codegen mcp and codegen claude commands

[jayhack]

Motivation

Content

Testing

Please check the following before marking your PR as ready for review

• I have added tests for my changes
• I have updated the documentation or added new documentation as needed

[codegen-sh]

High-level review (diff too large to load via API)

I tried to load the diff via the GitHub API but it exceeds the size limit, so I can’t leave inline comments. Here’s a comprehensive, actionable review based on the PR title and typical codegen CLI patterns. If you can split this PR or point me to the key files (CLI entry, commands, config, Anthropic/MCP adapters), I’ll follow up with line-level comments.

Architecture and design

• Command surface: Consider a consistent, extensible CLI shape:
  • Option A: codegen chat --provider=claude [flags] and codegen mcp [subcommands]
  • Option B: codegen providers claude … and codegen mcp …
  • Avoid hard-coding vendor-specific top-level commands unless you intend to add codegen openai, codegen gemini, etc. soon.
• Provider abstraction: Introduce a Provider interface (sendMessage, stream, tools, rateLimitPolicy, modelCapabilities) so Claude is a drop-in impl. This reduces branching in command handlers and keeps future providers easy.
• Config and auth: Define a single config source and precedence order (flags > env > user config file > project config). Document env vars (e.g., ANTHROPIC_API_KEY), config keys, and default model, timeout, base URL.
• Dependency boundaries: Keep Anthropic-specific code in a separate module (e.g., providers/anthropic.ts) and wire via DI. Avoid leaking provider details into CLI plumbing.
• MCP lifecycle: If you’re spawning local MCP servers or connecting to remote ones, handle:
  • Startup/teardown with SIGINT/SIGTERM
  • Timeouts and retry/backoff when servers are slow or unreachable
  • Safe defaults (deny-all tools until explicitly allowed; prompt clear consent)
  • A secure allowlist for hosts/commands; opt-in for risky tools

Code quality and reliability

• Error handling:
  • Return non-zero exit codes on failure; distinct codes for usage vs network vs provider errors
  • Helpful messages with next steps (e.g., “Set ANTHROPIC_API_KEY or pass --api-key”)
  • Redact secrets in logs and error messages
• Networking:
  • Add timeouts and retry with jitter for 429/5xx; respect Retry-After
  • Support a --no-stream flag and TTY detection for streaming output
  • Abort/cancel on Ctrl+C; ensure open streams/processes are closed
• Logging & verbosity:
  • --verbose/--debug flags; send human output to stdout and diagnostics to stderr
  • Optional JSON logs for scripting
• Performance:
  • Lazy import heavy SDKs; avoid bundling unused providers
  • Stream tokens when possible; flush promptly

Security and privacy

• Do not log request bodies or headers containing keys
• Mask secrets in config and diagnostics
• Consider OS keychain integration for storing API keys
• Validate MCP tool inputs; never shell-exec untrusted strings without escaping; prefer explicit argument lists

Testing

• Unit tests:
  • CLI parsing and flag precedence
  • Provider adapter against mocked Anthropic client (success, 4xx/5xx, 429, timeouts)
  • Streaming vs non-streaming output
  • Missing API key, invalid model, invalid MCP endpoint
• Integration tests:
  • Happy-path chat invocation with fixture responses
  • MCP roundtrip with a stub server; cancellation behavior on SIGINT
• Snapshot/golden tests for CLI output (help, error messages)
• Cross-platform: run key tests on macOS, Linux, Windows (paths, signals, sockets)

Documentation

• Update README/CLI docs:
  • New commands, flags, examples (non-streaming, piping, JSON output)
  • Configuration options and precedence
  • Auth: env vars, config file, and (if applicable) keychain usage
  • MCP safety model: how to review/allow tools, prompts about side effects
• --help should be complete, with examples and defaults
• If adding new config schema, provide a JSON schema and sample file

Maintainability

• Keep commands small; push business logic into services/adapters
• Centralize constants (default model, timeouts, retries)
• Ensure types are explicit (request/response shapes, stream token events)

Suggested follow-ups to make reviewable

1. Split into two PRs:
   • Core plumbing + provider interface + config/flags
   • Claude provider + MCP integration
2. Or, provide pointers to key files for a targeted pass:
   • CLI entry and command registration
   • providers/anthropic.* and services/claude.*
   • commands/claude.* and commands/mcp.*
   • config/auth modules and any new utils
   • tests for the above

Once I have access to a smaller diff or file pointers, I’ll add line-specific feedback (naming, error handling, streaming, retries, and any edge cases I can spot). Great addition—excited to see MCP and Claude support land!

[codecov]

Codecov Report

❌ Patch coverage is 10.63218% with 622 lines in your changes missing coverage. Please review.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
src/codegen/cli/commands/claude/main.py	7.40%	150 Missing ⚠️
src/codegen/cli/commands/claude/hooks.py	13.33%	104 Missing ⚠️
src/codegen/cli/mcp/tools/dynamic.py	0.00%	96 Missing ⚠️
src/codegen/cli/commands/integrations/main.py	19.54%	70 Missing ⚠️
src/codegen/cli/mcp/tools/static.py	0.00%	53 Missing ⚠️
src/codegen/cli/commands/tools/main.py	16.36%	46 Missing ⚠️
src/codegen/cli/mcp/api_client.py	0.00%	29 Missing ⚠️
src/codegen/cli/commands/mcp/main.py	16.66%	25 Missing ⚠️
src/codegen/cli/mcp/runner.py	0.00%	24 Missing ⚠️
src/codegen/cli/mcp/tools/executor.py	0.00%	16 Missing ⚠️
... and 4 more