You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fixes template create/update/delete registry behavior for the v1 template API. Create/update now build account-, org-, or project-scoped v1 paths per operation, while preserving configured default org/project scoping for existing template list/get/delete reads. Template delete now sends version_label as the required path segment, and template update passes through optional v1 metadata fields.
Type of Change
Bug fix
New feature
Refactor
Documentation
Other
Checklist
Tests pass
Typecheck passes
Verification:
pnpm test tests/registry/registry.test.ts
pnpm test tests/registry/structural-validation.test.ts
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution. You have signed the CLA already but the status is still pending? Let us recheck it.
The reason will be displayed to describe this comment to others. Learn more.
Stale comment
Found 1 blocking issue.
templateV1ScopePath still re-applies default project/org scope for v1 template writes, so explicit broader-scope create/update calls are not actually supported under the normal MCP configuration where HARNESS_ORG and HARNESS_PROJECT are set. I reproduced this on the built branch: registry.dispatch(..., 'template', 'update', { org_id: 'org-only', ... }) emitted PUT /v1/orgs/org-only/projects/test-project/templates/testTemplate/versions/v2 and carried projectIdentifier: "test-project" in both params and body. That means org/account-scoped writes only work when defaults are unset, which is narrower than the PR description claims.
Open question:
Should explicit org_id with omitted project_id suppress default project fallback for v1 writes, or do create/update need a per-operation way to opt out of the registry's project-scope param/body injection?
Verification:
pnpm test tests/registry/registry.test.ts
pnpm test tests/registry/structural-validation.test.ts
pnpm typecheck
pnpm build
Sent by Cursor Automation: Sunil On Demand Architecture Review
The reason will be displayed to describe this comment to others. Learn more.
Stale comment
Important:
src/registry/toolsets/templates.ts, src/tools/harness-describe.ts, src/tools/harness-create.ts, src/tools/harness-update.ts, src/tools/harness-delete.ts, tasks/todo.md: runtime now supports account/org/project template writes via scopeOptional/scope_level, but the agent-facing contract still exposes template as scope: "project" and the generic write/delete tools do not advertise scope_level (or template version_label) as first-class inputs. With defaults configured, account-scoped writes only work if callers already know to tunnel params.scope_level="account" through the generic params bag, so the new task/review note overstates end-to-end support.
tests/registry/registry.test.ts, tests/tools/tool-handlers.test.ts: the new regression coverage stops at registry.dispatch(). The shipped behavior goes through harness_create / harness_update / harness_delete, which still need to map resource_id -> template_id, default or forward version_label, and carry scope_level through params. Without at least one tool-handler regression on those public paths, this PR proves helper wiring, not the real agent-facing behavior.
Sent by Cursor Automation: Sunil On Demand Architecture Review
The reason will be displayed to describe this comment to others. Learn more.
Stale comment
Reviewed against Sunil's architecture standards.
Findings:
src/registry/toolsets/templates.ts now fixes the dispatcher/path behavior for account/org/project template operations, but the agent-facing contract is still incomplete. harness_describe(resource_type="template") still presents templates as scope: "project", while the shared write tools only expose a generic params bag. That means the new account/org create / update / delete paths, plus delete's required version_label, are still not discoverable in the structured metadata surface that this repo expects agents to use.
tests/registry/registry.test.ts adds good dispatch-level regressions, but the public bug report was about generic template operations. There is still no tool-handler coverage proving harness_create / harness_update / harness_delete actually preserve params.scope_level and params.version_label through the shared tool layer.
Assumption:
I reviewed this as a user-facing generic-tool fix, not just an internal registry refactor, because the PR title/body claim scoped template support rather than a helper-only cleanup.
Change summary:
The earlier blocking issue where config defaults re-narrowed org/account-scoped v1 template writes looks fixed in the current branch.
The reason will be displayed to describe this comment to others. Learn more.
Found 3 findings in src/registry/toolsets/templates.ts.
Important: global=true now widens template.list to account scope and drops the configured org/project filters.
Important: invalid scope_level values silently fall back to configured defaults, which can mis-target writes instead of failing loudly.
Warning: the new update schema advertises label as a version label, but the public harness_update path still routes missing version_label to /versions/v1.
Open questions / assumptions:
I'm assuming global=true on template.list is meant to include global templates alongside the active scope, matching the current description and the pre-PR behavior.
If template updates are still required to pass params.version_label, the updated body schema should say that explicitly instead of surfacing label as the version selector.
Change summary:
The earlier scoped-write blocker is fixed on the live head. I verified that org-scoped template updates now emit /v1/orgs/<org>/templates/... without projectIdentifier.
Verification:
pnpm test tests/registry/registry.test.ts tests/tools/tool-handlers.test.ts
pnpm typecheck
pnpm build
runtime probes against build/ for template.list(global=true), invalid scope_level, and harness_update version routing
Sent by Cursor Automation: Sunil On Demand Architecture Review
The reason will be displayed to describe this comment to others. Learn more.
Treating global=true as account scope for every template operation regresses template.list semantics. Because applyTemplateScope() clears org_id / project_id and the resource is now scopeOptional, a normal scoped list call like harness_list(resource_type="template", global=true) drops the configured orgIdentifier / projectIdentifier entirely instead of "including global templates" in the active scope.
I reproduced it on this head after pnpm build with registry.dispatch(..., "template", "list", { global: true }), which emitted:
The reason will be displayed to describe this comment to others. Learn more.
This helper silently ignores invalid scope_level values and falls back to configured defaults. Since scope_level reaches the registry through the generic tool params / filters records, a typo like "acount" on create / update / delete can route the write to the default project instead of failing locally.
{ name: "template_yaml", type: "yaml", required: true, description: "Full template YAML string with changes (name, identifier, etc. are derived from the YAML)" },
{ name: "identifier", type: "string", required: false, description: "Template identifier (derived from YAML if omitted)" },
{ name: "name", type: "string", required: false, description: "Display name (derived from YAML if omitted)" },
{ name: "label", type: "string", required: false, description: "Version label (derived from YAML if omitted)" },
The reason will be displayed to describe this comment to others. Learn more.
The new update schema now surfaces label as the version label, but the public harness_update path still defaults missing version_label to v1 in src/tools/harness-update.ts. That creates a metadata/runtime contract mismatch for agents using harness_describe.
from harness_update(resource_type="template", resource_id="testTemplate", body={ template_yaml: ..., label: "v2" }).
If update calls still must provide params.version_label, I think this schema should say that explicitly instead of implying label drives version selection.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Description
Fixes template create/update/delete registry behavior for the v1 template API. Create/update now build account-, org-, or project-scoped v1 paths per operation, while preserving configured default org/project scoping for existing template list/get/delete reads. Template delete now sends
version_labelas the required path segment, and template update passes through optional v1 metadata fields.Type of Change
Checklist
Verification:
pnpm test tests/registry/registry.test.tspnpm test tests/registry/structural-validation.test.tspnpm typecheckpnpm test