From 93ce6987b6e7d8678ffa5ac51f5106a7a21ce67b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=B0=A2=E6=A0=8B=E6=A2=81?= <xiedlc@montnets.com>
Date: Tue, 2 Sep 2025 08:35:06 +0800
Subject: [PATCH 1/3] feat: add configurable environment variable override
 system

Add ZEN_MCP_FORCE_ENV_OVERRIDE configuration to control whether .env file values
override system environment variables. This prevents conflicts when multiple AI
tools pass different cached environment variables to the MCP server.

- Use dotenv_values() to read configuration from .env file only
- Apply conditional override based on configuration setting
- Add appropriate logging for transparency
- Update .env.example with detailed configuration documentation
- Maintains backward compatibility with default behavior (false)
---
 .env.example | 25 +++++++++++++++++++++++++
 server.py    | 22 +++++++++++++++++++++-
 2 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/.env.example b/.env.example
index 58d0037..81cb082 100644
--- a/.env.example
+++ b/.env.example
@@ -167,6 +167,31 @@ DISABLED_TOOLS=analyze,refactor,testgen,secaudit,docgen,tracer
 # Leave empty for default language (English)
 # LOCALE=fr-FR
 
+# ===========================================
+# Zen MCP Server Configuration  
+# ===========================================
+
+# Force .env file values to override system environment variables
+# This prevents issues where different AI tools (Claude Code, etc.) pass 
+# conflicting or cached environment variables that override each other
+# 
+# When enabled (true):
+#   - .env file values take absolute precedence
+#   - Prevents MCP clients from passing outdated/cached API keys
+#   - Ensures consistent configuration across different AI tool integrations
+#   - Solves environment variable conflicts between multiple AI applications
+#
+# When disabled (false):
+#   - System environment variables take precedence (standard behavior)  
+#   - Suitable for production deployments with secure environment injection
+#   - Respects container orchestrator and CI/CD pipeline configurations
+#
+# Recommended settings:
+#   Development with multiple AI tools: true (prevents tool conflicts)
+#   Production/Container deployments: false (preserves security practices)
+#   CI/CD environments: false (respects pipeline secrets)
+ZEN_MCP_FORCE_ENV_OVERRIDE=false
+
 # ===========================================
 # Docker Configuration
 # ===========================================
diff --git a/server.py b/server.py
index ee924fb..5cda526 100644
--- a/server.py
+++ b/server.py
@@ -37,7 +37,27 @@ try:
     # This ensures .env is loaded regardless of the current working directory
     script_dir = Path(__file__).parent
     env_file = script_dir / ".env"
-    load_dotenv(dotenv_path=env_file)
+    
+    # First load only to read ZEN_MCP_FORCE_ENV_OVERRIDE, then reload with proper override setting
+    # Use a temporary environment to read just this configuration variable
+    temp_env = {}
+    if env_file.exists():
+        from dotenv import dotenv_values
+        temp_env = dotenv_values(env_file)
+    
+    # Check if we should force override based on .env file content (not system env)
+    force_override = temp_env.get('ZEN_MCP_FORCE_ENV_OVERRIDE', 'false').lower() == 'true'
+    
+    # Load .env file with appropriate override setting
+    load_dotenv(dotenv_path=env_file, override=force_override)
+    
+    # Log the configuration choice
+    logger = logging.getLogger(__name__)
+    if force_override:
+        logger.info("ZEN_MCP_FORCE_ENV_OVERRIDE enabled - .env file values will override system environment variables")
+        logger.debug("Environment override prevents conflicts between different AI tools passing cached API keys")
+    else:
+        logger.debug("ZEN_MCP_FORCE_ENV_OVERRIDE disabled - system environment variables take precedence")
 except ImportError:
     # dotenv not available - this is fine, environment variables can still be passed directly
     # This commonly happens when running via uvx or in minimal environments

From d34c299f02a233af4f17bdcc848219bf07799723 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=B0=A2=E6=A0=8B=E6=A2=81?= <xiedlc@montnets.com>
Date: Tue, 2 Sep 2025 08:55:25 +0800
Subject: [PATCH 2/3] fix: resolve logging timing and import organization
 issues

