Conversation
17-2-release-notes-draft
Deploying openproject with ⚡ PullPreview
|
|
@ulferts @NobodysNightmare @HDinger @mrmir could you please review your respective parts of the release notes? or the whole thing if you feel like it of course. |
NobodysNightmare
left a comment
NobodysNightmare
left a comment
There was a problem hiding this comment.
I left some feedback on MCP and other adjacent changes, most of the time including a proposal of my own. I also added one comment not related to one of my changes, giving feedback on how one can read it wrong.
docs/release-notes/17-2-0/README.md
Outdated
|
|
||
| [feature: mcp_server ] | ||
|
|
||
| OpenProject 17.2 introduces the **MCP Server**, a new Enterprise add-on that lays the foundation for robust integrations between OpenProject and external intelligent agents, automation tools, or systems that use the Model Context Protocol (MCP). This server uses OpenProject’s APIv3 resources as MCP-compatible endpoints and enables secure, authenticated access for clients such as large language models or other MCP clients, opening the door to richer contextual interactions with your project data. |
There was a problem hiding this comment.
Detail: We do not really rely on APIv3 to offer the MCP server, however it's correct that we reuse the APIv3 format for MCP. Small wording suggestion to better reflect that:
| OpenProject 17.2 introduces the **MCP Server**, a new Enterprise add-on that lays the foundation for robust integrations between OpenProject and external intelligent agents, automation tools, or systems that use the Model Context Protocol (MCP). This server uses OpenProject’s APIv3 resources as MCP-compatible endpoints and enables secure, authenticated access for clients such as large language models or other MCP clients, opening the door to richer contextual interactions with your project data. | |
| OpenProject 17.2 introduces the **MCP Server**, a new Enterprise add-on that lays the foundation for robust integrations between OpenProject and external intelligent agents, automation tools, or systems that use the Model Context Protocol (MCP). This server exposes OpenProject’s APIv3 resources as MCP-compatible endpoints and enables secure, authenticated access for clients such as large language models or other MCP clients, opening the door to richer contextual interactions with your project data. |
Additionally I want to give some feedback on the first sentence:
that lays the foundation for robust integrations between OpenProject and external intelligent agents, automation tools, or systems that use the Model Context Protocol (MCP).
Semantically: I don't understand the or enumeration here. The MCP server is only intended for "systems that use the Model Context Protocol". Automation tools and agents need to implement/have access to an MCP client to make use of this. So maybe this could be phrased in a way of "systems that use the Model Context Protocol, such as ..."
"intelligent agent": Do we know what we mean with this term? I needed to look it up and wasn't sure if it's made up, but apparently it exists: https://en.wikipedia.org/wiki/Intelligent_agent
However, this existing term seems to be very generic/broad, so I am not sure if this is what we were aiming for here.
Do we want to indicate that "your favorite large language model" can be hooked up to this? I think in this case we should use the term "LLM" or "large language model". An example (combined with the proposals above:
| OpenProject 17.2 introduces the **MCP Server**, a new Enterprise add-on that lays the foundation for robust integrations between OpenProject and external intelligent agents, automation tools, or systems that use the Model Context Protocol (MCP). This server uses OpenProject’s APIv3 resources as MCP-compatible endpoints and enables secure, authenticated access for clients such as large language models or other MCP clients, opening the door to richer contextual interactions with your project data. | |
| OpenProject 17.2 introduces the **MCP Server**, a new Enterprise add-on that lays the foundation for robust integrations between OpenProject and systems that use the Model Context Protocol (MCP), such as large language models or automation tools. This server exposes OpenProject’s APIv3 resources as MCP-compatible endpoints and enables secure, authenticated access for clients such as large language models or other MCP clients, opening the door to richer contextual interactions with your project data. |
Technicality to my suggestion above: The LLMs usually run on a platform where they have access to an MCP client, but don't implement the MCP client as part of the model. I think the proposal above reflects this enough by saying "use the Model Context Protocol", but in case you want to reformulate my suggestion, I'd not write something that implies an LLM is an MCP client.
|
|
||
| For more details, please refer to the [Meetings documentation](../../user-guide/meetings/one-time-meetings/). | ||
|
|
||
| ### Increased security for external links (Enterprise add-on) |
There was a problem hiding this comment.
Red flag when reading this:
Increased security [is an] Enterprise add-on
I think it's a fair limitation for the feature in question, but it could be misread as "if you really want to have a secure product, you have to pay".
Maybe Oliver or Klaus can refresh my memory on how the login actually improves the security here, but I think the intent was to make sure that users are aware that they receive an email generated by OpenProject that directs them to an external destination. The login requirement probably makes spamming links less effective, because only logged in users will see them, but not search engines / anonymous users? (I am not entirely sure about the attack vector here)
HDinger
left a comment
HDinger
left a comment
There was a problem hiding this comment.
Lgtm 👍 I just have some minor remarks
Co-authored-by: Jan Sandbrink <j.sandbrink@openproject.com> Co-authored-by: Henriette Darge <h.darge@openproject.com>
4 participants
17-2-release-notes-draft
Ticket
What are you trying to accomplish?
Screenshots
What approach did you choose and why?
Merge checklist