@ansvar/eu-regulations-mcp 0.8.0 → 1.1.0

package/src/tools/list.ts

@@ -1,124 +0,0 @@
-import type { DatabaseAdapter } from '../database/types.js';
-
-export interface ListInput {
-  regulation?: string;
-}
-
-export interface Chapter {
-  number: string;
-  title: string;
-  articles: string[];
-}
-
-export interface RegulationInfo {
-  id: string;
-  full_name: string;
-  celex_id: string;
-  effective_date: string | null;
-  article_count: number;
-  chapters?: Chapter[];
-}
-
-export interface ListResult {
-  regulations: RegulationInfo[];
-}
-
-export async function listRegulations(
-  db: DatabaseAdapter,
-  input: ListInput
-): Promise<ListResult> {
-  const { regulation } = input;
-
-  if (regulation) {
-    // Get specific regulation with chapters
-    const regResult = await db.query(
-      `SELECT id, full_name, celex_id, effective_date
-       FROM regulations
-       WHERE id = $1`,
-      [regulation]
-    );
-
-    if (regResult.rows.length === 0) {
-      return { regulations: [] };
-    }
-
-    const regRow = regResult.rows[0] as {
-      id: string;
-      full_name: string;
-      celex_id: string;
-      effective_date: string | null;
-    };
-
-    // Get articles grouped by chapter
-    const articlesResult = await db.query(
-      `SELECT article_number, title, chapter
-       FROM articles
-       WHERE regulation = $1
-       ORDER BY article_number::INTEGER`,
-      [regulation]
-    );
-
-    const articles = articlesResult.rows as Array<{
-      article_number: string;
-      title: string | null;
-      chapter: string | null;
-    }>;
-
-    // Group by chapter
-    const chapterMap = new Map<string, Chapter>();
-    for (const article of articles) {
-      const chapterKey = article.chapter || 'General';
-      if (!chapterMap.has(chapterKey)) {
-        chapterMap.set(chapterKey, {
-          number: chapterKey,
-          title: `Chapter ${chapterKey}`,
-          articles: [],
-        });
-      }
-      chapterMap.get(chapterKey)!.articles.push(article.article_number);
-    }
-
-    return {
-      regulations: [{
-        id: regRow.id,
-        full_name: regRow.full_name,
-        celex_id: regRow.celex_id,
-        effective_date: regRow.effective_date,
-        article_count: articles.length,
-        chapters: Array.from(chapterMap.values()),
-      }],
-    };
-  }
-
-  // List all regulations with article counts
-  const result = await db.query(
-    `SELECT
-      r.id,
-      r.full_name,
-      r.celex_id,
-      r.effective_date,
-      COUNT(a.regulation) as article_count
-    FROM regulations r
-    LEFT JOIN articles a ON a.regulation = r.id
-    GROUP BY r.id, r.full_name, r.celex_id, r.effective_date
-    ORDER BY r.id`
-  );
-
-  const rows = result.rows as Array<{
-    id: string;
-    full_name: string;
-    celex_id: string;
-    effective_date: string | null;
-    article_count: number;
-  }>;
-
-  return {
-    regulations: rows.map(row => ({
-      id: row.id,
-      full_name: row.full_name,
-      celex_id: row.celex_id,
-      effective_date: row.effective_date,
-      article_count: Number(row.article_count),
-    })),
-  };
-}

