fix: address remaining PR #589 review findings

- Consolidate MCP session + login flow cleanup into _mcp_session_with_login_flow() helper,
  replacing 4 duplicated AsyncExitStack sites in app.py
- Fix get_shared_storage() race condition by using module-level anyio.Lock() init
  (reverts regression from ba59763)
- Collapse cosmetic if/else branching in scope_authorization.py
- Consolidate dual password storage paths into single store_app_password_with_scopes() call
- Mark unused request param as _ in list_supported_scopes
- Make ALL_SUPPORTED_SCOPES an immutable tuple; use list() instead of .copy()
- Add hasattr(ctx, "elicit") guard in elicitation.py, narrow except to NotImplementedError
- Add YAML comment explaining --oauth flag for mcp-login-flow service

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Chris Coutinho
2026-03-02 09:59:56 +01:00
parent ba597634bd
commit 0d14c75eb1
9 changed files with 36 additions and 42 deletions
+2 -2
View File
@@ -52,7 +52,7 @@ class UpdateScopesResponse(BaseResponse):
# All supported application-level scopes
ALL_SUPPORTED_SCOPES = [
ALL_SUPPORTED_SCOPES = (
"notes:read",
"notes:write",
"calendar:read",
@@ -73,4 +73,4 @@ ALL_SUPPORTED_SCOPES = [
"sharing:write",
"news:read",
"news:write",
]
)