StacklokLabs · stackloke2e · Jan 8, 2026
diff --git a/src/mcp_optimizer/toolhive/api_models/__init__.py b/src/mcp_optimizer/toolhive/api_models/__init__.py
@@ -1,3 +1,3 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
diff --git a/src/mcp_optimizer/toolhive/api_models/audit.py b/src/mcp_optimizer/toolhive/api_models/audit.py
@@ -1,39 +1,37 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel, Field
 
 
 class Config(BaseModel):
-    component: Optional[str] = Field(
+    component: str | None = Field(
         None, description='Component is the component name to use in audit events'
     )
-    event_types: Optional[list[str]] = Field(
+    event_types: list[str] | None = Field(
         None,
         description='EventTypes specifies which event types to audit. If empty, all events are audited.',
     )
-    exclude_event_types: Optional[list[str]] = Field(
+    exclude_event_types: list[str] | None = Field(
         None,
         description='ExcludeEventTypes specifies which event types to exclude from auditing.\nThis takes precedence over EventTypes.',
     )
-    include_request_data: Optional[bool] = Field(
+    include_request_data: bool | None = Field(
         None,
         description='IncludeRequestData determines whether to include request data in audit logs',
     )
-    include_response_data: Optional[bool] = Field(
+    include_response_data: bool | None = Field(
         None,
         description='IncludeResponseData determines whether to include response data in audit logs',
     )
-    log_file: Optional[str] = Field(
+    log_file: str | None = Field(
         None,
         description='LogFile specifies the file path for audit logs. If empty, logs to stdout.',
     )
-    max_data_size: Optional[int] = Field(
+    max_data_size: int | None = Field(
         None,
         description='MaxDataSize limits the size of request/response data included in audit logs (in bytes)',
     )
diff --git a/src/mcp_optimizer/toolhive/api_models/auth.py b/src/mcp_optimizer/toolhive/api_models/auth.py
@@ -1,60 +1,62 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel, Field
 
 
 class TokenValidatorConfig(BaseModel):
-    allow_private_ip: Optional[bool] = Field(
+    allow_private_ip: bool | None = Field(
         None,
         alias='allowPrivateIP',
         description='AllowPrivateIP allows JWKS/OIDC endpoints on private IP addresses',
     )
-    audience: Optional[str] = Field(
+    audience: str | None = Field(
         None, description='Audience is the expected audience for the token'
     )
-    auth_token_file: Optional[str] = Field(
+    auth_token_file: str | None = Field(
         None,
         alias='authTokenFile',
         description='AuthTokenFile is the path to file containing bearer token for authentication',
     )
-    cacert_path: Optional[str] = Field(
+    cacert_path: str | None = Field(
         None,
         alias='cacertPath',
         description='CACertPath is the path to the CA certificate bundle for HTTPS requests',
     )
-    client_id: Optional[str] = Field(
+    client_id: str | None = Field(
         None, alias='clientID', description='ClientID is the OIDC client ID'
     )
-    client_secret: Optional[str] = Field(
+    client_secret: str | None = Field(
         None,
         alias='clientSecret',
         description='ClientSecret is the optional OIDC client secret for introspection',
     )
-    insecure_allow_http: Optional[bool] = Field(
+    insecure_allow_http: bool | None = Field(
         None,
         alias='insecureAllowHTTP',
         description='InsecureAllowHTTP allows HTTP (non-HTTPS) OIDC issuers for development/testing\nWARNING: This is insecure and should NEVER be used in production',
     )
-    introspection_url: Optional[str] = Field(
+    introspection_url: str | None = Field(
         None,
         alias='introspectionURL',
         description='IntrospectionURL is the optional introspection endpoint for validating tokens',
     )
-    issuer: Optional[str] = Field(
+    issuer: str | None = Field(
         None,
         description='Issuer is the OIDC issuer URL (e.g., https://accounts.google.com)',
     )
-    jwksurl: Optional[str] = Field(
+    jwksurl: str | None = Field(
         None, description='JWKSURL is the URL to fetch the JWKS from'
     )
-    resource_url: Optional[str] = Field(
+    resource_url: str | None = Field(
         None,
         alias='resourceURL',
         description='ResourceURL is the explicit resource URL for OAuth discovery (RFC 9728)',
     )
+    scopes: list[str] | None = Field(
+        None,
+        description='Scopes is the list of OAuth scopes to advertise in the well-known endpoint (RFC 9728)\nIf empty, defaults to ["openid"]',
+    )
diff --git a/src/mcp_optimizer/toolhive/api_models/authz.py b/src/mcp_optimizer/toolhive/api_models/authz.py
@@ -1,28 +1,26 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel, Field
 
