marco/buildmymcpserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(marketplace): default-on share in wizard + owner unshare anytime

Browse Source 
Goal: maximize template volume without a dark pattern and without leaking data.

Wizard Done-page Share panel:
- 'Share as template in the marketplace (recommended)' checkbox, default ON,
  rendered inline in the build-success flow where every user lands.
- Honest copy — corrected a draft that claimed 'only abstracted code pattern is
  shared'. That is false: the FULL generated code becomes publicly viewable on
  the template detail page (by design, for pre-fork audit). The panel now says:
  'Your secrets stay private ... but your generated code becomes publicly
  viewable so others can audit it before forking. Unshare anytime.'
- When checked: inline minimal form — short description (prefilled from the
  spec), category select, optional per-secret credential hints. One 'Publish to
  marketplace' click. Not auto-published silently — that would be a consent dark
  pattern; one visible deliberate click keeps it clean.
- Forked servers don't show the panel (re-publishing a fork is an edge case).

Owner unshare/reshare:
- GET /v1/servers/:id/template — owner lookup, drives the Publish tab UI.
- PATCH /v1/templates/:slug/visibility { shared } — owner-only toggle between
  public and hidden. 403 for non-owners, 409 if an admin took it down (owner
  cannot resurrect an admin takedown). Audit-logged as template.unshare /
  template.reshare.
- Server-detail Publish tab now detects an existing template and shows the
  shared status (public/hidden/takedown badge), fork count, a marketplace link
  and an Unshare/Re-share button — instead of the publish form.

Why this is safe to default ON:
- Secrets are architecturally bound to mcp_servers, never copied into templates.
  Publish reads tools_schema + generated_code only; the secrets table is never
  touched. Data leak is structurally impossible, not policy-dependent.
- Publish re-scans the generated code for banned patterns AND hardcoded
  credentials (sovereign-audit hardening) before it can reach the marketplace.
- The user sees a visible, pre-ticked checkbox and reads one honest sentence
  before publishing. Privacy-conscious users untick; everyone else contributes
  volume. Informed consent, GDPR-clean.

Verified end-to-end via API:
  GET server/:id/template -> null (unpublished)
  POST /v1/templates -> published, slug share-test-server
  GET server/:id/template -> status public
  PATCH visibility {shared:false} -> hidden, drops out of public list
  PATCH visibility {shared:true} -> public again
UI: Publish tab renders the shared-status panel with View + Unshare (screenshot
confirmed).

Also: hero badge date set to 2026-05-20. Changed 'MCP spec 2025-11-25' to
'updated 2026-05-20' — claiming an MCP spec dated today would be factually wrong
(no such spec release exists); 'updated' is accurate and gives the requested
fresh date. The real spec date is still cited correctly in /docs.
This commit is contained in:
Marco Sadjadi 2026-05-20 17:04:46 +02:00
parent 2ad4a7e34c
commit a189111782
4 changed files with 357 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
apps/api/src/routes/templates.ts
View File

