Skip to content

[rust-guard] Rust Guard: Deduplicate MCP unwrapping + expose dead code in permissions.rs #2012

New issue
New issue
Closed
#2013
Closed
[rust-guard] Rust Guard: Deduplicate MCP unwrapping + expose dead code in permissions.rs#2012
#2013
Assignees
lpcoxcopilot-swe-agent
Labels
refactorrust-guard
@github-actions

Description

@github-actions
github-actions
bot
opened on Mar 16, 2026

🦀 Rust Guard Improvement Report

Improvement 1: Deduplicate MCP Response Extraction

Category: Duplication
File(s): guards/github-guard/rust-guard/src/labels/backend.rs, guards/github-guard/rust-guard/src/labels/mod.rs
Effort: Small (< 15 min)
Risk: Low

Problem

backend.rs contains a private function extract_mcp_payload_json (line 499) that duplicates the logic already in labels/mod.rs's pub(crate) fn extract_mcp_response (line 91). Both functions unwrap the MCP wire format {"content":[{"type":"text","text":"(json)"}]} to the inner JSON value. The backend.rs version is called in three places (lines 338, 387, 454) but is identical in behaviour to the canonical mod.rs version which also adds useful debug logging.

Suggested Change

Delete extract_mcp_payload_json from backend.rs and replace its three call sites with super::extract_mcp_response.

Before (labels/backend.rs)

// ~~~ private duplicate at line 499 ~~~
fn extract_mcp_payload_json(response: &Value) -> Value {
    if let Some(content) = response.get("content").and_then(|v| v.as_array()) {
        if let Some(text) = content
            .first()
            .and_then(|item| item.get("text"))
            .and_then(|v| v.as_str())
        {
            if let Ok(parsed) = serde_json::from_str::(Value)(text) {
                return parsed;
            }
        }
    }
    response.clone()
}

// call sites (lines 338, 387, 454):
let pr = extract_mcp_payload_json(&response);

After (labels/backend.rs)

// Delete extract_mcp_payload_json entirely.

// call sites become:
let pr = super::extract_mcp_response(&response);

Why This Matters

  • Removes ~14 lines of duplicate logic.
  • Future improvements to MCP unwrapping (e.g. error logging, format changes) only need to be made in one place.
  • extract_mcp_response already emits host_log debug traces that are silently dropped by extract_mcp_payload_json, so the replacement is strictly more useful.

Improvement 2: Remove #![allow(dead_code)] from permissions.rs

Category: Dead Code
File(s): guards/github-guard/rust-guard/src/permissions.rs
Effort: Small (< 15 min)
Risk: Low

Problem

permissions.rs (441 lines) carries a module-level #![allow(dead_code)] suppressor (line 7). This blanket annotation hides the fact that none of the module's public items are referenced outside the filefetch_repo_permissions, get_author_integrity_tags, get_bot_integrity_tags, RepoPermissions, PermissionLevel, and Collaborator are all unused. The only consumer is lib.rs which merely declares mod permissions; without importing anything from it.

Additionally, is_bot_account (line 309) is marked #[deprecated(since = "0.2.0")] pointing to labels::is_bot as the canonical version — yet the deprecated function lives on.

Suggested Change

  1. Remove the #![allow(dead_code)] attribute from the top of permissions.rs.
  2. Delete the deprecated is_bot_account function and its test (lines 308–313, 377–392 in the test block).
  3. Run cargo check — the compiler will then surface whichever remaining items are truly unreachable, which can be removed in follow-up PRs or kept if they are intentionally scaffolded for future use (in which case a comment should say so).

Before (permissions.rs top)

//! Repository permission helpers
// ...

#![allow(dead_code)]   // ← silences everything

use crate::labels::{constants::label_constants, is_bot, MEDIUM_BUFFER_SIZE};
#[deprecated(since = "0.2.0", note = "Use `labels::is_bot` instead")]
pub fn is_bot_account(username: &str) -> bool {
    is_bot(username)
}

After

//! Repository permission helpers
// ...
// (no module-level allow attribute)

use crate::labels::{constants::label_constants, is_bot, MEDIUM_BUFFER_SIZE};
// is_bot_account removed; all callers should use labels::is_bot directly

Why This Matters

  • Blanket #![allow(dead_code)] on a whole module is a code-smell that can hide unused scaffolding for months.
  • Removing it lets the compiler guide cleanup rather than silently accumulating dead weight in the WASM binary.
  • Removing the deprecated shim eliminates a dependency on is_bot purely to wrap it.

Codebase Health Summary

  • Total Rust files: 10
  • Total lines: 5,806
  • Areas analyzed: lib.rs, permissions.rs, tools.rs, labels/mod.rs, labels/backend.rs, labels/constants.rs, labels/helpers.rs, labels/response_items.rs, labels/response_paths.rs, labels/tool_rules.rs
  • Areas with no further improvements identified (this run): none yet — first run, cache was empty

Generated by Rust Guard Improver • Run: §23128064833

Generated by Rust Guard Improver ·

  • expires on Mar 23, 2026, 4:37 AM UTC

Metadata

Metadata

Assignees

Labels

refactorrust-guard

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions