npm - @anton.andrusenko/shopify-mcp-admin - Versions diffs - 2.2.1 → 2.4.0 - Mend

@anton.andrusenko/shopify-mcp-admin 2.2.1 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/dist/{chunk-JU5IFCVJ.js → chunk-CJXPHNYT.js} +36 -1
package/dist/chunk-CZJ7LSEO.js +251 -0
package/dist/{chunk-PQKNBYJN.js → chunk-H36XQ6QK.js} +6 -3
package/dist/{chunk-LMFNHULG.js → chunk-UMNIRP6T.js} +645 -56
package/dist/dashboard/assets/index-DVjSu1HI.js +130 -0
package/dist/dashboard/assets/index-DVjSu1HI.js.map +1 -0
package/dist/dashboard/assets/index-DlTP0Kre.css +1 -0
package/dist/dashboard/index.html +3 -3
package/dist/dashboard/mcp-icon.svg +29 -31
package/dist/index.js +1516 -518
package/dist/{mcp-auth-F25V6FEY.js → mcp-auth-54BVOYFJ.js} +2 -2
package/dist/{security-44M6F2QU.js → security-6CNKRY2G.js} +4 -1
package/dist/{store-JK2ZU6DR.js → store-5NJBYK45.js} +2 -2
package/dist/{tools-HVUCP53D.js → tools-SVKPHJYW.js} +2 -2
package/package.json +10 -1
package/dist/chunk-5QMYOO4B.js +0 -146
package/dist/dashboard/assets/index-BfNrQS4y.js +0 -120
package/dist/dashboard/assets/index-BfNrQS4y.js.map +0 -1
package/dist/dashboard/assets/index-HBHxyHsM.css +0 -1

package/dist/{chunk-LMFNHULG.js → chunk-UMNIRP6T.js} RENAMED Viewed

@@ -1,8 +1,12 @@
 import {
   getConfig,
   log,
-  sanitizeLogMessage
-} from "./chunk-5QMYOO4B.js";
+  redactTokens,
+  sanitizeErrorMessage,
+  sanitizeLogMessage,
+  sanitizeParams,
+  truncateOutput
+} from "./chunk-CZJ7LSEO.js";
 import {
   getAuthMode,
   getConfiguredRole,
@@ -1308,12 +1312,580 @@ var zodToJsonSchema = (schema, options) => {
   return combined;
 };
+// src/logging/correlation.ts
+import { randomUUID } from "crypto";
+// src/types/context.ts
+import { AsyncLocalStorage } from "async_hooks";
+function createSingleTenantContext(client, shopDomain) {
+  return {
+    client,
+    shopDomain
+    // userId and apiKeyId are undefined in single-tenant mode
+  };
+}
+function createMultiTenantContext(client, shopDomain, tenantId, apiKeyId, allowedShops, options) {
+  return {
+    client,
+    shopDomain,
+    userId: tenantId,
+    // Map tenantId to userId for compatibility
+    apiKeyId,
+    tenantId,
+    allowedShops,
+    correlationId: options?.correlationId,
+    oauthClientId: options?.oauthClientId,
+    oauthClientName: options?.oauthClientName
+  };
+}
+var requestContextStorage = new AsyncLocalStorage();
+var fallbackContextStorage = /* @__PURE__ */ new Map();
+function setFallbackContext(key, context) {
+  fallbackContextStorage.set(key, context);
+}
+function clearFallbackContext(key) {
+  fallbackContextStorage.delete(key);
+}
+var currentContextKey;
+function setCurrentContextKey(key) {
+  currentContextKey = key;
+}
+function getRequestContext() {
+  const asyncContext = requestContextStorage.getStore();
+  if (asyncContext) {
+    return asyncContext;
+  }
+  if (currentContextKey) {
+    return fallbackContextStorage.get(currentContextKey);
+  }
+  return void 0;
+}
+function isMultiTenantContext(context) {
+  return "tenantId" in context && typeof context.tenantId === "string";
+}
+// src/logging/correlation.ts
+var CORRELATION_ID_HEADER = "X-Correlation-ID";
+var UUID_V4_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
+function generateCorrelationId() {
+  return randomUUID();
+}
+function isValidCorrelationId(id) {
+  return UUID_V4_REGEX.test(id);
+}
+function correlationMiddleware(req, res, next) {
+  const headerValue = req.headers[CORRELATION_ID_HEADER.toLowerCase()];
+  let correlationId;
+  if (headerValue && isValidCorrelationId(headerValue)) {
+    correlationId = headerValue;
+  } else {
+    correlationId = generateCorrelationId();
+  }
+  res.locals.correlationId = correlationId;
+  if (typeof res.set === "function") {
+    res.set(
+      CORRELATION_ID_HEADER,
+      correlationId
+    );
+  } else {
+    res.setHeader(CORRELATION_ID_HEADER, correlationId);
+  }
+  next();
+}
+// src/logging/structured-logger.ts
+import {
+  pino as createPino,
+  destination as pinoDestination,
+  transport as pinoTransport
+} from "pino";
+// src/monitoring/sentry.ts
+import * as Sentry from "@sentry/node";
+function initSentry(options) {
+  const { dsn, environment = "production", release } = options;
+  if (!dsn) {
+    return;
+  }
+  Sentry.init({
+    dsn,
+    environment,
+    // Sample 10% of transactions for performance monitoring (AC-13.7.4)
+    tracesSampleRate: 0.1,
+    // Release tracking for deployment correlation
+    release: release || "unknown",
+    // Sanitize sensitive data before sending to Sentry
+    beforeSend(event) {
+      if (event.request?.headers) {
+        const sensitiveHeaders = [
+          "authorization",
+          "x-api-key",
+          "cookie",
+          "x-shopify-access-token",
+          "x-shopify-hmac-sha256"
+        ];
+        for (const header of sensitiveHeaders) {
+          delete event.request.headers[header];
+        }
+      }
+      if (event.request?.data) {
+        const data = event.request.data;
+        const sensitiveKeys = ["token", "password", "secret", "key", "access_token"];
+        for (const key of Object.keys(data)) {
+          if (sensitiveKeys.some((sensitive) => key.toLowerCase().includes(sensitive))) {
+            data[key] = "[REDACTED]";
+          }
+        }
+      }
+      if (event.message) {
+        event.message = sanitizeErrorMessage2(event.message);
+      }
+      if (event.exception?.values) {
+        for (const exception of event.exception.values) {
+          if (exception.value) {
+            exception.value = sanitizeErrorMessage2(exception.value);
+          }
+        }
+      }
+      return event;
+    },
+    // Integrations
+    integrations: [
+      // Capture uncaught exceptions and unhandled rejections
+      Sentry.onUncaughtExceptionIntegration(),
+      Sentry.onUnhandledRejectionIntegration(),
+      // Capture HTTP request data
+      Sentry.requestDataIntegration(),
+      // Deduplicate similar errors
+      Sentry.dedupeIntegration()
+    ]
+  });
+}
+function sanitizeErrorMessage2(message) {
+  const patterns = [
+    /shpat_[a-zA-Z0-9]+/g,
+    /shpua_[a-zA-Z0-9]+/g,
+    /Bearer\s+[a-zA-Z0-9_-]+/g,
+    /access_token[=:]\s*[a-zA-Z0-9_-]+/gi,
+    /client_secret[=:]\s*[a-zA-Z0-9_-]+/gi,
+    /sk_live_[a-zA-Z0-9_-]+/g
+  ];
+  let sanitized = message;
+  for (const pattern of patterns) {
+    sanitized = sanitized.replace(pattern, "[REDACTED]");
+  }
+  return sanitized;
+}
+function sentryRequestMiddleware(req, res, next) {
+  const context = getRequestContext();
+  if (context) {
+    if (context.correlationId) {
+      Sentry.setTag("correlationId", context.correlationId);
+      Sentry.setContext("request", {
+        correlationId: context.correlationId
+      });
+    }
+    if (isMultiTenantContext(context) && context.tenantId) {
+      Sentry.setTag("tenantId", context.tenantId);
+      Sentry.setContext("tenant", {
+        tenantId: context.tenantId
+      });
+    }
+    if (context.shopDomain) {
+      Sentry.setTag("shopDomain", context.shopDomain);
+    }
+  }
+  Sentry.setContext("http", {
+    method: req.method,
+    url: req.url,
+    path: req.path,
+    query: req.query,
+    userAgent: req.get("user-agent"),
+    ip: req.ip
+  });
+  Sentry.addBreadcrumb({
+    category: "http",
+    message: `${req.method} ${req.path}`,
+    level: "info",
+    data: {
+      method: req.method,
+      path: req.path
+      // statusCode will be updated when response finishes (see below)
+    }
+  });
+  res.on("finish", () => {
+    Sentry.addBreadcrumb({
+      category: "http",
+      message: `${req.method} ${req.path} - ${res.statusCode}`,
+      level: res.statusCode >= 400 ? "error" : "info",
+      data: {
+        method: req.method,
+        path: req.path,
+        statusCode: res.statusCode
+      }
+    });
+  });
+  next();
+}
+function sentryErrorHandler(error, req, _res, next) {
+  Sentry.captureException(error, {
+    tags: {
+      path: req.path,
+      method: req.method
+    },
+    extra: {
+      url: req.url,
+      query: req.query,
+      body: req.body
+    }
+  });
+  next(error);
+}
+function captureError(error, context) {
+  const requestContext = getRequestContext();
+  Sentry.withScope((scope) => {
+    if (requestContext?.correlationId) {
+      scope.setTag("correlationId", requestContext.correlationId);
+      scope.setContext("request", {
+        correlationId: requestContext.correlationId
+      });
+    }
+    if (requestContext && isMultiTenantContext(requestContext) && requestContext.tenantId) {
+      scope.setTag("tenantId", requestContext.tenantId);
+      scope.setContext("tenant", {
+        tenantId: requestContext.tenantId
+      });
+    }
+    if (requestContext?.shopDomain) {
+      scope.setTag("shopDomain", requestContext.shopDomain);
+    }
+    if (context) {
+      scope.setContext("additional", context);
+    }
+    Sentry.captureException(error);
+  });
+}
+// src/logging/structured-logger.ts
+function sanitizeText(text) {
+  return redactTokens(text);
+}
+function sanitizeObject(obj, seen = /* @__PURE__ */ new WeakSet()) {
+  if (typeof obj === "string") {
+    return sanitizeText(obj);
+  }
+  if (obj === null || typeof obj !== "object") {
+    return obj;
+  }
+  if (seen.has(obj)) {
+    return "[Circular]";
+  }
+  seen.add(obj);
+  if (Array.isArray(obj)) {
+    return obj.map((item) => sanitizeObject(item, seen));
+  }
+  const result = {};
+  for (const [key, value] of Object.entries(obj)) {
+    result[key] = sanitizeObject(value, seen);
+  }
+  return result;
+}
+function getInstanceId() {
+  return process.env.INSTANCE_ID || process.env.HOSTNAME || "unknown";
+}
+function getLogLevel() {
+  const level = process.env.LOG_LEVEL?.toLowerCase();
+  if (level === "debug" || level === "info" || level === "warn" || level === "error") {
+    return level;
+  }
+  return "info";
+}
+function isDevelopment() {
+  return process.env.NODE_ENV === "development";
+}
+function createTransport() {
+  if (isDevelopment()) {
+    try {
+      return {
+        target: "pino-pretty",
+        options: {
+          destination: 2,
+          // stderr (fd 2)
+          colorize: true,
+          translateTime: "HH:MM:ss.l",
+          ignore: "pid,hostname"
+        }
+      };
+    } catch {
+      return void 0;
+    }
+  }
+  return void 0;
+}
+function createBasePinoLogger() {
+  const level = getLogLevel();
+  const transport = createTransport();
+  const instanceId = getInstanceId();
+  const options = {
+    level,
+    // ISO 8601 timestamp format (AC-13.1.3)
+    timestamp: () => `,"time":"${(/* @__PURE__ */ new Date()).toISOString()}"`,
+    // Format level as string instead of number
+    formatters: {
+      level: (label) => ({ level: label })
+    },
+    // Base bindings (can be overridden by child loggers)
+    // Story 13.5: Add instance ID for multi-instance deployment identification
+    base: {
+      instanceId
+      // AC-13.5.1: Instance ID for load balancer distribution verification
