diff --git a/README.md b/README.md index 37ef6326..6bb80f75 100644 --- a/README.md +++ b/README.md @@ -88,13 +88,16 @@ Restricts which repositories a guard allows and at what integrity level: **`approval-labels`** *(optional)* — Array of GitHub label names that promote a content item's effective integrity to `approved` when present. Enables human-review gates where a maintainer labels an item to allow it through. Uses `max(base, approved)` so it never lowers integrity. Does not override `blocked-users`. +**`trusted-users`** *(optional)* — Array of GitHub usernames whose content is unconditionally elevated to `approved` integrity. Useful for granting specific external contributors (e.g., trusted open-source maintainers) the same treatment as repository members, without lowering `min-integrity` globally. Uses `max(base, approved)` so it never lowers integrity. Does not override `blocked-users`. + ```json "guard-policies": { "allow-only": { "repos": ["myorg/*"], "min-integrity": "approved", "blocked-users": ["spam-bot", "compromised-user"], - "approval-labels": ["human-reviewed", "safe-for-agent"] + "approval-labels": ["human-reviewed", "safe-for-agent"], + "trusted-users": ["alice", "trusted-contributor"] } } ``` diff --git a/docs/CONFIGURATION.md b/docs/CONFIGURATION.md index 9642392f..bf70b907 100644 --- a/docs/CONFIGURATION.md +++ b/docs/CONFIGURATION.md @@ -198,6 +198,12 @@ min-integrity = "unapproved" - `"approved"` - Approved contributor level (includes objects with author_association: OWNER, MEMBER, COLLABORATOR) - `"merged"` - Merged to main branch (any object reachable from the main branch, regardless of authorship) +- **`blocked-users`** *(optional)*: Array of GitHub usernames whose content is unconditionally blocked. Items from these users receive `blocked` integrity (below `none`) and are always denied, even when `min-integrity` is `"none"`. Cannot be overridden by `approval-labels` or `trusted-users`. + +- **`approval-labels`** *(optional)*: Array of GitHub label names that promote a content item's effective integrity to `approved` when present. Uses `max(base, approved)` so it never lowers integrity. Does not override `blocked-users`. + +- **`trusted-users`** *(optional)*: Array of GitHub usernames whose content is unconditionally elevated to `approved` integrity. Useful for granting specific external contributors the same treatment as repository members without lowering `min-integrity` globally. Uses `max(base, approved)` so it never lowers integrity. Does not override `blocked-users`. + - **Meaning**: Restricts the GitHub MCP server to only access specified repositories. Tools like `get_file_contents`, `search_code`, etc. will only work on allowed repositories. Attempts to access other repositories will be denied by the guard policy. ### write-sink (output servers) diff --git a/docs/ENVIRONMENT_VARIABLES.md b/docs/ENVIRONMENT_VARIABLES.md index c99a4bbd..51321530 100644 --- a/docs/ENVIRONMENT_VARIABLES.md +++ b/docs/ENVIRONMENT_VARIABLES.md @@ -32,7 +32,7 @@ When running locally (`run.sh`), these variables are optional (warnings shown if | `DEBUG_COLORS` | Control colored debug output (0 to disable, auto-disabled when piping) | Auto-detect | | `RUNNING_IN_CONTAINER` | Manual override; set to `"true"` to force container detection when `/.dockerenv` and cgroup detection are unavailable | (unset) | -**Note:** `PORT`, `HOST`, and `MODE` are not read by the `awmg` binary directly. However, `run.sh` does use `HOST` (default: `0.0.0.0`) and `MODE` (default: `--routed`) to set the bind address and routing mode. Use the `--listen` and `--routed`/`--unified` flags when running `awmg` directly. +**Note:** `PORT`, `HOST`, and `MODE` are not read by the `awmg` binary directly. However, `run.sh` uses `HOST` (default: `0.0.0.0`), `MODE` (default: `--routed`), and falls back to `PORT` (when `MCP_GATEWAY_PORT` is unset) to set the bind address and routing mode. Use the `--listen` and `--routed`/`--unified` flags when running `awmg` directly. ## Containerized Deployment Variables diff --git a/docs/PROXY_MODE.md b/docs/PROXY_MODE.md index 681dd287..1a56a2fa 100644 --- a/docs/PROXY_MODE.md +++ b/docs/PROXY_MODE.md @@ -71,6 +71,8 @@ Write operations (PUT, POST, DELETE, PATCH) pass through unmodified. | `--github-api-url` | `https://api.github.com` | Upstream GitHub API URL | | `--tls` | `false` | Enable HTTPS with auto-generated self-signed certificates | | `--tls-dir` | `/proxy-tls` | Directory for generated TLS certificate files | +| `--trusted-bots` | *(disabled)* | Additional trusted bot usernames (comma-separated, extends built-in list) | +| `--trusted-users` | *(disabled)* | User logins that receive approved integrity (comma-separated) | ## DIFC Pipeline