* fix: Suppress logging output in stdio mode to prevent MCP protocol interference

In stdio mode, the MCP protocol uses stdin/stdout for JSON-RPC communication.
Any logging output to stdout/stderr breaks the protocol, causing errors in MCP clients.

This fix:
- Detects transport mode (stdio/sse/streamable-http) early in startup
- Configures Python's logging system based on mode:
  * stdio mode: Sets level to CRITICAL (suppresses INFO/DEBUG logs)
  * sse/http modes: Sets level to INFO (enables debugging logs)
- Suppresses httpx library HTTP request logging in stdio mode
- Suppresses MCP SDK's internal logging in stdio mode

Resolves issues where MCP clients see logging output as protocol errors.

* chore: Update uv.lock with package metadata

Updated lockfile after running uv sync for local testing.
Adds revision number and package upload timestamps.

* feat: Add pytest to pre-commit hooks for faster feedback

Adds pytest to pre-commit hooks to catch test failures before commit.

Benefits:
- Early bug detection (before pushing to CI)
- Fast test suite (195 tests in ~7s)
- Total pre-commit time: ~10s (acceptable for workflow)
- Same test coverage as CI, but earlier in dev cycle

The test suite uses mocking and has no external dependencies,
making it fast enough for pre-commit without disrupting flow.

* perf: Exclude slow integration tests from pre-commit hooks

Optimize pre-commit workflow by skipping 2 integration tests that
account for 53% of test execution time (2.5s out of 4.7s).

Changes:
- Pre-commit: 193 unit tests in 2s (was 195 tests in 4.7s)
- Total pre-commit time: 8.8s (was 10.6s) - 17% faster
- Integration tests still run in CI for comprehensive coverage

Impact:
- Faster developer workflow
- Maintains test quality (integration tests in CI)
- Tests marked with @pytest.mark.integration are skipped

---------

Co-authored-by: Claude <[email protected]>

* fix: Move startup log message to non-stdio mode only

The startup log message was still being output in stdio mode, interfering
with the MCP protocol. This change moves the logging.info() call inside
the non-stdio branch so it only logs for SSE/HTTP transports.

* fix: Use force=True to ensure logging configuration takes effect

Added force=True parameter to logging.basicConfig() calls to override
any logging configuration that may have been set up during module imports.
This ensures that stdio mode properly suppresses all logging output.

* test: Add integration tests for stdio mode logging behavior

- test_stdio_mode_no_log_output: Verifies stderr is empty and stdout
  only contains valid JSON-RPC messages in stdio mode
- test_sse_mode_allows_log_output: Verifies that logging works correctly
  in SSE/HTTP modes where logs are helpful

These tests ensure we don't regress on the stdio logging fix and prevent
log output from interfering with the MCP protocol.

* docs: Update CLAUDE.md to use uv for running tests and checks

Updated pre-commit checks section to use 'uv run' prefix for all
commands, matching the project's standard tooling as specified in README.

* docs: Remove unnecessary uv pip install step

uv run automatically installs dependencies from pyproject.toml,
so the explicit install step is redundant.

* docs: Remove unnecessary note from CLAUDE.md

* docs: Remove redundant text from pre-commit section

* fix: Resolve line length linting errors in test_stdio_logging.py

Split long lines to comply with 79 character limit enforced by ruff.

---------

Co-authored-by: Claude <[email protected]>

#40)

* fix: Patch MCP SDK to handle GitHub Copilot CLI empty string arguments

## Problem
GitHub Copilot CLI sends "arguments": "" (empty string) instead of
"arguments": {} (empty object) for parameterless tools, causing
"Unexpected end of JSON input" error during JSON-RPC parsing.

Claude Desktop works correctly (sends {}), so this is a Copilot CLI bug.

Tools affected:
- list_collections()
- list_archived_documents()
- list_trash()

## Root Cause
MCP SDK's Pydantic validation expects `arguments: dict[str, Any] | None`
but receives empty string from Copilot CLI. Empty string fails validation
before our code runs.

## Solution
Created a Pydantic patch that replaces CallToolRequestParams with a
subclass containing a @field_validator that coerces "" → {}

This approach:
✅ Fixes the root cause without polluting the API
✅ Keeps tool signatures clean (no dummy parameters)
✅ Handles edge case gracefully at protocol layer
✅ Mirrors solution used by Vercel AI SDK and FastMCP

The patch is applied on server startup in server.py before creating
the FastMCP instance.