package/src/tools/map.ts

@@ -1,86 +0,0 @@
-import type { DatabaseAdapter } from '../database/types.js';
-
-export interface MapControlsInput {
-  framework: 'ISO27001' | 'NIST_CSF';
-  control?: string;
-  regulation?: string;
-}
-
-export interface ControlMappingEntry {
-  regulation: string;
-  articles: string[];
-  coverage: 'full' | 'partial' | 'related';
-  notes: string | null;
-}
-
-export interface ControlMapping {
-  control_id: string;
-  control_name: string;
-  mappings: ControlMappingEntry[];
-}
-
-export async function mapControls(
-  db: DatabaseAdapter,
-  input: MapControlsInput
-): Promise<ControlMapping[]> {
-  const { framework, control, regulation } = input;
-
-  let sql = `
-    SELECT
-      control_id,
-      control_name,
-      regulation,
-      articles,
-      coverage,
-      notes
-    FROM control_mappings
-    WHERE framework = $1
-  `;
-
-  const params: string[] = [framework];
-
-  if (control) {
-    sql += ` AND control_id = $${params.length + 1}`;
-    params.push(control);
-  }
-
-  if (regulation) {
-    sql += ` AND regulation = $${params.length + 1}`;
-    params.push(regulation);
-  }
-
-  sql += ` ORDER BY control_id, regulation`;
-
-  const result = await db.query(sql, params);
-
-  const rows = result.rows as Array<{
-    control_id: string;
-    control_name: string;
-    regulation: string;
-    articles: string;
-    coverage: 'full' | 'partial' | 'related';
-    notes: string | null;
-  }>;
-
-  // Group by control_id
-  const controlMap = new Map<string, ControlMapping>();
-
-  for (const row of rows) {
-    if (!controlMap.has(row.control_id)) {
-      controlMap.set(row.control_id, {
-        control_id: row.control_id,
-        control_name: row.control_name,
-        mappings: [],
-      });
-    }
-
-    controlMap.get(row.control_id)!.mappings.push({
-      regulation: row.regulation,
-      articles: JSON.parse(row.articles),
-      coverage: row.coverage,
-      notes: row.notes,
-    });
-  }
-
-  return Array.from(controlMap.values());
-}

package/src/tools/recital.ts

@@ -1,60 +0,0 @@
-import type { DatabaseAdapter } from '../database/types.js';
-
-export interface GetRecitalInput {
-  regulation: string;
-  recital_number: number;
-}
-
-export interface Recital {
-  regulation: string;
-  recital_number: number;
-  text: string;
-  related_articles: string[] | null;
-}
-
-export async function getRecital(
-  db: DatabaseAdapter,
-  input: GetRecitalInput
-): Promise<Recital | null> {
-  const { regulation, recital_number } = input;
-
-  // Validate recital_number is a safe integer
-  if (!Number.isInteger(recital_number) || !Number.isFinite(recital_number)) {
-    return null;
-  }
-
-  // Reject negative or unrealistic recital numbers
-  if (recital_number < 1 || recital_number > 10000) {
-    return null;
-  }
-
-  const sql = `
-    SELECT
-      regulation,
-      recital_number,
-      text,
-      related_articles
-    FROM recitals
-    WHERE regulation = $1 AND recital_number = $2
-  `;
-
-  const result = await db.query(sql, [regulation, recital_number]);
-
-  if (result.rows.length === 0) {
-    return null;
-  }
-
-  const row = result.rows[0] as {
-    regulation: string;
-    recital_number: number;
-    text: string;
-    related_articles: string | null;
-  };
-
-  return {
-    regulation: row.regulation,
-    recital_number: row.recital_number,
-    text: row.text,
-    related_articles: row.related_articles ? JSON.parse(row.related_articles) : null,
-  };
-}