+    }
+  };
+  if (transport) {
+    return createPino(options, pinoTransport(transport));
+  }
+  return createPino(options, pinoDestination({ dest: 2, sync: false }));
+}
+var basePinoLogger = createBasePinoLogger();
+function createLogger(module) {
+  function getContextFields() {
+    const context = getRequestContext();
+    const fields = { module };
+    if (context) {
+      if (context.correlationId) {
+        fields.correlationId = context.correlationId;
+      }
+      if (context.shopDomain) {
+        fields.shopDomain = context.shopDomain;
+      }
+      if (isMultiTenantContext(context)) {
+        fields.tenantId = context.tenantId;
+      }
+    }
+    return fields;
+  }
+  function mergeData(data) {
+    const contextFields = getContextFields();
+    if (data) {
+      const sanitizedData = sanitizeObject(data);
+      return { ...contextFields, ...sanitizedData };
+    }
+    return contextFields;
+  }
+  function formatError(error) {
+    return {
+      error: {
+        name: error.name,
+        message: sanitizeText(error.message),
+        stack: error.stack ? sanitizeText(error.stack) : void 0
+      }
+    };
+  }
+  const logger2 = {
+    debug: (msg, data) => {
+      basePinoLogger.debug(mergeData(data), sanitizeText(msg));
+    },
+    info: (msg, data) => {
+      basePinoLogger.info(mergeData(data), sanitizeText(msg));
+    },
+    warn: (msg, data) => {
+      basePinoLogger.warn(mergeData(data), sanitizeText(msg));
+    },
+    error: (msg, error, data) => {
+      const merged = mergeData(data);
+      if (error) {
+        Object.assign(merged, formatError(error));
+        captureError(error, data);
+      }
+      basePinoLogger.error(merged, sanitizeText(msg));
+    },
+    child: (bindings) => {
+      const childModule = bindings.module || module;
+      const childLogger = createLogger(childModule);
+      const originalMergeData = mergeData;
+      const enhancedMergeData = (data) => {
+        const base = originalMergeData(data);
+        const sanitizedBindings = sanitizeObject(bindings);
+        return { ...base, ...sanitizedBindings };
+      };
+      return {
+        debug: (msg, data) => {
+          basePinoLogger.debug(enhancedMergeData(data), sanitizeText(msg));
+        },
+        info: (msg, data) => {
+          basePinoLogger.info(enhancedMergeData(data), sanitizeText(msg));
+        },
+        warn: (msg, data) => {
+          basePinoLogger.warn(enhancedMergeData(data), sanitizeText(msg));
+        },
+        error: (msg, error, data) => {
+          const merged = enhancedMergeData(data);
+          if (error) {
+            Object.assign(merged, formatError(error));
+          }
+          basePinoLogger.error(merged, sanitizeText(msg));
+        },
+        child: childLogger.child
+      };
+    }
+  };
+  return logger2;
+}
+function flushLogs() {
+  basePinoLogger.flush();
+}
+// src/logging/tool-execution-logger.ts
+import { Prisma } from "@prisma/client";
+var logger = createLogger("logging/tool-execution-logger");
+var VALIDATION_ERROR_KEYWORDS = [
+  "validation failed",
+  "required",
+  "must be",
+  "expected",
+  "cannot be empty",
+  "is not allowed",
+  "malformed",
+  "parse error",
+  "zod"
+];
+var AUTH_ERROR_KEYWORDS = [
+  "unauthorized",
+  "unauthenticated",
+  "forbidden",
+  "access denied",
+  "not authorized",
+  "authentication required",
+  "authentication failed",
+  "permission denied",
+  "invalid api key",
+  "invalid token",
+  "token expired"
+];
+var TIMEOUT_KEYWORDS = ["timeout", "timed out", "deadline exceeded", "econnreset", "socket hang"];
+function classifyError(error) {
