From d99008e4f2ba3b36fe827f22e5db59e54e622433 Mon Sep 17 00:00:00 2001 From: Santiago Medina Rolong Date: Mon, 29 Jun 2026 15:47:22 -0700 Subject: [PATCH] docs(mcp): correct mcp --help to document first-run browser login The v1.2.1 'mcp' help text still claimed the bridge 'never opens a browser itself; if no token exists it exits with that instruction', but v1.2.1 changed bootstrap() to open the browser for a first-run OAuth2 login when no token is cached. Update the help to describe that behavior and point remote/headless hosts at 'xurl auth oauth2 --headless'. Docs-only; no behavior change. Add a v1.2.2 CHANGELOG entry. --- CHANGELOG.md | 6 ++++++ cli/mcp.go | 9 +++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b63df8f..ca07d0a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ All user-visible bugs and enhancements should be recorded here. +## v1.2.2 - 2026-06-29 + +### Fixed + +- [2026-06-29] `mcp --help` no longer contradicts the bridge's behavior. The v1.2.1 help text still said the bridge "never opens a browser itself; if no token exists it exits with that instruction", but v1.2.1 changed the bridge to open the browser for a first-run OAuth2 login when no token is cached. The help now documents that, and points remote/headless hosts to `xurl auth oauth2 [--app NAME] --headless`. + ## v1.2.1 - 2026-06-29 ### Changed diff --git a/cli/mcp.go b/cli/mcp.go index 58d227c..1ff19d3 100644 --- a/cli/mcp.go +++ b/cli/mcp.go @@ -736,10 +736,11 @@ session id is maintained across requests. The access token is resolved exactly like 'xurl token': an existing token is refreshed automatically as it expires (including a forced refresh on a 401). -Authenticate once before starting the bridge with 'xurl auth oauth2 [--app NAME]' -(add --headless on a remote/headless machine). The bridge never opens a browser -itself; if no token exists it exits with that instruction. All diagnostics go to -stderr so stdout stays a clean JSON-RPC channel. +If no token is cached, the bridge opens the browser for an interactive OAuth2 +login on startup and blocks until it completes, so a first run needs no separate +'xurl auth oauth2' step. On a remote/headless machine without a browser, +authenticate first with 'xurl auth oauth2 [--app NAME] --headless'. All +diagnostics go to stderr so stdout stays a clean JSON-RPC channel. If URL is omitted it defaults to ` + defaultMCPURL + `.