@ -206,6 +206,81 @@ export async function templateRoutes(app: FastifyInstance): Promise<void> {
return reply.send({ template });
});
// ---- "Is this server already published?" (owner lookup, drives the detail-page tab) ----
app.get('/v1/servers/:id/template', { preHandler: requireAuth }, async (req, reply) => {
const user = req.user!;
const Params = z.object({ id: z.string().uuid() });
const parsed = Params.safeParse(req.params);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_id' });
// Verify the server belongs to the caller's org
const [server] = await db
.select({ id: mcpServers.id })
.from(mcpServers)
.where(and(eq(mcpServers.id, parsed.data.id), eq(mcpServers.orgId, user.orgId)))
.limit(1);
if (!server) return reply.code(404).send({ error: 'not_found' });
const [template] = await db
.select({
id: templates.id,
slug: templates.slug,
title: templates.title,
status: templates.status,
verified: templates.verified,
forkCount: templates.forkCount,
})
.from(templates)
.where(eq(templates.sourceServerId, parsed.data.id))
.orderBy(desc(templates.createdAt))
.limit(1);
return reply.send({ template: template ?? null });
});
// ---- Owner visibility toggle (unshare / re-share anytime) ----
app.patch('/v1/templates/:slug/visibility', { preHandler: requireAuth }, async (req, reply) => {
const user = req.user!;
const Params = z.object({ slug: z.string().regex(SLUG_REGEX) });
const Body = z.object({ shared: z.boolean() });
const p = Params.safeParse(req.params);
const b = Body.safeParse(req.body);
if (!p.success || !b.success) return reply.code(400).send({ error: 'invalid_input' });
const [template] = await db
.select()
.from(templates)
.where(eq(templates.slug, p.data.slug))
.limit(1);
if (!template) return reply.code(404).send({ error: 'not_found' });
// Only the owner can toggle their own template. Admins use /v1/admin/templates.
if (template.ownerUserId !== user.userId) {
return reply.code(403).send({ error: 'forbidden' });
}
// A template the admin took down cannot be re-shared by the owner.
if (template.status === 'takedown') {
return reply.code(409).send({ error: 'taken_down', detail: template.takedownReason });
}
const nextStatus = b.data.shared ? 'public' : 'hidden';
await db
.update(templates)
.set({ status: nextStatus, updatedAt: new Date() })
.where(eq(templates.id, template.id));
await audit({
orgId: user.orgId,
userId: user.userId,
action: b.data.shared ? 'template.reshare' : 'template.unshare',
resourceType: 'template',
resourceId: template.id,
metadata: { slug: template.slug },
ipAddress: req.ip,
});
return reply.send({ ok: true, status: nextStatus });
});
// ---- Public list with ranking ----
app.get('/v1/templates', async (req, reply) => {
const Query = z.object({

93
apps/web/app/(dashboard)/servers/[id]/page.tsx
View File

@ -295,6 +295,15 @@ interface SecretHint {
howToGetUrl: string;
}
interface ExistingTemplate {
id: string;
slug: string;
title: string;
status: 'draft' | 'public' | 'hidden' | 'takedown';
verified: boolean;
forkCount: number;
}
function PublishPanel({ serverId, serverStatus }: { serverId: string; serverStatus: string }) {
const [title, setTitle] = useState('');
const [category, setCategory] = useState('other');
@ -305,6 +314,32 @@ function PublishPanel({ serverId, serverStatus }: { serverId: string; serverStat
const [error, setError] = useState<string | null>(null);
const [publishedSlug, setPublishedSlug] = useState<string | null>(null);
const [existing, setExisting] = useState<ExistingTemplate | null | undefined>(undefined);
async function reloadExisting() {
try {
const r = await apiFetch<{ template: ExistingTemplate | null }>(
`/v1/servers/${serverId}/template`,
);
setExisting(r.template);
} catch {
setExisting(null);
}
}
useEffect(() => {
reloadExisting();
}, [serverId]);
async function toggleVisibility(shared: boolean) {
if (!existing) return;
await apiFetch(`/v1/templates/${existing.slug}/visibility`, {
method: 'PATCH',
body: JSON.stringify({ shared }),
});
reloadExisting();
}
if (serverStatus !== 'live') {
return (
<div className="panel p-4">
@ -316,6 +351,64 @@ function PublishPanel({ serverId, serverStatus }: { serverId: string; serverStat
);
}
// Already published — show shared status + view + unshare/reshare.
if (existing) {
const isTakedown = existing.status === 'takedown';
const isShared = existing.status === 'public';
return (
<div className="panel p-4">
<div className="flex items-baseline justify-between">
<h3 className="text-[14px] font-semibold tracking-tight">Marketplace</h3>
<span
className={`mono rounded-full border px-2 py-0.5 text-[11px] ${
isTakedown
? 'border-red-400/40 bg-red-400/10 text-red-300'
: isShared
? 'border-emerald-400/40 bg-emerald-400/10 text-emerald-300'
: 'border-amber-400/40 bg-amber-400/10 text-amber-300'
}`}
>
{existing.status}
</span>
</div>
<p className="mt-1 text-[12.5px] text-[--color-fg-muted]">
Published as <span className="mono">{existing.slug}</span> ·{' '}
{existing.forkCount} fork{existing.forkCount === 1 ? '' : 's'}
{existing.verified && ' · verified'}
</p>
{isTakedown && (
<p className="mt-2 text-[12px] text-[--color-danger]">
An admin removed this template from the marketplace. You can&apos;t re-share it.
</p>
)}
<div className="mt-3 flex gap-2">
<a
href={`/templates/${existing.slug}`}
target="_blank"
rel="noreferrer"
className="inline-flex h-8 items-center rounded-md border border-[--color-border] bg-[--color-bg-elevated] px-3 text-[12.5px] text-[--color-fg] transition-colors hover:bg-[--color-bg-subtle]"
>
View in marketplace
</a>
{!isTakedown && isShared && (
<Button variant="danger" size="md" onClick={() => toggleVisibility(false)}>
Unshare
</Button>
)}
{!isTakedown && !isShared && (
<Button variant="primary" size="md" onClick={() => toggleVisibility(true)}>
Re-share
</Button>
)}
</div>
</div>
);
}
if (existing === undefined) {
return <div className="panel p-4 text-[12.5px] text-[--color-fg-muted]">Loading</div>;
}
function addHint() {
setSecretHints((h) => [...h, { key: '', description: '', howToGetUrl: '' }]);
}

