Block36 hits · 36 pts

Severity	File	Line	Snippet
LOW	internal/githubv4mock/query.go	1	// Ths contents of this file are taken from https://github.com/shurcooL/graphql/blob/ed46e5a4646634fc16cb07c3b8db389542c
LOW	internal/githubv4mock/local_round_tripper.go	1	// Ths contents of this file are taken from https://github.com/shurcooL/graphql/blob/ed46e5a4646634fc16cb07c3b8db389542c
LOW	internal/githubv4mock/objects_are_equal_values.go	1	// The contents of this file are taken from https://github.com/stretchr/testify/blob/016e2e9c269209287f33ec203f340a9a723
LOW	internal/githubv4mock/githubv4mock.go	101
LOW	internal/githubv4mock/githubv4mock.go	121	// } `graphql:"pullRequest(number: $prNum)"`
LOW	internal/githubv4mock/objects_are_equal_values_test.go	1	// The contents of this file are taken from https://github.com/stretchr/testify/blob/016e2e9c269209287f33ec203f340a9a723
LOW	script/print-mcp-diff-configs/main.go	1	// Command print-mcp-diff-configs emits the configuration matrix consumed by
LOW	.github/workflows/docker-publish.yml	121	# Sign the resulting Docker image digest except on PRs.
LOW	pkg/octicons/required_icons.txt	1	# Required Octicons for the GitHub MCP Server
LOW	pkg/github/feature_flags.go	41	}
LOW	pkg/github/deprecated_tool_aliases.go	1	// deprecated_tool_aliases.go
LOW	pkg/github/dependencies.go	41	// ContextWithDeps returns a new context with the ToolDependencies stored in it.
LOW	pkg/github/scope_filter.go	41	// token is known at startup and won't change during the session.
LOW	pkg/github/server_test.go	181	require.NotNil(t, server, "expected server to be non-nil")
LOW	pkg/github/repositories_helper.go	181	// The resolution logic follows a clear priority:
LOW	pkg/http/server.go	41
LOW	pkg/http/middleware/mcp_parse.go	21	// For prompts/get
LOW	pkg/http/oauth/oauth.go	41	// This is used to construct the OAuth resource URL.
LOW	pkg/http/transport/graphql_features.go	21	// import "github.com/github/github-mcp-server/pkg/http/transport"
LOW	pkg/http/mark/mark.go	1	// Package mark provides a mechanism for tagging errors with a well-known error value.
LOW	pkg/inventory/registry.go	21	// Build()
LOW	pkg/inventory/registry.go	41	toolsetDescriptions map[ToolsetID]string // toolset ID -> description
LOW	pkg/inventory/registry.go	81	)
LOW	pkg/inventory/registry.go	161	// The IDs are returned in sorted order for deterministic output.
LOW	pkg/inventory/registry.go	201	return true
LOW	pkg/inventory/server_tool.go	41	// Icons are provided in both 16x16 and 24x24 sizes.
LOW	pkg/inventory/server_tool.go	61	HandlerFunc HandlerFunc
LOW	pkg/inventory/builder.go	21
LOW	pkg/inventory/builder.go	101	}
LOW	pkg/inventory/builder.go	121	// Deprecated tool aliases are automatically resolved to their canonical names during Build().
LOW	pkg/inventory/builder.go	201	return cleaned
LOW	pkg/inventory/filters.go	261
LOW	pkg/toolvalidation/readonlyhint.go	21	// candidates for tool-literal validation.
LOW	pkg/toolvalidation/readonlyhint.go	41	func (v ReadOnlyHintViolation) String() string {
LOW	pkg/ifc/ifc.go	81	func LabelGetFileContents(isPrivate bool) SecurityLabel {
LOW	pkg/buffer/buffer.go	21	// httpResp: The HTTP response whose body will be read.

Verbosity Indicators5 hits · 8 pts

Severity	File	Line	Snippet
LOW	cmd/mcpcurl/main.go	329	// For boolean, we need to check if it was explicitly set
LOW	pkg/github/projects.go	1570	// Step 1: Create the iteration field.
LOW	pkg/github/projects.go	1595	// Step 2: Configure the iteration field with start date and duration.
LOW	pkg/github/repositories_helper.go	96	// Step 1: Get Git Tree recursively
LOW	pkg/github/repositories_helper.go	107	// Step 2: Filter tree for matching paths

Magic Placeholder Names1 hit · 5 pts

Severity	File	Line	Snippet
HIGH	README.md	382	"GITHUB_PERSONAL_ACCESS_TOKEN": "<YOUR_TOKEN>"

Example Usage Blocks1 hit · 2 pts

Severity	File	Line	Snippet
LOW	pkg/github/scope_filter.go	48	// Example usage:

Score History

Severity Breakdown

Pattern Findings