+  let message;
+  if (error instanceof Error) {
+    message = error.message.toLowerCase();
+  } else if (error !== null && typeof error === "object" && "message" in error && typeof error.message === "string") {
+    message = error.message.toLowerCase();
+  } else {
+    message = String(error).toLowerCase();
+  }
+  const errorName = error instanceof Error ? error.name : typeof error === "object" && error !== null ? "Object" : "Error";
+  const isToolError = error !== null && typeof error === "object" && "name" in error && error.name === "ToolError";
+  if (AUTH_ERROR_KEYWORDS.some((kw) => message.includes(kw))) {
+    return {
+      status: "AUTH_ERROR",
+      errorCode: isToolError ? "TOOL_AUTH_ERROR" : "AUTH_ERROR"
+    };
+  }
+  if (VALIDATION_ERROR_KEYWORDS.some((kw) => message.includes(kw))) {
+    return {
+      status: "VALIDATION_ERROR",
+      errorCode: isToolError ? "TOOL_VALIDATION_ERROR" : "VALIDATION_ERROR"
+    };
+  }
+  if (isToolError) {
+    return { status: "ERROR", errorCode: "TOOL_ERROR" };
+  }
+  if (TIMEOUT_KEYWORDS.some((kw) => message.includes(kw))) {
+    return { status: "TIMEOUT", errorCode: "TIMEOUT" };
+  }
+  if (message.includes("graphql") || errorName === "GraphqlQueryError") {
+    return { status: "ERROR", errorCode: "GRAPHQL_ERROR" };
+  }
+  return { status: "ERROR", errorCode: "UNKNOWN_ERROR" };
+}
+var ToolExecutionLogger = class {
+  prisma;
+  /**
+   * Create a new ToolExecutionLogger
+   *
+   * @param prisma - Prisma client for database access
+   */
+  constructor(prisma) {
+    this.prisma = prisma;
+  }
+  /**
+   * Log a tool execution (fire-and-forget)
+   *
+   * This method does NOT await the database insert. The insert runs
+   * asynchronously and any errors are caught and logged, not thrown.
+   *
+   * AC-16.2.7: Fire-and-forget pattern with max 5ms overhead.
+   *
+   * @param entry - Tool execution entry to log
+   *
+   * @example
+   * ```typescript
+   * logger.logExecution({
+   *   tenantId: 'tenant-uuid',
+   *   toolName: 'create-product',
+   *   toolModule: 'products',
+   *   clientType: 'api_key',
+   *   apiKeyId: 'apikey-uuid',
+   *   inputParams: { title: 'New Product' },
+   *   output: { productId: '123' },
+   *   status: 'SUCCESS',
+   *   durationMs: 150,
+   * });
+   * // Returns immediately, database insert happens async
+   * ```
+   */
+  logExecution(entry) {
+    if (!entry.tenantId) {
+      logger.debug("Skipping tool execution log: no tenantId", { toolName: entry.toolName });
+      return;
+    }
+    const sanitizedInput = entry.inputParams ? sanitizeParams(entry.inputParams) : void 0;
+    const sanitizedOutput = entry.output ? truncateOutput(entry.output) : void 0;
+    const sanitizedErrorMessage = entry.errorMessage ? sanitizeErrorMessage(entry.errorMessage) : void 0;
+    const logData = {
+      tenant: { connect: { id: entry.tenantId } },
+      toolName: entry.toolName,
+      toolModule: entry.toolModule,
+      sessionId: entry.sessionId,
+      correlationId: entry.correlationId,
+      clientType: entry.clientType,
+      apiKey: entry.apiKeyId ? { connect: { id: entry.apiKeyId } } : void 0,
+      oauthClientId: entry.oauthClientId,
+      shop: entry.shopId ? { connect: { id: entry.shopId } } : void 0,
+      shopDomain: entry.shopDomain,
+      inputParams: sanitizedInput ?? Prisma.JsonNull,
+      outputSummary: sanitizedOutput ?? Prisma.JsonNull,
+      status: entry.status,
+      errorCode: entry.errorCode,
+      errorMessage: sanitizedErrorMessage,
+      durationMs: entry.durationMs,
+      ipAddress: entry.ipAddress,
+      userAgent: entry.userAgent
+    };