 
 class CedarConfig(BaseModel):
-    entities_json: Optional[str] = Field(
+    entities_json: str | None = Field(
         None, description='EntitiesJSON is the JSON string representing Cedar entities'
     )
-    policies: Optional[list[str]] = Field(
+    policies: list[str] | None = Field(
         None, description='Policies is a list of Cedar policy strings'
     )
 
 
 class Config(BaseModel):
-    cedar: Optional[CedarConfig] = None
-    type: Optional[str] = Field(
+    cedar: CedarConfig | None = None
+    type: str | None = Field(
         None, description='Type is the type of authorization configuration.'
     )
-    version: Optional[str] = Field(
+    version: str | None = Field(
         None, description='Version is the version of the configuration format.'
     )
diff --git a/src/mcp_optimizer/toolhive/api_models/client.py b/src/mcp_optimizer/toolhive/api_models/client.py
@@ -1,28 +1,26 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel, Field
 
 
 class MCPClientStatus(BaseModel):
-    client_type: Optional[str] = Field(
+    client_type: str | None = Field(
         None, description='ClientType is the type of MCP client'
     )
-    installed: Optional[bool] = Field(
+    installed: bool | None = Field(
         None,
         description='Installed indicates whether the client is installed on the system',
     )
-    registered: Optional[bool] = Field(
+    registered: bool | None = Field(
         None,
         description='Registered indicates whether the client is registered in the ToolHive configuration',
     )
 
 
 class RegisteredClient(BaseModel):
-    groups: Optional[list[str]] = None
-    name: Optional[str] = None
+    groups: list[str] | None = None
+    name: str | None = None
diff --git a/src/mcp_optimizer/toolhive/api_models/core.py b/src/mcp_optimizer/toolhive/api_models/core.py
@@ -1,65 +1,59 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel, Field
 
 
 class Workload(BaseModel):
-    created_at: Optional[str] = Field(
+    created_at: str | None = Field(
         None, description='CreatedAt is the timestamp when the workload was created.'
     )
-    group: Optional[str] = Field(
+    group: str | None = Field(
         None,
         description='Group is the name of the group this workload belongs to, if any.',
     )
-    labels: Optional[dict[str, str]] = Field(
+    labels: dict[str, str] | None = Field(
         None,
         description='Labels are the container labels (excluding standard ToolHive labels)',
     )
-    name: Optional[str] = Field(
+    name: str | None = Field(
         None,
         description='Name is the name of the workload.\nIt is used as a unique identifier.',
     )
-    package: Optional[str] = Field(
+    package: str | None = Field(
         None,
         description='Package specifies the Workload Package used to create this Workload.',
     )
-    port: Optional[int] = Field(
+    port: int | None = Field(
         None,
         description='Port is the port on which the workload is exposed.\nThis is embedded in the URL.',
     )
-    proxy_mode: Optional[str] = Field(
+    proxy_mode: str | None = Field(
         None,
         description='ProxyMode is the proxy mode that clients should use to connect.\nFor stdio transports, this will be the proxy mode (sse or streamable-http).\nFor direct transports (sse/streamable-http), this will be the same as TransportType.',
     )
-    remote: Optional[bool] = Field(
+    remote: bool | None = Field(
         None,
         description='Remote indicates whether this is a remote workload (true) or a container workload (false).',
     )
-    status: Optional[str] = Field(
+    status: str | None = Field(
         None, description='Status is the current status of the workload.'
     )
-    status_context: Optional[str] = Field(
+    status_context: str | None = Field(
         None,
         description="StatusContext provides additional context about the workload's status.\nThe exact meaning is determined by the status and the underlying runtime.",
     )
-    tool_type: Optional[str] = Field(
-        None,
-        description='ToolType is the type of tool this workload represents.\nFor now, it will always be "mcp" - representing an MCP server.',
-    )
-    tools: Optional[list[str]] = Field(
+    tools: list[str] | None = Field(
         None, description='ToolsFilter is the filter on tools applied to the workload.'
     )
-    transport_type: Optional[str] = Field(
+    transport_type: str | None = Field(
         None,
         description='TransportType is the type of transport used for this workload.',
     )
-    url: Optional[str] = Field(
+    url: str | None = Field(
         None,
         description='URL is the URL of the workload exposed by the ToolHive proxy.',
     )
diff --git a/src/mcp_optimizer/toolhive/api_models/groups.py b/src/mcp_optimizer/toolhive/api_models/groups.py
@@ -1,14 +1,12 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel
 
