[BUG]: Schema validation behavior change may cause runtime errors #2348
Description
Summary
PR #2342 changed schema validation behavior in validate_tool_schema and validate_prompt_schema to improve MCP server compatibility. However, this introduces potential issues that should be addressed.
Issues Identified
High: Invalid schemas can now be persisted
Location: mcpgateway/db.py:5252, mcpgateway/db.py:5312
Previously, invalid schemas raised ValueError and were rejected at registration time. Now they only log a warning and are persisted. When these tools/prompts are later invoked, tool_service.py:175 calls check_schema() which will raise SchemaError, potentially causing 500 errors.
Impact: Runtime failures instead of upfront validation failures.
Medium: Default draft changed from Draft7 to Draft2020-12
Location: mcpgateway/db.py:5252, mcpgateway/db.py:5312
When a schema lacks $schema, validator_for() defaults to Draft202012Validator. The previous code always used Draft7Validator.
Impact:
- Keywords valid in Draft7 but changed in 2020-12 may behave differently
- Example:
exclusiveMinimumis boolean in Draft4/6/7 but must be a number in 2019-09/2020-12
Low: Hardcoded validator names may cause false warnings
Location: mcpgateway/db.py:5239, mcpgateway/db.py:5299
The allowed_validator_names set is hardcoded. Future jsonschema versions may add new validators that work correctly but will trigger "unsupported" warnings.
Recommendations
- Consider making validation strictness configurable via environment variable (e.g.,
SCHEMA_VALIDATION_STRICT=true) - Consider explicit default draft when
$schemais missing (e.g., default to Draft7 for backwards compatibility) - Document the behavior change so users understand schemas are validated at registration (warning) and runtime (error)
Related
- Closes: N/A (tracking issue)
- Related PR: Improved Tool Schema Validation for Broader MCP Server Compatibility #2342
- Original issue: [BUG]: Few MCP servers are not supported - Error when adding gateway #2322