{
  "repository": "https://github.com/ymw0407/auth-fetch-mcp",
  "commit_source": "git_rev_parse",
  "commit_sha": "d4dedaf55c1d39228dbed58807ea1f9fac1328e1",
  "submitted_target": {
    "target_kind": "git_ref",
    "commit_sha": "98f381d1298b6b7e7ff29d7a7851f18ea5f2364c",
    "version": "3.0.1",
    "ref": "v3.0.1",
    "display": "auth-fetch-mcp v3.0.1 (vulnerable)"
  },
  "variant_target": {
    "target_kind": "git_ref",
    "commit_sha": "d4dedaf55c1d39228dbed58807ea1f9fac1328e1",
    "version": "3.0.2",
    "ref": "v3.0.2",
    "display": "auth-fetch-mcp v3.0.2 (fixed; contains fix 177ec5f8ee9c2d5749035777e562f699971b0da9) — redirect bypass confirmed on this ref"
  },
  "additional_tested_refs": [
    {
      "target_kind": "git_ref",
      "commit_sha": "a4b92452dc9332fb4063225f3d8842f3602a54a3",
      "version": "3.0.2",
      "ref": "origin/main",
      "display": "auth-fetch-mcp origin/main (latest default branch) — redirect bypass confirmed on this ref"
    },
    {
      "target_kind": "git_ref",
      "commit_sha": "98f381d1298b6b7e7ff29d7a7851f18ea5f2364c",
      "version": "3.0.1",
      "ref": "v3.0.1",
      "display": "auth-fetch-mcp v3.0.1 (vulnerable) — redirect bypass also reproduces here"
    }
  ],
  "fix_commit": "177ec5f8ee9c2d5749035777e562f699971b0da9",
  "resolution_method": {
    "v3.0.1": "git worktree at bundle/artifacts/wt-vuln; git rev-parse HEAD = 98f381d1298b6b7e7ff29d7a7851f18ea5f2364c",
    "v3.0.2": "git worktree at bundle/artifacts/wt-fixed; git rev-parse HEAD = d4dedaf55c1d39228dbed58807ea1f9fac1328e1 (tag v3.0.2); security.ts identical to origin/main",
    "origin/main": "git worktree at bundle/artifacts/wt-main; git rev-parse HEAD = a4b92452dc9332fb4063225f3d8842f3602a54a3; src/security.ts byte-identical to v3.0.2 (git diff v3.0.2..HEAD -- src/security.ts empty)"
  },
  "build_identity": {
    "toolchain": "node v24.18.0 + tsc (typescript 6.x) + playwright 1.58.2 chromium headless shell-1208",
    "build_command": "npm run build (tsc) in each worktree; node_modules reused from project cache via symlink",
    "artifacts": {
      "wt-vuln": "bundle/artifacts/wt-vuln/dist/index.js",
      "wt-fixed": "bundle/artifacts/wt-fixed/dist/index.js",
      "wt-main": "bundle/artifacts/wt-main/dist/index.js"
    }
  },
  "npm_latest": "3.0.2 (fixed) per npm view auth-fetch-mcp version",
  "notes": "All three refs were built and driven end-to-end via their real dist/index.js MCP server. The bypass (redirect-following SSRF) reproduces on the fixed v3.0.2 ref and on the latest origin/main ref, confirming it is not addressed by fix 177ec5f or any subsequent change on main. The project cache repo (shared) was left clean at v3.0.2 (d4dedaf); no checkout state was mutated in place — separate worktrees under bundle/artifacts/ were used."
}