 
 class Group(BaseModel):
-    name: Optional[str] = None
-    registered_clients: Optional[list[str]] = None
+    name: str | None = None
+    registered_clients: list[str] | None = None
diff --git a/src/mcp_optimizer/toolhive/api_models/ignore.py b/src/mcp_optimizer/toolhive/api_models/ignore.py
@@ -1,19 +1,17 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel, Field
 
 
 class Config(BaseModel):
-    load_global: Optional[bool] = Field(
+    load_global: bool | None = Field(
         None, alias='loadGlobal', description='Whether to load global ignore patterns'
     )
-    print_overlays: Optional[bool] = Field(
+    print_overlays: bool | None = Field(
         None,
         alias='printOverlays',
         description='Whether to print resolved overlay paths for debugging',

diff --git a/src/mcp_optimizer/toolhive/api_models/permissions.py b/src/mcp_optimizer/toolhive/api_models/permissions.py
@@ -1,53 +1,51 @@
 # generated by datamodel-codegen:
 #   filename:  http://127.0.0.1:8080/api/openapi.json
-#   timestamp: 2025-12-02T00:36:43+00:00
+#   timestamp: 2026-01-08T00:39:01+00:00
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel, Field
 
 
 class InboundNetworkPermissions(BaseModel):
-    allow_host: Optional[list[str]] = Field(
+    allow_host: list[str] | None = Field(
         None, description='AllowHost is a list of allowed hosts for inbound connections'
     )
 
 
 class OutboundNetworkPermissions(BaseModel):
-    allow_host: Optional[list[str]] = Field(
+    allow_host: list[str] | None = Field(
         None, description='AllowHost is a list of allowed hosts'
     )
-    allow_port: Optional[list[int]] = Field(
+    allow_port: list[int] | None = Field(
         None, description='AllowPort is a list of allowed ports'
     )
-    insecure_allow_all: Optional[bool] = Field(
+    insecure_allow_all: bool | None = Field(
         None, description='InsecureAllowAll allows all outbound network connections'
     )
 
 
 class NetworkPermissions(BaseModel):
-    inbound: Optional[InboundNetworkPermissions] = None
-    mode: Optional[str] = Field(
+    inbound: InboundNetworkPermissions | None = None
+    mode: str | None = Field(
         None,
         description='Mode specifies the network mode for the container (e.g., "host", "bridge", "none")\nWhen empty, the default container runtime network mode is used',
     )
-    outbound: Optional[OutboundNetworkPermissions] = None
+    outbound: OutboundNetworkPermissions | None = None
 
 
 class Profile(BaseModel):
-    name: Optional[str] = Field(None, description='Name is the name of the profile')
-    network: Optional[NetworkPermissions] = None
-    privileged: Optional[bool] = Field(
+    name: str | None = Field(None, description='Name is the name of the profile')
+    network: NetworkPermissions | None = None
+    privileged: bool | None = Field(
         None,
         description='Privileged indicates whether the container should run in privileged mode\nWhen true, the container has access to all host devices and capabilities\nUse with extreme caution as this removes most security isolation',
     )
-    read: Optional[list[str]] = Field(
+    read: list[str] | None = Field(
         None,
         description='Read is a list of mount declarations that the container can read from\nThese can be in the following formats:\n- A single path: The same path will be mounted from host to container\n- host-path:container-path: Different paths for host and container\n- resource-uri:container-path: Mount a resource identified by URI to a container path',
     )
-    write: Optional[list[str]] = Field(
+    write: list[str] | None = Field(
         None,
         description='Write is a list of mount declarations that the container can write to\nThese follow the same format as Read mounts but with write permissions',
     )