+    this.prisma.toolExecutionLog.create({ data: logData }).catch((err) => {
+      logger.error("Failed to log tool execution", err, {
+        toolName: entry.toolName,
+        tenantId: entry.tenantId?.substring(0, 8)
+      });
+    });
+  }
+};
+var toolExecutionLoggerInstance = null;
+function getToolExecutionLogger(prisma) {
+  if (!toolExecutionLoggerInstance) {
+    if (!prisma) {
+      throw new Error("ToolExecutionLogger not initialized. Call with Prisma client first.");
+    }
+    toolExecutionLoggerInstance = new ToolExecutionLogger(prisma);
+  }
+  return toolExecutionLoggerInstance;
+}
 // src/shopify/client.ts
 import "@shopify/shopify-api/adapters/node";
 import { shopifyApi } from "@shopify/shopify-api";
 // src/utils/errors.ts
-var sanitizeErrorMessage = sanitizeLogMessage;
+var sanitizeErrorMessage3 = sanitizeLogMessage;
 var ToolError = class _ToolError extends Error {
   /** AI-friendly suggestion for error recovery */
   suggestion;
@@ -1343,8 +1915,8 @@ function extractErrorMessage(error) {
 }
 function createToolError(error, suggestion) {
   const message = extractErrorMessage(error);
-  const safeMessage = sanitizeErrorMessage(message);
-  const safeSuggestion = sanitizeErrorMessage(suggestion);
+  const safeMessage = sanitizeErrorMessage3(message);
+  const safeSuggestion = sanitizeErrorMessage3(suggestion);
   return {
     isError: true,
     content: [
@@ -1385,8 +1957,7 @@ function createToolSuccess(data) {
         type: "text",
         text
       }
-    ],
-    structuredContent: data
+    ]
   };
 }
@@ -1787,52 +2358,6 @@ async function validateShopifyToken(shopDomain, accessToken) {
   }
 }
-// src/types/context.ts
-import { AsyncLocalStorage } from "async_hooks";
-function createSingleTenantContext(client, shopDomain) {
-  return {
-    client,
-    shopDomain
-    // userId and apiKeyId are undefined in single-tenant mode
-  };
-}
-function createMultiTenantContext(client, shopDomain, tenantId, apiKeyId, allowedShops) {
-  return {
-    client,
-    shopDomain,
-    userId: tenantId,
-    // Map tenantId to userId for compatibility
-    apiKeyId,
-    tenantId,
-    allowedShops
-  };
-}
-var requestContextStorage = new AsyncLocalStorage();
-var fallbackContextStorage = /* @__PURE__ */ new Map();
-function setFallbackContext(key, context) {
-  fallbackContextStorage.set(key, context);
-}
-function clearFallbackContext(key) {
-  fallbackContextStorage.delete(key);
-}
-var currentContextKey;
-function setCurrentContextKey(key) {
-  currentContextKey = key;
-}
-function getRequestContext() {
-  const asyncContext = requestContextStorage.getStore();
-  if (asyncContext) {
-    return asyncContext;
-  }
-  if (currentContextKey) {
-    return fallbackContextStorage.get(currentContextKey);
-  }
-  return void 0;
-}
-function isMultiTenantContext(context) {
-  return "tenantId" in context && typeof context.tenantId === "string";
-}
 // src/tools/registration.ts
 var KEBAB_CASE_REGEX = /^[a-z][a-z0-9]*(-[a-z0-9]+)*$/;
 function deriveDefaultAnnotations(name) {
@@ -1888,18 +2413,73 @@ function validateInput(schema, input, toolName) {
   }
   return result.data;
 }
+function logToolExecution(toolName, params, result, status, startTime, error) {
+  let config;
+  try {
+    config = getConfig();
+  } catch {
+    return;
+  }
+  if (!isRemoteMode(config)) {
+    log.debug(`Tool execution logging skipped in local mode: ${toolName}`);
+    return;
+  }
+  const context = getRequestContext();
+  if (!context || !isMultiTenantContext(context)) {
+    log.debug(`Tool execution logging skipped: no multi-tenant context for ${toolName}`);
+    return;
+  }
+  const endTime = performance.now();