188
apps/web/app/(dashboard)/servers/new/page.tsx
View File

@ -635,6 +635,15 @@ export default function NewServerPage() {
</div>
)}
{!forkedTemplateId && (
<SharePanel
serverId={result.serverId}
defaultTitle={name}
defaultShortDescription={preview?.spec.description ?? ''}
secretKeys={editable?.requiredSecrets ?? []}
/>
)}
<div className="flex justify-end gap-2">
<Button
variant="secondary"
@ -650,6 +659,185 @@ export default function NewServerPage() {
);
}
const SHARE_CATEGORIES = [
'productivity',
'developer-tools',
'data',
'communication',
'finance',
'crm',
'analytics',
'devops',
'demo',
'other',
];
function SharePanel({
serverId,
defaultTitle,
defaultShortDescription,
secretKeys,
}: {
serverId: string;
defaultTitle: string;
defaultShortDescription: string;
secretKeys: string[];
}) {
const [share, setShare] = useState(true);
const [category, setCategory] = useState('other');
const [shortDescription, setShortDescription] = useState(
defaultShortDescription.slice(0, 280),
);
const [hints, setHints] = useState<Record<string, string>>(() =>
Object.fromEntries(secretKeys.map((k) => [k, ''])),
);
const [state, setState] = useState<'idle' | 'submitting' | 'done' | 'error'>('idle');
const [error, setError] = useState<string | null>(null);
const [publishedSlug, setPublishedSlug] = useState<string | null>(null);
async function publish() {
setError(null);
if (shortDescription.trim().length < 10) {
setError('Add a short description (at least 10 characters).');
return;
}
setState('submitting');
try {
const res = await apiFetch<{ template: { slug: string } }>('/v1/templates', {
method: 'POST',
body: JSON.stringify({
serverId,
title: defaultTitle,
category,
shortDescription: shortDescription.trim(),
secretHints: secretKeys.map((k) => ({
key: k,
description: hints[k]?.trim() || `Credential required for this server (${k}).`,
})),
}),
});
setPublishedSlug(res.template.slug);
setState('done');
} catch (e) {
const detail = (e as { detail?: { error?: string; detail?: string } }).detail;
setError(detail?.detail ?? detail?.error ?? (e as Error).message);
setState('error');
}
}
if (state === 'done' && publishedSlug) {
return (
<div className="panel p-4">
<div className="flex items-baseline justify-between">
<h2 className="text-[14px] font-semibold tracking-tight">Shared to marketplace</h2>
<span className="mono text-[11px] text-emerald-300">public</span>
</div>
<p className="mt-1 text-[12.5px] text-[--color-fg-muted]">
Others can now fork it. You can unshare anytime from the server&apos;s Publish tab.
</p>
<a
href={`/templates/${publishedSlug}`}
target="_blank"
rel="noreferrer"
className="mt-3 inline-flex h-8 items-center rounded-md bg-[--color-accent] px-3 text-[12.5px] font-medium text-white transition-colors hover:bg-[#5557e8]"
>
View in marketplace
</a>
</div>
);
}
return (
<div className="panel p-4">
<label className="flex cursor-pointer items-start gap-2.5">
<input
type="checkbox"
checked={share}
onChange={(e) => setShare(e.target.checked)}
