Honor MCP bounty sort filter

[tinyopsstudio]

Bounty #406

Summary:

• pass the MCP list_bounties sort argument through the shared bounty sorting contract
• sort before applying the MCP result limit so available, reward, and awards match the public API behavior
• update the MCP tool description and add regression coverage for valid and invalid sort values

Evidence:

• live API GET /api/v1/bounties?status=open&sort=available&limit=3 returned open bounties ordered by available pool: MRWK bounty: detailed governance MVP PR review #459, MRWK bounty: useful bug reports and small fixes, round 5 #406, MRWK bounty: review open MergeWork PRs with evidence, round 12 #447
• live MCP list_bounties with status=open, sort=available, limit=3 ignored sort and returned newest order: MRWK bounty: detailed governance MVP PR review #459, MRWK bounty: 150 MRWK - document agent-friendly bounty post template #456, MRWK bounty: review open MergeWork PRs with evidence, round 12 #447
• this is distinct from the existing whitespace-only bounty sort fix because it targets the MCP tool path and its advertised filters
• no private keys, cookies, tokens, wallet JSON, browser storage, OAuth state, signatures, private data, price claims, liquidity claims, exchange claims, or off-ramp claims are added

Verification:

• .venv/bin/python -m pytest tests/test_api_mcp.py::test_mcp_list_bounties_filters_status_query_and_limit tests/test_api_mcp.py::test_mcp_list_bounties_rejects_invalid_filters -q
• .venv/bin/python -m pytest tests/test_api_mcp.py tests/test_mcp_tools.py -q
• .venv/bin/python -m pytest -q
• .venv/bin/python -m ruff check app/mcp.py app/mcp_tools.py tests/test_api_mcp.py tests/test_mcp_tools.py
• .venv/bin/python -m ruff format --check app/mcp.py app/mcp_tools.py tests/test_api_mcp.py tests/test_mcp_tools.py
• .venv/bin/python -m mypy app
• .venv/bin/python scripts/docs_smoke.py
• git diff --check

Summary by CodeRabbit

• New Features

  • Added optional sort filter to bounty listing functionality, complementing existing status, search, and limit filters.

• Tests

  • Enhanced test coverage to validate sorting options and filter combinations for bounty listings.

[coderabbitai]

📝 Walkthrough

Walkthrough

The list_bounties MCP tool now accepts an optional sort filter. The implementation imports sort_bounties, shifts result ordering from SQL to payload level, and applies pagination after sorting. Tool metadata and comprehensive test coverage document and validate the new behavior.

Changes

Sort filter for list_bounties

Layer / File(s)	Summary
Sort filter implementation and metadata app/mcp_tools.py, app/mcp.py	sort_bounties is imported and used to order bounty payloads returned by list_bounties. Results are now loaded in full, sorted via the sort_bounties function with an optional sort argument, and then sliced to the requested limit, replacing the prior SQL order_by(...).limit(...) approach. The tool metadata description is updated to document the new optional sort filter alongside existing status, q, and limit filters.
Sort filter test coverage tests/test_api_mcp.py	Tool description assertions are expanded to include sort in the documented filter list. A new high_pool_bounty fixture is added to test bounty ordering by award pool capacity. Test assertions verify that default results include both the high-pool and existing open bounties, and that filtering with sort set to an "Available" variant returns only the high-pool bounty. An additional invalid-filter test case validates that sort: "oldest" is rejected.

Possibly related PRs

• ramimbo/mergework#398: Restructures list_bounties dispatcher and argument handling in app/mcp_tools.py.
• ramimbo/mergework#443: Introduces and wires the sort_bounties sorting controls that this PR now uses for payload-level ordering.
• ramimbo/mergework#286: Previously extended list_bounties filtering with status, q, and limit parameters.

🚥 Pre-merge checks | ✅ 4 | ❌ 2

❌ Failed checks (2 inconclusive)

Check name	Status	Explanation	Resolution
Mergework Public Artifact Hygiene	❓ Inconclusive	Repository clone failed, so this custom check could not run with code access.	Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Bounty Pr Focus	❓ Inconclusive	Repository clone failed, so this custom check could not run with code access.	Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately names the changed surface by referencing the MCP bounty sort filter feature being added, directly corresponding to the main objective of the pull request.
Description check	✅ Passed	The description includes all required template sections: summary with clear bullet points, evidence with specific details and API comparisons, verification commands, and bounty reference. All test checkboxes are implicitly verified through the provided verification commands.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

tests/test_api_mcp.py (1)

352-423: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Strengthen this regression test so it actually detects ignored sort.