- Move dotenv_values import to top level with load_dotenv
- Fix logging sequence issue by deferring ZEN_MCP_FORCE_ENV_OVERRIDE logs until after logger configuration
- Apply Black formatting to ensure consistent code style
---
 server.py | 36 ++++++++++++++++++++++--------------
 1 file changed, 22 insertions(+), 14 deletions(-)

diff --git a/server.py b/server.py
index 5cda526..3a54afd 100644
--- a/server.py
+++ b/server.py
@@ -31,33 +31,27 @@ from typing import Any, Optional
 # Try to load environment variables from .env file if dotenv is available
 # This is optional - environment variables can still be passed directly
 try:
-    from dotenv import load_dotenv
+    from dotenv import load_dotenv, dotenv_values
 
     # Load environment variables from .env file in the script's directory
     # This ensures .env is loaded regardless of the current working directory
     script_dir = Path(__file__).parent
     env_file = script_dir / ".env"
-    
+
     # First load only to read ZEN_MCP_FORCE_ENV_OVERRIDE, then reload with proper override setting
     # Use a temporary environment to read just this configuration variable
     temp_env = {}
     if env_file.exists():
-        from dotenv import dotenv_values
         temp_env = dotenv_values(env_file)
-    
+
     # Check if we should force override based on .env file content (not system env)
-    force_override = temp_env.get('ZEN_MCP_FORCE_ENV_OVERRIDE', 'false').lower() == 'true'
-    
+    force_override = temp_env.get("ZEN_MCP_FORCE_ENV_OVERRIDE", "false").lower() == "true"
+
     # Load .env file with appropriate override setting
     load_dotenv(dotenv_path=env_file, override=force_override)
-    
-    # Log the configuration choice
-    logger = logging.getLogger(__name__)
-    if force_override:
-        logger.info("ZEN_MCP_FORCE_ENV_OVERRIDE enabled - .env file values will override system environment variables")
-        logger.debug("Environment override prevents conflicts between different AI tools passing cached API keys")
-    else:
-        logger.debug("ZEN_MCP_FORCE_ENV_OVERRIDE disabled - system environment variables take precedence")
+
+    # Store override setting for logging after logger is configured
+    _zen_mcp_force_override = force_override
 except ImportError:
     # dotenv not available - this is fine, environment variables can still be passed directly
     # This commonly happens when running via uvx or in minimal environments
@@ -183,6 +177,20 @@ except Exception as e:
 
 logger = logging.getLogger(__name__)
 
+# Log ZEN_MCP_FORCE_ENV_OVERRIDE configuration if it was set during dotenv loading
+try:
+    if "_zen_mcp_force_override" in globals():
+        if _zen_mcp_force_override:
+            logger.info(
+                "ZEN_MCP_FORCE_ENV_OVERRIDE enabled - .env file values will override system environment variables"
+            )
+            logger.debug("Environment override prevents conflicts between different AI tools passing cached API keys")
+        else:
+            logger.debug("ZEN_MCP_FORCE_ENV_OVERRIDE disabled - system environment variables take precedence")
+except NameError:
+    # _zen_mcp_force_override not defined, which means dotenv wasn't available or no .env file
+    pass
+
 
 # Create the MCP server instance with a unique name identifier
 # This name is used by MCP clients to identify and connect to this specific server

From 4493a693332e0532d04ad3634de2a2f5b1249b64 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=B0=A2=E6=A0=8B=E6=A2=81?= <xiedlc@montnets.com>
Date: Tue, 2 Sep 2025 08:58:21 +0800
Subject: [PATCH 3/3] style: fix ruff import sorting issue

Sort dotenv imports alphabetically to comply with ruff I001 rule
---
 server.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server.py b/server.py
index 3a54afd..ade46df 100644
--- a/server.py
+++ b/server.py
@@ -31,7 +31,7 @@ from typing import Any, Optional
 # Try to load environment variables from .env file if dotenv is available
 # This is optional - environment variables can still be passed directly
 try:
-    from dotenv import load_dotenv, dotenv_values
+    from dotenv import dotenv_values, load_dotenv
 
     # Load environment variables from .env file in the script's directory
     # This ensures .env is loaded regardless of the current working directory