fix(observability): demote MCP auth-required 401#4237
Conversation
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughAdds an early classifier arm in MCP 401 Demotion
Docs Link Update
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~5 minutes Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
The localized README link fixes are intentionally included because the repository-wide required Markdown Link Check fails on current upstream/main for those stale links, even though #4174 is an observability fix. They are isolated in the docs commit and unblock the required gate; no product behavior changes. |
# Conflicts: # docs/README.de.md # docs/README.ja-JP.md # docs/README.ko.md # docs/README.ur-pk.md # docs/README.zh-CN.md
- ops_install.rs: keep this PR's should_report_install_fetch_status helper + debug breadcrumb at the SKILL.md fetch emit site (functionally equivalent to main's inline !is_client_error() from tinyhumansai#4188, but the helper is re-exported, reused by this PR's tests, and pairs with the new before_send guard). Preserved main's TAURI-RUST-CGE rationale comment. - docs/README.*.md (de/ja-JP/ko/ur-pk/zh-CN): take main's already-merged link fixes (Discussions link, canonical star-history) — this PR carried the same fixes from tinyhumansai#4237, now superseded on main.
Summary
ProviderUserState.McpUnauthorizedErrordisplay shapes with and without resource metadata.upstream/main.Problem
Remote MCP servers can return HTTP 401 when the user needs to complete OAuth/sign-in. The MCP connection path already records that as
needs_authfor the UI, but the RPC boundary re-raised the typed error display string andexpected_error_kinddid not classify it. That made expected user-state show up as Sentry errors.The required Markdown Link Check also fails on current
upstream/mainbecause several localized README files still point to a Reddit URL returning 403 and a Star History URL fragment that no longer resolves. Those docs changes are separated in docs commits and do not affect runtime behavior.Solution
expected_error_kindmatcher anchored onmcp unauthorized for+http 401.ProviderUserState, matching other third-party auth/user-state demotions.Submission Checklist
## Related— N/A: no feature matrix IDs apply.docs/RELEASE-MANUAL-SMOKE.md) — N/A: no release smoke surface changed.Closes #NNNin the## RelatedsectionImpact
Desktop/core RPC observability only. Users still see the MCP server auth-required state via the existing
needs_authpath; Sentry no longer treats that expected state as an application defect. No migration, network, or compatibility impact. Docs link updates only affect README link-check health.Related
AI Authored PR Metadata (required for Codex/Linear PRs)
Linear Issue
Commit & Branch
fix/GH-4174-mcp-401-expected7c9c1caf3d9bc720072a5ad0ea97028a957f111cValidation Run
pnpm --filter openhuman-app format:check— N/A: frontend not changed.pnpm typecheck— N/A: frontend not changed.GGML_NATIVE=OFF cargo test --manifest-path Cargo.toml --lib classifies_mcp_unauthorized_401_as_provider_user_stateGGML_NATIVE=OFF cargo test --manifest-path Cargo.toml --lib does_not_classify_unrelated_401_as_mcp_user_stateGGML_NATIVE=OFF cargo test --manifest-path Cargo.toml --lib core::observability::testscargo fmt --manifest-path Cargo.toml --checkgit diff --checkGGML_NATIVE=OFF cargo check --manifest-path Cargo.tomlValidation Blocked
command:N/Aerror:N/Aimpact:N/ABehavior Changes
needs_authUI behavior is preserved.Parity Contract
Duplicate / Superseded PR Handling
Summary by CodeRabbit
Bug Fixes
Documentation