Merged
Conversation
Reflect upstream changes through toolhive-registry-server v1.2.0: - Drop references to the ToolHive source format; the Registry Server now only accepts the upstream MCP registry format (#724). - Document the PUT /v1/entries/{type}/{name}/claims endpoint and the requirement that publish requests include claims when authentication is enabled (#720, #727). - Document the single managed source limit and the 409 response on duplicate creation (#719). - Document database password config fields, THV_REGISTRY_DATABASE_* environment variables, and the precedence order over pgpass (#716). - Document the THV_REGISTRY_COMPRESS_RESPONSE, WATCH_NAMESPACE, LEADER_ELECTION_ID, and INSECURE_URL environment variables. - Update managed source endpoint references to /v1/entries paths and refine auth-only mode description (role pass-through, /v1/me).
- Drop 'static' from password precedence lead-in so dynamic auth appearing as item 1 no longer contradicts the framing. - Reword the consumer-reads bullet in managed-source operations to match the METHOD/path shape of the other bullets. - Pull the claims requirement out of the publish bullet parenthetical into a dedicated follow-on sentence. - Clarify rule 3 on claim consistency for first-version-had-no-claims. - Tighten the auth-only mode wording on /v1/me. - Trim the skills publish note and fix "deploy guides" singular link.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
There was a problem hiding this comment.
Pull request overview
Updates ToolHive Registry Server documentation to reflect behavior through toolhive-registry-server v1.2.0, including endpoint changes, upstream-only schema support, and updated auth/claims and configuration guidance.
Changes:
- Clarifies schema/format support: Registry Server is upstream-format-only; CLI/UI retain legacy ToolHive format support for built-in/file registries.
- Documents updated managed-source admin APIs (
/v1/entries, claims update endpoint) and related authorization/claims rules (including URL-encoded%2Fname handling). - Expands configuration docs (managed-source constraints, environment variable overrides, and DB password precedence/options).
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| docs/toolhive/reference/registry-schema-upstream.mdx | Clarifies upstream-only support for Registry Server; positions legacy format as CLI/UI-only. |
| docs/toolhive/reference/registry-schema-toolhive.mdx | Marks ToolHive-native schema as legacy and scopes its support appropriately. |
| docs/toolhive/guides-registry/skills.mdx | Updates skill publish/claims guidance and documents %2F encoding for entry-name paths. |
| docs/toolhive/guides-registry/intro.mdx | Updates managed source description to reflect /v1/entries admin API publishing. |
| docs/toolhive/guides-registry/deploy-operator.mdx | Removes format: upstream from examples and updates troubleshooting wording to schema mismatch. |
| docs/toolhive/guides-registry/deploy-manual.mdx | Removes format: upstream from the embedded config example. |
| docs/toolhive/guides-registry/database.mdx | Documents password/migrationPassword fields, env vars, and precedence/pgpass guidance. |
| docs/toolhive/guides-registry/configuration.mdx | Removes format-selection section, documents managed-source limits, ops, and adds env var override section. |
| docs/toolhive/guides-registry/authorization.mdx | Updates claims rules, adds claims update endpoint documentation, and refines auth-only mode behavior. |
- Replace "Pick one" in database password section with a framing that matches the precedence chain that follows. - Broaden the "separate database users" guidance so it applies to every credential-delivery method, not just pgpass. - Drop the redundant "(consumer reads)" trailer from the GET bullet. - Smooth the claim-consistency sentence in authorization rule 3.
Match the indented list style used elsewhere in the same Deployment block and across the doc set. The flush style was valid YAML but inconsistent with surrounding examples.
JAORMX
approved these changes
Apr 21, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Updates the Registry Server documentation to reflect behavior through
toolhive-registry-serverv1.2.0. Five verification agents cross-checkedevery modified claim against the upstream Go source before the review pass.
Covered upstream changes:
accepts the upstream MCP registry format.
format: upstreamis removedfrom every example.
/v1/entries/{type}/{name}/claimsendpoint documented(including
%2FURL-encoding of names and the JWT-satisfies-both-sidesauthorization rule).
rules list; rule 3 now covers the asymmetric "one side had claims, the
other didn't" case that previously succeeded silently.
409 Conflict; startup validation rejects the duplicate combinations).password/migrationPasswordconfig fields andTHV_REGISTRY_DATABASE_PASSWORD/THV_REGISTRY_DATABASE_MIGRATIONPASSWORDenvironment variables documented, with explicit precedence:
dynamicAuth> config field / env var > pgpass file.configuration.mdxcoveringTHV_REGISTRY_COMPRESS_RESPONSE,WATCH_NAMESPACE,LEADER_ELECTION_ID,INSECURE_URL, and the generalTHV_REGISTRY_*override pattern.GET /v1/mereports every defined role.(Registry Server is upstream-only; CLI/UI still accept the legacy
ToolHive format for the built-in registry and file-based registries).
The second commit on this branch addresses internal editorial review
(wording tightening, bullet-shape consistency, split-out of an overloaded
parenthetical, and a singular/plural link fix).
Type of change
Related issues/PRs
Tracks upstream releases up through
toolhive-registry-serverv1.2.0.Submitter checklist
Content and formatting
🤖 Generated with Claude Code