package/src/tools/registry.ts

@@ -1,311 +0,0 @@
-import { Server } from '@modelcontextprotocol/sdk/server/index.js';
-import {
-  CallToolRequestSchema,
-  ListToolsRequestSchema,
-} from '@modelcontextprotocol/sdk/types.js';
-import type { DatabaseAdapter } from '../database/types.js';
-
-import { searchRegulations, type SearchInput } from './search.js';
-import { getArticle, type GetArticleInput } from './article.js';
-import { getRecital, type GetRecitalInput } from './recital.js';
-import { listRegulations, type ListInput } from './list.js';
-import { compareRequirements, type CompareInput } from './compare.js';
-import { mapControls, type MapControlsInput } from './map.js';
-import { checkApplicability, type ApplicabilityInput } from './applicability.js';
-import { getDefinitions, type DefinitionsInput } from './definitions.js';
-import { getEvidenceRequirements, type EvidenceInput } from './evidence.js';
-
-interface ToolDefinition {
-  name: string;
-  description: string;
-  inputSchema: any;
-  handler: (db: DatabaseAdapter, args: any) => Promise<any>;
-}
-
-/**
- * Centralized registry of all MCP tools.
- * Single source of truth for both stdio and HTTP servers.
- */
-export const TOOLS: ToolDefinition[] = [
-  {
-    name: 'search_regulations',
-    description: 'Search across all EU regulations for articles matching a query. Returns relevant articles with snippets highlighting matches. Token-efficient: returns 32-token snippets per match (safe for context).',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        query: {
-          type: 'string',
-          description: 'Search query (e.g., "incident reporting", "personal data breach")',
-        },
-        regulations: {
-          type: 'array',
-          items: { type: 'string' },
-          description: 'Optional: filter to specific regulations (e.g., ["GDPR", "NIS2"])',
-        },
-        limit: {
-          type: 'number',
-          description: 'Maximum results to return (default: 10)',
-        },
-      },
-      required: ['query'],
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as SearchInput;
-      return await searchRegulations(db, input);
-    },
-  },
-  {
-    name: 'get_article',
-    description: 'Retrieve the full text of a specific article from a regulation. WARNING: Token usage varies (500-70,000 tokens per article). Large articles are automatically truncated at 50,000 characters (~12,500 tokens) with a notice. Use search_regulations first to find relevant articles.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        regulation: {
-          type: 'string',
-          description: 'Regulation ID (e.g., "GDPR", "NIS2", "DORA")',
-        },
-        article: {
-          type: 'string',
-          description: 'Article number (e.g., "17", "23")',
-        },
-      },
-      required: ['regulation', 'article'],
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as GetArticleInput;
-      const article = await getArticle(db, input);
-      if (!article) {
-        throw new Error(`Article ${input.article} not found in ${input.regulation}`);
-      }
-      return article;
-    },
-  },
-  {
-    name: 'get_recital',
-    description: 'Retrieve the full text of a specific recital from a regulation. Recitals provide context and interpretation guidance for articles.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        regulation: {
-          type: 'string',
-          description: 'Regulation ID (e.g., "GDPR", "NIS2", "DORA")',
-        },
-        recital_number: {
-          type: 'number',
-          description: 'Recital number (e.g., 1, 83)',
-        },
-      },
-      required: ['regulation', 'recital_number'],
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as GetRecitalInput;
-      const recital = await getRecital(db, input);
-      if (!recital) {
-        throw new Error(`Recital ${input.recital_number} not found in ${input.regulation}`);
-      }
-      return recital;
-    },
-  },
-  {
-    name: 'list_regulations',
-    description: 'List available regulations and their structure. Without parameters, lists all regulations. With a regulation specified, shows chapters and articles.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        regulation: {
-          type: 'string',
-          description: 'Optional: specific regulation to get detailed structure for',
-        },
-      },
-    },
-    handler: async (db, args) => {
-      const input = (args ?? {}) as unknown as ListInput;
-      return await listRegulations(db, input);
-    },
-  },
-  {
-    name: 'compare_requirements',
-    description: 'Search and compare articles across multiple regulations on a specific topic. Returns matching articles from each regulation with text snippets showing how they address the topic. Uses full-text search with relevance ranking to find related requirements.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        topic: {
-          type: 'string',
-          description: 'Topic to compare (e.g., "incident reporting", "risk assessment")',
-        },
-        regulations: {
-          type: 'array',
-          items: { type: 'string' },
-          description: 'Regulations to compare (e.g., ["DORA", "NIS2"])',
-        },
-      },
-      required: ['topic', 'regulations'],
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as CompareInput;
-      return await compareRequirements(db, input);
