remove static checker param and clean up

kerobbi · kerobbi · commit 10757aba2ea7 · 2026-01-28T17:15:13.000Z
diff --git a/pkg/http/features.go b/pkg/http/features.go
diff --git a/pkg/http/handler.go b/pkg/http/handler.go
@@ -47,7 +47,7 @@ func WithInventoryFactory(f InventoryFactoryFunc) HandlerOption {
 	}
 }
 
-func WithHandlerFeatureChecker(checker inventory.FeatureFlagChecker) HandlerOption {
+func WithFeatureChecker(checker inventory.FeatureFlagChecker) HandlerOption {
 	return func(o *HandlerOptions) {
 		o.FeatureChecker = checker
 	}
diff --git a/pkg/http/server.go b/pkg/http/server.go
@@ -8,16 +8,26 @@ import (
 	"net/http"
 	"os"
 	"os/signal"
+	"slices"
 	"syscall"
 	"time"
 
+	ghcontext "github.com/github/github-mcp-server/pkg/context"
 	"github.com/github/github-mcp-server/pkg/github"
+	"github.com/github/github-mcp-server/pkg/inventory"
 	"github.com/github/github-mcp-server/pkg/lockdown"
 	"github.com/github/github-mcp-server/pkg/translations"
 	"github.com/github/github-mcp-server/pkg/utils"
 	"github.com/go-chi/chi/v5"
 )
 
+// knownFeatureFlags are the feature flags that can be enabled via X-MCP-Features header.
+// Only these flags are accepted from headers.
+var knownFeatureFlags = []string{
+	github.FeatureFlagHoldbackConsolidatedProjects,
+	github.FeatureFlagHoldbackConsolidatedActions,
+}
+
 type ServerConfig struct {
 	// Version of the server
 	Version string
@@ -83,7 +93,7 @@ func RunHTTPServer(cfg ServerConfig) error {
 		repoAccessOpts = append(repoAccessOpts, lockdown.WithTTL(*cfg.RepoAccessCacheTTL))
 	}
 
-	featureChecker := CreateHTTPFeatureChecker(nil)
+	featureChecker := createHTTPFeatureChecker()
 
 	deps := github.NewRequestDeps(
 		apiHost,
@@ -97,7 +107,7 @@ func RunHTTPServer(cfg ServerConfig) error {
 
 	r := chi.NewRouter()
 
-	handler := NewHTTPMcpHandler(ctx, &cfg, deps, t, logger, WithHandlerFeatureChecker(featureChecker))
+	handler := NewHTTPMcpHandler(ctx, &cfg, deps, t, logger, WithFeatureChecker(featureChecker))
 	handler.RegisterRoutes(r)
 
 	addr := fmt.Sprintf(":%d", cfg.Port)
@@ -130,3 +140,20 @@ func RunHTTPServer(cfg ServerConfig) error {
 	logger.Info("server stopped gracefully")
 	return nil
 }
+
+// createHTTPFeatureChecker creates a feature checker that reads header features from context
+// and validates them against the knownFeatureFlags whitelist
+func createHTTPFeatureChecker() inventory.FeatureFlagChecker {
+	// Pre-compute whitelist as set for O(1) lookup
+	knownSet := make(map[string]bool, len(knownFeatureFlags))
+	for _, f := range knownFeatureFlags {
+		knownSet[f] = true
+	}
+
+	return func(ctx context.Context, flag string) (bool, error) {
+		if knownSet[flag] && slices.Contains(ghcontext.GetHeaderFeatures(ctx), flag) {
+			return true, nil
+		}
+		return false, nil
+	}
+}

Original file line number	Diff line number	Diff line change
`@@ -47,7 +47,7 @@ func WithInventoryFactory(f InventoryFactoryFunc) HandlerOption {`
`47`	`47`	`}`
`48`	`48`	`}`
`49`	`49`
`50`		`-func WithHandlerFeatureChecker(checker inventory.FeatureFlagChecker) HandlerOption {`
	`50`	`+func WithFeatureChecker(checker inventory.FeatureFlagChecker) HandlerOption {`
`51`	`51`	`return func(o *HandlerOptions) {`
`52`	`52`	`o.FeatureChecker = checker`
`53`	`53`	`}`