( name: string, config: unknown, scope: ConfigScope, )
| 623 | * @throws Error if name is invalid or server already exists, or if the config is invalid |
| 624 | */ |
| 625 | export async function addMcpConfig( |
| 626 | name: string, |
| 627 | config: unknown, |
| 628 | scope: ConfigScope, |
| 629 | ): Promise<void> { |
| 630 | if (name.match(/[^a-zA-Z0-9_-]/)) { |
| 631 | throw new Error( |
| 632 | `Invalid name ${name}. Names can only contain letters, numbers, hyphens, and underscores.`, |
| 633 | ) |
| 634 | } |
| 635 | |
| 636 | // Block reserved server name "claude-in-chrome" |
| 637 | if (isClaudeInChromeMCPServer(name)) { |
| 638 | throw new Error(`Cannot add MCP server "${name}": this name is reserved.`) |
| 639 | } |
| 640 | |
| 641 | if (feature('CHICAGO_MCP')) { |
| 642 | const { isComputerUseMCPServer } = await import( |
| 643 | '../../utils/computerUse/common.js' |
| 644 | ) |
| 645 | if (isComputerUseMCPServer(name)) { |
| 646 | throw new Error(`Cannot add MCP server "${name}": this name is reserved.`) |
| 647 | } |
| 648 | } |
| 649 | |
| 650 | // Block adding servers when enterprise MCP config exists (it has exclusive control) |
| 651 | if (doesEnterpriseMcpConfigExist()) { |
| 652 | throw new Error( |
| 653 | `Cannot add MCP server: enterprise MCP configuration is active and has exclusive control over MCP servers`, |
| 654 | ) |
| 655 | } |
| 656 | |
| 657 | // Validate config first (needed for command-based policy checks) |
| 658 | const result = McpServerConfigSchema().safeParse(config) |
| 659 | if (!result.success) { |
| 660 | const formattedErrors = result.error.issues |
| 661 | .map(err => `${err.path.join('.')}: ${err.message}`) |
| 662 | .join(', ') |
| 663 | throw new Error(`Invalid configuration: ${formattedErrors}`) |
| 664 | } |
| 665 | const validatedConfig = result.data |
| 666 | |
| 667 | // Check denylist (with config for command-based checks) |
| 668 | if (isMcpServerDenied(name, validatedConfig)) { |
| 669 | throw new Error( |
| 670 | `Cannot add MCP server "${name}": server is explicitly blocked by enterprise policy`, |
| 671 | ) |
| 672 | } |
| 673 | |
| 674 | // Check allowlist (with config for command-based checks) |
| 675 | if (!isMcpServerAllowedByPolicy(name, validatedConfig)) { |
| 676 | throw new Error( |
| 677 | `Cannot add MCP server "${name}": not allowed by enterprise policy`, |
| 678 | ) |
| 679 | } |
| 680 | |
| 681 | // Check if server already exists in the target scope |
| 682 | switch (scope) { |
no test coverage detected