## Implementation
New module: src/mcp_outline/patches/copilot_cli.py
- Creates PatchedCallToolRequestParams subclass
- Adds field_validator to coerce empty string to empty dict
- Replaces mcp.types.CallToolRequestParams with patched version

## Documentation
- ARCHITECTURE_ANALYSIS.md: Explains why server-side is needed
- FIX_OPTIONS.md: Compares different approaches
- TEST_PLAN.md: How to test with GitHub Copilot CLI
- Inline code comments document the patch

## References
- Similar issue: vercel/ai#6687
- Similar issue: jlowin/fastmcp#883

* refactor: Improve test quality and code consistency

Address code review feedback to improve test quality and maintainability:

1. Add direct unit test for Pydantic validator behavior
   - Tests core fix: empty string coercion to empty dict
   - Verifies all value types pass through correctly
   - Confirms patch idempotency

2. Remove print statements from tests
   - Tests now silent unless they fail
   - Replaced prints with assertions
   - Cleaner test output

3. Move logging import to module top
   - Consistent with project style in server.py
   - Removes lazy import pattern
   - Standard import organization

4. Fix uv.lock corruption
   - Regenerated lock file with latest dependencies
   - MCP updated from 1.20.0 to 1.21.2
   - All dependencies resolved correctly

All 209 tests pass. These changes improve code quality without affecting functionality.

---------

Co-authored-by: Claude <[email protected]>

For local/self-hosted Outline instances without AI capabilities,
the AI tool can now be disabled via environment variable to prevent
errors when AI assistants attempt to use unavailable features.

Closes #41

* docs: Add read-only mode and tool annotations todo

Add comprehensive implementation plan for:
- OUTLINE_READ_ONLY env variable (full read-only mode)
- OUTLINE_DISABLE_DESTRUCTIVE env variable (prevent deletions)
- MCP tool annotations (readOnlyHint, destructiveHint, idempotentHint)

Based on MCP spec March 2025 and research into GitHub MCP server
implementation patterns. Provides defense-in-depth approach with
both enforcement (env vars) and UX hints (annotations).

* docs: Add MCP 2025 features research to TODO

Document 5 new MCP spec features for future implementation:

High-Value Features:
- MCP Prompts (Medium priority) - Reusable workflow templates
- Progress Notifications (Medium priority) - For batch operations

Advanced Features:
- Elicitation (Low priority) - Human-in-the-loop workflows
- Sampling (Low priority) - Server-initiated LLM calls
- Argument Completions (Low priority) - IDE autocomplete

Each includes: status, FastMCP support level, benefits, complexity,
priority, use cases, code examples, and next steps.

Based on comprehensive MCP spec research (March 2025 + June 2025
updates) to identify "nice to have" features beyond tool annotations
and output schemas (already documented).

* feat: Add read-only mode and tool annotations for safer MCP usage

Implement environment-based access control (OUTLINE_READ_ONLY, OUTLINE_DISABLE_DESTRUCTIVE) and MCP 2025 tool annotations to enable safe viewer-only access and prevent accidental destructive operations. Archive operations now correctly marked as destructive since they change document state and hide content from main view.

* Reduced TODO.md size.

* refactor: Improve env variable naming and tool annotations

- Rename OUTLINE_DISABLE_DESTRUCTIVE to OUTLINE_DISABLE_DELETE for clarity
- Remove openWorldHint from search_documents (only AI tools should have it)
- Remove backward compatibility code (not yet released)
- Update all documentation and tests

All 235 tests passing.

* fix: Add missing tool annotations to get_document_id_from_title

Added readOnlyHint=True and idempotentHint=True annotations to the
get_document_id_from_title tool. This read-only search operation was
missing MCP tool annotations for proper client behavior.

All tool annotation tests now pass.

* chore: Update uv.lock after running tests

* docs: Improve README with badges, prerequisites, and troubleshooting

Major README enhancements for better user experience:

Additions:
- Badges: PyPI, Python version, License, CI status, Codecov, Docker
- Prerequisites section: Clear requirements before installation
- Troubleshooting section: Common issues and solutions
  - API connection problems
  - Tools not appearing (access control)
  - Rate limiting guidance
  - Docker deployment issues
  - Links to support resources

Improvements:
- Configuration table: Clearer notes with direct links to sections
- Tools section: Note about access control affecting availability
- Better onboarding flow for new users

These changes reduce friction for first-time users and provide
better self-service support for common issues.

* fix: Remove non-working codecov badge and unconfigured discussions link

Codecov uploads were failing due to missing CODECOV_TOKEN secret configuration. Removed codecov badge, CI upload step, and XML coverage generation. Coverage is still tracked via terminal output in CI.

Also removed GitHub Discussions link as discussions are not enabled for this repository.

---------

Co-authored-by: Claude <[email protected]>

…#48)

Sanitize API key (strip whitespace/quotes) and normalize API URL (ensure /api suffix). Add retry logic for 429 responses and case-insensitive rate-limit header parsing.

Refactor OutlineClient sanitization: extract helper, simplify URL normalization, fix linting.

Add QEMU emulation and configure build workflow to produce
multi-architecture Docker images for both x86_64 and ARM64.

Closes #50

* docs: add CONTRIBUTING.md with setup instructions

Make pre-commit install prominent to prevent CI formatting failures.

* docs: add issue and PR templates

- Bug report template with environment info
- Feature request template with use case section
- PR template reminding about pre-commit install
- Fix: use `uv run pre-commit install` (not bare pre-commit)