-    },
-  },
-  {
-    name: 'map_controls',
-    description: 'Map security framework controls to EU regulation requirements. Shows which articles satisfy specific security controls.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        framework: {
-          type: 'string',
-          enum: ['ISO27001', 'NIST_CSF'],
-          description: 'Control framework: ISO27001 (ISO 27001:2022) or NIST_CSF (NIST Cybersecurity Framework)',
-        },
-        control: {
-          type: 'string',
-          description: 'Optional: specific control ID (e.g., "A.5.1" for ISO27001, "PR.AC-1" for NIST CSF)',
-        },
-        regulation: {
-          type: 'string',
-          description: 'Optional: filter mappings to specific regulation',
-        },
-      },
-      required: ['framework'],
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as MapControlsInput;
-      return await mapControls(db, input);
-    },
-  },
-  {
-    name: 'check_applicability',
-    description: 'Determine which EU regulations apply to an organization based on sector and characteristics. Supports tiered detail levels for optimal response length.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        sector: {
-          type: 'string',
-          enum: ['financial', 'healthcare', 'energy', 'transport', 'digital_infrastructure', 'public_administration', 'manufacturing', 'other'],
-          description: 'Organization sector',
-        },
-        subsector: {
-          type: 'string',
-          description: 'Optional: more specific subsector (e.g., "bank", "insurance" for financial)',
-        },
-        member_state: {
-          type: 'string',
-          description: 'Optional: EU member state (ISO country code)',
-        },
-        size: {
-          type: 'string',
-          enum: ['sme', 'large'],
-          description: 'Optional: organization size',
-        },
-        detail_level: {
-          type: 'string',
-          enum: ['summary', 'requirements', 'full'],
-          description: 'Optional: level of detail (summary=executive overview only, requirements=include key requirements, full=complete details with basis articles). Default: full',
-        },
-      },
-      required: ['sector'],
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as ApplicabilityInput;
-      return await checkApplicability(db, input);
-    },
-  },
-  {
-    name: 'get_definitions',
-    description: 'Look up official definitions of terms from EU regulations. Terms are defined in each regulation\'s definitions article.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        term: {
-          type: 'string',
-          description: 'Term to look up (e.g., "personal data", "incident", "processing")',
-        },
-        regulation: {
-          type: 'string',
-          description: 'Optional: filter to specific regulation',
-        },
-      },
-      required: ['term'],
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as DefinitionsInput;
-      return await getDefinitions(db, input);
-    },
-  },
-  {
-    name: 'get_evidence_requirements',
-    description: 'Get compliance evidence and audit artifacts required for specific regulation requirements. Shows what documents, logs, and test results auditors will ask for, including retention periods and maturity levels.',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        regulation: {
-          type: 'string',
-          description: 'Optional: filter to specific regulation (e.g., "DORA", "GDPR")',
-        },
-        article: {
-          type: 'string',
-          description: 'Optional: filter to specific article (e.g., "6", "32")',
-        },
-        evidence_type: {
-          type: 'string',
-          enum: ['document', 'log', 'test_result', 'certification', 'policy', 'procedure'],
-          description: 'Optional: filter by evidence type',
-        },
-      },
-    },
-    handler: async (db, args) => {
-      const input = args as unknown as EvidenceInput;
-      return await getEvidenceRequirements(db, input);
-    },
-  },
-];
-
-/**
- * Register all tools with an MCP server instance.
- * Use this for both stdio and HTTP servers to ensure parity.
- */
-export function registerTools(server: Server, db: DatabaseAdapter): void {
-  // List available tools
-  server.setRequestHandler(ListToolsRequestSchema, async () => ({
-    tools: TOOLS.map(tool => ({
-      name: tool.name,
-      description: tool.description,
-      inputSchema: tool.inputSchema,
-    })),
-  }));
-
-  // Handle tool calls
-  server.setRequestHandler(CallToolRequestSchema, async (request) => {
-    const { name, arguments: args } = request.params;
-    const tool = TOOLS.find(t => t.name === name);
-
-    if (!tool) {
-      return {
-        content: [{ type: 'text', text: `Unknown tool: ${name}` }],
-        isError: true,
-      };
-    }
-
-    try {
-      const result = await tool.handler(db, args || {});
-      return {
-        content: [
-          {
-            type: 'text',
-            text: typeof result === 'string' ? result : JSON.stringify(result, null, 2),
-          },
-        ],
-      };
-    } catch (error) {
-      return {
-        content: [
-          {
-            type: 'text',
-            text: `Error: ${error instanceof Error ? error.message : 'Unknown error'}`,
-          },
-        ],
-        isError: true,
-      };
-    }
-  });
-}