Right now the fixture makes high_pool_bounty both newer (higher id) and higher-available, so sort="available" and default ordering return the same top result. This test can pass even if sort forwarding is broken.

Proposed test adjustment

-        open_bounty = create_bounty(
-            session,
-            repo="ramimbo/mergework",
-            issue_number=284,
-            issue_url="https://github.com/ramimbo/mergework/issues/284",
-            title="Agent MCP workflow filters",
-            reward_mrwk="100",
-            acceptance="Agents should find open MCP bounty workflow work.",
-        )
         high_pool_bounty = create_bounty(
             session,
             repo="ramimbo/mergework",
             issue_number=287,
             issue_url="https://github.com/ramimbo/mergework/issues/287",
             title="Available pool workflow filters",
             reward_mrwk="25",
             max_awards=8,
             acceptance="Agents should find the largest available open bounty pool.",
         )
+        open_bounty = create_bounty(
+            session,
+            repo="ramimbo/mergework",
+            issue_number=284,
+            issue_url="https://github.com/ramimbo/mergework/issues/284",
+            title="Agent MCP workflow filters",
+            reward_mrwk="100",
+            acceptance="Agents should find open MCP bounty workflow work.",
+        )
@@
-    assert [item["id"] for item in default_payload] == [high_pool_bounty.id, open_bounty.id]
+    assert [item["id"] for item in default_payload] == [open_bounty.id, high_pool_bounty.id]

As per coding guidelines: tests/**/*.py: “Do not request docstrings. Focus on whether tests prove the changed behavior and include negative, replay, boundary, or regression cases where relevant.”

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: d78bc9e6-3d0f-4e8b-b76b-be488d5b0af8

📥 Commits

Reviewing files that changed from the base of the PR and between d8532d4 and 70ecce1.

📒 Files selected for processing (3)

• app/mcp.py
• app/mcp_tools.py
• tests/test_api_mcp.py

[tinyopsstudio]

Closing this as a duplicate after noticing the earlier PR #468 covers the same MCP list_bounties sort path. I do not want to compete with or confuse the existing claim.

[GHX5T-SOL]

Reviewed current head 70ecce1858983a8d51a1bb7658feece47e613c2d for the #447 review bounty.

I would not merge or pay this as-is for two concrete reasons:

1. This duplicates the already-open PR #468 on the same surface. PR #468 also updates app/mcp.py, app/mcp_tools.py, and tests/test_api_mcp.py; it wires MCP list_bounties to the shared normalize_bounty_sort / sort_bounties contract, updates the same tool description, and adds sort+limit regression coverage. It is earlier, open, non-draft, CLEAN, has successful CI/CodeRabbit, and already has current-head human approvals. PR #500 repeats that MCP sort path instead of adding a distinct fix.

2. The new sort=available regression does not prove that sort is honored. In this head, high_pool_bounty is created after open_bounty, so it is both the highest-available row and the newest row by id. That means the sort=available&limit=1 assertion can pass even if the sort argument is ignored and results are just newest-first. To make the regression meaningful, the available-pool winner needs to differ from the default newest winner, or the test should otherwise assert an order that fails under the old Bounty.id.desc().limit(...) behavior.

Validation run locally on this head:

• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 ./.venv/bin/python -m pytest tests/test_api_mcp.py::test_mcp_list_bounties_filters_status_query_and_limit tests/test_api_mcp.py::test_mcp_list_bounties_rejects_invalid_filters -q -> 7 passed
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 ./.venv/bin/python -m pytest -q -> 415 passed
• ./.venv/bin/python -m ruff check app/mcp.py app/mcp_tools.py tests/test_api_mcp.py tests/test_mcp_tools.py -> passed
• ./.venv/bin/python -m ruff format --check app/mcp.py app/mcp_tools.py tests/test_api_mcp.py tests/test_mcp_tools.py -> 4 files already formatted
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 ./.venv/bin/python -m mypy app -> success
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 ./.venv/bin/python scripts/docs_smoke.py -> docs smoke ok
• git diff --check upstream/main...HEAD -> clean
• git diff --no-ext-diff upstream/main...HEAD | gitleaks stdin --no-banner --redact --exit-code 1 -> no leaks found

No secrets, private data, wallet material, production mutation, price/liquidity/exchange/off-ramp claims, or private endpoints were used.