className="mt-0.5 size-3.5 accent-[--color-accent]"
/>
<div>
<div className="text-[13px] font-medium">
Share as template in the marketplace{' '}
<span className="text-[--color-fg-subtle]">(recommended)</span>
</div>
<p className="mt-1 text-[12px] leading-relaxed text-[--color-fg-muted]">
Your secrets stay private they are never copied into a template. But your{' '}
<span className="text-[--color-fg]">generated code becomes publicly viewable</span>{' '}
so others can audit it before forking. Unshare anytime.
</p>
</div>
</label>
{share && (
<div className="mt-4 space-y-3 border-t border-[--color-border] pt-4">
<div className="grid gap-3 md:grid-cols-[1fr_200px]">
<div className="space-y-1.5">
<Label hint={`${shortDescription.length}/280`}>Short description</Label>
<Input
value={shortDescription}
onChange={(e) => setShortDescription(e.target.value)}
placeholder="What does this server do, in one line?"
maxLength={280}
/>
</div>
<div className="space-y-1.5">
<Label>Category</Label>
<select
value={category}
onChange={(e) => setCategory(e.target.value)}
className="h-8 w-full rounded-md border border-[--color-border] bg-[--color-bg-subtle] px-2.5 text-[13px] focus:border-[--color-accent] focus:outline-none"
>
{SHARE_CATEGORIES.map((c) => (
<option key={c} value={c}>
{c}
</option>
))}
</select>
</div>
</div>
{secretKeys.length > 0 && (
<div className="space-y-1.5">
<Label hint="optional — helps forkers know what to paste">
Credential hints
</Label>
{secretKeys.map((k) => (
<div key={k} className="grid grid-cols-[180px_1fr] gap-2">
<div className="mono flex h-8 items-center rounded-md border border-[--color-border] bg-[--color-bg-subtle] px-2.5 text-[12px] text-[--color-fg-muted]">
{k}
</div>
<Input
value={hints[k] ?? ''}
onChange={(e) => setHints((h) => ({ ...h, [k]: e.target.value }))}
placeholder={`What is ${k}? Where does a forker get one?`}
/>
</div>
))}
</div>
)}
{error && <p className="text-[12.5px] text-[--color-danger]">{error}</p>}
<div className="flex items-center justify-between">
<p className="text-[11px] text-[--color-fg-subtle]">
Published code is re-scanned for banned patterns and hardcoded secrets.
</p>
<Button
variant="primary"
size="md"
onClick={publish}
disabled={state === 'submitting'}
>
{state === 'submitting' ? 'Publishing…' : 'Publish to marketplace'}
</Button>
</div>
</div>
)}
</div>
);
}
function safeJsonObject(s: string): Record<string, unknown> {
try {
const parsed = JSON.parse(s);

2
apps/web/app/(marketing)/page.tsx
View File

@ -96,7 +96,7 @@ export default function Landing() {
<div className="mx-auto grid max-w-6xl gap-12 px-6 py-20 md:grid-cols-[1.05fr_1fr] md:items-center md:py-28">
<div>
<span className="mono inline-block rounded-full border border-[--color-border] bg-[--color-bg-elevated] px-2.5 py-0.5 text-[11px] tracking-wide text-[--color-fg-muted]">
v0.1 MCP spec 2025-11-25
v0.1 updated 2026-05-20
</span>
<h1 className="mt-6 text-balance text-[44px] font-semibold leading-[1.05] tracking-tight md:text-[56px]">
Describe your tool.