+  const durationMs = Math.round(endTime - startTime);
+  const multiTenantContext = context;
+  const hasOAuthClient = !!multiTenantContext.oauthClientId;
+  const clientType = hasOAuthClient ? "oauth_client" : "api_key";
+  let errorClassification;
+  if (typeof status === "object") {
+    errorClassification = status;
+  } else if (error) {
+    errorClassification = classifyError(error);
+  }
+  const entry = {
+    tenantId: multiTenantContext.tenantId,
+    toolName,
+    correlationId: context.correlationId,
+    clientType,
+    apiKeyId: !hasOAuthClient ? multiTenantContext.apiKeyId : void 0,
+    oauthClientId: hasOAuthClient ? multiTenantContext.oauthClientId : void 0,
+    shopDomain: context.shopDomain,
+    inputParams: params,
+    output: result,
+    status: errorClassification ? errorClassification.status : "SUCCESS",
+    errorCode: errorClassification?.errorCode,
+    errorMessage: error instanceof Error ? error.message : error ? String(error) : void 0,
+    durationMs
+  };
+  try {
+    const logger2 = getToolExecutionLogger();
+    logger2.logExecution(entry);
+  } catch (logError) {
+    log.debug(
+      `Tool execution logger not available: ${logError instanceof Error ? logError.message : "unknown"}`
+    );
+  }
+}
 function wrapToolHandler(toolName, schema, handler) {
   return async (params) => {
+    const startTime = performance.now();
     log.debug(`Tool invoked: ${toolName}`);
     try {
       const validatedParams = validateInput(schema, params, toolName);
       const result = await handler(validatedParams);
       log.debug(`Tool ${toolName} completed successfully`);
+      logToolExecution(toolName, params, result, "SUCCESS", startTime);
       return createToolSuccess(result);
     } catch (error) {
       log.error(
         `Tool ${toolName} failed: ${error instanceof Error ? error.message : "Unknown error"}`
       );
+      const errorClass = classifyError(error);
+      logToolExecution(toolName, params, null, errorClass, startTime, error);
       let suggestion;
       if (error instanceof ToolError) {
         suggestion = error.suggestion;
@@ -2052,10 +2632,10 @@ function createHandlerWithContext(contextAwareHandler) {
     }
     if (isRemoteMode(config)) {
       log.error(
-        `[tool] Remote mode but no valid async context available. Context: ${asyncContext ? JSON.stringify(Object.keys(asyncContext)) : "undefined"}. This may indicate AsyncLocalStorage context was lost through MCP SDK async chain.`
+        `[tool] Remote mode but no valid async context available. Context: ${asyncContext ? JSON.stringify(Object.keys(asyncContext)) : "undefined"}. This likely means no shop is connected or shop tokens need re-authentication.`
       );
       throw new Error(
-        "Request context not available. Please ensure you are authenticated and try again."
+        "No connected Shopify store found. Please connect a store through the dashboard, or reconnect if your store was previously connected."
       );
     }
     const client = await getShopifyClient();
@@ -13981,7 +14561,11 @@ export {
   setCurrentContextKey,
   getRequestContext,
   isMultiTenantContext,
-  sanitizeErrorMessage,
+  initSentry,
+  sentryRequestMiddleware,
+  sentryErrorHandler,
+  captureError,
+  sanitizeErrorMessage3 as sanitizeErrorMessage,
   createShopifyClient,
   getShopifyClient,
   validateShopifyToken,
@@ -13994,6 +14578,11 @@ export {
   getStorePolicies,
   getStoreAlerts,
   getStoreInfo,
+  generateCorrelationId,
+  correlationMiddleware,
+  createLogger,
+  flushLogs,
+  getToolExecutionLogger,
   deriveDefaultAnnotations,
   validateToolName,
   isValidToolName,