andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-05-07 18:19:00 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
909ebd869bcb8284bfe71b524074cbf809169741
crewAI/lib/crewai/tests
History
Devin AI 909ebd869b feat: add MCP security layer for message signing, tool integrity, and replay protection 
Addresses issue #4875 - MCP tool calling has no per-message authentication
or integrity verification.

Adds:
- MCPSecurityConfig: Pydantic model for security settings (agent identity,
  key pairs, Trust Authority keys, signing/verification toggles)
- MCPSecurityManager: Stateful manager handling ECDSA P-256 key generation,
  agent passport creation/signing, message signing/verification, tool
  integrity checks, and nonce-based replay protection
- Integration into MCPClient, MCPToolResolver, and all config models
  (MCPServerStdio, MCPServerHTTP, MCPServerSSE)
- 30 comprehensive tests covering all security features and graceful
  degradation when mcp-secure is not installed

Uses the mcp-secure library (optional dependency) which implements the
IETF draft-sharif-mcps-secure-mcp specification.

Co-Authored-By: João <joao@crewai.com>
2026-03-14 17:47:51 +00:00
..
a2a
feat: add a2a liteagent, auth, transport negotiation, and file support
2026-01-30 17:10:00 -05:00
agents
Addressing MCP tools resolutions & eliminates all shared mutable connection (#4792)
2026-03-10 14:00:40 -04:00
cassettes
ci: add slack notification on successful pypi publish
2026-03-13 12:05:52 -04:00
cli
fix: use anon id for ephemeral traces
2026-03-04 00:45:09 -05:00
config
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
crew
feat: async crew support
2025-12-04 16:53:19 -05:00
events
Fix tool error causing double event scope pop (#4373)
2026-02-04 20:34:08 -03:00
experimental
fix: ensure otel span is closed
2025-12-05 13:23:26 -05:00
hooks
feat: implement before and after tool call hooks in CrewAgentExecutor… (#4287)
2026-01-27 14:56:50 -08:00
knowledge
feat: async knowledge support (#4023)
2025-12-04 10:27:52 -08:00
llms
fix(bedrock): group parallel tool results in single user message (#4775)
2026-03-10 17:28:40 -03:00
mcp
feat: add MCP security layer for message signing, tool integrity, and replay protection
2026-03-14 17:47:51 +00:00
memory
fix: resolve LockException under concurrent multi-process execution
2026-03-11 11:15:24 -04:00
pipeline
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
project
fix: hash callback args correctly to ensure caching works
2025-11-05 07:19:09 -05:00
rag
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
security
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
storage
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
task
feat: async task support (#4024)
2025-12-04 13:34:29 -08:00
telemetry
fix(telemetry): skip signal handler registration in non-main threads
2026-03-02 07:42:55 -05:00
tools
fix: validate tool kwargs even when empty to prevent cryptic TypeError (#4611)
2026-02-26 16:18:03 -05:00
tracing
fix: add cross-process and thread-safe locking to unprotected I/O (#4827)
2026-03-13 12:28:11 -07:00
utilities
fix: inject tool errors as observations and resolve name collisions
2026-03-01 00:46:04 -05:00
__init__.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_agent_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_async_human_feedback.py
fix: update llm parameter handling in human_feedback function (#4801)
2026-03-10 14:27:09 -03:00
test_context.py
Lorenze/imp/native tool calling (#4258)
2026-01-22 17:44:03 -08:00
test_crew_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_crew_thread_safety.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_crew.py
fix: propagate contextvars across all thread and executor boundaries
2026-03-13 00:32:22 -04:00
test_custom_llm.py
feat: async llm support
2025-12-01 18:56:56 -05:00
test_flow_ask.py
Implement user input handling in Flows (#4490)
2026-02-16 18:41:03 -03:00
test_flow_default_override.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_flow_human_input_integration.py
refactor: extract hitl to provider pattern
2026-02-04 15:40:22 -05:00
test_flow_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_flow_persistence.py
Lorenze/enh decouple executor from crew (#4209)
2026-01-20 21:44:45 -08:00
test_flow_resumability_regression.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_flow_visualization.py
fix: ensure fuzzy returns are more strict, show type warning
2025-11-24 17:35:12 -05:00
test_flow.py
fix: add missing list/dict methods to LockedListProxy and LockedDictProxy
2026-03-09 09:38:35 -04:00
test_hallucination_guardrail.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_human_feedback_decorator.py
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
test_human_feedback_integration.py
Enhance HITL self-loop functionality in human feedback integration tests (#4493)
2026-02-15 21:54:42 -05:00
test_imports.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_llm.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_markdown_task.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_multimodal_validation.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_project.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
test_streaming_integration.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
test_streaming.py
Add call_id to LLM events for correlating requests (#4281)
2026-02-03 10:10:33 -03:00
test_task_guardrails.py
fix: resolve race condition in guardrail event emission test
2026-02-03 09:06:48 -05:00
test_task.py
fix: map output_pydantic/output_json to native structured output
2026-02-25 17:13:34 -05:00
utils.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00